fail2ban-reporterAuto-report fail2ban banned IPs to AbuseIPDB and notify via Telegram. Use when monitoring server security, reporting attackers, or checking banned IPs. Watches fail2ban for new bans, reports them to AbuseIPDB, and sends alerts.
Install via ClawdBot CLI:
clawdbot install jestersimpps/fail2ban-reporterMonitor fail2ban bans and auto-report attackers to AbuseIPDB.
pass insert abuseipdb/api-keybash {baseDir}/scripts/install.shbash {baseDir}/scripts/report-banned.shbash {baseDir}/scripts/check-ip.sh <ip>bash {baseDir}/scripts/stats.shThe install script sets up a fail2ban action that auto-reports new bans.
bash {baseDir}/scripts/install.sh # install auto-reporting
bash {baseDir}/scripts/uninstall.sh # remove auto-reportingAdd to HEARTBEAT.md to check for new bans periodically:
- [ ] Check fail2ban stats and report any unreported IPs to AbuseIPDBreport-single.sh/var/log/abuseipdb-reports.logSee references/abuseipdb-api.md for full API docs.
Generated Mar 1, 2026
Small businesses hosting their own web or application servers can use this skill to automatically report brute-force attacks from fail2ban to AbuseIPDB, enhancing security posture by sharing threat intelligence. It helps mitigate repeated attacks from known malicious IPs and provides Telegram alerts for real-time incident response.
MSSPs managing multiple client servers can deploy this skill to automate the reporting of banned IPs to AbuseIPDB, streamlining threat data collection and improving service efficiency. It reduces manual effort in security monitoring and supports compliance with incident reporting requirements.
Universities or schools with public-facing servers can implement this skill to automatically report SSH brute-force attacks detected by fail2ban, helping protect sensitive student and research data. It contributes to a safer network environment by leveraging community-based IP blacklisting.
E-commerce companies can use this skill to monitor fail2ban for attacks on their hosting infrastructure, automatically reporting malicious IPs to AbuseIPDB to prevent fraud and downtime. It supports maintaining uptime and customer trust by proactively addressing security threats.
Individual developers or freelancers managing personal or client servers can utilize this skill to automate security reporting, saving time on manual checks and improving defense against common attacks. It provides an affordable way to enhance server security with minimal configuration.
Offer a basic version of this skill for free to attract users, with premium features like advanced analytics, multi-server support, or custom notification channels available via subscription. Revenue is generated through monthly or annual subscriptions from businesses requiring enhanced security capabilities.
Provide paid consulting services to help organizations set up and customize this skill, including integration with existing security systems, compliance auditing, and ongoing support. Revenue comes from one-time setup fees and retainer contracts for maintenance and updates.
Release the skill as open-source to build a community and drive adoption, while offering enterprise-grade support, customization, and priority updates for a fee. Revenue is generated through support contracts and licensing for proprietary extensions or integrations.
š¬ Integration Tip
Ensure the AbuseIPDB API key is securely stored using a password manager like pass, and test the manual scripts before enabling auto-reporting to avoid false positives.
Google Maps Grounding Lite MCP for location search, weather, and routes via mcporter.
Monitor and control Snapmaker 3D printers (U1 with Moonraker/Klipper). Use when checking print status, temperatures, progress, or controlling prints (pause/resume/cancel). Triggers on "printer", "3D print", "Snapmaker", "print status", "nozzle temp", "bed temp".
Monitor DX clusters for rare station spots, track active DX expeditions, and get daily band activity digests for amateur radio operators.
Manage printers via CUPS on macOS (discover, add, print, queue, status, wake).
Analyze local PCAP/PCAPNG files with tshark to generate detailed network forensics reports including talkers, ports, DNS, TLS, HTTP, and anomaly summaries.
Verify the bead daemon is alive and responsive