Re: Fail2Ban Question: Can I do this without restarting the service?

[cyaiplexys <cyaiplexys@sitesplace.net>]

On 08/16/2018 09:52 AM, john doe wrote:
> On 8/16/2018 1:45 PM, cyaiplexys wrote:
> > On 08/16/2018 02:36 AM, john doe wrote:
> > > On 8/16/2018 3:29 AM, cyaiplexys wrote:
> > > > I have a list of IP addresses I want to ban and I put them in 
> > > > /etc/fail2ban/action.d/iptables-multiport.conf as so:
> > > >
> > > > cat /etc/fail2ban/ip.blacklist.perm | while read IP; do iptables -I 
> > > > fail2ban-<name> 1 -s $IP -j DROP; done
> > > >
> > > > (that was supposed to be all on one line, of course)
> > > >
> > > > So, I have read that when you do things this way, you MUST restart 
> > > > fail2ban (sudo service fail2ban restart).
> > > >
> > > > Is there a better way to do this? I have a cron job that gathers IP 
> > > > addresses that get more than 1,000 hits from the apache log file and 
> > > > that gets put in the ip.blacklist.perm file.
> > > >
> > > > I know *nothing* about fail2ban. I just read of this technique via 
> > > > Google. But when using Google, I can't find another way to do this 
> > > > that doesn't require a restart of the service.
> > > >
> > > > Any ideas on other ways to do this?
> > >
> > > I would use ipset.
> > > Googling "fail2ban ipset" gives some interesting stuff.
> >
> > Thank you for the magic search term. :) I tried it and found at least 
> > 3 articles I bookmarked for reading.
> To query the status and start/stop/restart the service fail2ban, 
> beginning with Debian 8 you would use 'systemd':
> $ systemctl status/start/restart/stop fail2ban
>
>
> Also increasing log verbosity when setting up fail2ban might not hurt.
>
> https://www.digitalocean.com/community/tutorials/how-to-protect-an-apache-server-with-fail2ban-on-ubuntu-14-04 

The problem is, I want to update things *without* having to restart the 
fail2ban service for ever time I make a change. (I already know now to 
start/stop/restart).