blob: ddd26ec5fd3fcec49148c260db8d31f01b0755e1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
#!/bin/sh
#
### BEGIN INIT INFO
# Provides: fail2ban
# Required-Start: $remote_fs $local_fs
# Should-Start: $syslog $time $network iptables
# Required-Stop: $remote_fs $local_fs
# Should-Stop: $syslog $time $network iptables
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
# Pidfile: /var/run/fail2ban/fail2ban.pid
# Short-Description: Bans IPs with too many authentication failures
# Description: Start fail2ban to scan logfiles and ban IP addresses
# which make too many logfiles failures, and/or sent e-mails about
### END INIT INFO
# Check for missing binaries (stale symlinks should not happen)
FAIL2BAN_CLI=/usr/bin/fail2ban-client
test -x $FAIL2BAN_CLI || { echo "$FAIL2BAN_CLI not installed";
if [ "$1" = "stop" ]; then exit 0;
else exit 5; fi; }
FAIL2BAN_SRV=/usr/bin/fail2ban-server
test -x $FAIL2BAN_SRV || { echo "$FAIL2BAN_SRV not installed";
if [ "$1" = "stop" ]; then exit 0;
else exit 5; fi; }
FAIL2BAN_CONFIG="/etc/sysconfig/fail2ban"
FAIL2BAN_SOCKET_DIR="/var/run/fail2ban"
FAIL2BAN_SOCKET="$FAIL2BAN_SOCKET_DIR/fail2ban.sock"
FAIL2BAN_PID="$FAIL2BAN_SOCKET_DIR/fail2ban.pid"
if [ -e $FAIL2BAN_CONFIG ]; then
. $FAIL2BAN_CONFIG
fi
. /etc/rc.status
rc_reset
case "$1" in
start)
echo -n "Starting fail2ban "
if [ ! -d $FAIL2BAN_SOCKET_DIR ]; then
mkdir -p $FAIL2BAN_SOCKET_DIR
fi
if [ -e $FAIL2BAN_SOCKET ]; then
if ! lsof -n $FAIL2BAN_SOCKET &>/dev/null; then
rm $FAIL2BAN_SOCKET
fi
fi
$FAIL2BAN_CLI -x -q $FAIL2BAN_OPTIONS start &>/dev/null 2>&1
rc_status -v
;;
stop)
echo -n "Shutting down fail2ban "
## Stop daemon with built-in functionality 'stop'
/sbin/startproc -w $FAIL2BAN_CLI -q stop > /dev/null 2>&1
if [ -f $FAIL2BAN_SOCKET ]
then
echo "$FAIL2BAN_SOCKET not removed .. removing .."
rm $FAIL2BAN_SOCKET
fi
if [ -f $FAIL2BAN_PID ]
then
echo "$FAIL2BAN_PID not removed .. removing .."
rm $FAIL2BAN_PID
fi
rc_status -v
;;
try-restart|condrestart)
$0 status
if test $? = 0; then
$0 restart
else
rc_reset # Not running is not a failure.
fi
rc_status
;;
restart)
$0 stop
i=60
while [ -e $FAIL2BAN_SOCKET ] && [ $i -gt 0 ]; do
sleep 1
i=$[$i-1]
echo -n "."
done
$0 start
rc_status
;;
reload|force-reload)
echo -n "Reload service Fail2ban "
/sbin/startproc $FAIL2BAN_CLI -q reload > /dev/null 2>&1
rc_status -v
;;
status)
echo -n "Checking for service fail2ban "
/sbin/checkproc $FAIL2BAN_SRV
rc_status -v
;;
*)
echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}"
exit 1
;;
esac
rc_exit
|
