From 5114a13bb71daab15ded713cc971bfe3e6be2a06 Mon Sep 17 00:00:00 2001
From: Hamidreza Ghavami <70919649+hamid-gh98@users.noreply.github.com>
Date: Tue, 27 Jun 2023 18:16:49 +0430
Subject: [PATCH] Update x-ui.sh to use the log env variable
---
x-ui.sh | 105 ++++++++++++++++++++++++++++----------------------------
1 file changed, 52 insertions(+), 53 deletions(-)
diff --git a/x-ui.sh b/x-ui.sh
index 69c1d813..506266e9 100644
--- a/x-ui.sh
+++ b/x-ui.sh
@@ -59,8 +59,8 @@ fi
# Declare Variables
log_folder="${XUI_LOG_FOLDER:=/var/log}"
-jail_log_path="${log_folder}/3xipl.log"
-jail_banned_log_path="${log_folder}/3xipl-banned.log"
+iplimit_log_path="${log_folder}/3xipl.log"
+iplimit_banned_log_path="${log_folder}/3xipl-banned.log"
confirm() {
@@ -703,7 +703,7 @@ run_speedtest() {
speedtest
}
-create_iplimit_jail() {
+create_iplimit_jails() {
# Use default bantime if not passed => 5 minutes
local bantime="${1:-5}"
@@ -712,13 +712,44 @@ create_iplimit_jail() {
enabled=true
filter=3x-ipl
action=3x-ipl
-logpath=${jail_log_path}
+logpath=${iplimit_log_path}
maxretry=3
findtime=100
bantime=${bantime}m
EOF
- echo -e "${green}Created Ip Limit jail with a bantime of ${bantime} minutes.${plain}"
+ sudo cat << EOF > /etc/fail2ban/filter.d/3x-ipl.conf
+[Definition]
+datepattern = ^%%Y/%%m/%%d %%H:%%M:%%S
+failregex = \[LIMIT_IP\]\s*Email\s*=\s*.+\s*\|\|\s*SRC\s*=\s*
+ignoreregex =
+EOF
+
+ sudo cat << EOF > /etc/fail2ban/action.d/3x-ipl.conf
+[INCLUDES]
+before = iptables-common.conf
+
+[Definition]
+actionstart = -N f2b-
+ -A f2b- -j
+ -I -p -j f2b-
+
+actionstop = -D -p -j f2b-
+
+ -X f2b-
+
+actioncheck = -n -L | grep -q 'f2b-[ \t]'
+
+actionban = -I f2b- 1 -s -j
+ echo "\$(date +"%%Y/%%m/%%d %%H:%%M:%%S") BAN [Email] = [IP] = banned for seconds." >> ${iplimit_banned_log_path}
+
+actionunban = -D f2b- -s -j
+ echo "\$(date +"%%Y/%%m/%%d %%H:%%M:%%S") UNBAN [Email] = [IP] = unbanned." >> ${iplimit_banned_log_path}
+
+[Init]
+EOF
+
+ echo -e "${green}Created Ip Limit jail files with a bantime of ${bantime} minutes.${plain}"
}
iplimit_main() {
@@ -732,24 +763,23 @@ iplimit_main() {
case "$choice" in
0)
show_menu ;;
- 1)
+ 1)
confirm "Proceed with installation of Fail2ban & IP Limit?" "y"
if [[ $? == 0 ]]; then
install_iplimit
else
iplimit_main
fi ;;
- 2)
+ 2)
read -rp "Please enter new Ban Duration in Minutes [default 5]: " NUM
if [[ $NUM =~ ^[0-9]+$ ]]; then
create_iplimit_jail ${NUM}
sudo systemctl restart fail2ban
- echo -e "${green}Bantime set to ${NUM} minutes successfully.${plain}"
else
echo -e "${red}${NUM} is not a number! Please, try again.${plain}"
fi
iplimit_main ;;
- 3)
+ 3)
confirm "Proceed with Unbanning everyone from IP Limit jail?" "y"
if [[ $? == 0 ]]; then
fail2ban-client reload --restart --unban 3x-ipl
@@ -760,9 +790,9 @@ iplimit_main() {
fi
iplimit_main ;;
4)
- if test -f "/var/log/3xipl-banned.log"; then
- if [[ -s "/var/log/3xipl-banned.log" ]]; then
- cat /var/log/3xipl-banned.log
+ if test -f "${iplimit_banned_log_path}"; then
+ if [[ -s "${iplimit_banned_log_path}" ]]; then
+ cat ${iplimit_banned_log_path}
else
echo -e "${red}Log file is empty.${plain}\n"
fi
@@ -770,7 +800,7 @@ iplimit_main() {
echo -e "${red}Log file not found. Please Install Fail2ban and IP Limit first.${plain}\n"
iplimit_main
fi ;;
- 5)
+ 5)
remove_iplimit ;;
*) echo "Invalid choice" ;;
esac
@@ -782,7 +812,7 @@ install_iplimit() {
# Check the OS and install necessary packages
case "${release}" in
ubuntu|debian)
- sudo apt-get update && sudo apt-get install fail2ban -y ;;
+ sudo apt update && sudo apt install fail2ban -y ;;
centos)
sudo yum -y update && sudo yum -y install fail2ban ;;
fedora)
@@ -805,49 +835,18 @@ install_iplimit() {
fi
# Check if log file exists
- if ! test -f "/var/log/3xipl-banned.log"; then
- touch /var/log/3xipl-banned.log
+ if ! test -f "${iplimit_banned_log_path}"; then
+ touch ${iplimit_banned_log_path}
fi
# Check if service log file exists so fail2ban won't return error
- if ! test -f "/var/log/3xipl.log"; then
- touch /var/log/3xipl.log
+ if ! test -f "${iplimit_log_path}"; then
+ touch ${iplimit_log_path}
fi
- # Create the iplimit jail file
+ # Create the iplimit jail files
# we didn't pass the bantime here to use the default value
- create_iplimit_jail
-
- sudo cat > /etc/fail2ban/filter.d/3x-ipl.conf << EOF
-[Definition]
-datepattern = ^%%Y/%%m/%%d %%H:%%M:%%S
-failregex = \[LIMIT_IP\]\s*Email\s*=\s*.+\s*\|\|\s*SRC\s*=\s*
-ignoreregex =
-EOF
-
- sudo cat > /etc/fail2ban/action.d/3x-ipl.conf << 'EOF'
-[INCLUDES]
-before = iptables-common.conf
-
-[Definition]
-actionstart = -N f2b-
- -A f2b- -j
- -I -p -j f2b-
-
-actionstop = -D -p -j f2b-
-
- -X f2b-
-
-actioncheck = -n -L | grep -q 'f2b-[ \t]'
-
-actionban = -I f2b- 1 -s -j
- echo "$(date +"%%Y/%%m/%%d %%H:%%M:%%S") BAN [Email] = [IP] = banned for seconds." >> /var/log/3xipl-banned.log
-
-actionunban = -D f2b- -s -j
- echo "$(date +"%%Y/%%m/%%d %%H:%%M:%%S") UNBAN [Email] = [IP] = unbanned." >> /var/log/3xipl-banned.log
-
-[Init]
-EOF
+ create_iplimit_jails
# Launching fail2ban
if ! sudo systemctl is-active --quiet fail2ban; then
@@ -882,7 +881,7 @@ remove_iplimit(){
sudo systemctl disable fail2ban
case "${release}" in
ubuntu|debian)
- sudo apt-get remove fail2ban -y ;;
+ sudo apt remove fail2ban -y ;;
centos)
sudo yum -y remove fail2ban ;;
fedora)
@@ -891,7 +890,7 @@ remove_iplimit(){
echo -e "${red}Unsupported operating system. Please uninstall Fail2ban manually.${plain}\n"
exit 1 ;;
esac
- rm -rf /etc/fail2ban/*
+ rm -rf /etc/fail2ban
echo -e "${green}Fail2ban and IP Limit removed successfully!${plain}\n"
before_show_menu ;;
0)