diff --git a/x-ui.sh b/x-ui.sh
index fc328f8e..57b799b7 100644
--- a/x-ui.sh
+++ b/x-ui.sh
@@ -56,13 +56,6 @@ elif [[ "${release}" == "debian" ]]; then
fi
fi
-
-# Declare Variables
-log_folder="${XUI_LOG_FOLDER:=/var/log}"
-iplimit_log_path="${log_folder}/3xipl.log"
-iplimit_banned_log_path="${log_folder}/3xipl-banned.log"
-
-
confirm() {
if [[ $# > 1 ]]; then
echo && read -p "$1 [Default $2]: " temp
@@ -703,70 +696,6 @@ run_speedtest() {
speedtest
}
-create_iplimit_jails() {
- # Use default bantime if not passed => 5 minutes
- local bantime="${1:-5}"
-
- cat << EOF > /etc/fail2ban/jail.d/3x-ipl.conf
-[3x-ipl]
-enabled=true
-filter=3x-ipl
-action=3x-ipl
-logpath=${iplimit_log_path}
-maxretry=3
-findtime=100
-bantime=${bantime}m
-EOF
-
- cat << EOF > /etc/fail2ban/filter.d/3x-ipl.conf
-[Definition]
-datepattern = ^%%Y/%%m/%%d %%H:%%M:%%S
-failregex = \[LIMIT_IP\]\s*Email\s*=\s*.+\s*\|\|\s*SRC\s*=\s*
-ignoreregex =
-EOF
-
- cat << EOF > /etc/fail2ban/action.d/3x-ipl.conf
-[INCLUDES]
-before = iptables-common.conf
-
-[Definition]
-actionstart = -N f2b-
- -A f2b- -j
- -I -p -j f2b-
-
-actionstop = -D -p -j f2b-
-
- -X f2b-
-
-actioncheck = -n -L | grep -q 'f2b-[ \t]'
-
-actionban = -I f2b- 1 -s -j
- echo "\$(date +"%%Y/%%m/%%d %%H:%%M:%%S") BAN [Email] = [IP] = banned for seconds." >> ${iplimit_banned_log_path}
-
-actionunban = -D f2b- -s -j
- echo "\$(date +"%%Y/%%m/%%d %%H:%%M:%%S") UNBAN [Email] = [IP] = unbanned." >> ${iplimit_banned_log_path}
-
-[Init]
-EOF
-
- echo -e "${green}Created Ip Limit jail files with a bantime of ${bantime} minutes.${plain}"
-}
-
-iplimit_remove_conflicts() {
- local jail_files=(
- /etc/fail2ban/jail.conf
- /etc/fail2ban/jail.local
- )
-
- for file in "${jail_files[@]}"; do
- # Check for [3x-ipl] config in jail file then remove it
- if test -f "${file}" && grep -qw '3x-ipl' ${file}; then
- sed -i "/\[3x-ipl\]/,/^$/d" ${file}
- echo -e "${yellow}Removing conflicts of [3x-ipl] in jail (${file})!${plain}\n"
- fi
- done
-}
-
iplimit_main() {
echo -e "\n${green}\t1.${plain} Install Fail2ban and configure IP Limit"
echo -e "${green}\t2.${plain} Change Ban Duration"
@@ -778,23 +707,24 @@ iplimit_main() {
case "$choice" in
0)
show_menu ;;
- 1)
+ 1)
confirm "Proceed with installation of Fail2ban & IP Limit?" "y"
if [[ $? == 0 ]]; then
install_iplimit
else
iplimit_main
fi ;;
- 2)
+ 2)
read -rp "Please enter new Ban Duration in Minutes [default 5]: " NUM
if [[ $NUM =~ ^[0-9]+$ ]]; then
- create_iplimit_jail ${NUM}
+ echo -e "\n[3x-ipl]\nenabled=true\nfilter=3x-ipl\naction=3x-ipl\nlogpath=/var/log/3xipl.log\nmaxretry=3\nfindtime=100\nbantime=${NUM}m" > /etc/fail2ban/jail.d/3x-ipl.conf
systemctl restart fail2ban
+ echo -e "${green}Bantime set to ${NUM} minutes successfully.${plain}"
else
echo -e "${red}${NUM} is not a number! Please, try again.${plain}"
fi
iplimit_main ;;
- 3)
+ 3)
confirm "Proceed with Unbanning everyone from IP Limit jail?" "y"
if [[ $? == 0 ]]; then
fail2ban-client reload --restart --unban 3x-ipl
@@ -805,9 +735,9 @@ iplimit_main() {
fi
iplimit_main ;;
4)
- if test -f "${iplimit_banned_log_path}"; then
- if [[ -s "${iplimit_banned_log_path}" ]]; then
- cat ${iplimit_banned_log_path}
+ if test -f "/var/log/3xipl-banned.log"; then
+ if [[ -s "/var/log/3xipl-banned.log" ]]; then
+ cat /var/log/3xipl-banned.log
else
echo -e "${red}Log file is empty.${plain}\n"
fi
@@ -815,7 +745,7 @@ iplimit_main() {
echo -e "${red}Log file not found. Please Install Fail2ban and IP Limit first.${plain}\n"
iplimit_main
fi ;;
- 5)
+ 5)
remove_iplimit ;;
*) echo "Invalid choice" ;;
esac
@@ -827,7 +757,7 @@ install_iplimit() {
# Check the OS and install necessary packages
case "${release}" in
ubuntu|debian)
- apt update && apt install fail2ban -y ;;
+ apt-get update && apt-get install fail2ban -y ;;
centos)
yum -y update && yum -y install fail2ban ;;
fedora)
@@ -843,22 +773,55 @@ install_iplimit() {
echo -e "${green}Configuring IP Limit...${plain}\n"
- # make sure there's no conflict for jail files
- iplimit_remove_conflicts
-
- # Check if log file exists
- if ! test -f "${iplimit_banned_log_path}"; then
- touch ${iplimit_banned_log_path}
+ #Check if [3x-ipl] exists in jail.local (just making sure there's no double config for jail)
+ if grep -qw '3x-ipl' /etc/fail2ban/jail.local || grep -qw '3x-ipl' /etc/fail2ban/jail.conf; then
+ echo -e "${red}Found conflicts in /etc/fail2ban/jail.conf or jail.local file!\nPlease manually remove anything related 3x-ipl in that files and try again.\nInstallation of IP Limit failed.${plain}\n"
+ exit 1
fi
- # Check if service log file exists so fail2ban won't return error
- if ! test -f "${iplimit_log_path}"; then
- touch ${iplimit_log_path}
+ #Check if log file exists
+ if ! test -f "/var/log/3xipl-banned.log"; then
+ touch /var/log/3xipl-banned.log
fi
- # Create the iplimit jail files
- # we didn't pass the bantime here to use the default value
- create_iplimit_jails
+ #Check if service log file exists so fail2ban won't return error
+ if ! test -f "/var/log/3xipl.log"; then
+ touch /var/log/3xipl.log
+ fi
+
+
+ echo -e "\n[3x-ipl]\nenabled=true\nfilter=3x-ipl\naction=3x-ipl\nlogpath=/var/log/3xipl.log\nmaxretry=3\nfindtime=100\nbantime=5m" > /etc/fail2ban/jail.d/3x-ipl.conf
+
+ cat > /etc/fail2ban/filter.d/3x-ipl.conf << EOF
+[Definition]
+datepattern = ^%%Y/%%m/%%d %%H:%%M:%%S
+failregex = \[LIMIT_IP\]\s*Email\s*=\s*.+\s*\|\|\s*SRC\s*=\s*
+ignoreregex =
+EOF
+
+ cat > /etc/fail2ban/action.d/3x-ipl.conf << 'EOF'
+[INCLUDES]
+before = iptables-common.conf
+
+[Definition]
+actionstart = -N f2b-
+ -A f2b- -j
+ -I -p -j f2b-
+
+actionstop = -D -p -j f2b-
+
+ -X f2b-
+
+actioncheck = -n -L | grep -q 'f2b-[ \t]'
+
+actionban = -I f2b- 1 -s -j
+ echo "$(date +"%%Y/%%m/%%d %%H:%%M:%%S") BAN [Email] = [IP] = banned for seconds." >> /var/log/3xipl-banned.log
+
+actionunban = -D f2b- -s -j
+ echo "$(date +"%%Y/%%m/%%d %%H:%%M:%%S") UNBAN [Email] = [IP] = unbanned." >> /var/log/3xipl-banned.log
+
+[Init]
+EOF
# Launching fail2ban
if ! systemctl is-active --quiet fail2ban; then
@@ -893,7 +856,7 @@ remove_iplimit(){
systemctl disable fail2ban
case "${release}" in
ubuntu|debian)
- apt remove fail2ban -y ;;
+ apt-get remove fail2ban -y ;;
centos)
yum -y remove fail2ban ;;
fedora)
@@ -902,7 +865,7 @@ remove_iplimit(){
echo -e "${red}Unsupported operating system. Please uninstall Fail2ban manually.${plain}\n"
exit 1 ;;
esac
- rm -rf /etc/fail2ban
+ rm -rf /etc/fail2ban/*
echo -e "${green}Fail2ban and IP Limit removed successfully!${plain}\n"
before_show_menu ;;
0)