Suspend log monitoring during logrotate
Instead of restarting fail2ban daemon
This commit is contained in:
parent
71c09c53f4
commit
c203c38bf7
|
@ -17,7 +17,8 @@ safe_symlink("restart", "root/etc/e-smith/events/fail2ban-conf/services2adjust/f
|
|||
safe_symlink("restart", "root/etc/e-smith/events/network-create/services2adjust/fail2ban");
|
||||
safe_symlink("restart", "root/etc/e-smith/events/network-delete/services2adjust/fail2ban");
|
||||
safe_symlink("restart", "root/etc/e-smith/events/remoteaccess-update/services2adjust/fail2ban");
|
||||
safe_symlink("restart", "root/etc/e-smith/events/logrotate/services2adjust/fail2ban");
|
||||
event_link("fail2ban-suspend-logs", "logrotate", "02");
|
||||
event_link("fail2ban-resume-logs", "logrotate", "98");
|
||||
|
||||
safe_touch("root/var/log/fail2ban/daemon.log");
|
||||
|
||||
|
|
|
@ -0,0 +1,28 @@
|
|||
#!/bin/sh
|
||||
|
||||
STATUS=$(/sbin/e-smith/db configuration getprop fail2ban status || echo disabled)
|
||||
if [ "$STATUS" != "enabled" ]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
sleep 1
|
||||
for JAIL in http-overflows http-noscript http-scan http-auth; do
|
||||
/usr/bin/fail2ban-client status $JAIL > /dev/null 2>&1
|
||||
if [ $? -eq 0 ]; then
|
||||
/usr/bin/fail2ban-client set $JAIL addlogpath /var/log/httpd/error_log
|
||||
fi
|
||||
done
|
||||
|
||||
for JAIL in pam-generic ftp; do
|
||||
/usr/bin/fail2ban-client status $JAIL > /dev/null 2>&1
|
||||
if [ $? -eq 0 ]; then
|
||||
/usr/bin/fail2ban-client set $JAIL addlogpath /var/log/secure
|
||||
fi
|
||||
done
|
||||
|
||||
for JAIL in lemonldap; do
|
||||
/usr/bin/fail2ban-client status $JAIL > /dev/null 2>&1
|
||||
if [ $? -eq 0 ]; then
|
||||
/usr/bin/fail2ban-client set $JAIL addlogpath /var/log/messages
|
||||
fi
|
||||
done
|
|
@ -0,0 +1,27 @@
|
|||
#!/bin/sh
|
||||
|
||||
STATUS=$(/sbin/e-smith/db configuration getprop fail2ban status || echo disabled)
|
||||
if [ "$STATUS" != "enabled" ]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
for JAIL in http-overflows http-noscript http-scan http-auth; do
|
||||
/usr/bin/fail2ban-client status $JAIL > /dev/null 2>&1
|
||||
if [ $? -eq 0 ]; then
|
||||
/usr/bin/fail2ban-client set $JAIL dellogpath /var/log/httpd/error_log
|
||||
fi
|
||||
done
|
||||
|
||||
for JAIL in pam-generic ftp; do
|
||||
/usr/bin/fail2ban-client status $JAIL > /dev/null 2>&1
|
||||
if [ $? -eq 0 ]; then
|
||||
/usr/bin/fail2ban-client set $JAIL dellogpath /var/log/secure
|
||||
fi
|
||||
done
|
||||
|
||||
for JAIL in lemonldap; do
|
||||
/usr/bin/fail2ban-client status $JAIL > /dev/null 2>&1
|
||||
if [ $? -eq 0 ]; then
|
||||
/usr/bin/fail2ban-client set $JAIL dellogpath /var/log/messages
|
||||
fi
|
||||
done
|
Loading…
Reference in New Issue