diff --git a/vps_init.sh b/vps_init.sh index 9a2b745..8bd1512 100644 --- a/vps_init.sh +++ b/vps_init.sh @@ -756,9 +756,18 @@ bantime = 1h findtime = 10m EOF - # 重启Fail2ban - log "${YELLOW}重启Fail2ban服务...${NC}" - systemctl restart fail2ban 2>/dev/null || systemctl start fail2ban 2>/dev/null || log "${RED}Fail2ban服务启动失败${NC}" + # 应用配置:已运行则优先 reload(不中断防护、保留已封禁IP),未运行才 start + if systemctl is-active --quiet fail2ban; then + log "${YELLOW}Fail2ban正在运行,重载配置(保留已封禁IP)...${NC}" + systemctl reload fail2ban 2>/dev/null \ + || systemctl restart fail2ban 2>/dev/null \ + || log "${RED}Fail2ban配置重载失败${NC}" + else + log "${YELLOW}启动Fail2ban服务...${NC}" + systemctl start fail2ban 2>/dev/null \ + || systemctl restart fail2ban 2>/dev/null \ + || log "${RED}Fail2ban服务启动失败${NC}" + fi # 等待服务启动完成 log "${YELLOW}等待Fail2ban服务完全启动...${NC}"