Alex-Devera/3x-ui
1
0
Fork 0
mirror of https://github.com/MHSanaei/3x-ui.git synced 2025-04-19 21:42:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

enable firewall + open port + update geo files

Browse source
This commit is contained in:
MHSanaei 2023-04-02 18:12:00 +03:30
parent 87acb81496
commit c07b2c73d7
3 changed files with 73 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.github/workflows/release.yml vendored
View file

@ -27,6 +27,7 @@ jobs:
rm -f Xray-linux-64.zip geoip.dat geosite.dat rm -f Xray-linux-64.zip geoip.dat geosite.dat
wget https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geoip.dat wget https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geoip.dat
wget https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geosite.dat wget https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geosite.dat
wget https://github.com/bootmortis/iran-hosted-domains/releases/latest/download/iran.dat
mv xray xray-linux-amd64 mv xray xray-linux-amd64
cd .. cd ..
cd .. cd ..

4
web/html/xui/setting.html
View file

@ -345,7 +345,7 @@
if(this.templateSettings != null){ if(this.templateSettings != null){
this.templateSettings.routing.rules.forEach(routingRule => { this.templateSettings.routing.rules.forEach(routingRule => {
if(routingRule.hasOwnProperty("domain")){ if(routingRule.hasOwnProperty("domain")){
if (routingRule.domain[0] === "regexp:.+.ir$" && routingRule.outboundTag == "blocked"){ if ((routingRule.domain[0] === "regexp:.+.ir$" || routingRule.domain[0] === "ext:iran.dat:ir") && routingRule.outboundTag == "blocked") {
localdomainFilter = true localdomainFilter = true
} }
} }
@ -356,7 +356,7 @@
set: function (newValue) { set: function (newValue) {
newTemplateSettings = JSON.parse(this.allSetting.xrayTemplateConfig); newTemplateSettings = JSON.parse(this.allSetting.xrayTemplateConfig);
if (newValue){ if (newValue){
newTemplateSettings.routing.rules.push(JSON.parse("{\"outboundTag\": \"blocked\",\"domain\": [\"regexp:.+.ir$\"],\"type\": \"field\"}")) newTemplateSettings.routing.rules.push(JSON.parse("{\"outboundTag\": \"blocked\",\"domain\": [\"regexp:.+.ir$\", \"ext:iran.dat:ir\"],\"type\": \"field\"}"))
} }
else { else {
newTemplateSettings.routing.rules = []; newTemplateSettings.routing.rules = [];

74
x-ui.sh
View file

@ -454,6 +454,64 @@ ssl_cert_issue() {
fi fi
} }
open_ports() {
# Check if the firewall is inactive
if sudo ufw status | grep -q "Status: active"; then
echo "firewall is already active"
else
# Open the necessary ports
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https
sudo ufw allow 2053/tcp
# Enable the firewall
sudo ufw --force enable
fi
# Prompt the user to enter a list of ports
read -p "Enter the ports you want to open (e.g. 80,443,2053 or range 400-500): " ports
# Check if the input is valid
if ! [[ $ports =~ ^([0-9]+|[0-9]+-[0-9]+)(,([0-9]+|[0-9]+-[0-9]+))*$ ]]; then
echo "Error: Invalid input. Please enter a comma-separated list of ports or a range of ports (e.g. 80,443,2053 or 400-500)." >&2; exit 1
fi
# Open the specified ports using ufw
IFS=',' read -ra PORT_LIST <<< "$ports"
for port in "${PORT_LIST[@]}"; do
if [[ $port == *-* ]]; then
# Split the range into start and end ports
start_port=$(echo $port | cut -d'-' -f1)
end_port=$(echo $port | cut -d'-' -f2)
# Loop through the range and open each port
for ((i=start_port; i<=end_port; i++)); do
sudo ufw allow $i
done
else
sudo ufw allow "$port"
fi
done
# Confirm that the ports are open
sudo ufw status | grep $ports
}
update_geo(){
systemctl stop x-ui
cd /usr/local/x-ui/bin
rm -f geoip.dat geosite.dat iran.dat
wget -N https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geoip.dat
wget -N https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geosite.dat
wget -N https://github.com/bootmortis/iran-hosted-domains/releases/latest/download/iran.dat
systemctl start x-ui
echo -e "${green}Geosite and Geoip have been updated successfully!${plain}"
before_show_menu
}
install_acme() { install_acme() {
cd ~ cd ~
LOGI "install acme..." LOGI "install acme..."
@ -532,8 +590,8 @@ ssl_cert_issue_standalone() {
fi fi
#install cert #install cert
~/.acme.sh/acme.sh --installcert -d ${domain} --ca-file /root/cert/ca.cer \ ~/.acme.sh/acme.sh --installcert -d ${domain} --ca-file /root/cert/ca.cer \
--cert-file /root/cert/${domain}.cer --key-file /root/cert/${domain}.key \ --cert-file /root/cert/${domain}.cer --key-file /root/cert/privkey.pem \
--fullchain-file /root/cert/fullchain.cer --fullchain-file /root/cert/fullchain.pem
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
LOGE "install certs failed,exit" LOGE "install certs failed,exit"
@ -682,9 +740,11 @@ show_menu() {
———————————————— ————————————————
${green}15.${plain} Enable BBR ${green}15.${plain} Enable BBR
${green}16.${plain} Issuse Certs ${green}16.${plain} Issuse Certs
${green}17.${plain} Update Geoip and Geosite
${green}18.${plain} Enable Firewall and open Ports
" "
show_status show_status
echo && read -p "Please enter your selection [0-16]: " num echo && read -p "Please enter your selection [0-18]: " num
case "${num}" in case "${num}" in
0) 0)
@ -738,8 +798,14 @@ show_menu() {
16) 16)
ssl_cert_issue ssl_cert_issue
;; ;;
17)
update_geo
;;
18)
open_ports
;;
*) *)
LOGE "Please enter the correct number [0-16]" LOGE "Please enter the correct number [0-18]"
;; ;;
esac esac
} }