Solved Apache, Fail2ban & PF ->How to list blocked IP addresses

[Aknot]

Since yesterday we're testing fail2ban with Apache-filters (auth) and PF.

Is there a way to find the "Banned IP list" IP addresses in PF's log with tcpdump, or in PFs tables (pfctl -s all doesn't show anything), just to verify that they're really blocked in PF?

fail2ban-client status apache

Status for the jail: apache
|- Filter
|  |- Currently failed: 0
|  |- Total failed:     334
|  `- File list:        /var/log/httpd-error.log
`- Actions
   |- Currently banned: 17
   |- Total banned:     118
   `- Banned IP list:   000.000.000.000 000.000.000.000 000.000.000.000 000.000.000.000 000.000.000.000 000.000.000.000 000.000.000.000 000.000.000.000 000.000.000.000 000.000.000.000 000.000.000.000 000.000.000.000 000.000.000.000 000.000.000.000 000.000.000.000 000.000.000.000 000.000.000.000

 

[SirDice]

If fail2ban uses a table; pfctl -t <tablename> -T show

 

[dbdemon]

I won't pretend to be an expert on this (I'm the opposite!), but I blogged about fail2ban and pf recently, so I'm just going to put the link here in case it's useful, sorry if that sounds like spam!

Enforcing Fail2ban bans with PF

Configure Fail2ban and PF to play nice

dbdemon.com

If fail2ban uses a table; pfctl -t <tablename> -T show

I found that I also have to specify the anchor, otherwise I get:

pfctl: Unknown error: -1.

So, I use a command like this:
pfctl -a 'f2b/jailname' -t 'f2b-jailname' -T show

 

[sko]

Instead of fail2ban one could also use the native blacklistd(8) daemon

 

[Aknot]

...
So, I use a command like this:
pfctl -a 'f2b/jailname' -t 'f2b-jailname' -T show

Great, that command did exactly what I wanted, and every thing seems to be working as expected between Apache, Fail2ban and PF, fantastic.

Here is what I needed to type more specific for the filter.d/apache-auth.conf filter:

pfctl -a f2b/apache -t f2b-apache -T show

 

[simon]

pfctl -a f2b/apache -t f2b-bsd-ssh -T show

Hi, I tried this command but got
pfctl: Unknown error: -1.

What could be the matter here?

 

[simon]

pfctl -a f2b/apache -t f2b-bsd-ssh -T show

Hi, I tried this command but got
pfctl: Unknown error: -1.

What could be the matter here?

Ah, never mind guys, I RTFM and found out I had gotten the jail name wrong.
My mistake