Alex-Devera/3x-ui
1
0
Fork 0
mirror of https://github.com/MHSanaei/3x-ui.git synced 2025-08-30 23:06:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Update x-ui.sh to use the log env variable

Browse source
This commit is contained in:
Hamidreza Ghavami 2023-06-27 18:16:49 +04:30
parent 218590394e
commit 5114a13bb7
No known key found for this signature in database
GPG key ID: 402C6797325182D9
1 changed files with 52 additions and 53 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

105
x-ui.sh
View file

@ -59,8 +59,8 @@ fi
# Declare Variables # Declare Variables
log_folder="${XUI_LOG_FOLDER:=/var/log}" log_folder="${XUI_LOG_FOLDER:=/var/log}"
jail_log_path="${log_folder}/3xipl.log" iplimit_log_path="${log_folder}/3xipl.log"
jail_banned_log_path="${log_folder}/3xipl-banned.log" iplimit_banned_log_path="${log_folder}/3xipl-banned.log"
confirm() { confirm() {
@ -703,7 +703,7 @@ run_speedtest() {
speedtest speedtest
} }
create_iplimit_jail() { create_iplimit_jails() {
# Use default bantime if not passed => 5 minutes # Use default bantime if not passed => 5 minutes
local bantime="${1:-5}" local bantime="${1:-5}"
@ -712,13 +712,44 @@ create_iplimit_jail() {
enabled=true enabled=true
filter=3x-ipl filter=3x-ipl
action=3x-ipl action=3x-ipl
logpath=${jail_log_path} logpath=${iplimit_log_path}
maxretry=3 maxretry=3
findtime=100 findtime=100
bantime=${bantime}m bantime=${bantime}m
EOF EOF
echo -e "${green}Created Ip Limit jail with a bantime of ${bantime} minutes.${plain}" sudo cat << EOF > /etc/fail2ban/filter.d/3x-ipl.conf
[Definition]
datepattern = ^%%Y/%%m/%%d %%H:%%M:%%S
failregex = \[LIMIT_IP\]\s*Email\s*=\s*<F-USER>.+</F-USER>\s*\|\|\s*SRC\s*=\s*<ADDR>
ignoreregex =
EOF
sudo cat << EOF > /etc/fail2ban/action.d/3x-ipl.conf
[INCLUDES]
before = iptables-common.conf
[Definition]
actionstart = <iptables> -N f2b-<name>
<iptables> -A f2b-<name> -j <returntype>
<iptables> -I <chain> -p <protocol> -j f2b-<name>
actionstop = <iptables> -D <chain> -p <protocol> -j f2b-<name>
<actionflush>
<iptables> -X f2b-<name>
actioncheck = <iptables> -n -L <chain> | grep -q 'f2b-<name>[ \t]'
actionban = <iptables> -I f2b-<name> 1 -s <ip> -j <blocktype>
echo "\$(date +"%%Y/%%m/%%d %%H:%%M:%%S") BAN [Email] = <F-USER> [IP] = <ip> banned for <bantime> seconds." >> ${iplimit_banned_log_path}
actionunban = <iptables> -D f2b-<name> -s <ip> -j <blocktype>
echo "\$(date +"%%Y/%%m/%%d %%H:%%M:%%S") UNBAN [Email] = <F-USER> [IP] = <ip> unbanned." >> ${iplimit_banned_log_path}
[Init]
EOF
echo -e "${green}Created Ip Limit jail files with a bantime of ${bantime} minutes.${plain}"
} }
iplimit_main() { iplimit_main() {
@ -732,24 +763,23 @@ iplimit_main() {
case "$choice" in case "$choice" in
0) 0)
show_menu ;; show_menu ;;
1) 1)
confirm "Proceed with installation of Fail2ban & IP Limit?" "y" confirm "Proceed with installation of Fail2ban & IP Limit?" "y"
if [[ $? == 0 ]]; then if [[ $? == 0 ]]; then
install_iplimit install_iplimit
else else
iplimit_main iplimit_main
fi ;; fi ;;
2) 2)
read -rp "Please enter new Ban Duration in Minutes [default 5]: " NUM read -rp "Please enter new Ban Duration in Minutes [default 5]: " NUM
if [[ $NUM =~ ^[0-9]+$ ]]; then if [[ $NUM =~ ^[0-9]+$ ]]; then
create_iplimit_jail ${NUM} create_iplimit_jail ${NUM}
sudo systemctl restart fail2ban sudo systemctl restart fail2ban
echo -e "${green}Bantime set to ${NUM} minutes successfully.${plain}"
else else
echo -e "${red}${NUM} is not a number! Please, try again.${plain}" echo -e "${red}${NUM} is not a number! Please, try again.${plain}"
fi fi
iplimit_main ;; iplimit_main ;;
3) 3)
confirm "Proceed with Unbanning everyone from IP Limit jail?" "y" confirm "Proceed with Unbanning everyone from IP Limit jail?" "y"
if [[ $? == 0 ]]; then if [[ $? == 0 ]]; then
fail2ban-client reload --restart --unban 3x-ipl fail2ban-client reload --restart --unban 3x-ipl
@ -760,9 +790,9 @@ iplimit_main() {
fi fi
iplimit_main ;; iplimit_main ;;
4) 4)
if test -f "/var/log/3xipl-banned.log"; then if test -f "${iplimit_banned_log_path}"; then
if [[ -s "/var/log/3xipl-banned.log" ]]; then if [[ -s "${iplimit_banned_log_path}" ]]; then
cat /var/log/3xipl-banned.log cat ${iplimit_banned_log_path}
else else
echo -e "${red}Log file is empty.${plain}\n" echo -e "${red}Log file is empty.${plain}\n"
fi fi
@ -770,7 +800,7 @@ iplimit_main() {
echo -e "${red}Log file not found. Please Install Fail2ban and IP Limit first.${plain}\n" echo -e "${red}Log file not found. Please Install Fail2ban and IP Limit first.${plain}\n"
iplimit_main iplimit_main
fi ;; fi ;;
5) 5)
remove_iplimit ;; remove_iplimit ;;
*) echo "Invalid choice" ;; *) echo "Invalid choice" ;;
esac esac
@ -782,7 +812,7 @@ install_iplimit() {
# Check the OS and install necessary packages # Check the OS and install necessary packages
case "${release}" in case "${release}" in
ubuntu|debian) ubuntu|debian)
sudo apt-get update && sudo apt-get install fail2ban -y ;; sudo apt update && sudo apt install fail2ban -y ;;
centos) centos)
sudo yum -y update && sudo yum -y install fail2ban ;; sudo yum -y update && sudo yum -y install fail2ban ;;
fedora) fedora)
@ -805,49 +835,18 @@ install_iplimit() {
fi fi
# Check if log file exists # Check if log file exists
if ! test -f "/var/log/3xipl-banned.log"; then if ! test -f "${iplimit_banned_log_path}"; then
touch /var/log/3xipl-banned.log touch ${iplimit_banned_log_path}
fi fi
# Check if service log file exists so fail2ban won't return error # Check if service log file exists so fail2ban won't return error
if ! test -f "/var/log/3xipl.log"; then if ! test -f "${iplimit_log_path}"; then
touch /var/log/3xipl.log touch ${iplimit_log_path}
fi fi
# Create the iplimit jail file # Create the iplimit jail files
# we didn't pass the bantime here to use the default value # we didn't pass the bantime here to use the default value
create_iplimit_jail create_iplimit_jails
sudo cat > /etc/fail2ban/filter.d/3x-ipl.conf << EOF
[Definition]
datepattern = ^%%Y/%%m/%%d %%H:%%M:%%S
failregex = \[LIMIT_IP\]\s*Email\s*=\s*<F-USER>.+</F-USER>\s*\|\|\s*SRC\s*=\s*<ADDR>
ignoreregex =
EOF
sudo cat > /etc/fail2ban/action.d/3x-ipl.conf << 'EOF'
[INCLUDES]
before = iptables-common.conf
[Definition]
actionstart = <iptables> -N f2b-<name>
<iptables> -A f2b-<name> -j <returntype>
<iptables> -I <chain> -p <protocol> -j f2b-<name>
actionstop = <iptables> -D <chain> -p <protocol> -j f2b-<name>
<actionflush>
<iptables> -X f2b-<name>
actioncheck = <iptables> -n -L <chain> | grep -q 'f2b-<name>[ \t]'
actionban = <iptables> -I f2b-<name> 1 -s <ip> -j <blocktype>
echo "$(date +"%%Y/%%m/%%d %%H:%%M:%%S") BAN [Email] = <F-USER> [IP] = <ip> banned for <bantime> seconds." >> /var/log/3xipl-banned.log
actionunban = <iptables> -D f2b-<name> -s <ip> -j <blocktype>
echo "$(date +"%%Y/%%m/%%d %%H:%%M:%%S") UNBAN [Email] = <F-USER> [IP] = <ip> unbanned." >> /var/log/3xipl-banned.log
[Init]
EOF
# Launching fail2ban # Launching fail2ban
if ! sudo systemctl is-active --quiet fail2ban; then if ! sudo systemctl is-active --quiet fail2ban; then
@ -882,7 +881,7 @@ remove_iplimit(){
sudo systemctl disable fail2ban sudo systemctl disable fail2ban
case "${release}" in case "${release}" in
ubuntu|debian) ubuntu|debian)
sudo apt-get remove fail2ban -y ;; sudo apt remove fail2ban -y ;;
centos) centos)
sudo yum -y remove fail2ban ;; sudo yum -y remove fail2ban ;;
fedora) fedora)
@ -891,7 +890,7 @@ remove_iplimit(){
echo -e "${red}Unsupported operating system. Please uninstall Fail2ban manually.${plain}\n" echo -e "${red}Unsupported operating system. Please uninstall Fail2ban manually.${plain}\n"
exit 1 ;; exit 1 ;;
esac esac
rm -rf /etc/fail2ban/* rm -rf /etc/fail2ban
echo -e "${green}Fail2ban and IP Limit removed successfully!${plain}\n" echo -e "${green}Fail2ban and IP Limit removed successfully!${plain}\n"
before_show_menu ;; before_show_menu ;;
0) 0)