Open andyb2000 opened 2 months ago
As far as I know the behavior you're looking for is the "reload"-argument for AIF. Did you try that?
@abelbeck : I can't recall exactly, but didn't we implement logic for this somewhere? I even recall there previously (many years ago) was a special fail2ban plugin for this?
@arnova : good memory, for many years our AstLinux project has had an "Adaptive Ban plugin" for AIF. We don't support python
, so we built a mini-fail2ban plugin in bash
with sed
regex doing most of the work.
@andyb2000 : A few ideas ...
1) The elegant solution would be to create a Fail2Ban AIF plugin, that would simply start/stop/restart Fail2Ban as AIF needed. Though probably too much work for the worth. And start/stop could interfere with systemd.
2) Hack the AIF main script around here [1] to restart fail2ban
as needed.
3) Create a trivial shell script that calls both arno-iptables-firewall
and fail2ban
(check return codes to be fancy) that you would call interactively.
Hi, Not so much an issue but a feature request. I use AIF (have done for probably 20+years!) and fail2ban, the problem being I often reload arno-iptables-firewall for various reasons and when reloaded fail2ban obviously loses it's ban chains it's created and therefore won't block until it's process gets reloaded.
My request is an option to 'chain' other commands at successful completion of the arno-iptables start/restart/apply process so I can then chain in a simple "/etc/init.d/fail2ban reload" to ensure after arno reloads it brings the fail2ban chains in also.