How can I verify if a ban rule is in effect for a specific jail ?
Initiate win2ban-shell at the root of the installation directory and issue the command below (example jail win2ban-network-logon):
$ fail2ban-client status win2ban-network-logon
Status for the jail: win2ban-network-logon
|- Filter
| |- Currently failed: 1
| |- Total failed: 5
| `- File list: /winlogbeat/logs/eventlog
`- Actions
|- Currently banned: 1
|- Total banned: 2
`- Banned IP list: 192.168.100.22
The related firewall rule(s) can be displayed by using the following Powershell command:
get-netfirewallrule -all | Where-Object {$_.DisplayName -like "win2ban*"} | Format-Table
Name DisplayName DisplayGroup Enabled Profile Direction Action
---- ----------- ------------ ------- ------- --------- ------
{F9BAA4EB-D8A8-48C7-9205-D3246D70F990} win2ban - ban 192.168.100.22 True Any Inbound Block
Release announcements
- 2024-04-09 Copssh client 7.14.2
- 2024-04-09 Copssh server 8.5.1
- 2024-04-09 Copssh server 7.17.1
- 2024-04-09 OpenSSL tool 1.9.0
- 2024-04-09 cwRsync server 6.8.0