优化Fail2ban服务启动逻辑,优先重载配置以保留已封禁IP
This commit is contained in:
+12
-3
@@ -756,9 +756,18 @@ bantime = 1h
|
|||||||
findtime = 10m
|
findtime = 10m
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
# 重启Fail2ban
|
# 应用配置:已运行则优先 reload(不中断防护、保留已封禁IP),未运行才 start
|
||||||
log "${YELLOW}重启Fail2ban服务...${NC}"
|
if systemctl is-active --quiet fail2ban; then
|
||||||
systemctl restart fail2ban 2>/dev/null || systemctl start fail2ban 2>/dev/null || log "${RED}Fail2ban服务启动失败${NC}"
|
log "${YELLOW}Fail2ban正在运行,重载配置(保留已封禁IP)...${NC}"
|
||||||
|
systemctl reload fail2ban 2>/dev/null \
|
||||||
|
|| systemctl restart fail2ban 2>/dev/null \
|
||||||
|
|| log "${RED}Fail2ban配置重载失败${NC}"
|
||||||
|
else
|
||||||
|
log "${YELLOW}启动Fail2ban服务...${NC}"
|
||||||
|
systemctl start fail2ban 2>/dev/null \
|
||||||
|
|| systemctl restart fail2ban 2>/dev/null \
|
||||||
|
|| log "${RED}Fail2ban服务启动失败${NC}"
|
||||||
|
fi
|
||||||
|
|
||||||
# 等待服务启动完成
|
# 等待服务启动完成
|
||||||
log "${YELLOW}等待Fail2ban服务完全启动...${NC}"
|
log "${YELLOW}等待Fail2ban服务完全启动...${NC}"
|
||||||
|
|||||||
Reference in New Issue
Block a user