From 6e22aa59e72a195c3436991ec830d45a220ce2c4 Mon Sep 17 00:00:00 2001
From: somebodywashere <68244480+somebodywashere@users.noreply.github.com>
Date: Sat, 24 Jun 2023 23:36:18 +0300
Subject: Added IP Limit Management to x-ui menu, Tweaked IP Limit to check
 every 20s (#615)

Co-authored-by: Hamidreza <70919649+hamid-gh98@users.noreply.github.com>
Co-authored-by: Ho3ein <ho3ein.sanaei@gmail.com>
---
 web/job/check_client_ip_job.go | 29 +++++++++++++++++++++++++----
 web/web.go                     |  4 ++--
 2 files changed, 27 insertions(+), 6 deletions(-)

(limited to 'web')

diff --git a/web/job/check_client_ip_job.go b/web/job/check_client_ip_job.go
index c1b4ab34..758929e9 100644
--- a/web/job/check_client_ip_job.go
+++ b/web/job/check_client_ip_job.go
@@ -2,6 +2,7 @@ package job
 
 import (
 	"encoding/json"
+	"log"
 	"os"
 	"regexp"
 	"x-ui/database"
@@ -31,6 +32,18 @@ func (j *CheckClientIpJob) Run() {
 	logger.Debug("Check Client IP Job...")
 
 	if hasLimitIp() {
+		//create log file for Fail2ban IP Limit
+		logIpFile, err := os.OpenFile("/var/log/3xipl.log", os.O_CREATE|os.O_APPEND|os.O_RDWR, 0644)
+		checkError(err)
+		defer logIpFile.Close()
+		log.SetOutput(logIpFile)
+		log.SetFlags(log.LstdFlags)
+
+		//create file to collect access.log to another file accessp.log (p=persistent)
+		logAccessP, err := os.OpenFile("/usr/local/x-ui/accessp.log", os.O_CREATE|os.O_APPEND|os.O_RDWR, 0644)
+		checkError(err)
+		defer logAccessP.Close()
+
 		processLogFile()
 	}
 
@@ -129,9 +142,18 @@ func processLogFile() {
 
 	}
 
-	time.Sleep(time.Second * 5)
-	//added 5 seconds delay before cleaning logs to reduce chance of logging IP that already has been banned
+	time.Sleep(time.Second * 3)
+	//added 3 seconds delay before cleaning logs to reduce chance of logging IP that already has been banned
 	if shouldCleanLog {
+		//copy log
+		logAccessP, err := os.OpenFile("/usr/local/x-ui/accessp.log", os.O_CREATE|os.O_APPEND|os.O_RDWR, 0644)
+		checkError(err)
+		input, err := os.ReadFile(accessLogPath)
+		checkError(err)
+		if _, err := logAccessP.Write(input); err != nil {
+			checkError(err)
+		}
+		defer logAccessP.Close()
 		// clean log
 		if err := os.Truncate(GetAccessLogPath(), 0); err != nil {
 			checkError(err)
@@ -239,10 +261,9 @@ func updateInboundClientIps(inboundClientIps *model.InboundClientIps, clientEmai
 				shouldCleanLog = true
 
 				if limitIp < len(ips) && inbound.Enable {
-
 					disAllowedIps = append(disAllowedIps, ips[limitIp:]...)
 					for i := limitIp; i < len(ips); i++ {
-						logger.Notice("[LIMIT_IP] Email=", clientEmail, " SRC=", ips[i])
+						log.Printf("[LIMIT_IP] Email = %s || SRC = %s", clientEmail, ips[i])
 					}
 				}
 			}
diff --git a/web/web.go b/web/web.go
index a70ae3c8..3372344a 100644
--- a/web/web.go
+++ b/web/web.go
@@ -250,8 +250,8 @@ func (s *Server) startTask() {
 	// Check the inbound traffic every 30 seconds that the traffic exceeds and expires
 	s.cron.AddJob("@every 30s", job.NewCheckInboundJob())
 
-	// check client ips from log file every 30 sec
-	s.cron.AddJob("@every 30s", job.NewCheckClientIpJob())
+	// check client ips from log file every 20 sec
+	s.cron.AddJob("@every 20s", job.NewCheckClientIpJob())
 
 	// Make a traffic condition every day, 8:30
 	var entry cron.EntryID
-- 
cgit v1.2.3