From ee9124ffff22f6154a31371a3b4497db8890a6e3 Mon Sep 17 00:00:00 2001 From: eddy Date: Mon, 29 Jun 2026 03:03:55 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96Fail2ban=E6=9C=8D=E5=8A=A1?= =?UTF-8?q?=E5=90=AF=E5=8A=A8=E9=80=BB=E8=BE=91=EF=BC=8C=E4=BC=98=E5=85=88?= =?UTF-8?q?=E9=87=8D=E8=BD=BD=E9=85=8D=E7=BD=AE=E4=BB=A5=E4=BF=9D=E7=95=99?= =?UTF-8?q?=E5=B7=B2=E5=B0=81=E7=A6=81IP?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- vps_init.sh | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/vps_init.sh b/vps_init.sh index 9a2b745..8bd1512 100644 --- a/vps_init.sh +++ b/vps_init.sh @@ -756,9 +756,18 @@ bantime = 1h findtime = 10m EOF - # 重启Fail2ban - log "${YELLOW}重启Fail2ban服务...${NC}" - systemctl restart fail2ban 2>/dev/null || systemctl start fail2ban 2>/dev/null || log "${RED}Fail2ban服务启动失败${NC}" + # 应用配置:已运行则优先 reload(不中断防护、保留已封禁IP),未运行才 start + if systemctl is-active --quiet fail2ban; then + log "${YELLOW}Fail2ban正在运行,重载配置(保留已封禁IP)...${NC}" + systemctl reload fail2ban 2>/dev/null \ + || systemctl restart fail2ban 2>/dev/null \ + || log "${RED}Fail2ban配置重载失败${NC}" + else + log "${YELLOW}启动Fail2ban服务...${NC}" + systemctl start fail2ban 2>/dev/null \ + || systemctl restart fail2ban 2>/dev/null \ + || log "${RED}Fail2ban服务启动失败${NC}" + fi # 等待服务启动完成 log "${YELLOW}等待Fail2ban服务完全启动...${NC}"