mirror of https://github.com/fail2ban/fail2ban
- Added a more robust firewall initialization loop. Thanks to Yaroslav Halchenko
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@235 a942ae1a-1317-0410-a47c-b1dcaea8d6050.6
parent
ad4280d506
commit
d29648d4de
20
fail2ban.py
20
fail2ban.py
|
@ -423,7 +423,25 @@ def main():
|
||||||
else:
|
else:
|
||||||
logSys.warn(ip + " is not a valid IP address")
|
logSys.warn(ip + " is not a valid IP address")
|
||||||
|
|
||||||
initializeFwRules()
|
# Startup loop -- necessary to avoid crash if it takes time for iptables
|
||||||
|
# to startup. To avoid introduction of new config options, reusing
|
||||||
|
# maxreinits and polltime.
|
||||||
|
reinits = 0
|
||||||
|
while True:
|
||||||
|
try:
|
||||||
|
initializeFwRules()
|
||||||
|
break
|
||||||
|
except ExternalError, e:
|
||||||
|
reinits += 1
|
||||||
|
logSys.warn(e)
|
||||||
|
if conf["maxreinits"] < 0 or (reinits < conf["maxreinits"]):
|
||||||
|
logSys.warn("#%d attempt to initialize the firewalls" % reinits)
|
||||||
|
else:
|
||||||
|
logSys.error("Exiting: Too many attempts to initialize the " +
|
||||||
|
"firewall")
|
||||||
|
killApp()
|
||||||
|
time.sleep(conf["polltime"])
|
||||||
|
|
||||||
# try to reinit once if it fails immediately
|
# try to reinit once if it fails immediately
|
||||||
lastReinitTime = time.time() - conf["reinittime"] - 1
|
lastReinitTime = time.time() - conf["reinittime"] - 1
|
||||||
reinits = 0
|
reinits = 0
|
||||||
|
|
Loading…
Reference in New Issue