Remove a blocked host from fail2ban

See what hosts are being blocked.

l@ln1:~$ sudo iptables -L 
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
fail2ban-ssh-ddos  tcp  --  anywhere             anywhere             multiport dports ssh
fail2ban-ssh  tcp  --  anywhere             anywhere             multiport dports ssh

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain fail2ban-ssh (1 references)
target     prot opt source               destination         
DROP       all  --  188.127.225.85       anywhere            
DROP       all  --  219.138.203.198      anywhere            
DROP       all  --  server77-68-105-205.live-servers.net  anywhere            
DROP       all  --  essen107.server4you.net  anywhere            
RETURN     all  --  anywhere             anywhere            

Chain fail2ban-ssh-ddos (1 references)
target     prot opt source               destination         
RETURN     all  --  anywhere             anywhere 

Note the IP of the host.

l@ln1:~$ sudo iptables -L -n
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
fail2ban-ssh-ddos  tcp  --  0.0.0.0/0            0.0.0.0/0            multiport dports 22
fail2ban-ssh  tcp  --  0.0.0.0/0            0.0.0.0/0            multiport dports 22

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain fail2ban-ssh (1 references)
target     prot opt source               destination         
DROP       all  --  188.127.225.85       0.0.0.0/0           
DROP       all  --  219.138.203.198      0.0.0.0/0           
DROP       all  --  77.68.105.205        0.0.0.0/0           
DROP       all  --  217.172.182.32       0.0.0.0/0           
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           

Chain fail2ban-ssh-ddos (1 references)
target     prot opt source               destination         
RETURN     all  --  0.0.0.0/0            0.0.0.0/0   

Make a script to make our life easy.

#!/bin/bash

if [ -z $1 ]; then
    echo "USAGE: $0  [<chain, defaults to fail2ban-ssh>]"
    exit 1
fi

host=$1
chain=$2

if [ -z $2 ]; then
    chain="fail2ban-ssh"
fi

sudo iptables -D $chain -s $host -j DROP

Run it.

l@ln1:~$ sh drop_from_fail2ban.sh 
USAGE: sh drop_from_fail2ban.sh <ipaddr> [<chain, defaults to fail2ban-ssh>]
l@ln1:~$ sh drop_from_fail2ban.sh 77.68.105.205