So I stumbled upon a blog post here. Its title pretty much approached what I wanted to accomplish, so I took its method and refined it to my own. Here is what I came up with: Issue iptables (-L -n) to show the chains: iptables -L -n Chain INPUT (policy ACCEPT) target prot opt source destination fail2ban-default tcp -- 0.0.0.0/0 0.0.0.0/0 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 500,4500 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1701 policy match dir in pol ipsec DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1701 fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy ACCEPT) target prot opt source destination DROP all -- 0.0.0.0/0 0.0.0.0/0 ctstate INVALID ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain fail2ban-default (1 references) target prot opt source destination REJECT all -- 181.109.140.23 0.0.0.0/0 reject-with icmp-port-unreachable REJECT all -- 186.136.174.237 0.0.0.0/0 reject-with icmp-port-unreachable REJECT all -- 84.53.243.133 0.0.0.0/0 reject-with icmp-port-unreachable REJECT all -- 113.53.236.29 0.0.0.0/0 reject-with icmp-port-unreachable RETURN all -- 0.0.0.0/0 0.0.0.0/0 Looking at the iptables output, I focus on the “fail2ban-*” chains and discern what to do next. In the excerpt above, the fail2ban-default shows 4 different “REJECT all” addresses that acted naughty somehow. I’m going to release the ones that don’t seem harmful (probably deleted user accounts still hammering onto mail).  These two will go away: 181.109.140.23 186.136.174.237 So, to have it done, the line will contain:

iptables -D fail2ban-default -s 181.109.140.23 -j REJECT
and
iptables -D fail2ban-default -s 181.109.140.23 -j REJECT
This will delete (-D) from the fail2ban-default chain the source IP (-s) with its corresponding jump action (-j) REJECT. You can check and modify the containing parameters, as chain (-D), source IP (-s), and jump action (-j) to fit your deeds.  

undefined