2007-02-20 20:44:47 +00:00
|
|
|
#!/bin/sh
|
|
|
|
#
|
|
|
|
### BEGIN INIT INFO
|
|
|
|
# Provides: fail2ban
|
2013-05-03 06:56:30 +00:00
|
|
|
# Required-Start: $remote_fs $local_fs
|
|
|
|
# Should-Start: $syslog $time $network iptables
|
|
|
|
# Required-Stop: $remote_fs $local_fs
|
|
|
|
# Should-Stop: $syslog $time $network iptables
|
2007-02-20 20:44:47 +00:00
|
|
|
# Default-Start: 3 5
|
|
|
|
# Default-Stop: 0 1 2 6
|
2013-04-30 14:15:46 +00:00
|
|
|
# Pidfile: /var/run/fail2ban/fail2ban.pid
|
|
|
|
# Short-Description: Bans IPs with too many authentication failures
|
|
|
|
# Description: Start fail2ban to scan logfiles and ban IP addresses
|
|
|
|
# which make too many logfiles failures, and/or sent e-mails about
|
2007-02-20 20:44:47 +00:00
|
|
|
### END INIT INFO
|
|
|
|
|
2013-04-30 14:15:46 +00:00
|
|
|
# Check for missing binaries (stale symlinks should not happen)
|
|
|
|
FAIL2BAN_CLI=/usr/bin/fail2ban-client
|
|
|
|
test -x $FAIL2BAN_CLI || { echo "$FAIL2BAN_CLI not installed";
|
|
|
|
if [ "$1" = "stop" ]; then exit 0;
|
|
|
|
else exit 5; fi; }
|
|
|
|
FAIL2BAN_SRV=/usr/bin/fail2ban-server
|
|
|
|
test -x $FAIL2BAN_SRV || { echo "$FAIL2BAN_SRV not installed";
|
|
|
|
if [ "$1" = "stop" ]; then exit 0;
|
|
|
|
else exit 5; fi; }
|
2007-02-20 20:44:47 +00:00
|
|
|
|
2013-04-30 14:15:46 +00:00
|
|
|
FAIL2BAN_CONFIG="/etc/sysconfig/fail2ban"
|
|
|
|
FAIL2BAN_SOCKET_DIR="/var/run/fail2ban"
|
|
|
|
FAIL2BAN_SOCKET="$FAIL2BAN_SOCKET_DIR/fail2ban.sock"
|
|
|
|
FAIL2BAN_PID="$FAIL2BAN_SOCKET_DIR/fail2ban.pid"
|
2007-02-20 20:44:47 +00:00
|
|
|
|
2013-04-30 14:15:46 +00:00
|
|
|
if [ -e $FAIL2BAN_CONFIG ]; then
|
|
|
|
. $FAIL2BAN_CONFIG
|
|
|
|
fi
|
|
|
|
|
|
|
|
. /etc/rc.status
|
2007-02-20 20:44:47 +00:00
|
|
|
rc_reset
|
|
|
|
|
|
|
|
case "$1" in
|
|
|
|
start)
|
2013-04-30 14:15:46 +00:00
|
|
|
echo -n "Starting fail2ban "
|
|
|
|
|
|
|
|
if [ ! -d $FAIL2BAN_SOCKET_DIR ]; then
|
|
|
|
mkdir -p $FAIL2BAN_SOCKET_DIR
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ -e $FAIL2BAN_SOCKET ]; then
|
|
|
|
if ! lsof -n $FAIL2BAN_SOCKET &>/dev/null; then
|
|
|
|
rm $FAIL2BAN_SOCKET
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
$FAIL2BAN_CLI -x -q $FAIL2BAN_OPTIONS start &>/dev/null 2>&1
|
|
|
|
|
|
|
|
rc_status -v
|
|
|
|
;;
|
2007-02-20 20:44:47 +00:00
|
|
|
stop)
|
2013-04-30 14:15:46 +00:00
|
|
|
echo -n "Shutting down fail2ban "
|
|
|
|
## Stop daemon with built-in functionality 'stop'
|
|
|
|
/sbin/startproc -w $FAIL2BAN_CLI -q stop > /dev/null 2>&1
|
|
|
|
|
|
|
|
if [ -f $FAIL2BAN_SOCKET ]
|
|
|
|
then
|
2015-10-08 14:09:46 +00:00
|
|
|
echo "$FAIL2BAN_SOCKET not removed .. removing .."
|
2013-04-30 14:15:46 +00:00
|
|
|
rm $FAIL2BAN_SOCKET
|
2007-07-10 20:04:57 +00:00
|
|
|
fi
|
2013-04-30 14:15:46 +00:00
|
|
|
if [ -f $FAIL2BAN_PID ]
|
|
|
|
then
|
2015-10-08 14:09:46 +00:00
|
|
|
echo "$FAIL2BAN_PID not removed .. removing .."
|
2013-04-30 14:15:46 +00:00
|
|
|
rm $FAIL2BAN_PID
|
2007-07-10 20:04:57 +00:00
|
|
|
fi
|
2013-04-30 14:15:46 +00:00
|
|
|
|
|
|
|
|
|
|
|
rc_status -v
|
|
|
|
;;
|
|
|
|
try-restart|condrestart)
|
|
|
|
$0 status
|
|
|
|
if test $? = 0; then
|
|
|
|
$0 restart
|
|
|
|
else
|
|
|
|
rc_reset # Not running is not a failure.
|
|
|
|
fi
|
|
|
|
rc_status
|
|
|
|
;;
|
2007-02-20 20:44:47 +00:00
|
|
|
restart)
|
2013-04-30 14:15:46 +00:00
|
|
|
$0 stop
|
|
|
|
i=60
|
|
|
|
while [ -e $FAIL2BAN_SOCKET ] && [ $i -gt 0 ]; do
|
|
|
|
sleep 1
|
|
|
|
i=$[$i-1]
|
|
|
|
echo -n "."
|
|
|
|
done
|
|
|
|
$0 start
|
|
|
|
|
|
|
|
rc_status
|
|
|
|
;;
|
|
|
|
reload|force-reload)
|
|
|
|
echo -n "Reload service Fail2ban "
|
|
|
|
/sbin/startproc $FAIL2BAN_CLI -q reload > /dev/null 2>&1
|
2007-02-20 20:44:47 +00:00
|
|
|
|
2013-04-30 14:15:46 +00:00
|
|
|
rc_status -v
|
|
|
|
;;
|
2007-02-20 20:44:47 +00:00
|
|
|
status)
|
2013-04-30 14:15:46 +00:00
|
|
|
echo -n "Checking for service fail2ban "
|
|
|
|
/sbin/checkproc $FAIL2BAN_SRV
|
|
|
|
|
|
|
|
rc_status -v
|
|
|
|
;;
|
2007-07-10 20:04:57 +00:00
|
|
|
*)
|
2013-04-30 14:15:46 +00:00
|
|
|
echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}"
|
|
|
|
exit 1
|
|
|
|
;;
|
2007-07-10 20:04:57 +00:00
|
|
|
esac
|
2013-04-30 14:15:46 +00:00
|
|
|
rc_exit
|
|
|
|
|