CRITICAL FIX: Background all monitoring subprocess calls

Issue: Monitor functions were being called sequentially without & operator Result: First function (monitor_apache_logs with tail -F) blocked forever Impact: SYN monitoring, SSH monitoring, email monitoring, etc. NEVER RAN Before: monitor_apache_logs # Blocks on tail -F forever monitor_ssh_attacks # Never reached monitor_network_attacks # Never reached → Only apache monitoring attempted, all others skipped After: monitor_apache_logs & # Runs in background, continues monitor_ssh_attacks & # Also runs in background monitor_network_attacks & # Now runs correctly! → All monitoring runs in parallel This was the root cause of why SYN flood detection never worked. Now monitor_network_attacks will run independently and detect SYN-RECV connections properly. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-03-06 22:28:07 -05:00
parent f7ac93a626
commit f311b9b100
1 changed files with 9 additions and 8 deletions
@@ -3483,14 +3483,15 @@ auto_mitigation_engine() {
 }
 # Start all log monitoring sources
-monitor_apache_logs
+# Start all monitoring subprocesses in background
-monitor_ssh_attacks
+monitor_apache_logs &
-monitor_email_attacks
+monitor_ssh_attacks &
-monitor_ftp_attacks
+monitor_email_attacks &
-monitor_database_attacks
+monitor_ftp_attacks &
-monitor_firewall_blocks
+monitor_database_attacks &
-monitor_cphulk_blocks
+monitor_firewall_blocks &
-monitor_network_attacks
+monitor_cphulk_blocks &
 monitor_network_attacks &
 # Display IPset initialization status
 if [ -n "$IPSET_INIT_ERROR" ]; then