Alex-Devera/3x-ui
1
0
Fork 0
mirror of https://github.com/MHSanaei/3x-ui.git synced 2025-08-30 14:56:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

update and some improvement for client ip job

Browse source
This commit is contained in:
Hamidreza Ghavami 2023-06-27 19:57:13 +04:30
parent 2461dd26d8
commit 0385048b38
No known key found for this signature in database
GPG key ID: 402C6797325182D9
5 changed files with 81 additions and 111 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
database/db.go
View file

@ -6,6 +6,7 @@ import (
"io/fs" "io/fs"
"os" "os"
"path" "path"
"x-ui/config" "x-ui/config"
"x-ui/database/model" "x-ui/database/model"
"x-ui/xray" "x-ui/xray"
@ -26,7 +27,6 @@ var initializers = []func() error{
} }
func initUser() error { func initUser() error {
err := db.AutoMigrate(&model.User{}) err := db.AutoMigrate(&model.User{})
if err != nil { if err != nil {
return err return err
@ -54,9 +54,11 @@ func initInbound() error {
func initSetting() error { func initSetting() error {
return db.AutoMigrate(&model.Setting{}) return db.AutoMigrate(&model.Setting{})
} }
func initInboundClientIps() error { func initInboundClientIps() error {
return db.AutoMigrate(&model.InboundClientIps{}) return db.AutoMigrate(&model.InboundClientIps{})
} }
func initClientTraffic() error { func initClientTraffic() error {
return db.AutoMigrate(&xray.ClientTraffic{}) return db.AutoMigrate(&xray.ClientTraffic{})
} }

3
web/controller/inbound.go
View file

@ -3,6 +3,7 @@ package controller
import ( import (
"fmt" "fmt"
"strconv" "strconv"
"x-ui/database/model" "x-ui/database/model"
"x-ui/logger" "x-ui/logger"
"x-ui/web/global" "x-ui/web/global"
@ -40,7 +41,6 @@ func (a *InboundController) initRouter(g *gin.RouterGroup) {
g.POST("/resetAllTraffics", a.resetAllTraffics) g.POST("/resetAllTraffics", a.resetAllTraffics)
g.POST("/resetAllClientTraffics/:id", a.resetAllClientTraffics) g.POST("/resetAllClientTraffics/:id", a.resetAllClientTraffics)
g.POST("/delDepletedClients/:id", a.delDepletedClients) g.POST("/delDepletedClients/:id", a.delDepletedClients)
} }
func (a *InboundController) startTask() { func (a *InboundController) startTask() {
@ -79,6 +79,7 @@ func (a *InboundController) getInbound(c *gin.Context) {
} }
jsonObj(c, inbound, nil) jsonObj(c, inbound, nil)
} }
func (a *InboundController) getClientTraffics(c *gin.Context) { func (a *InboundController) getClientTraffics(c *gin.Context) {
email := c.Param("email") email := c.Param("email")
clientTraffics, err := a.inboundService.GetClientTrafficByEmail(email) clientTraffics, err := a.inboundService.GetClientTrafficByEmail(email)

169
web/job/check_client_ip_job.go
View file

@ -5,23 +5,26 @@ import (
"log" "log"
"os" "os"
"regexp" "regexp"
"x-ui/database"
"x-ui/database/model"
"x-ui/logger"
"x-ui/web/service"
"x-ui/xray"
"sort" "sort"
"strings" "strings"
"time" "time"
"x-ui/database"
"x-ui/database/model"
"x-ui/logger"
"x-ui/xray"
) )
type CheckClientIpJob struct { type CheckClientIpJob struct {}
xrayService service.XrayService
}
var job *CheckClientIpJob var job *CheckClientIpJob
var disAllowedIps []string var disAllowedIps []string
var ipFiles = []string{
xray.GetBlockedIPsPath(),
xray.GetIPLimitLogPath(),
xray.GetIPLimitBannedLogPath(),
xray.GetAccessPersistentLogPath(),
}
func NewCheckClientIpJob() *CheckClientIpJob { func NewCheckClientIpJob() *CheckClientIpJob {
job = new(CheckClientIpJob) job = new(CheckClientIpJob)
@ -31,37 +34,28 @@ func NewCheckClientIpJob() *CheckClientIpJob {
func (j *CheckClientIpJob) Run() { func (j *CheckClientIpJob) Run() {
logger.Debug("Check Client IP Job...") logger.Debug("Check Client IP Job...")
if hasLimitIp() { // create files required for iplimit if not exists
//create log file for Fail2ban IP Limit for i := 0; i < len(ipFiles); i++ {
logIpFile, err := os.OpenFile("/var/log/3xipl.log", os.O_CREATE|os.O_APPEND|os.O_RDWR, 0644) file, err := os.OpenFile(ipFiles[i], os.O_CREATE|os.O_APPEND|os.O_RDWR, 0644)
checkError(err) j.checkError(err)
defer logIpFile.Close() defer file.Close()
log.SetOutput(logIpFile)
log.SetFlags(log.LstdFlags)
//create file to collect access.log to another file accessp.log (p=persistent)
logAccessP, err := os.OpenFile("/usr/local/x-ui/accessp.log", os.O_CREATE|os.O_APPEND|os.O_RDWR, 0644)
checkError(err)
defer logAccessP.Close()
processLogFile()
} }
// check for limit ip
if j.hasLimitIp() {
j.processLogFile()
}
// write to blocked ips
blockedIps := []byte(strings.Join(disAllowedIps, ",")) blockedIps := []byte(strings.Join(disAllowedIps, ","))
err := os.WriteFile(xray.GetBlockedIPsPath(), blockedIps, 0644)
// check if file exists, if not create one j.checkError(err)
_, err := os.Stat(xray.GetBlockedIPsPath())
if os.IsNotExist(err) {
_, err = os.OpenFile(xray.GetBlockedIPsPath(), os.O_RDWR|os.O_CREATE, 0755)
checkError(err)
}
err = os.WriteFile(xray.GetBlockedIPsPath(), blockedIps, 0755)
checkError(err)
} }
func hasLimitIp() bool { func (j *CheckClientIpJob) hasLimitIp() bool {
db := database.GetDB() db := database.GetDB()
var inbounds []*model.Inbound var inbounds []*model.Inbound
err := db.Model(model.Inbound{}).Find(&inbounds).Error err := db.Model(model.Inbound{}).Find(&inbounds).Error
if err != nil { if err != nil {
return false return false
@ -83,11 +77,12 @@ func hasLimitIp() bool {
} }
} }
} }
return false return false
} }
func processLogFile() { func (j *CheckClientIpJob) processLogFile() {
accessLogPath := GetAccessLogPath() accessLogPath := xray.GetAccessLogPath()
if accessLogPath == "" { if accessLogPath == "" {
logger.Warning("access.log doesn't exist in your config.json") logger.Warning("access.log doesn't exist in your config.json")
return return
@ -95,7 +90,7 @@ func processLogFile() {
data, err := os.ReadFile(accessLogPath) data, err := os.ReadFile(accessLogPath)
InboundClientIps := make(map[string][]string) InboundClientIps := make(map[string][]string)
checkError(err) j.checkError(err)
lines := strings.Split(string(data), "\n") lines := strings.Split(string(data), "\n")
for _, line := range lines { for _, line := range lines {
@ -116,7 +111,7 @@ func processLogFile() {
matchesEmail = strings.TrimSpace(strings.Split(matchesEmail, "email: ")[1]) matchesEmail = strings.TrimSpace(strings.Split(matchesEmail, "email: ")[1])
if InboundClientIps[matchesEmail] != nil { if InboundClientIps[matchesEmail] != nil {
if contains(InboundClientIps[matchesEmail], ip) { if j.contains(InboundClientIps[matchesEmail], ip) {
continue continue
} }
InboundClientIps[matchesEmail] = append(InboundClientIps[matchesEmail], ip) InboundClientIps[matchesEmail] = append(InboundClientIps[matchesEmail], ip)
@ -125,68 +120,50 @@ func processLogFile() {
InboundClientIps[matchesEmail] = append(InboundClientIps[matchesEmail], ip) InboundClientIps[matchesEmail] = append(InboundClientIps[matchesEmail], ip)
} }
} }
} }
disAllowedIps = []string{} disAllowedIps = []string{}
shouldCleanLog := false shouldCleanLog := false
for clientEmail, ips := range InboundClientIps { for clientEmail, ips := range InboundClientIps {
inboundClientIps, err := GetInboundClientIps(clientEmail) inboundClientIps, err := j.getInboundClientIps(clientEmail)
sort.Strings(ips) sort.Strings(ips)
if err != nil { if err != nil {
addInboundClientIps(clientEmail, ips) j.addInboundClientIps(clientEmail, ips)
} else { } else {
shouldCleanLog = updateInboundClientIps(inboundClientIps, clientEmail, ips) shouldCleanLog = j.updateInboundClientIps(inboundClientIps, clientEmail, ips)
} }
} }
// added 3 seconds delay before cleaning logs to reduce chance of logging IP that already has been banned
time.Sleep(time.Second * 3) time.Sleep(time.Second * 3)
//added 3 seconds delay before cleaning logs to reduce chance of logging IP that already has been banned
if shouldCleanLog { if shouldCleanLog {
//copy log // copy access log to persistent file
logAccessP, err := os.OpenFile("/usr/local/x-ui/accessp.log", os.O_CREATE|os.O_APPEND|os.O_RDWR, 0644) logAccessP, err := os.OpenFile(xray.GetAccessPersistentLogPath(), os.O_CREATE|os.O_APPEND|os.O_RDWR, 0644)
checkError(err) j.checkError(err)
input, err := os.ReadFile(accessLogPath) input, err := os.ReadFile(accessLogPath)
checkError(err) j.checkError(err)
if _, err := logAccessP.Write(input); err != nil { if _, err := logAccessP.Write(input); err != nil {
checkError(err) j.checkError(err)
} }
defer logAccessP.Close() defer logAccessP.Close()
// clean log
if err := os.Truncate(GetAccessLogPath(), 0); err != nil { // clean access log
checkError(err) if err := os.Truncate(xray.GetAccessLogPath(), 0); err != nil {
j.checkError(err)
} }
} }
} }
func GetAccessLogPath() string {
config, err := os.ReadFile(xray.GetConfigPath()) func (j *CheckClientIpJob) checkError(e error) {
checkError(err)
jsonConfig := map[string]interface{}{}
err = json.Unmarshal([]byte(config), &jsonConfig)
checkError(err)
if jsonConfig["log"] != nil {
jsonLog := jsonConfig["log"].(map[string]interface{})
if jsonLog["access"] != nil {
accessLogPath := jsonLog["access"].(string)
return accessLogPath
}
}
return ""
}
func checkError(e error) {
if e != nil { if e != nil {
logger.Warning("client ip job err:", e) logger.Warning("client ip job err:", e)
} }
} }
func contains(s []string, str string) bool {
func (j *CheckClientIpJob) contains(s []string, str string) bool {
for _, v := range s { for _, v := range s {
if v == str { if v == str {
return true return true
@ -195,7 +172,8 @@ func contains(s []string, str string) bool {
return false return false
} }
func GetInboundClientIps(clientEmail string) (*model.InboundClientIps, error) {
func (j *CheckClientIpJob) getInboundClientIps(clientEmail string) (*model.InboundClientIps, error) {
db := database.GetDB() db := database.GetDB()
InboundClientIps := &model.InboundClientIps{} InboundClientIps := &model.InboundClientIps{}
err := db.Model(model.InboundClientIps{}).Where("client_email = ?", clientEmail).First(InboundClientIps).Error err := db.Model(model.InboundClientIps{}).Where("client_email = ?", clientEmail).First(InboundClientIps).Error
@ -204,10 +182,11 @@ func GetInboundClientIps(clientEmail string) (*model.InboundClientIps, error) {
} }
return InboundClientIps, nil return InboundClientIps, nil
} }
func addInboundClientIps(clientEmail string, ips []string) error {
func (j *CheckClientIpJob) addInboundClientIps(clientEmail string, ips []string) error {
inboundClientIps := &model.InboundClientIps{} inboundClientIps := &model.InboundClientIps{}
jsonIps, err := json.Marshal(ips) jsonIps, err := json.Marshal(ips)
checkError(err) j.checkError(err)
inboundClientIps.ClientEmail = clientEmail inboundClientIps.ClientEmail = clientEmail
inboundClientIps.Ips = string(jsonIps) inboundClientIps.Ips = string(jsonIps)
@ -229,17 +208,17 @@ func addInboundClientIps(clientEmail string, ips []string) error {
} }
return nil return nil
} }
func updateInboundClientIps(inboundClientIps *model.InboundClientIps, clientEmail string, ips []string) bool {
func (j *CheckClientIpJob) updateInboundClientIps(inboundClientIps *model.InboundClientIps, clientEmail string, ips []string) bool {
jsonIps, err := json.Marshal(ips) jsonIps, err := json.Marshal(ips)
checkError(err) j.checkError(err)
inboundClientIps.ClientEmail = clientEmail inboundClientIps.ClientEmail = clientEmail
inboundClientIps.Ips = string(jsonIps) inboundClientIps.Ips = string(jsonIps)
// check inbound limitation // check inbound limitation
inbound, err := GetInboundByEmail(clientEmail) inbound, err := j.getInboundByEmail(clientEmail)
checkError(err) j.checkError(err)
if inbound.Settings == "" { if inbound.Settings == "" {
logger.Debug("wrong data ", inbound) logger.Debug("wrong data ", inbound)
@ -251,13 +230,20 @@ func updateInboundClientIps(inboundClientIps *model.InboundClientIps, clientEmai
clients := settings["clients"] clients := settings["clients"]
shouldCleanLog := false shouldCleanLog := false
// create iplimit log file channel
logIpFile, err := os.OpenFile(xray.GetIPLimitLogPath(), os.O_CREATE|os.O_APPEND|os.O_RDWR, 0644)
if err != nil {
logger.Errorf("failed to create or open ip limit log file: %s", err)
}
defer logIpFile.Close()
log.SetOutput(logIpFile)
log.SetFlags(log.LstdFlags)
for _, client := range clients { for _, client := range clients {
if client.Email == clientEmail { if client.Email == clientEmail {
limitIp := client.LimitIP limitIp := client.LimitIP
if limitIp != 0 { if limitIp != 0 {
shouldCleanLog = true shouldCleanLog = true
if limitIp < len(ips) && inbound.Enable { if limitIp < len(ips) && inbound.Enable {
@ -280,27 +266,14 @@ func updateInboundClientIps(inboundClientIps *model.InboundClientIps, clientEmai
return shouldCleanLog return shouldCleanLog
} }
func DisableInbound(id int) error { func (j *CheckClientIpJob) getInboundByEmail(clientEmail string) (*model.Inbound, error) {
db := database.GetDB()
result := db.Model(model.Inbound{}).
Where("id = ? and enable = ?", id, true).
Update("enable", false)
err := result.Error
logger.Warning("disable inbound with id:", id)
if err == nil {
job.xrayService.SetToNeedRestart()
}
return err
}
func GetInboundByEmail(clientEmail string) (*model.Inbound, error) {
db := database.GetDB() db := database.GetDB()
var inbounds *model.Inbound var inbounds *model.Inbound
err := db.Model(model.Inbound{}).Where("settings LIKE ?", "%"+clientEmail+"%").Find(&inbounds).Error err := db.Model(model.Inbound{}).Where("settings LIKE ?", "%"+clientEmail+"%").Find(&inbounds).Error
if err != nil { if err != nil {
return nil, err return nil, err
} }
return inbounds, nil return inbounds, nil
} }

12
web/service/inbound.go
View file

@ -5,6 +5,7 @@ import (
"fmt" "fmt"
"strings" "strings"
"time" "time"
"x-ui/database" "x-ui/database"
"x-ui/database/model" "x-ui/database/model"
"x-ui/logger" "x-ui/logger"
@ -74,7 +75,6 @@ func (s *InboundService) getAllEmails() ([]string, error) {
FROM inbounds, FROM inbounds,
JSON_EACH(JSON_EXTRACT(inbounds.settings, '$.clients')) AS client JSON_EACH(JSON_EXTRACT(inbounds.settings, '$.clients')) AS client
`).Scan(&emails).Error `).Scan(&emails).Error
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -816,7 +816,8 @@ func (s *InboundService) UpdateClientStat(email string, client *model.Client) er
"enable": true, "enable": true,
"email": client.Email, "email": client.Email,
"total": client.TotalGB, "total": client.TotalGB,
"expiry_time": client.ExpiryTime}) "expiry_time": client.ExpiryTime,
})
err := result.Error err := result.Error
if err != nil { if err != nil {
return err return err
@ -1068,8 +1069,8 @@ func (s *InboundService) ResetClientIpLimitByEmail(clientEmail string, count int
return err return err
} }
return nil return nil
} }
func (s *InboundService) ResetClientExpiryTimeByEmail(clientEmail string, expiry_time int64) error { func (s *InboundService) ResetClientExpiryTimeByEmail(clientEmail string, expiry_time int64) error {
_, inbound, err := s.GetClientInboundByEmail(clientEmail) _, inbound, err := s.GetClientInboundByEmail(clientEmail)
if err != nil { if err != nil {
@ -1126,7 +1127,6 @@ func (s *InboundService) ResetClientExpiryTimeByEmail(clientEmail string, expiry
return err return err
} }
return nil return nil
} }
func (s *InboundService) ResetClientTrafficByEmail(clientEmail string) error { func (s *InboundService) ResetClientTrafficByEmail(clientEmail string) error {
@ -1137,7 +1137,6 @@ func (s *InboundService) ResetClientTrafficByEmail(clientEmail string) error {
Updates(map[string]interface{}{"enable": true, "up": 0, "down": 0}) Updates(map[string]interface{}{"enable": true, "up": 0, "down": 0})
err := result.Error err := result.Error
if err != nil { if err != nil {
return err return err
} }
@ -1209,7 +1208,6 @@ func (s *InboundService) ResetAllClientTraffics(id int) error {
Updates(map[string]interface{}{"enable": true, "up": 0, "down": 0}) Updates(map[string]interface{}{"enable": true, "up": 0, "down": 0})
err := result.Error err := result.Error
if err != nil { if err != nil {
return err return err
} }
@ -1224,7 +1222,6 @@ func (s *InboundService) ResetAllTraffics() error {
Updates(map[string]interface{}{"up": 0, "down": 0}) Updates(map[string]interface{}{"up": 0, "down": 0})
err := result.Error err := result.Error
if err != nil { if err != nil {
return err return err
} }
@ -1411,7 +1408,6 @@ func (s *InboundService) ClearClientIps(clientEmail string) error {
Where("client_email = ?", clientEmail). Where("client_email = ?", clientEmail).
Update("ips", "") Update("ips", "")
err := result.Error err := result.Error
if err != nil { if err != nil {
return err return err
} }

4
web/service/server.go
View file

@ -14,6 +14,7 @@ import (
"runtime" "runtime"
"strings" "strings"
"time" "time"
"x-ui/config" "x-ui/config"
"x-ui/database" "x-ui/database"
"x-ui/logger" "x-ui/logger"
@ -250,7 +251,6 @@ func (s *ServerService) GetXrayVersions() ([]string, error) {
} }
func (s *ServerService) StopXrayService() (string error) { func (s *ServerService) StopXrayService() (string error) {
err := s.xrayService.StopXray() err := s.xrayService.StopXray()
if err != nil { if err != nil {
logger.Error("stop xray failed:", err) logger.Error("stop xray failed:", err)
@ -261,7 +261,6 @@ func (s *ServerService) StopXrayService() (string error) {
} }
func (s *ServerService) RestartXrayService() (string error) { func (s *ServerService) RestartXrayService() (string error) {
s.xrayService.StopXray() s.xrayService.StopXray()
defer func() { defer func() {
err := s.xrayService.RestartXray(true) err := s.xrayService.RestartXray(true)
@ -377,7 +376,6 @@ func (s *ServerService) UpdateXray(version string) error {
} }
return nil return nil
} }
func (s *ServerService) GetLogs(count string, logLevel string) ([]string, error) { func (s *ServerService) GetLogs(count string, logLevel string) ([]string, error) {