What a pain it’s been trying to figure out how to get Fail2ban working again. I discovered that I no longer was receiving Fail2ban notifications some time mid January, and it’s been annoying as hell trying to get it to restart. The magic command line that got me back on track was to restart the server instance by deleting the socket file:
fail2ban-server -x
This command kick-started the service into daemon mode. So now it was a matter of reloading the configuration:
fail2ban-client reload
Thus when running fail2ban-client status, the system responded with the number of jails and a jail list.
Retrieving the status of the jail, I could already see that Fail2ban had gone straight to work:
fail2ban-client status ssh-iptables
Therefore, when I checked iptables -L, the newest banned IP showed up at the top of the list for the fail2ban-SSH chain. And, I was getting my ban notification emails again.