fix: 修改防火墙状态判断方式 (#3258)

backend/app/dto/fail2ban.go

@@ -6,6 +6,7 @@ type Fail2BanBaseInfo struct {
 	IsExist  bool   `json:"isExist"`
 	Version  string `json:"version"`
 
+	Port      int    `json:"port"`
 	MaxRetry  int    `json:"maxRetry"`
 	BanTime   string `json:"banTime"`
 	FindTime  string `json:"findTime"`

backend/app/service/fail2ban.go

@@ -9,7 +9,7 @@ import (
 
 	"github.com/1Panel-dev/1Panel/backend/app/dto"
 	"github.com/1Panel-dev/1Panel/backend/buserr"
-	"github.com/1Panel-dev/1Panel/backend/utils/systemctl"
+	"github.com/1Panel-dev/1Panel/backend/utils/firewall"
 	"github.com/1Panel-dev/1Panel/backend/utils/toolbox"
 )
 
@@ -100,16 +100,18 @@ func (u *Fail2BanService) Operate(operation string) error {
 
 func (u *Fail2BanService) UpdateConf(req dto.Fail2BanUpdate) error {
 	if req.Key == "banaction" {
-		switch req.Value {
+		if req.Value == "firewallcmd-ipset" || req.Value == "ufw" {
-		case "firewallcmd-ipset":
+			client, err := firewall.NewFirewallClient()
-			isActive, _ := systemctl.IsActive("firewalld")
+			if err != nil {
-			if !isActive {
+				return err
-				return buserr.WithName("ErrBanAction", "firewalld")
 			}
-		case "ufw":
+			status, _ := client.Status()
-			isActive, _ := systemctl.IsActive("ufw")
+			if status != "running" {
-			if !isActive {
+				service := "firewalld"
-				return buserr.WithName("ErrBanAction", "ufw")
+				if req.Value == "ufw" {
+					service = "ufw"
+				}
+				return buserr.WithName("ErrBanAction", service)
 			}
 		}
 	}
@@ -209,6 +211,11 @@ func (u *Fail2BanService) OperateSSHD(req dto.Fail2BanSet) error {
 }
 
 func loadFailValue(line string, baseInfo *dto.Fail2BanBaseInfo) {
+	if strings.HasPrefix(line, "port") {
+		itemValue := strings.ReplaceAll(line, "port", "")
+		itemValue = strings.ReplaceAll(itemValue, "=", "")
+		baseInfo.Port, _ = strconv.Atoi(strings.TrimSpace(itemValue))
+	}
 	if strings.HasPrefix(line, "maxretry") {
 		itemValue := strings.ReplaceAll(line, "maxretry", "")
 		itemValue = strings.ReplaceAll(itemValue, "=", "")