1#!/bin/sh 2### BEGIN INIT INFO 3# Provides: fail2ban 4# Required-Start: $local_fs $remote_fs 5# Required-Stop: $local_fs $remote_fs 6# Should-Start: $time $network $syslog iptables firehol shorewall ferm 7# Should-Stop: $network $syslog iptables firehol shorewall ferm 8# Default-Start: 2 3 4 5 9# Default-Stop: 0 1 6 10# Short-Description: Start/Stop fail2ban 11# Description: Start/Stop fail2ban, a daemon to ban hosts that cause multiple authentication errors 12### END INIT INFO 13 14# Source function library. 15. /etc/init.d/functions 16 17# Check that the config file exists 18[ -f /etc/fail2ban/fail2ban.conf ] || exit 0 19 20check_privsep_dir() { 21 # Create the PrivSep empty dir if necessary 22 if [ ! -d /var/run/fail2ban ]; then 23 mkdir /var/run/fail2ban 24 chmod 0755 /var/run/fail2ban 25 fi 26} 27 28FAIL2BAN="/usr/bin/fail2ban-client" 29prog=fail2ban-server 30lockfile=${LOCKFILE-/var/lock/subsys/fail2ban} 31socket=${SOCKET-/var/run/fail2ban/fail2ban.sock} 32pidfile=${PIDFILE-/var/run/fail2ban/fail2ban.pid} 33RETVAL=0 34 35start() { 36 echo -n $"Starting fail2ban: " 37 check_privsep_dir 38 ${FAIL2BAN} -x start > /dev/null 39 RETVAL=$? 40 if [ $RETVAL = 0 ]; then 41 touch ${lockfile} 42 success 43 else 44 failure 45 fi 46 echo 47 return $RETVAL 48} 49 50stop() { 51 echo -n $"Stopping fail2ban: " 52 ${FAIL2BAN} stop > /dev/null 53 RETVAL=$? 54 if [ $RETVAL = 0 ]; then 55 rm -f ${lockfile} ${pidfile} 56 success 57 else 58 failure 59 fi 60 echo 61 return $RETVAL 62} 63 64reload() { 65 echo "Reloading fail2ban: " 66 ${FAIL2BAN} reload 67 RETVAL=$? 68 echo 69 return $RETVAL 70} 71 72# See how we were called. 73case "$1" in 74 start) 75 status -p ${pidfile} ${prog} >/dev/null 2>&1 && exit 0 76 start 77 ;; 78 stop) 79 stop 80 ;; 81 reload) 82 reload 83 ;; 84 restart) 85 stop 86 start 87 ;; 88 status) 89 status -p ${pidfile} ${prog} 90 RETVAL=$? 91 [ $RETVAL = 0 ] && ${FAIL2BAN} status 92 ;; 93 *) 94 echo $"Usage: fail2ban {start|stop|restart|reload|status}" 95 RETVAL=2 96esac 97 98exit $RETVAL 99