diff options
| author | somebodywashere <68244480+somebodywashere@users.noreply.github.com> | 2023-06-24 23:36:18 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-06-24 23:36:18 +0300 |
| commit | 6e22aa59e72a195c3436991ec830d45a220ce2c4 (patch) | |
| tree | e7e96ecfd1a909305148479300f2945e19be4b1c /web | |
| parent | 85df1301dc9c5ff3b9c85d53968841dc06c43b0f (diff) | |
Added IP Limit Management to x-ui menu, Tweaked IP Limit to check every 20s (#615)
Co-authored-by: Hamidreza <70919649+hamid-gh98@users.noreply.github.com>
Co-authored-by: Ho3ein <ho3ein.sanaei@gmail.com>
Diffstat (limited to 'web')
| -rw-r--r-- | web/job/check_client_ip_job.go | 29 | ||||
| -rw-r--r-- | web/web.go | 4 |
2 files changed, 27 insertions, 6 deletions
diff --git a/web/job/check_client_ip_job.go b/web/job/check_client_ip_job.go index c1b4ab34..758929e9 100644 --- a/web/job/check_client_ip_job.go +++ b/web/job/check_client_ip_job.go @@ -2,6 +2,7 @@ package job import ( "encoding/json" + "log" "os" "regexp" "x-ui/database" @@ -31,6 +32,18 @@ func (j *CheckClientIpJob) Run() { logger.Debug("Check Client IP Job...") if hasLimitIp() { + //create log file for Fail2ban IP Limit + logIpFile, err := os.OpenFile("/var/log/3xipl.log", os.O_CREATE|os.O_APPEND|os.O_RDWR, 0644) + checkError(err) + defer logIpFile.Close() + log.SetOutput(logIpFile) + log.SetFlags(log.LstdFlags) + + //create file to collect access.log to another file accessp.log (p=persistent) + logAccessP, err := os.OpenFile("/usr/local/x-ui/accessp.log", os.O_CREATE|os.O_APPEND|os.O_RDWR, 0644) + checkError(err) + defer logAccessP.Close() + processLogFile() } @@ -129,9 +142,18 @@ func processLogFile() { } - time.Sleep(time.Second * 5) - //added 5 seconds delay before cleaning logs to reduce chance of logging IP that already has been banned + time.Sleep(time.Second * 3) + //added 3 seconds delay before cleaning logs to reduce chance of logging IP that already has been banned if shouldCleanLog { + //copy log + logAccessP, err := os.OpenFile("/usr/local/x-ui/accessp.log", os.O_CREATE|os.O_APPEND|os.O_RDWR, 0644) + checkError(err) + input, err := os.ReadFile(accessLogPath) + checkError(err) + if _, err := logAccessP.Write(input); err != nil { + checkError(err) + } + defer logAccessP.Close() // clean log if err := os.Truncate(GetAccessLogPath(), 0); err != nil { checkError(err) @@ -239,10 +261,9 @@ func updateInboundClientIps(inboundClientIps *model.InboundClientIps, clientEmai shouldCleanLog = true if limitIp < len(ips) && inbound.Enable { - disAllowedIps = append(disAllowedIps, ips[limitIp:]...) for i := limitIp; i < len(ips); i++ { - logger.Notice("[LIMIT_IP] Email=", clientEmail, " SRC=", ips[i]) + log.Printf("[LIMIT_IP] Email = %s || SRC = %s", clientEmail, ips[i]) } } } @@ -250,8 +250,8 @@ func (s *Server) startTask() { // Check the inbound traffic every 30 seconds that the traffic exceeds and expires s.cron.AddJob("@every 30s", job.NewCheckInboundJob()) - // check client ips from log file every 30 sec - s.cron.AddJob("@every 30s", job.NewCheckClientIpJob()) + // check client ips from log file every 20 sec + s.cron.AddJob("@every 20s", job.NewCheckClientIpJob()) // Make a traffic condition every day, 8:30 var entry cron.EntryID |