IP Bans - sharing my setup / asking help / feature request?

Configuration
1

Hi guys, just moved from docker setup to HA OS and everything should be easier but I’m struggling moving from fail2ban to the included ip filtering function of http integration.

This to enable the banning:

http:
  ip_ban_enabled: true
  login_attempts_threshold: 5

These will create 2 entities, one with the full content of ip_bans.yaml and the other with the number of bans:

command_line:
  - sensor:
      command: 'cat /config/ip_bans.yaml'
      name: "IP Bans"
      unique_id: ip_bans
      icon: mdi:cancel
      scan_interval: 30
  - sensor:
      command: "grep banned_at /config/ip_bans.yaml|wc -l"
      name: "IP Banned"
      unique_id: ip_banned
      icon: mdi:cancel
      scan_interval: 30

Then it’s easy to share the result on frontend and make it appear only in case there is some ban:

type: grid
cards:
  - type: heading
    icon: mdi:cancel
    heading: Network Bans
    heading_style: subtitle
    badges:
      - type: entity
        show_state: true
        show_icon: true
        entity: sensor.ip_banned
        color: red
        icon: mdi:alert-octagram
        tap_action:
          action: more-info
        visibility:
          - condition: numeric_state
            entity: sensor.ip_banned
            above: 0
    visibility:
      - condition: numeric_state
        entity: sensor.ip_banned
        above: 0
    tap_action:
      action: perform-action
      perform_action: input_boolean.toggle
      target:
        entity_id: input_boolean.dashboard_domotica_bans
  - type: markdown
    content: |2-
        ## <ha-icon icon="mdi:block-helper"></ha-icon> &nbsp;IP Bannati
        {{ states('sensor.ip_bans') }}
    visibility:
      - condition: numeric_state
        entity: sensor.ip_banned
        above: 0
      - condition: state
        entity: input_boolean.dashboard_domotica_bans
        state: "on"

Schermata_20250525_100003
Schermata_20250525_100003513×176 10.7 KB

and with:

shell_command:
    clear_ipbans: cat /dev/null > /config/ip_bans.yaml

…I can empty the file and unban everybody.
I probably could do a script that gets in input the ip to unban and with some bash-kungfu delete only the two corresponding lines.
Then I can automate the unban in a specific time of the day or after X time the file is updated and so re-create the “temporary” ban as with fail2ban.

BUT the issue is now that after emptying the file, the entire home assistant OS need to be restarted as per documentation.

Is it possible to reload only http integration or some other part of HA to avoid a full reboot?
Maybe some CLI command is enough to reload only the network part?

Otherwise, this is probably a good feature request.

2

Nope. This request has been open for nearly 7 years: Service or UI to remove banned IP addresses

3

this is sad, as the related request on github was closed with “i don’t have time for this” :cry:

I was hoping there was at least some hackish way to reload only some part of the system somehow, some way… it’s strange a network rule can be instantly activated but not as easily deactivated.