[Firehol-support] run firehol before fail2ban

Phil Whineray phil at firehol.org
Sun Jan 22 21:33:03 GMT 2017


On Sun, Jan 22, 2017 at 07:11:09PM +0100, Jonathan Baecker wrote:
> For this situation I guess a backport solution or a init script will not
> really help. It would be great o have an option in firehol where I can run
> post commands after a firewall is establish, so I could say run me /service
> fail2ban restart/ after, but I think it is not integrated.

Have a look at FIREHOL_NOTIFICATION_PROGRAM in firehol-defaults.conf
it it not documented other than the comments in that file, I think, but
it might do what you want.

> I need to try whats happen, if I remove the fail2ban init script and replace
> it with a systemd service. Maybe the update process will still work.

That's also reasonable. I think the fail2ban sources include an example
systemd service, albeit it probably knows nothing of firehol.

Cheers
Phil



More information about the Firehol-support mailing list