How do I ban an attacker IP with Fail2Ban manually by command line?

You ban him manually by adding his IP to the firewall. If you are using UFW, then you write something like this in your command line:

ufw insert 1 deny from <ip> to any

But you do not want to do that manually - the purpose of Fail2Ban is to ban someone automatically. Use this tutorial to configure Fail2Ban to automatically update your UFW rules. The importan part is to add banaction = ufw-SOMETHING to your jail.conf, and then create ufw-SOMETHING.conf in the /etc/fail2ban/action.d/ folder with the following content:

[Definition]
actionstart =
actionstop =
actioncheck =
actionban = ufw insert 1 deny from <ip> to any
actionunban = ufw delete deny from <ip> to any

This will ban the IP completely for a predefined amount of time. If you want to ban him until next reboot, omit the actionunban command.

sudo fail2ban-client -vvv set JAIL banip WW.XX.YY.ZZ

Check the jail where to add the IP using sudo fail2ban-client status

sudo fail2ban-client -vvv  'set' 'jail' 'banip' 'ip'

Definitely works as the manual solution. Just login via ssh and execute.

only thing is I keep getting "beatify" messages?

Also not sure if this will ban an ip range e.g. enter '185.130.5' to ban all ranges from '185.130.5.0' to 255?

I use ipset with iptables. Ipset allows you to add ip addresses to a blacklist that can be enforced via iptables. Here is a full explation and an example below:

# install it
apt-get install ipset

# create a blacklist
ipset create blacklist hash:ip hashsize 4096

# add the blacklist to your iptables rules
iptables -I INPUT -m set --match-set blacklist src -j DROP
iptables -I FORWARD -m set --match-set blacklist src -j DROP

# check that rule is set in iptables
iptables -L

# now add the offending ip address
ipset add blacklist ip.address

# check that the ip address is in your blacklist
ipset list blacklist

You're all set.