$f2bV_matches on abuseipDB with APIV2 (not V1)

[Skyridr]

Using Fail2ban 0.11.0.3 and trying to set it up with AbuseIPDB using APIv2.

According to some issues, it was already resolved with:

actionban = lgm=$(printf '%%s\n...' "<matches>"); curl --fail --tlsv1.1 --data "key=<abuseipdb_apikey>" --data-urlencode "comment=$lgm" --data "ip=<ip>" --data "category=<abuseipdb_category>" "https://www.abuseipdb.com/report/json"

However, APIV2 is using a different setup:

actionban = curl --fail 'https://api.abuseipdb.com/api/v2/report' \
     -H 'Accept: application/json' \
     -H 'Key: <abuseipdb_apikey>' \
     --data-urlencode 'comment=<matches>' \
     --data-urlencode 'ip=<ip>' \
     --data 'categories=<abuseipdb_category>'

Which also results in $f2bV_matches showing up on the report comments on the abuseipDB website. API v1 is already deprecated, so I think the abuseipdb.conf file needs to be updated using the new api v2 code.

https://docs.abuseipdb.com/

[sebres]

This going to escape-issue (via variable) inside the fail2ban (since 0.10.x)...
Just use double quotation mark " instead:

- --data-urlencode 'comment=<matches>'
+ --data-urlencode "comment=<matches>"

[Skyridr]

Assumed as much as I just found out about it by doing some digging, thanks!

Will the abuseipdb.conf be updated with the v2 API actionban version though? Seeing v1 is deprecated.

[sebres]

YW

Will the abuseipdb.conf be updated with the v2 API actionban version though?

There is a PR #2302 that covers this. So welcome with testing.