diff --git a/config/debian-initd b/config/debian-initd index 169bed40..8694449d 100644 --- a/config/debian-initd +++ b/config/debian-initd @@ -3,11 +3,11 @@ # Fail2Ban init.d file - to be launched on boot # # Written by Miquel van Smoorenburg . -# Modified for Debian +# Modified for Debian # by Ian Murdock . # Adjusted for Fail2Ban # by Yaroslav Halchenko . -# +# # Version: $Id$ # @@ -27,20 +27,19 @@ DAEMON_OPTS=$FAIL2BAN_OPTS set -e case "$1" in - start) + start) echo -n "Starting $DESC: " [ -f $PIDFILE ] && [ ! -d /proc/`cat $PIDFILE` ] && rm -f $PIDFILE - start-stop-daemon --start --quiet --pidfile /var/run/$NAME.pid \ - -b --exec $DAEMON -- $DAEMON_OPTS + start-stop-daemon --start --quiet --pidfile $PIDFILE \ + -b --exec $DAEMON -- $DAEMON_OPTS echo "$NAME." ;; - stop) + stop) echo -n "Stopping $DESC: " - start-stop-daemon --stop --quiet --pidfile /var/run/$NAME.pid - # rm -f $PIDFILE # now is removed by fail2ban itself + start-stop-daemon --stop --quiet --pidfile $PIDFILE echo "$NAME." ;; - restart|force-reload) + restart|force-reload) # # If the "reload" option is implemented, move the "force-reload" # option to the "reload" entry above. If not, "force-reload" is @@ -51,10 +50,27 @@ case "$1" in sleep 1 $0 start ;; - *) + status) + echo -n "Status of $DESC: " + if [ ! -e "$PIDFILE" ]; then + echo "$NAME is not running." + exit 3 + fi + if [ ! -r "$PIDFILE" ]; then + echo "$PIDFILE not readable, status of $NAME unknown." + exit 4 + fi + if [ -d /proc/`cat "$PIDFILE"` ]; then + echo "$NAME is running." + exit 0 + else + echo "$NAME is not running but $PIDFILE exists." + exit 1 + fi + ;; + *) N=/etc/init.d/$NAME - # echo "Usage: $N {start|stop|restart|reload|force-reload}" >&2 - echo "Usage: $N {start|stop|restart|force-reload}" >&2 + echo "Usage: $N {start|stop|restart|force-reload|status}" >&2 exit 1 ;; esac diff --git a/debian/README.Debian b/debian/README.Debian index 862cf3a5..098ea358 100644 --- a/debian/README.Debian +++ b/debian/README.Debian @@ -14,7 +14,11 @@ Only handling of ssh files is enabled by default. If you want to use fail2ban with apache, please enable apache section manually in /etc/fail2ban.conf. +Currently no checks if an iptables queue generated at the beginning +(fail2ban-http and fail2ban-ssh) exists. So if your firewall resets +the iptable rules -- it is your responsibility to restart fail2ban. + See TODO.Debian for more details, as well as the Debian Bug Tracking system. - -- Yaroslav O. Halchenko , Thu Aug 18 20:53:58 2005 + -- Yaroslav O. Halchenko , Fri Sep 9 14:55:29 2005 diff --git a/debian/changelog b/debian/changelog index 1d381146..f8ce2224 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +fail2ban (0.5.2-5) unstable; urgency=low + + * Included a patch from Stephen Gildea to provide "status" report by + init.d script + * Included a note in README.Debian regarding the fail2ban iptable's + chains + + -- Yaroslav Halchenko Fri, 9 Sep 2005 14:52:24 -0400 + fail2ban (0.5.2-4) unstable; urgency=low * Format of SYSLOG entries is up to the standard now @@ -16,7 +25,7 @@ fail2ban (0.5.2-3) unstable; urgency=low * Moved fail2ban man page under section 8 as in upstream * Introduced findtime configuration variable to control the lifetime of caught "failed" log entries (closes: #323840) - + -- Yaroslav Halchenko Tue, 16 Aug 2005 11:23:28 -1000 fail2ban (0.5.2-2) unstable; urgency=low @@ -53,4 +62,3 @@ fail2ban (0.4.1-1) unstable; urgency=low * First upstream release of a Debian package -- Yaroslav Halchenko Mon, 04 Jul 2005 11:47:23 +0300 -