diff options
author | Yaroslav Halchenko <debian@onerussian.com> | 2007-01-04 17:03:35 +0000 |
---|---|---|
committer | Yaroslav Halchenko <debian@onerussian.com> | 2007-01-04 17:03:35 +0000 |
commit | e8ce484c0574967a3264e90e7fdb6dd217029ca6 (patch) | |
tree | 81c2e142d02b084f9fc1fdacf78e8a5ab39e2a2c | |
parent | a81dd8b103e6f03bdb9a4236217eb8b61208bb24 (diff) | |
download | fail2ban-e8ce484c0574967a3264e90e7fdb6dd217029ca6.tar.gz |
reworked init script a bit: waiting on stop and ping instead of statusdebian/0.7.5-3+pre6
-rw-r--r-- | debian/changelog | 13 | ||||
-rw-r--r-- | debian/fail2ban.init | 23 |
2 files changed, 21 insertions, 15 deletions
diff --git a/debian/changelog b/debian/changelog index edf121f2..0fdf1395 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,15 +1,20 @@ -fail2ban (0.7.5-3~pre5) unstable; urgency=low +fail2ban (0.7.5-3~pre6) unstable; urgency=low * Fail2ban now bans vsftpd logins (corrected logfile path and failregex) (Closes: #404060) * Made fail2ban-server tollerate multiple <HOST> entries in failregex * Moved call to dh_pycentral before dh_installinit * Removed unnecessary call of dh_shlibdeps - * Added filter ssh-ddos to fight DDOS attacks. Must be used with caution if - there is a possibility of clients accessing through unreliable connection - (Closes: #404487) + * Added filter ssh-ddos to fight DDOS attacks. Must be used with caution + if there is a possibility of valid clients accessing through + unreliable connection or faulty firewall (Closes: #404487) * Not applying patch any more for rigid python2.4 - it is default now in sid/etch + * Moving waiting loop for fail2ban-server to stop under do_stop + function, so it gets invoked by both 'restart' and 'stop' commands + * do_status action of init script is now using 'fail2ban-client ping' + instead of '... status' since we don't really use returned status + information, besides the return error code -- Yaroslav Halchenko <debian@onerussian.com> Tue, 26 Dec 2006 21:56:58 -0500 diff --git a/debian/fail2ban.init b/debian/fail2ban.init index f86c9f0e..4b155f5a 100644 --- a/debian/fail2ban.init +++ b/debian/fail2ban.init @@ -81,7 +81,7 @@ report_bug() # do_status() { - $DAEMON status > /dev/null + $DAEMON ping > /dev/null case $? in 0) return 0 ;; @@ -113,6 +113,17 @@ do_stop() # other if a failure occurred $DAEMON status > /dev/null || return 1 $DAEMON stop > /dev/null || return 2 + + # now we need actually to wait a bit since it might take time + # for server to react on client's stop request. Especially + # important for restart command on slow boxes + count=1 + while do_status && [ $count -lt 60 ]; do + sleep 1 + count=$(($count+1)) + done + [ $count -lt 60 ] || return 3 # failed to stop + return 0 } @@ -150,16 +161,6 @@ case "$1" in do_stop case "$?" in 0|1) - # now we need actually to wait a bit since it might take time - # for server to react on client's stop request - count=1 - while do_status && [ $count -lt 10 ]; do - sleep 1 - count=$(($count+1)) - done - - [ $count -lt 10 ] || log_end_msg 1 # failed to stop - do_start log_end_msg_wrapper $? 1 ;; |