LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page "systemd Centos7 "how to run other command with "Servie iptables restart " after it .
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 02-12-2022, 09:21 AM   #1
dr.x
Member
 
Registered: Jan 2013
Posts: 231

Rep: Reputation: Disabled
"systemd Centos7 "how to run other command with "Servie iptables restart " after it .

Hello Folks ,
im running centos 7 .
i have iptables and fail2ban.

When i run :
service iptables restart
i see all the rules of fail2ban go and i need to make service fail2ban restart.

My question is how can i let the command
service iptables restart , to run service fail2ban restart too ?

cat /usr/lib/systemd/system/iptables.service

[Unit]
Description=IPv4 firewall with iptables
Before=network-pre.target
Wants=network-pre.target
Before=ip6tables.service
After=syslog.target
AssertPathExists=/etc/sysconfig/iptables

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/libexec/iptables/iptables.init start
ExecReload=/usr/libexec/iptables/iptables.init reload
ExecStop=/usr/libexec/iptables/iptables.init stop
Environment=BOOTUP=serial
Environment=CONSOLETYPE=serial
StandardOutput=syslog
StandardError=syslog

[Install]
WantedBy=basic.target



ALso :

cat /usr/lib/systemd/system/fail2ban.service
[Unit]
Description=Fail2Ban Service
Documentation=man:fail2ban(1)
After=network.target iptables.service firewalld.service ip6tables.service ipset.service nftables.service
PartOf=firewalld.service

[Service]
Type=simple
Environment="PYTHONNOUSERSITE=1"
ExecStartPre=/bin/mkdir -p /run/fail2ban
ExecStart=/usr/bin/fail2ban-server -xf start
# if should be logged in systemd journal, use following line or set logtarget to sysout in fail2ban.local
# ExecStart=/usr/bin/fail2ban-server -xf --logtarget=sysout start
ExecStop=/usr/bin/fail2ban-client stop
ExecReload=/usr/bin/fail2ban-client reload
PIDFile=/run/fail2ban/fail2ban.pid
Restart=on-failure
RestartPreventExitStatus=0 255

[Install]
WantedBy=multi-user.target



So i tried to add some command in the iptables file to be like :


[Unit]
Description=IPv4 firewall with iptables
Before=network-pre.target
Wants=network-pre.target
Before=ip6tables.service
After=syslog.target
AssertPathExists=/etc/sysconfig/iptables

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStartPre=/usr/bin/fail2ban-server -xf restart. ---->Added this line
ExecStart=/usr/libexec/iptables/iptables.init start
ExecReload=/usr/libexec/iptables/iptables.init reload
ExecStop=/usr/libexec/iptables/iptables.init stop
Environment=BOOTUP=serial
Environment=CONSOLETYPE=serial
StandardOutput=syslog
StandardError=syslog

[Install]
WantedBy=basic.target



But i always get errors when i run :
service iptables restart.

Can I add && run parallel commands with the Systemd iptables file?


Regards
 
Old 02-12-2022, 10:00 AM   #2
shruggy
Senior Member
 
Registered: Mar 2020
Posts: 3,677

Rep: Reputation: Disabled
Code:
sudo yum -y install firewalld
sudo systemctl start firewalld
sudo systemctl enable firewalld
See Chapter 5. Using Firewalls in the RHEL Security Guide.
Last edited by shruggy; 02-12-2022 at 10:04 AM.
 
Old 02-12-2022, 10:09 AM   #3
michaelk
Moderator
 
Registered: Aug 2002
Posts: 25,766

Rep: Reputation: 5933Reputation: 5933Reputation: 5933Reputation: 5933Reputation: 5933Reputation: 5933Reputation: 5933Reputation: 5933Reputation: 5933Reputation: 5933Reputation: 5933
You do not need a special systemd service just use systemctl instead of service.

Code:
systemctl restart iptables fail2ban
Are you actually iptables versus firewalld?
Last edited by michaelk; 02-12-2022 at 10:21 AM.
 
Old 02-12-2022, 02:26 PM   #4
dr.x
Member
 
Registered: Jan 2013
Posts: 231

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by michaelk View Post
You do not need a special systemd service just use systemctl instead of service.

Code:
systemctl restart iptables fail2ban
Are you actually iptables versus firewalld?


Using iptables

Thanks
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
"systemd[1]: Failed to mount /run/systemd/cryptsetup/keydev-crypt5" <= boot error after Bullseye (Debian 11) debootstrap installation libCognition Debian 0 05-25-2021 01:48 AM
[SOLVED] CentOS7: systemd-journald[4372]: Failed to open system journal: Not a directory. Sum1 CentOS 5 03-17-2021 01:33 PM
Any problem if I install CENTOS7 Workstation over CENTOS7 Server? Rich Strebendt Linux - Software 5 05-03-2018 11:05 PM
servie iptables not working in fedora 20 running on Virtual Box Pauravi Linux - Newbie 4 09-01-2014 11:45 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:50 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration