#! /bin/bash # # fail2ban Start/Stop the fail2ban daemon. # # chkconfig: 2345 90 60 # description: Fail2Ban scans log files and bans IP \ # that makes too many password failures. # of the collected data. # processname: fail2ban-server # config: /etc/fail2ban/fail2ban # pidfile: /var/run/fail2ban/fail2ban.pid # ### BEGIN INIT INFO # Provides: fail2ban # Required-Start: $network # Required-Stop: $network # Default-Start: 2 3 4 5 # Short-Description: fail2ban # Description: Fail2Ban scans log files and bans IP \ # that makes too many password failures. # of the collected data. ### END INIT INFO # Source function library. . /etc/init.d/functions # Check that the config file exists [ -f /etc/fail2ban/fail2ban.conf ] || exit 0 FAIL2BAN="/usr/bin/fail2ban-client" RETVAL=0 getpid() { pid=`ps -eo pid,comm | grep fail2ban- | awk '{ print $1 }'` } start() { gprintf "Starting fail2ban: " getpid if [ -z "$pid" ]; then $FAIL2BAN -x start > /dev/null RETVAL=$? fi if [ $RETVAL -eq 0 ]; then touch /var/lock/subsys/fail2ban echo_success else echo_failure fi echo return $RETVAL } stop() { gprintf "Stopping fail2ban: " getpid RETVAL=$? if [ -n "$pid" ]; then $FAIL2BAN stop > /dev/null sleep 1 getpid if [ -z "$pid" ]; then rm -f /var/lock/subsys/fail2ban echo_success else echo_failure fi else echo_failure fi echo return $RETVAL } # See how we were called. case "$1" in start) start ;; stop) stop ;; status) getpid if [ -n "$pid" ]; then gprintf "Fail2ban (pid %s) is running...\n" "$pid" $FAIL2BAN status else RETVAL=1 gprintf "Fail2ban is stopped\n" fi ;; restart) stop start ;; *) gprintf "Usage: %s {start|stop|status|restart}\n" "$0" exit 1 ;; esac exit $RETVAL