Identity

Unit: fail2ban.service
Config: /etc/fail2ban/jail.local (local overrides — never edit jail.conf)
Jails dir: /etc/fail2ban/jail.d/ (drop-in jail files)
Filters dir: /etc/fail2ban/filter.d/ (regex patterns per service)
Actions dir: /etc/fail2ban/action.d/ (ban/unban actions)
Logs: journalctl -u fail2ban, /var/log/fail2ban.log
Install: apt install fail2ban / dnf install fail2ban

Key Operations

Goal	Command
Check status (all jails)	`sudo fail2ban-client status`
Status of specific jail	`sudo fail2ban-client status sshd`
Unban an IP	`sudo fail2ban-client set sshd unbanip 1.2.3.4`
Manually ban an IP	`sudo fail2ban-client set sshd banip 1.2.3.4`
Test a filter	`sudo fail2ban-regex /var/log/auth.log /etc/fail2ban/filter.d/sshd.conf`
Reload config	`sudo fail2ban-client reload`