From 8a24342b8514f4edbbd550f43e94ac2a84a1050e Mon Sep 17 00:00:00 2001
From: ssongliu <73214554+ssongliu@users.noreply.github.com>
Date: Wed, 6 Dec 2023 17:22:11 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20Fail2ban=20=E9=85=8D=E7=BD=AE=E6=96=87?=
 =?UTF-8?q?=E4=BB=B6=E5=8C=BA=E5=88=86=E7=B3=BB=E7=BB=9F=20(#3202)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/utils/toolbox/fail2ban.go | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/backend/utils/toolbox/fail2ban.go b/backend/utils/toolbox/fail2ban.go
index cc70d2f38..7e90dfc45 100644
--- a/backend/utils/toolbox/fail2ban.go
+++ b/backend/utils/toolbox/fail2ban.go
@@ -134,7 +134,7 @@ func initLocalFile() error {
 bantime = 600
 findtime = 300
 maxretry = 5
-banaction = firewallcmd-ipset
+banaction = $banaction
 action = %(action_mwl)s
 #DEFAULT-END
 
@@ -148,6 +148,16 @@ findtime = 300
 bantime = 600
 action = %(action_mwl)s
 logpath = /var/log/secure`
+
+	banaction := ""
+	if active, _ := systemctl.IsActive("firewalld"); active {
+		banaction = "firewallcmd-ipset"
+	} else if active, _ := systemctl.IsActive("ufw"); active {
+		banaction = "ufw"
+	} else {
+		banaction = "iptables-allports"
+	}
+	initFile = strings.ReplaceAll(initFile, "$banaction", banaction)
 	if err := os.WriteFile(defaultPath, []byte(initFile), 0640); err != nil {
 		return err
 	}