#!/bin/sh # # /etc/init.d/fail2ban # and its symbolic link # /usr/sbin/rcfail2ban # ### BEGIN INIT INFO # Provides: fail2ban # Required-Start: $syslog $remote_fs sendmail # Required-Stop: $syslog $remote_fs # Should-Stop: $time ypbind sendmail # Default-Start: 3 5 # Default-Stop: 0 1 2 6 # Description: startup Fail2Ban ### END INIT INFO PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/sbin:/usr/bin:/bin FAIL2BAN_BIN=/usr/local/bin/fail2ban-client FAIL2BAN_SERVER=/usr/local/bin/fail2ban-server FAIL2BAN_SOCKET=/tmp/fail2ban.sock test -x $FAIL2BAN_BIN || { echo "$FAIL2BAN_BIN not installed"; if [ "$1" = "stop" ]; then exit 0; else exit 5; fi; } # Check for existence of needed config file and read it FAIL2BAN_CONFIG=/etc/fail2ban/fail2ban.conf test -r $FAIL2BAN_CONFIG || { echo "$FAIL2BAN_CONFIG not existing"; if [ "$1" = "stop" ]; then exit 0; else exit 6; fi; } . /etc/rc.status # Reset status of this service rc_reset case "$1" in start) echo -n "Starting Fail2Ban " /sbin/startproc $FAIL2BAN_BIN start &>/dev/null rc_status -v ;; stop) echo -n "Shutting down Fail2ban " /sbin/startproc $FAIL2BAN_BIN -q stop rc_status -v ;; try-restart|condrestart) if test "$1" = "condrestart"; then echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}" fi $0 status if test $? = 0; then $0 restart else rc_reset # Not running is not a failure. fi rc_status ;; restart) $0 stop echo -n "-wait a minute " i=60 while [ -e $FAIL2BAN_SOCKET ] && [ $i -gt 0 ]; do sleep 1 i=$[$i-1] echo -n "." done echo "." $0 start # Remember status and be quiet rc_status ;; force-reload) echo -n "Reload service Fail2ban " /sbin/startproc $FAIL2BAN_BIN -q reload rc_status -v ;; reload) echo -n "Reload service Fail2ban " /sbin/startproc $FAIL2BAN_BIN -q reload rc_status -v ;; status) echo -n "Checking for service Fail2ban " /sbin/checkproc $FAIL2BAN_SERVER rc_status -v ;; probe) test /etc/fail2ban/fail2ban.conf -nt /var/run/fail2ban.pid && echo reload ;; *) echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}" exit 1 ;; esac rc_exit