x-ui.sh 56 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812
  1. #!/bin/bash
  2. red='\033[0;31m'
  3. green='\033[0;32m'
  4. yellow='\033[0;33m'
  5. plain='\033[0m'
  6. #Add some basic function here
  7. function LOGD() {
  8. echo -e "${yellow}[DEG] $* ${plain}"
  9. }
  10. function LOGE() {
  11. echo -e "${red}[ERR] $* ${plain}"
  12. }
  13. function LOGI() {
  14. echo -e "${green}[INF] $* ${plain}"
  15. }
  16. # check root
  17. [[ $EUID -ne 0 ]] && LOGE "ERROR: You must be root to run this script! \n" && exit 1
  18. # Check OS and set release variable
  19. if [[ -f /etc/os-release ]]; then
  20. source /etc/os-release
  21. release=$ID
  22. elif [[ -f /usr/lib/os-release ]]; then
  23. source /usr/lib/os-release
  24. release=$ID
  25. else
  26. echo "Failed to check the system OS, please contact the author!" >&2
  27. exit 1
  28. fi
  29. echo "The OS release is: $release"
  30. os_version=""
  31. os_version=$(grep "^VERSION_ID" /etc/os-release | cut -d '=' -f2 | tr -d '"' | tr -d '.')
  32. if [[ "${release}" == "arch" ]]; then
  33. echo "Your OS is Arch Linux"
  34. elif [[ "${release}" == "parch" ]]; then
  35. echo "Your OS is Parch Linux"
  36. elif [[ "${release}" == "manjaro" ]]; then
  37. echo "Your OS is Manjaro"
  38. elif [[ "${release}" == "armbian" ]]; then
  39. echo "Your OS is Armbian"
  40. elif [[ "${release}" == "alpine" ]]; then
  41. echo "Your OS is Alpine Linux"
  42. elif [[ "${release}" == "opensuse-tumbleweed" ]]; then
  43. echo "Your OS is OpenSUSE Tumbleweed"
  44. elif [[ "${release}" == "openEuler" ]]; then
  45. if [[ ${os_version} -lt 2203 ]]; then
  46. echo -e "${red} Please use OpenEuler 22.03 or higher ${plain}\n" && exit 1
  47. fi
  48. elif [[ "${release}" == "centos" ]]; then
  49. if [[ ${os_version} -lt 8 ]]; then
  50. echo -e "${red} Please use CentOS 8 or higher ${plain}\n" && exit 1
  51. fi
  52. elif [[ "${release}" == "ubuntu" ]]; then
  53. if [[ ${os_version} -lt 2004 ]]; then
  54. echo -e "${red} Please use Ubuntu 20 or higher version!${plain}\n" && exit 1
  55. fi
  56. elif [[ "${release}" == "fedora" ]]; then
  57. if [[ ${os_version} -lt 36 ]]; then
  58. echo -e "${red} Please use Fedora 36 or higher version!${plain}\n" && exit 1
  59. fi
  60. elif [[ "${release}" == "amzn" ]]; then
  61. if [[ ${os_version} != "2023" ]]; then
  62. echo -e "${red} Please use Amazon Linux 2023!${plain}\n" && exit 1
  63. fi
  64. elif [[ "${release}" == "debian" ]]; then
  65. if [[ ${os_version} -lt 11 ]]; then
  66. echo -e "${red} Please use Debian 11 or higher ${plain}\n" && exit 1
  67. fi
  68. elif [[ "${release}" == "almalinux" ]]; then
  69. if [[ ${os_version} -lt 80 ]]; then
  70. echo -e "${red} Please use AlmaLinux 8.0 or higher ${plain}\n" && exit 1
  71. fi
  72. elif [[ "${release}" == "rocky" ]]; then
  73. if [[ ${os_version} -lt 8 ]]; then
  74. echo -e "${red} Please use Rocky Linux 8 or higher ${plain}\n" && exit 1
  75. fi
  76. elif [[ "${release}" == "ol" ]]; then
  77. if [[ ${os_version} -lt 8 ]]; then
  78. echo -e "${red} Please use Oracle Linux 8 or higher ${plain}\n" && exit 1
  79. fi
  80. else
  81. echo -e "${red}Your operating system is not supported by this script.${plain}\n"
  82. echo "Please ensure you are using one of the following supported operating systems:"
  83. echo "- Ubuntu 20.04+"
  84. echo "- Debian 11+"
  85. echo "- CentOS 8+"
  86. echo "- OpenEuler 22.03+"
  87. echo "- Fedora 36+"
  88. echo "- Arch Linux"
  89. echo "- Parch Linux"
  90. echo "- Manjaro"
  91. echo "- Armbian"
  92. echo "- AlmaLinux 8.0+"
  93. echo "- Rocky Linux 8+"
  94. echo "- Oracle Linux 8+"
  95. echo "- OpenSUSE Tumbleweed"
  96. echo "- Amazon Linux 2023"
  97. exit 1
  98. fi
  99. # Declare Variables
  100. log_folder="${XUI_LOG_FOLDER:=/var/log}"
  101. iplimit_log_path="${log_folder}/3xipl.log"
  102. iplimit_banned_log_path="${log_folder}/3xipl-banned.log"
  103. confirm() {
  104. if [[ $# > 1 ]]; then
  105. echo && read -p "$1 [Default $2]: " temp
  106. if [[ "${temp}" == "" ]]; then
  107. temp=$2
  108. fi
  109. else
  110. read -p "$1 [y/n]: " temp
  111. fi
  112. if [[ "${temp}" == "y" || "${temp}" == "Y" ]]; then
  113. return 0
  114. else
  115. return 1
  116. fi
  117. }
  118. confirm_restart() {
  119. confirm "Restart the panel, Attention: Restarting the panel will also restart xray" "y"
  120. if [[ $? == 0 ]]; then
  121. restart
  122. else
  123. show_menu
  124. fi
  125. }
  126. before_show_menu() {
  127. echo && echo -n -e "${yellow}Press enter to return to the main menu: ${plain}" && read temp
  128. show_menu
  129. }
  130. install() {
  131. bash <(curl -Ls https://raw.githubusercontent.com/MHSanaei/3x-ui/main/install.sh)
  132. if [[ $? == 0 ]]; then
  133. if [[ $# == 0 ]]; then
  134. start
  135. else
  136. start 0
  137. fi
  138. fi
  139. }
  140. update() {
  141. confirm "This function will forcefully reinstall the latest version, and the data will not be lost. Do you want to continue?" "y"
  142. if [[ $? != 0 ]]; then
  143. LOGE "Cancelled"
  144. if [[ $# == 0 ]]; then
  145. before_show_menu
  146. fi
  147. return 0
  148. fi
  149. bash <(curl -Ls https://raw.githubusercontent.com/MHSanaei/3x-ui/main/install.sh)
  150. if [[ $? == 0 ]]; then
  151. LOGI "Update is complete, Panel has automatically restarted "
  152. before_show_menu
  153. fi
  154. }
  155. update_menu() {
  156. echo -e "${yellow}Updating Menu${plain}"
  157. confirm "This function will update the menu to the latest changes." "y"
  158. if [[ $? != 0 ]]; then
  159. LOGE "Cancelled"
  160. if [[ $# == 0 ]]; then
  161. before_show_menu
  162. fi
  163. return 0
  164. fi
  165. wget --no-check-certificate -O /usr/bin/x-ui https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.sh
  166. chmod +x /usr/local/x-ui/x-ui.sh
  167. chmod +x /usr/bin/x-ui
  168. if [[ $? == 0 ]]; then
  169. echo -e "${green}Update successful. The panel has automatically restarted.${plain}"
  170. before_show_menu
  171. else
  172. echo -e "${red}Failed to update the menu.${plain}"
  173. return 1
  174. fi
  175. }
  176. legacy_version() {
  177. echo "Enter the panel version (like 2.4.0):"
  178. read tag_version
  179. if [ -z "$tag_version" ]; then
  180. echo "Panel version cannot be empty. Exiting."
  181. exit 1
  182. fi
  183. # Use the entered panel version in the download link
  184. install_command="bash <(curl -Ls "https://raw.githubusercontent.com/mhsanaei/3x-ui/v$tag_version/install.sh") v$tag_version"
  185. echo "Downloading and installing panel version $tag_version..."
  186. eval $install_command
  187. }
  188. # Function to handle the deletion of the script file
  189. delete_script() {
  190. rm "$0" # Remove the script file itself
  191. exit 1
  192. }
  193. uninstall() {
  194. confirm "Are you sure you want to uninstall the panel? xray will also uninstalled!" "n"
  195. if [[ $? != 0 ]]; then
  196. if [[ $# == 0 ]]; then
  197. show_menu
  198. fi
  199. return 0
  200. fi
  201. systemctl stop x-ui
  202. systemctl disable x-ui
  203. rm /etc/systemd/system/x-ui.service -f
  204. systemctl daemon-reload
  205. systemctl reset-failed
  206. rm /etc/x-ui/ -rf
  207. rm /usr/local/x-ui/ -rf
  208. echo ""
  209. echo -e "Uninstalled Successfully.\n"
  210. echo "If you need to install this panel again, you can use below command:"
  211. echo -e "${green}bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh)${plain}"
  212. echo ""
  213. # Trap the SIGTERM signal
  214. trap delete_script SIGTERM
  215. delete_script
  216. }
  217. reset_user() {
  218. confirm "Are you sure to reset the username and password of the panel?" "n"
  219. if [[ $? != 0 ]]; then
  220. if [[ $# == 0 ]]; then
  221. show_menu
  222. fi
  223. return 0
  224. fi
  225. read -rp "Please set the login username [default is a random username]: " config_account
  226. [[ -z $config_account ]] && config_account=$(date +%s%N | md5sum | cut -c 1-8)
  227. read -rp "Please set the login password [default is a random password]: " config_password
  228. [[ -z $config_password ]] && config_password=$(date +%s%N | md5sum | cut -c 1-8)
  229. /usr/local/x-ui/x-ui setting -username ${config_account} -password ${config_password} >/dev/null 2>&1
  230. /usr/local/x-ui/x-ui setting -remove_secret >/dev/null 2>&1
  231. echo -e "Panel login username has been reset to: ${green} ${config_account} ${plain}"
  232. echo -e "Panel login password has been reset to: ${green} ${config_password} ${plain}"
  233. echo -e "${yellow} Panel login secret token disabled ${plain}"
  234. echo -e "${green} Please use the new login username and password to access the X-UI panel. Also remember them! ${plain}"
  235. confirm_restart
  236. }
  237. gen_random_string() {
  238. local length="$1"
  239. local random_string=$(LC_ALL=C tr -dc 'a-zA-Z0-9' </dev/urandom | fold -w "$length" | head -n 1)
  240. echo "$random_string"
  241. }
  242. reset_webbasepath() {
  243. echo -e "${yellow}Resetting Web Base Path${plain}"
  244. read -rp "Are you sure you want to reset the web base path? (y/n): " confirm
  245. if [[ $confirm != "y" && $confirm != "Y" ]]; then
  246. echo -e "${yellow}Operation canceled.${plain}"
  247. return
  248. fi
  249. config_webBasePath=$(gen_random_string 10)
  250. # Apply the new web base path setting
  251. /usr/local/x-ui/x-ui setting -webBasePath "${config_webBasePath}" >/dev/null 2>&1
  252. echo -e "Web base path has been reset to: ${green}${config_webBasePath}${plain}"
  253. echo -e "${green}Please use the new web base path to access the panel.${plain}"
  254. restart
  255. }
  256. reset_config() {
  257. confirm "Are you sure you want to reset all panel settings, Account data will not be lost, Username and password will not change" "n"
  258. if [[ $? != 0 ]]; then
  259. if [[ $# == 0 ]]; then
  260. show_menu
  261. fi
  262. return 0
  263. fi
  264. /usr/local/x-ui/x-ui setting -reset
  265. echo -e "All panel settings have been reset to default."
  266. restart
  267. }
  268. check_config() {
  269. local info=$(/usr/local/x-ui/x-ui setting -show true)
  270. if [[ $? != 0 ]]; then
  271. LOGE "get current settings error, please check logs"
  272. show_menu
  273. return
  274. fi
  275. LOGI "${info}"
  276. local existing_webBasePath=$(echo "$info" | grep -Eo 'webBasePath: .+' | awk '{print $2}')
  277. local existing_port=$(echo "$info" | grep -Eo 'port: .+' | awk '{print $2}')
  278. local existing_cert=$(/usr/local/x-ui/x-ui setting -getCert true | grep -Eo 'cert: .+' | awk '{print $2}')
  279. local server_ip=$(curl -s https://api.ipify.org)
  280. if [[ -n "$existing_cert" ]]; then
  281. local domain=$(basename "$(dirname "$existing_cert")")
  282. if [[ "$domain" =~ ^[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ ]]; then
  283. echo -e "${green}Access URL: https://${domain}:${existing_port}${existing_webBasePath}${plain}"
  284. else
  285. echo -e "${green}Access URL: https://${server_ip}:${existing_port}${existing_webBasePath}${plain}"
  286. fi
  287. else
  288. echo -e "${green}Access URL: http://${server_ip}:${existing_port}${existing_webBasePath}${plain}"
  289. fi
  290. }
  291. set_port() {
  292. echo && echo -n -e "Enter port number[1-65535]: " && read port
  293. if [[ -z "${port}" ]]; then
  294. LOGD "Cancelled"
  295. before_show_menu
  296. else
  297. /usr/local/x-ui/x-ui setting -port ${port}
  298. echo -e "The port is set, Please restart the panel now, and use the new port ${green}${port}${plain} to access web panel"
  299. confirm_restart
  300. fi
  301. }
  302. start() {
  303. check_status
  304. if [[ $? == 0 ]]; then
  305. echo ""
  306. LOGI "Panel is running, No need to start again, If you need to restart, please select restart"
  307. else
  308. systemctl start x-ui
  309. sleep 2
  310. check_status
  311. if [[ $? == 0 ]]; then
  312. LOGI "x-ui Started Successfully"
  313. else
  314. LOGE "panel Failed to start, Probably because it takes longer than two seconds to start, Please check the log information later"
  315. fi
  316. fi
  317. if [[ $# == 0 ]]; then
  318. before_show_menu
  319. fi
  320. }
  321. stop() {
  322. check_status
  323. if [[ $? == 1 ]]; then
  324. echo ""
  325. LOGI "Panel stopped, No need to stop again!"
  326. else
  327. systemctl stop x-ui
  328. sleep 2
  329. check_status
  330. if [[ $? == 1 ]]; then
  331. LOGI "x-ui and xray stopped successfully"
  332. else
  333. LOGE "Panel stop failed, Probably because the stop time exceeds two seconds, Please check the log information later"
  334. fi
  335. fi
  336. if [[ $# == 0 ]]; then
  337. before_show_menu
  338. fi
  339. }
  340. restart() {
  341. systemctl restart x-ui
  342. sleep 2
  343. check_status
  344. if [[ $? == 0 ]]; then
  345. LOGI "x-ui and xray Restarted successfully"
  346. else
  347. LOGE "Panel restart failed, Probably because it takes longer than two seconds to start, Please check the log information later"
  348. fi
  349. if [[ $# == 0 ]]; then
  350. before_show_menu
  351. fi
  352. }
  353. status() {
  354. systemctl status x-ui -l
  355. if [[ $# == 0 ]]; then
  356. before_show_menu
  357. fi
  358. }
  359. enable() {
  360. systemctl enable x-ui
  361. if [[ $? == 0 ]]; then
  362. LOGI "x-ui Set to boot automatically on startup successfully"
  363. else
  364. LOGE "x-ui Failed to set Autostart"
  365. fi
  366. if [[ $# == 0 ]]; then
  367. before_show_menu
  368. fi
  369. }
  370. disable() {
  371. systemctl disable x-ui
  372. if [[ $? == 0 ]]; then
  373. LOGI "x-ui Autostart Cancelled successfully"
  374. else
  375. LOGE "x-ui Failed to cancel autostart"
  376. fi
  377. if [[ $# == 0 ]]; then
  378. before_show_menu
  379. fi
  380. }
  381. show_log() {
  382. echo -e "${green}\t1.${plain} Debug Log"
  383. echo -e "${green}\t2.${plain} Clear All logs"
  384. echo -e "${green}\t0.${plain} Back to Main Menu"
  385. read -p "Choose an option: " choice
  386. case "$choice" in
  387. 0)
  388. show_menu
  389. ;;
  390. 1)
  391. journalctl -u x-ui -e --no-pager -f -p debug
  392. if [[ $# == 0 ]]; then
  393. before_show_menu
  394. fi
  395. ;;
  396. 2)
  397. sudo journalctl --rotate
  398. sudo journalctl --vacuum-time=1s
  399. echo "All Logs cleared."
  400. restart
  401. ;;
  402. *)
  403. echo -e "${red}Invalid option. Please select a valid number.${plain}\n"
  404. show_log
  405. ;;
  406. esac
  407. }
  408. show_banlog() {
  409. local system_log="/var/log/fail2ban.log"
  410. echo -e "${green}Checking ban logs...${plain}\n"
  411. if ! systemctl is-active --quiet fail2ban; then
  412. echo -e "${red}Fail2ban service is not running!${plain}\n"
  413. return 1
  414. fi
  415. if [[ -f "$system_log" ]]; then
  416. echo -e "${green}Recent system ban activities from fail2ban.log:${plain}"
  417. grep "3x-ipl" "$system_log" | grep -E "Ban|Unban" | tail -n 10 || echo -e "${yellow}No recent system ban activities found${plain}"
  418. echo ""
  419. fi
  420. if [[ -f "${iplimit_banned_log_path}" ]]; then
  421. echo -e "${green}3X-IPL ban log entries:${plain}"
  422. if [[ -s "${iplimit_banned_log_path}" ]]; then
  423. grep -v "INIT" "${iplimit_banned_log_path}" | tail -n 10 || echo -e "${yellow}No ban entries found${plain}"
  424. else
  425. echo -e "${yellow}Ban log file is empty${plain}"
  426. fi
  427. else
  428. echo -e "${red}Ban log file not found at: ${iplimit_banned_log_path}${plain}"
  429. fi
  430. echo -e "\n${green}Current jail status:${plain}"
  431. fail2ban-client status 3x-ipl || echo -e "${yellow}Unable to get jail status${plain}"
  432. }
  433. bbr_menu() {
  434. echo -e "${green}\t1.${plain} Enable BBR"
  435. echo -e "${green}\t2.${plain} Disable BBR"
  436. echo -e "${green}\t0.${plain} Back to Main Menu"
  437. read -p "Choose an option: " choice
  438. case "$choice" in
  439. 0)
  440. show_menu
  441. ;;
  442. 1)
  443. enable_bbr
  444. bbr_menu
  445. ;;
  446. 2)
  447. disable_bbr
  448. bbr_menu
  449. ;;
  450. *)
  451. echo -e "${red}Invalid option. Please select a valid number.${plain}\n"
  452. bbr_menu
  453. ;;
  454. esac
  455. }
  456. disable_bbr() {
  457. if ! grep -q "net.core.default_qdisc=fq" /etc/sysctl.conf || ! grep -q "net.ipv4.tcp_congestion_control=bbr" /etc/sysctl.conf; then
  458. echo -e "${yellow}BBR is not currently enabled.${plain}"
  459. before_show_menu
  460. fi
  461. # Replace BBR with CUBIC configurations
  462. sed -i 's/net.core.default_qdisc=fq/net.core.default_qdisc=pfifo_fast/' /etc/sysctl.conf
  463. sed -i 's/net.ipv4.tcp_congestion_control=bbr/net.ipv4.tcp_congestion_control=cubic/' /etc/sysctl.conf
  464. # Apply changes
  465. sysctl -p
  466. # Verify that BBR is replaced with CUBIC
  467. if [[ $(sysctl net.ipv4.tcp_congestion_control | awk '{print $3}') == "cubic" ]]; then
  468. echo -e "${green}BBR has been replaced with CUBIC successfully.${plain}"
  469. else
  470. echo -e "${red}Failed to replace BBR with CUBIC. Please check your system configuration.${plain}"
  471. fi
  472. }
  473. enable_bbr() {
  474. if grep -q "net.core.default_qdisc=fq" /etc/sysctl.conf && grep -q "net.ipv4.tcp_congestion_control=bbr" /etc/sysctl.conf; then
  475. echo -e "${green}BBR is already enabled!${plain}"
  476. before_show_menu
  477. fi
  478. # Check the OS and install necessary packages
  479. case "${release}" in
  480. ubuntu | debian | armbian)
  481. apt-get update && apt-get install -yqq --no-install-recommends ca-certificates
  482. ;;
  483. centos | almalinux | rocky | ol)
  484. yum -y update && yum -y install ca-certificates
  485. ;;
  486. fedora | amzn)
  487. dnf -y update && dnf -y install ca-certificates
  488. ;;
  489. arch | manjaro | parch)
  490. pacman -Sy --noconfirm ca-certificates
  491. ;;
  492. *)
  493. echo -e "${red}Unsupported operating system. Please check the script and install the necessary packages manually.${plain}\n"
  494. exit 1
  495. ;;
  496. esac
  497. # Enable BBR
  498. echo "net.core.default_qdisc=fq" | tee -a /etc/sysctl.conf
  499. echo "net.ipv4.tcp_congestion_control=bbr" | tee -a /etc/sysctl.conf
  500. # Apply changes
  501. sysctl -p
  502. # Verify that BBR is enabled
  503. if [[ $(sysctl net.ipv4.tcp_congestion_control | awk '{print $3}') == "bbr" ]]; then
  504. echo -e "${green}BBR has been enabled successfully.${plain}"
  505. else
  506. echo -e "${red}Failed to enable BBR. Please check your system configuration.${plain}"
  507. fi
  508. }
  509. update_shell() {
  510. wget -O /usr/bin/x-ui -N --no-check-certificate https://github.com/MHSanaei/3x-ui/raw/main/x-ui.sh
  511. if [[ $? != 0 ]]; then
  512. echo ""
  513. LOGE "Failed to download script, Please check whether the machine can connect Github"
  514. before_show_menu
  515. else
  516. chmod +x /usr/bin/x-ui
  517. LOGI "Upgrade script succeeded, Please rerun the script"
  518. before_show_menu
  519. fi
  520. }
  521. # 0: running, 1: not running, 2: not installed
  522. check_status() {
  523. if [[ ! -f /etc/systemd/system/x-ui.service ]]; then
  524. return 2
  525. fi
  526. temp=$(systemctl status x-ui | grep Active | awk '{print $3}' | cut -d "(" -f2 | cut -d ")" -f1)
  527. if [[ "${temp}" == "running" ]]; then
  528. return 0
  529. else
  530. return 1
  531. fi
  532. }
  533. check_enabled() {
  534. temp=$(systemctl is-enabled x-ui)
  535. if [[ "${temp}" == "enabled" ]]; then
  536. return 0
  537. else
  538. return 1
  539. fi
  540. }
  541. check_uninstall() {
  542. check_status
  543. if [[ $? != 2 ]]; then
  544. echo ""
  545. LOGE "Panel installed, Please do not reinstall"
  546. if [[ $# == 0 ]]; then
  547. before_show_menu
  548. fi
  549. return 1
  550. else
  551. return 0
  552. fi
  553. }
  554. check_install() {
  555. check_status
  556. if [[ $? == 2 ]]; then
  557. echo ""
  558. LOGE "Please install the panel first"
  559. if [[ $# == 0 ]]; then
  560. before_show_menu
  561. fi
  562. return 1
  563. else
  564. return 0
  565. fi
  566. }
  567. show_status() {
  568. check_status
  569. case $? in
  570. 0)
  571. echo -e "Panel state: ${green}Running${plain}"
  572. show_enable_status
  573. ;;
  574. 1)
  575. echo -e "Panel state: ${yellow}Not Running${plain}"
  576. show_enable_status
  577. ;;
  578. 2)
  579. echo -e "Panel state: ${red}Not Installed${plain}"
  580. ;;
  581. esac
  582. show_xray_status
  583. }
  584. show_enable_status() {
  585. check_enabled
  586. if [[ $? == 0 ]]; then
  587. echo -e "Start automatically: ${green}Yes${plain}"
  588. else
  589. echo -e "Start automatically: ${red}No${plain}"
  590. fi
  591. }
  592. check_xray_status() {
  593. count=$(ps -ef | grep "xray-linux" | grep -v "grep" | wc -l)
  594. if [[ count -ne 0 ]]; then
  595. return 0
  596. else
  597. return 1
  598. fi
  599. }
  600. show_xray_status() {
  601. check_xray_status
  602. if [[ $? == 0 ]]; then
  603. echo -e "xray state: ${green}Running${plain}"
  604. else
  605. echo -e "xray state: ${red}Not Running${plain}"
  606. fi
  607. }
  608. firewall_menu() {
  609. echo -e "${green}\t1.${plain} Install Firewall & open ports"
  610. echo -e "${green}\t2.${plain} Allowed List"
  611. echo -e "${green}\t3.${plain} Delete Ports from List"
  612. echo -e "${green}\t4.${plain} Disable Firewall"
  613. echo -e "${green}\t0.${plain} Back to Main Menu"
  614. read -p "Choose an option: " choice
  615. case "$choice" in
  616. 0)
  617. show_menu
  618. ;;
  619. 1)
  620. open_ports
  621. firewall_menu
  622. ;;
  623. 2)
  624. sudo ufw status
  625. firewall_menu
  626. ;;
  627. 3)
  628. delete_ports
  629. firewall_menu
  630. ;;
  631. 4)
  632. sudo ufw disable
  633. firewall_menu
  634. ;;
  635. *)
  636. echo -e "${red}Invalid option. Please select a valid number.${plain}\n"
  637. firewall_menu
  638. ;;
  639. esac
  640. }
  641. open_ports() {
  642. if ! command -v ufw &>/dev/null; then
  643. echo "ufw firewall is not installed. Installing now..."
  644. apt-get update
  645. apt-get install -y ufw
  646. else
  647. echo "ufw firewall is already installed"
  648. fi
  649. # Check if the firewall is inactive
  650. if ufw status | grep -q "Status: active"; then
  651. echo "Firewall is already active"
  652. else
  653. echo "Activating firewall..."
  654. # Open the necessary ports
  655. ufw allow ssh
  656. ufw allow http
  657. ufw allow https
  658. ufw allow 2053/tcp
  659. # Enable the firewall
  660. ufw --force enable
  661. fi
  662. # Prompt the user to enter a list of ports
  663. read -p "Enter the ports you want to open (e.g. 80,443,2053 or range 400-500): " ports
  664. # Check if the input is valid
  665. if ! [[ $ports =~ ^([0-9]+|[0-9]+-[0-9]+)(,([0-9]+|[0-9]+-[0-9]+))*$ ]]; then
  666. echo "Error: Invalid input. Please enter a comma-separated list of ports or a range of ports (e.g. 80,443,2053 or 400-500)." >&2
  667. exit 1
  668. fi
  669. # Open the specified ports using ufw
  670. IFS=',' read -ra PORT_LIST <<<"$ports"
  671. for port in "${PORT_LIST[@]}"; do
  672. if [[ $port == *-* ]]; then
  673. # Split the range into start and end ports
  674. start_port=$(echo $port | cut -d'-' -f1)
  675. end_port=$(echo $port | cut -d'-' -f2)
  676. ufw allow $start_port:$end_port/tcp
  677. ufw allow $start_port:$end_port/udp
  678. else
  679. ufw allow "$port"
  680. fi
  681. done
  682. # Confirm that the ports are open
  683. echo "The following ports are now open:"
  684. ufw status | grep "ALLOW" | grep -Eo "[0-9]+(/[a-z]+)?"
  685. echo "Firewall status:"
  686. ufw status verbose
  687. }
  688. delete_ports() {
  689. # Prompt the user to enter the ports they want to delete
  690. read -p "Enter the ports you want to delete (e.g. 80,443,2053 or range 400-500): " ports
  691. # Check if the input is valid
  692. if ! [[ $ports =~ ^([0-9]+|[0-9]+-[0-9]+)(,([0-9]+|[0-9]+-[0-9]+))*$ ]]; then
  693. echo "Error: Invalid input. Please enter a comma-separated list of ports or a range of ports (e.g. 80,443,2053 or 400-500)." >&2
  694. exit 1
  695. fi
  696. # Delete the specified ports using ufw
  697. IFS=',' read -ra PORT_LIST <<<"$ports"
  698. for port in "${PORT_LIST[@]}"; do
  699. if [[ $port == *-* ]]; then
  700. # Split the range into start and end ports
  701. start_port=$(echo $port | cut -d'-' -f1)
  702. end_port=$(echo $port | cut -d'-' -f2)
  703. # Delete the port range
  704. ufw delete allow $start_port:$end_port/tcp
  705. ufw delete allow $start_port:$end_port/udp
  706. else
  707. ufw delete allow "$port"
  708. fi
  709. done
  710. # Confirm that the ports are deleted
  711. echo "Deleted the specified ports:"
  712. for port in "${PORT_LIST[@]}"; do
  713. if [[ $port == *-* ]]; then
  714. start_port=$(echo $port | cut -d'-' -f1)
  715. end_port=$(echo $port | cut -d'-' -f2)
  716. # Check if the port range has been successfully deleted
  717. (ufw status | grep -q "$start_port:$end_port") || echo "$start_port-$end_port"
  718. else
  719. # Check if the individual port has been successfully deleted
  720. (ufw status | grep -q "$port") || echo "$port"
  721. fi
  722. done
  723. }
  724. update_geo() {
  725. echo -e "${green}\t1.${plain} Loyalsoldier (geoip.dat, geosite.dat)"
  726. echo -e "${green}\t2.${plain} chocolate4u (geoip_IR.dat, geosite_IR.dat)"
  727. echo -e "${green}\t3.${plain} vuong2023 (geoip_VN.dat, geosite_VN.dat)"
  728. echo -e "${green}\t0.${plain} Back to Main Menu"
  729. read -p "Choose an option: " choice
  730. systemctl stop x-ui
  731. cd /usr/local/x-ui/bin
  732. case "$choice" in
  733. 0)
  734. show_menu
  735. ;;
  736. 1)
  737. rm -f geoip.dat geosite.dat
  738. wget -N https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geoip.dat
  739. wget -N https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geosite.dat
  740. echo -e "${green}Loyalsoldier datasets have been updated successfully!${plain}"
  741. restart
  742. ;;
  743. 2)
  744. rm -f geoip_IR.dat geosite_IR.dat
  745. wget -O geoip_IR.dat -N https://github.com/chocolate4u/Iran-v2ray-rules/releases/latest/download/geoip.dat
  746. wget -O geosite_IR.dat -N https://github.com/chocolate4u/Iran-v2ray-rules/releases/latest/download/geosite.dat
  747. echo -e "${green}chocolate4u datasets have been updated successfully!${plain}"
  748. restart
  749. ;;
  750. 3)
  751. rm -f geoip_VN.dat geosite_VN.dat
  752. wget -O geoip_VN.dat -N https://github.com/vuong2023/vn-v2ray-rules/releases/latest/download/geoip.dat
  753. wget -O geosite_VN.dat -N https://github.com/vuong2023/vn-v2ray-rules/releases/latest/download/geosite.dat
  754. echo -e "${green}vuong2023 datasets have been updated successfully!${plain}"
  755. restart
  756. ;;
  757. *)
  758. echo -e "${red}Invalid option. Please select a valid number.${plain}\n"
  759. update_geo
  760. ;;
  761. esac
  762. systemctl start x-ui
  763. before_show_menu
  764. }
  765. install_acme() {
  766. # Check if acme.sh is already installed
  767. if command -v ~/.acme.sh/acme.sh &>/dev/null; then
  768. LOGI "acme.sh is already installed."
  769. return 0
  770. fi
  771. LOGI "Installing acme.sh..."
  772. cd ~ || return 1 # Ensure you can change to the home directory
  773. curl -s https://get.acme.sh | sh
  774. if [ $? -ne 0 ]; then
  775. LOGE "Installation of acme.sh failed."
  776. return 1
  777. else
  778. LOGI "Installation of acme.sh succeeded."
  779. fi
  780. return 0
  781. }
  782. ssl_cert_issue_main() {
  783. echo -e "${green}\t1.${plain} Get SSL"
  784. echo -e "${green}\t2.${plain} Revoke"
  785. echo -e "${green}\t3.${plain} Force Renew"
  786. echo -e "${green}\t4.${plain} Show Existing Domains"
  787. echo -e "${green}\t5.${plain} Set Cert paths for the panel"
  788. echo -e "${green}\t0.${plain} Back to Main Menu"
  789. read -p "Choose an option: " choice
  790. case "$choice" in
  791. 0)
  792. show_menu
  793. ;;
  794. 1)
  795. ssl_cert_issue
  796. ssl_cert_issue_main
  797. ;;
  798. 2)
  799. local domains=$(find /root/cert/ -mindepth 1 -maxdepth 1 -type d -exec basename {} \;)
  800. if [ -z "$domains" ]; then
  801. echo "No certificates found to revoke."
  802. else
  803. echo "Existing domains:"
  804. echo "$domains"
  805. read -p "Please enter a domain from the list to revoke the certificate: " domain
  806. if echo "$domains" | grep -qw "$domain"; then
  807. ~/.acme.sh/acme.sh --revoke -d ${domain}
  808. LOGI "Certificate revoked for domain: $domain"
  809. else
  810. echo "Invalid domain entered."
  811. fi
  812. fi
  813. ssl_cert_issue_main
  814. ;;
  815. 3)
  816. local domains=$(find /root/cert/ -mindepth 1 -maxdepth 1 -type d -exec basename {} \;)
  817. if [ -z "$domains" ]; then
  818. echo "No certificates found to renew."
  819. else
  820. echo "Existing domains:"
  821. echo "$domains"
  822. read -p "Please enter a domain from the list to renew the SSL certificate: " domain
  823. if echo "$domains" | grep -qw "$domain"; then
  824. ~/.acme.sh/acme.sh --renew -d ${domain} --force
  825. LOGI "Certificate forcefully renewed for domain: $domain"
  826. else
  827. echo "Invalid domain entered."
  828. fi
  829. fi
  830. ssl_cert_issue_main
  831. ;;
  832. 4)
  833. local domains=$(find /root/cert/ -mindepth 1 -maxdepth 1 -type d -exec basename {} \;)
  834. if [ -z "$domains" ]; then
  835. echo "No certificates found."
  836. else
  837. echo "Existing domains and their paths:"
  838. for domain in $domains; do
  839. local cert_path="/root/cert/${domain}/fullchain.pem"
  840. local key_path="/root/cert/${domain}/privkey.pem"
  841. if [[ -f "${cert_path}" && -f "${key_path}" ]]; then
  842. echo -e "Domain: ${domain}"
  843. echo -e "\tCertificate Path: ${cert_path}"
  844. echo -e "\tPrivate Key Path: ${key_path}"
  845. else
  846. echo -e "Domain: ${domain} - Certificate or Key missing."
  847. fi
  848. done
  849. fi
  850. ssl_cert_issue_main
  851. ;;
  852. 5)
  853. local domains=$(find /root/cert/ -mindepth 1 -maxdepth 1 -type d -exec basename {} \;)
  854. if [ -z "$domains" ]; then
  855. echo "No certificates found."
  856. else
  857. echo "Available domains:"
  858. echo "$domains"
  859. read -p "Please choose a domain to set the panel paths: " domain
  860. if echo "$domains" | grep -qw "$domain"; then
  861. local webCertFile="/root/cert/${domain}/fullchain.pem"
  862. local webKeyFile="/root/cert/${domain}/privkey.pem"
  863. if [[ -f "${webCertFile}" && -f "${webKeyFile}" ]]; then
  864. /usr/local/x-ui/x-ui cert -webCert "$webCertFile" -webCertKey "$webKeyFile"
  865. echo "Panel paths set for domain: $domain"
  866. echo " - Certificate File: $webCertFile"
  867. echo " - Private Key File: $webKeyFile"
  868. restart
  869. else
  870. echo "Certificate or private key not found for domain: $domain."
  871. fi
  872. else
  873. echo "Invalid domain entered."
  874. fi
  875. fi
  876. ssl_cert_issue_main
  877. ;;
  878. *)
  879. echo -e "${red}Invalid option. Please select a valid number.${plain}\n"
  880. ssl_cert_issue_main
  881. ;;
  882. esac
  883. }
  884. ssl_cert_issue() {
  885. local existing_webBasePath=$(/usr/local/x-ui/x-ui setting -show true | grep -Eo 'webBasePath: .+' | awk '{print $2}')
  886. local existing_port=$(/usr/local/x-ui/x-ui setting -show true | grep -Eo 'port: .+' | awk '{print $2}')
  887. # check for acme.sh first
  888. if ! command -v ~/.acme.sh/acme.sh &>/dev/null; then
  889. echo "acme.sh could not be found. we will install it"
  890. install_acme
  891. if [ $? -ne 0 ]; then
  892. LOGE "install acme failed, please check logs"
  893. exit 1
  894. fi
  895. fi
  896. # install socat second
  897. case "${release}" in
  898. ubuntu | debian | armbian)
  899. apt update && apt install socat -y
  900. ;;
  901. centos | almalinux | rocky | ol)
  902. yum -y update && yum -y install socat
  903. ;;
  904. fedora | amzn)
  905. dnf -y update && dnf -y install socat
  906. ;;
  907. arch | manjaro | parch)
  908. pacman -Sy --noconfirm socat
  909. ;;
  910. *)
  911. echo -e "${red}Unsupported operating system. Please check the script and install the necessary packages manually.${plain}\n"
  912. exit 1
  913. ;;
  914. esac
  915. if [ $? -ne 0 ]; then
  916. LOGE "install socat failed, please check logs"
  917. exit 1
  918. else
  919. LOGI "install socat succeed..."
  920. fi
  921. # get the domain here, and we need to verify it
  922. local domain=""
  923. read -p "Please enter your domain name: " domain
  924. LOGD "Your domain is: ${domain}, checking it..."
  925. # check if there already exists a certificate
  926. local currentCert=$(~/.acme.sh/acme.sh --list | tail -1 | awk '{print $1}')
  927. if [ "${currentCert}" == "${domain}" ]; then
  928. local certInfo=$(~/.acme.sh/acme.sh --list)
  929. LOGE "System already has certificates for this domain. Cannot issue again. Current certificate details:"
  930. LOGI "$certInfo"
  931. exit 1
  932. else
  933. LOGI "Your domain is ready for issuing certificates now..."
  934. fi
  935. # create a directory for the certificate
  936. certPath="/root/cert/${domain}"
  937. if [ ! -d "$certPath" ]; then
  938. mkdir -p "$certPath"
  939. else
  940. rm -rf "$certPath"
  941. mkdir -p "$certPath"
  942. fi
  943. # get the port number for the standalone server
  944. local WebPort=80
  945. read -p "Please choose which port to use (default is 80): " WebPort
  946. if [[ ${WebPort} -gt 65535 || ${WebPort} -lt 1 ]]; then
  947. LOGE "Your input ${WebPort} is invalid, will use default port 80."
  948. WebPort=80
  949. fi
  950. LOGI "Will use port: ${WebPort} to issue certificates. Please make sure this port is open."
  951. # issue the certificate
  952. ~/.acme.sh/acme.sh --set-default-ca --server letsencrypt
  953. ~/.acme.sh/acme.sh --issue -d ${domain} --listen-v6 --standalone --httpport ${WebPort}
  954. if [ $? -ne 0 ]; then
  955. LOGE "Issuing certificate failed, please check logs."
  956. rm -rf ~/.acme.sh/${domain}
  957. exit 1
  958. else
  959. LOGE "Issuing certificate succeeded, installing certificates..."
  960. fi
  961. # install the certificate
  962. ~/.acme.sh/acme.sh --installcert -d ${domain} \
  963. --key-file /root/cert/${domain}/privkey.pem \
  964. --fullchain-file /root/cert/${domain}/fullchain.pem
  965. if [ $? -ne 0 ]; then
  966. LOGE "Installing certificate failed, exiting."
  967. rm -rf ~/.acme.sh/${domain}
  968. exit 1
  969. else
  970. LOGI "Installing certificate succeeded, enabling auto renew..."
  971. fi
  972. # enable auto-renew
  973. ~/.acme.sh/acme.sh --upgrade --auto-upgrade
  974. if [ $? -ne 0 ]; then
  975. LOGE "Auto renew failed, certificate details:"
  976. ls -lah cert/*
  977. chmod 755 $certPath/*
  978. exit 1
  979. else
  980. LOGI "Auto renew succeeded, certificate details:"
  981. ls -lah cert/*
  982. chmod 755 $certPath/*
  983. fi
  984. # Prompt user to set panel paths after successful certificate installation
  985. read -p "Would you like to set this certificate for the panel? (y/n): " setPanel
  986. if [[ "$setPanel" == "y" || "$setPanel" == "Y" ]]; then
  987. local webCertFile="/root/cert/${domain}/fullchain.pem"
  988. local webKeyFile="/root/cert/${domain}/privkey.pem"
  989. if [[ -f "$webCertFile" && -f "$webKeyFile" ]]; then
  990. /usr/local/x-ui/x-ui cert -webCert "$webCertFile" -webCertKey "$webKeyFile"
  991. LOGI "Panel paths set for domain: $domain"
  992. LOGI " - Certificate File: $webCertFile"
  993. LOGI " - Private Key File: $webKeyFile"
  994. echo -e "${green}Access URL: https://${domain}:${existing_port}${existing_webBasePath}${plain}"
  995. restart
  996. else
  997. LOGE "Error: Certificate or private key file not found for domain: $domain."
  998. fi
  999. else
  1000. LOGI "Skipping panel path setting."
  1001. fi
  1002. }
  1003. ssl_cert_issue_CF() {
  1004. local existing_webBasePath=$(/usr/local/x-ui/x-ui setting -show true | grep -Eo 'webBasePath: .+' | awk '{print $2}')
  1005. local existing_port=$(/usr/local/x-ui/x-ui setting -show true | grep -Eo 'port: .+' | awk '{print $2}')
  1006. LOGI "****** Instructions for Use ******"
  1007. LOGI "Follow the steps below to complete the process:"
  1008. LOGI "1. Cloudflare Registered E-mail."
  1009. LOGI "2. Cloudflare Global API Key."
  1010. LOGI "3. The Domain Name."
  1011. LOGI "4. Once the certificate is issued, you will be prompted to set the certificate for the panel (optional)."
  1012. LOGI "5. The script also supports automatic renewal of the SSL certificate after installation."
  1013. confirm "Do you confirm the information and wish to proceed? [y/n]" "y"
  1014. if [ $? -eq 0 ]; then
  1015. # Check for acme.sh first
  1016. if ! command -v ~/.acme.sh/acme.sh &>/dev/null; then
  1017. echo "acme.sh could not be found. We will install it."
  1018. install_acme
  1019. if [ $? -ne 0 ]; then
  1020. LOGE "Install acme failed, please check logs."
  1021. exit 1
  1022. fi
  1023. fi
  1024. CF_Domain=""
  1025. certPath="/root/cert-CF"
  1026. if [ ! -d "$certPath" ]; then
  1027. mkdir -p $certPath
  1028. else
  1029. rm -rf $certPath
  1030. mkdir -p $certPath
  1031. fi
  1032. LOGD "Please set a domain name:"
  1033. read -p "Input your domain here: " CF_Domain
  1034. LOGD "Your domain name is set to: ${CF_Domain}"
  1035. # Set up Cloudflare API details
  1036. CF_GlobalKey=""
  1037. CF_AccountEmail=""
  1038. LOGD "Please set the API key:"
  1039. read -p "Input your key here: " CF_GlobalKey
  1040. LOGD "Your API key is: ${CF_GlobalKey}"
  1041. LOGD "Please set up registered email:"
  1042. read -p "Input your email here: " CF_AccountEmail
  1043. LOGD "Your registered email address is: ${CF_AccountEmail}"
  1044. # Set the default CA to Let's Encrypt
  1045. ~/.acme.sh/acme.sh --set-default-ca --server letsencrypt
  1046. if [ $? -ne 0 ]; then
  1047. LOGE "Default CA, Let'sEncrypt fail, script exiting..."
  1048. exit 1
  1049. fi
  1050. export CF_Key="${CF_GlobalKey}"
  1051. export CF_Email="${CF_AccountEmail}"
  1052. # Issue the certificate using Cloudflare DNS
  1053. ~/.acme.sh/acme.sh --issue --dns dns_cf -d ${CF_Domain} -d *.${CF_Domain} --log
  1054. if [ $? -ne 0 ]; then
  1055. LOGE "Certificate issuance failed, script exiting..."
  1056. exit 1
  1057. else
  1058. LOGI "Certificate issued successfully, Installing..."
  1059. fi
  1060. # Install the certificate
  1061. mkdir -p ${certPath}/${CF_Domain}
  1062. if [ $? -ne 0 ]; then
  1063. LOGE "Failed to create directory: ${certPath}/${CF_Domain}"
  1064. exit 1
  1065. fi
  1066. ~/.acme.sh/acme.sh --installcert -d ${CF_Domain} -d *.${CF_Domain} \
  1067. --fullchain-file ${certPath}/${CF_Domain}/fullchain.pem \
  1068. --key-file ${certPath}/${CF_Domain}/privkey.pem
  1069. if [ $? -ne 0 ]; then
  1070. LOGE "Certificate installation failed, script exiting..."
  1071. exit 1
  1072. else
  1073. LOGI "Certificate installed successfully, Turning on automatic updates..."
  1074. fi
  1075. # Enable auto-update
  1076. ~/.acme.sh/acme.sh --upgrade --auto-upgrade
  1077. if [ $? -ne 0 ]; then
  1078. LOGE "Auto update setup failed, script exiting..."
  1079. exit 1
  1080. else
  1081. LOGI "The certificate is installed and auto-renewal is turned on. Specific information is as follows:"
  1082. ls -lah ${certPath}/${CF_Domain}
  1083. chmod 755 ${certPath}/${CF_Domain}
  1084. fi
  1085. # Prompt user to set panel paths after successful certificate installation
  1086. read -p "Would you like to set this certificate for the panel? (y/n): " setPanel
  1087. if [[ "$setPanel" == "y" || "$setPanel" == "Y" ]]; then
  1088. local webCertFile="${certPath}/${CF_Domain}/fullchain.pem"
  1089. local webKeyFile="${certPath}/${CF_Domain}/privkey.pem"
  1090. if [[ -f "$webCertFile" && -f "$webKeyFile" ]]; then
  1091. /usr/local/x-ui/x-ui cert -webCert "$webCertFile" -webCertKey "$webKeyFile"
  1092. LOGI "Panel paths set for domain: $CF_Domain"
  1093. LOGI " - Certificate File: $webCertFile"
  1094. LOGI " - Private Key File: $webKeyFile"
  1095. echo -e "${green}Access URL: https://${CF_Domain}:${existing_port}${existing_webBasePath}${plain}"
  1096. restart
  1097. else
  1098. LOGE "Error: Certificate or private key file not found for domain: $CF_Domain."
  1099. fi
  1100. else
  1101. LOGI "Skipping panel path setting."
  1102. fi
  1103. else
  1104. show_menu
  1105. fi
  1106. }
  1107. run_speedtest() {
  1108. # Check if Speedtest is already installed
  1109. if ! command -v speedtest &>/dev/null; then
  1110. # If not installed, install it
  1111. local pkg_manager=""
  1112. local speedtest_install_script=""
  1113. if command -v dnf &>/dev/null; then
  1114. pkg_manager="dnf"
  1115. speedtest_install_script="https://packagecloud.io/install/repositories/ookla/speedtest-cli/script.rpm.sh"
  1116. elif command -v yum &>/dev/null; then
  1117. pkg_manager="yum"
  1118. speedtest_install_script="https://packagecloud.io/install/repositories/ookla/speedtest-cli/script.rpm.sh"
  1119. elif command -v apt-get &>/dev/null; then
  1120. pkg_manager="apt-get"
  1121. speedtest_install_script="https://packagecloud.io/install/repositories/ookla/speedtest-cli/script.deb.sh"
  1122. elif command -v apt &>/dev/null; then
  1123. pkg_manager="apt"
  1124. speedtest_install_script="https://packagecloud.io/install/repositories/ookla/speedtest-cli/script.deb.sh"
  1125. fi
  1126. if [[ -z $pkg_manager ]]; then
  1127. echo "Error: Package manager not found. You may need to install Speedtest manually."
  1128. return 1
  1129. else
  1130. curl -s $speedtest_install_script | bash
  1131. $pkg_manager install -y speedtest
  1132. fi
  1133. fi
  1134. speedtest
  1135. }
  1136. create_iplimit_jails() {
  1137. # Use default bantime if not passed => 15 minutes
  1138. local bantime="${1:-15}"
  1139. # Uncomment 'allowipv6 = auto' in fail2ban.conf
  1140. sed -i 's/#allowipv6 = auto/allowipv6 = auto/g' /etc/fail2ban/fail2ban.conf
  1141. # On Debian 12+ fail2ban's default backend should be changed to systemd
  1142. if [[ "${release}" == "debian" && ${os_version} -ge 12 ]]; then
  1143. sed -i '0,/action =/s/backend = auto/backend = systemd/' /etc/fail2ban/jail.conf
  1144. fi
  1145. cat << EOF > /etc/fail2ban/jail.d/3x-ipl.conf
  1146. [3x-ipl]
  1147. enabled=true
  1148. backend=auto
  1149. filter=3x-ipl
  1150. action=3x-ipl
  1151. logpath=${iplimit_log_path}
  1152. maxretry=2
  1153. findtime=32
  1154. bantime=${bantime}m
  1155. EOF
  1156. cat << EOF > /etc/fail2ban/filter.d/3x-ipl.conf
  1157. [Definition]
  1158. datepattern = ^%%Y/%%m/%%d %%H:%%M:%%S
  1159. failregex = \[LIMIT_IP\]\s*Email\s*=\s*<F-USER>.+</F-USER>\s*\|\|\s*SRC\s*=\s*<ADDR>
  1160. ignoreregex =
  1161. EOF
  1162. cat << EOF > /etc/fail2ban/action.d/3x-ipl.conf
  1163. [INCLUDES]
  1164. before = iptables-common.conf
  1165. [Definition]
  1166. actionstart = <iptables> -N f2b-<name>
  1167. <iptables> -A f2b-<name> -j <returntype>
  1168. <iptables> -I <chain> -p <protocol> -j f2b-<name>
  1169. actionstop = <iptables> -D <chain> -p <protocol> -j f2b-<name>
  1170. <actionflush>
  1171. <iptables> -X f2b-<name>
  1172. actioncheck = <iptables> -n -L <chain> | grep -q 'f2b-<name>[ \t]'
  1173. actionban = <iptables> -I f2b-<name> 1 -s <ip> -j <blocktype>
  1174. echo "\$(date +"%%Y/%%m/%%d %%H:%%M:%%S") BAN [Email] = <F-USER> [IP] = <ip> banned for <bantime> seconds." >> ${iplimit_banned_log_path}
  1175. actionunban = <iptables> -D f2b-<name> -s <ip> -j <blocktype>
  1176. echo "\$(date +"%%Y/%%m/%%d %%H:%%M:%%S") UNBAN [Email] = <F-USER> [IP] = <ip> unbanned." >> ${iplimit_banned_log_path}
  1177. [Init]
  1178. name = default
  1179. protocol = tcp
  1180. chain = INPUT
  1181. EOF
  1182. echo -e "${green}Ip Limit jail files created with a bantime of ${bantime} minutes.${plain}"
  1183. }
  1184. iplimit_remove_conflicts() {
  1185. local jail_files=(
  1186. /etc/fail2ban/jail.conf
  1187. /etc/fail2ban/jail.local
  1188. )
  1189. for file in "${jail_files[@]}"; do
  1190. # Check for [3x-ipl] config in jail file then remove it
  1191. if test -f "${file}" && grep -qw '3x-ipl' ${file}; then
  1192. sed -i "/\[3x-ipl\]/,/^$/d" ${file}
  1193. echo -e "${yellow}Removing conflicts of [3x-ipl] in jail (${file})!${plain}\n"
  1194. fi
  1195. done
  1196. }
  1197. iplimit_main() {
  1198. echo -e "\n${green}\t1.${plain} Install Fail2ban and configure IP Limit"
  1199. echo -e "${green}\t2.${plain} Change Ban Duration"
  1200. echo -e "${green}\t3.${plain} Unban Everyone"
  1201. echo -e "${green}\t4.${plain} Ban Logs"
  1202. echo -e "${green}\t5.${plain} Real-Time Logs"
  1203. echo -e "${green}\t6.${plain} Service Status"
  1204. echo -e "${green}\t7.${plain} Service Restart"
  1205. echo -e "${green}\t8.${plain} Uninstall Fail2ban and IP Limit"
  1206. echo -e "${green}\t0.${plain} Back to Main Menu"
  1207. read -p "Choose an option: " choice
  1208. case "$choice" in
  1209. 0)
  1210. show_menu
  1211. ;;
  1212. 1)
  1213. confirm "Proceed with installation of Fail2ban & IP Limit?" "y"
  1214. if [[ $? == 0 ]]; then
  1215. install_iplimit
  1216. else
  1217. iplimit_main
  1218. fi
  1219. ;;
  1220. 2)
  1221. read -rp "Please enter new Ban Duration in Minutes [default 30]: " NUM
  1222. if [[ $NUM =~ ^[0-9]+$ ]]; then
  1223. create_iplimit_jails ${NUM}
  1224. systemctl restart fail2ban
  1225. else
  1226. echo -e "${red}${NUM} is not a number! Please, try again.${plain}"
  1227. fi
  1228. iplimit_main
  1229. ;;
  1230. 3)
  1231. confirm "Proceed with Unbanning everyone from IP Limit jail?" "y"
  1232. if [[ $? == 0 ]]; then
  1233. fail2ban-client reload --restart --unban 3x-ipl
  1234. truncate -s 0 "${iplimit_banned_log_path}"
  1235. echo -e "${green}All users Unbanned successfully.${plain}"
  1236. iplimit_main
  1237. else
  1238. echo -e "${yellow}Cancelled.${plain}"
  1239. fi
  1240. iplimit_main
  1241. ;;
  1242. 4)
  1243. show_banlog
  1244. iplimit_main
  1245. ;;
  1246. 5)
  1247. tail -f /var/log/fail2ban.log
  1248. iplimit_main
  1249. ;;
  1250. 6)
  1251. service fail2ban status
  1252. iplimit_main
  1253. ;;
  1254. 7)
  1255. systemctl restart fail2ban
  1256. iplimit_main
  1257. ;;
  1258. 8)
  1259. remove_iplimit
  1260. iplimit_main
  1261. ;;
  1262. *)
  1263. echo -e "${red}Invalid option. Please select a valid number.${plain}\n"
  1264. iplimit_main
  1265. ;;
  1266. esac
  1267. }
  1268. install_iplimit() {
  1269. if ! command -v fail2ban-client &>/dev/null; then
  1270. echo -e "${green}Fail2ban is not installed. Installing now...!${plain}\n"
  1271. # Check the OS and install necessary packages
  1272. case "${release}" in
  1273. ubuntu)
  1274. if [[ "${os_version}" -ge 24 ]]; then
  1275. apt update && apt install python3-pip -y
  1276. python3 -m pip install pyasynchat --break-system-packages
  1277. fi
  1278. apt update && apt install fail2ban -y
  1279. ;;
  1280. debian | armbian)
  1281. apt update && apt install fail2ban -y
  1282. ;;
  1283. centos | almalinux | rocky | ol)
  1284. yum update -y && yum install epel-release -y
  1285. yum -y install fail2ban
  1286. ;;
  1287. fedora | amzn)
  1288. dnf -y update && dnf -y install fail2ban
  1289. ;;
  1290. arch | manjaro | parch)
  1291. pacman -Syu --noconfirm fail2ban
  1292. ;;
  1293. *)
  1294. echo -e "${red}Unsupported operating system. Please check the script and install the necessary packages manually.${plain}\n"
  1295. exit 1
  1296. ;;
  1297. esac
  1298. if ! command -v fail2ban-client &>/dev/null; then
  1299. echo -e "${red}Fail2ban installation failed.${plain}\n"
  1300. exit 1
  1301. fi
  1302. echo -e "${green}Fail2ban installed successfully!${plain}\n"
  1303. else
  1304. echo -e "${yellow}Fail2ban is already installed.${plain}\n"
  1305. fi
  1306. echo -e "${green}Configuring IP Limit...${plain}\n"
  1307. # make sure there's no conflict for jail files
  1308. iplimit_remove_conflicts
  1309. # Check if log file exists
  1310. if ! test -f "${iplimit_banned_log_path}"; then
  1311. touch ${iplimit_banned_log_path}
  1312. fi
  1313. # Check if service log file exists so fail2ban won't return error
  1314. if ! test -f "${iplimit_log_path}"; then
  1315. touch ${iplimit_log_path}
  1316. fi
  1317. # Create the iplimit jail files
  1318. # we didn't pass the bantime here to use the default value
  1319. create_iplimit_jails
  1320. # Launching fail2ban
  1321. if ! systemctl is-active --quiet fail2ban; then
  1322. systemctl start fail2ban
  1323. systemctl enable fail2ban
  1324. else
  1325. systemctl restart fail2ban
  1326. fi
  1327. systemctl enable fail2ban
  1328. echo -e "${green}IP Limit installed and configured successfully!${plain}\n"
  1329. before_show_menu
  1330. }
  1331. remove_iplimit() {
  1332. echo -e "${green}\t1.${plain} Only remove IP Limit configurations"
  1333. echo -e "${green}\t2.${plain} Uninstall Fail2ban and IP Limit"
  1334. echo -e "${green}\t0.${plain} Back to Main Menu"
  1335. read -p "Choose an option: " num
  1336. case "$num" in
  1337. 1)
  1338. rm -f /etc/fail2ban/filter.d/3x-ipl.conf
  1339. rm -f /etc/fail2ban/action.d/3x-ipl.conf
  1340. rm -f /etc/fail2ban/jail.d/3x-ipl.conf
  1341. systemctl restart fail2ban
  1342. echo -e "${green}IP Limit removed successfully!${plain}\n"
  1343. before_show_menu
  1344. ;;
  1345. 2)
  1346. rm -rf /etc/fail2ban
  1347. systemctl stop fail2ban
  1348. case "${release}" in
  1349. ubuntu | debian | armbian)
  1350. apt-get remove -y fail2ban
  1351. apt-get purge -y fail2ban -y
  1352. apt-get autoremove -y
  1353. ;;
  1354. centos | almalinux | rocky | ol)
  1355. yum remove fail2ban -y
  1356. yum autoremove -y
  1357. ;;
  1358. fedora | amzn)
  1359. dnf remove fail2ban -y
  1360. dnf autoremove -y
  1361. ;;
  1362. arch | manjaro | parch)
  1363. pacman -Rns --noconfirm fail2ban
  1364. ;;
  1365. *)
  1366. echo -e "${red}Unsupported operating system. Please uninstall Fail2ban manually.${plain}\n"
  1367. exit 1
  1368. ;;
  1369. esac
  1370. echo -e "${green}Fail2ban and IP Limit removed successfully!${plain}\n"
  1371. before_show_menu
  1372. ;;
  1373. 0)
  1374. show_menu
  1375. ;;
  1376. *)
  1377. echo -e "${red}Invalid option. Please select a valid number.${plain}\n"
  1378. remove_iplimit
  1379. ;;
  1380. esac
  1381. }
  1382. SSH_port_forwarding() {
  1383. local server_ip=$(curl -s https://api.ipify.org)
  1384. local existing_webBasePath=$(/usr/local/x-ui/x-ui setting -show true | grep -Eo 'webBasePath: .+' | awk '{print $2}')
  1385. local existing_port=$(/usr/local/x-ui/x-ui setting -show true | grep -Eo 'port: .+' | awk '{print $2}')
  1386. local existing_listenIP=$(/usr/local/x-ui/x-ui setting -getListen true | grep -Eo 'listenIP: .+' | awk '{print $2}')
  1387. local existing_cert=$(/usr/local/x-ui/x-ui setting -getCert true | grep -Eo 'cert: .+' | awk '{print $2}')
  1388. local existing_key=$(/usr/local/x-ui/x-ui setting -getCert true | grep -Eo 'key: .+' | awk '{print $2}')
  1389. local config_listenIP=""
  1390. local listen_choice=""
  1391. if [[ -n "$existing_cert" && -n "$existing_key" ]]; then
  1392. echo -e "${green}Panel is secure with SSL.${plain}"
  1393. before_show_menu
  1394. fi
  1395. if [[ -z "$existing_cert" && -z "$existing_key" && (-z "$existing_listenIP" || "$existing_listenIP" == "0.0.0.0") ]]; then
  1396. echo -e "\n${red}Warning: No Cert and Key found! The panel is not secure.${plain}"
  1397. echo "Please obtain a certificate or set up SSH port forwarding."
  1398. fi
  1399. if [[ -n "$existing_listenIP" && "$existing_listenIP" != "0.0.0.0" && (-z "$existing_cert" && -z "$existing_key") ]]; then
  1400. echo -e "\n${green}Current SSH Port Forwarding Configuration:${plain}"
  1401. echo -e "Standard SSH command:"
  1402. echo -e "${yellow}ssh -L 2222:${existing_listenIP}:${existing_port} root@${server_ip}${plain}"
  1403. echo -e "\nIf using SSH key:"
  1404. echo -e "${yellow}ssh -i <sshkeypath> -L 2222:${existing_listenIP}:${existing_port} root@${server_ip}${plain}"
  1405. echo -e "\nAfter connecting, access the panel at:"
  1406. echo -e "${yellow}http://localhost:2222${existing_webBasePath}${plain}"
  1407. fi
  1408. echo -e "\nChoose an option:"
  1409. echo -e "${green}1.${plain} Set listen IP"
  1410. echo -e "${green}2.${plain} Clear listen IP"
  1411. echo -e "${green}0.${plain} Back to Main Menu"
  1412. read -p "Choose an option: " num
  1413. case "$num" in
  1414. 1)
  1415. if [[ -z "$existing_listenIP" || "$existing_listenIP" == "0.0.0.0" ]]; then
  1416. echo -e "\nNo listenIP configured. Choose an option:"
  1417. echo -e "1. Use default IP (127.0.0.1)"
  1418. echo -e "2. Set a custom IP"
  1419. read -p "Select an option (1 or 2): " listen_choice
  1420. config_listenIP="127.0.0.1"
  1421. [[ "$listen_choice" == "2" ]] && read -p "Enter custom IP to listen on: " config_listenIP
  1422. /usr/local/x-ui/x-ui setting -listenIP "${config_listenIP}" >/dev/null 2>&1
  1423. echo -e "${green}listen IP has been set to ${config_listenIP}.${plain}"
  1424. echo -e "\n${green}SSH Port Forwarding Configuration:${plain}"
  1425. echo -e "Standard SSH command:"
  1426. echo -e "${yellow}ssh -L 2222:${config_listenIP}:${existing_port} root@${server_ip}${plain}"
  1427. echo -e "\nIf using SSH key:"
  1428. echo -e "${yellow}ssh -i <sshkeypath> -L 2222:${config_listenIP}:${existing_port} root@${server_ip}${plain}"
  1429. echo -e "\nAfter connecting, access the panel at:"
  1430. echo -e "${yellow}http://localhost:2222${existing_webBasePath}${plain}"
  1431. restart
  1432. else
  1433. config_listenIP="${existing_listenIP}"
  1434. echo -e "${green}Current listen IP is already set to ${config_listenIP}.${plain}"
  1435. fi
  1436. ;;
  1437. 2)
  1438. /usr/local/x-ui/x-ui setting -listenIP 0.0.0.0 >/dev/null 2>&1
  1439. echo -e "${green}Listen IP has been cleared.${plain}"
  1440. restart
  1441. ;;
  1442. 0)
  1443. show_menu
  1444. ;;
  1445. *)
  1446. echo -e "${red}Invalid option. Please select a valid number.${plain}\n"
  1447. SSH_port_forwarding
  1448. ;;
  1449. esac
  1450. }
  1451. show_usage() {
  1452. echo "x-ui control menu usages: "
  1453. echo "------------------------------------------"
  1454. echo -e "SUBCOMMANDS:"
  1455. echo -e "x-ui - Admin Management Script"
  1456. echo -e "x-ui start - Start"
  1457. echo -e "x-ui stop - Stop"
  1458. echo -e "x-ui restart - Restart"
  1459. echo -e "x-ui status - Current Status"
  1460. echo -e "x-ui settings - Current Settings"
  1461. echo -e "x-ui enable - Enable Autostart on OS Startup"
  1462. echo -e "x-ui disable - Disable Autostart on OS Startup"
  1463. echo -e "x-ui log - Check logs"
  1464. echo -e "x-ui banlog - Check Fail2ban ban logs"
  1465. echo -e "x-ui update - Update"
  1466. echo -e "x-ui custom - custom version"
  1467. echo -e "x-ui install - Install"
  1468. echo -e "x-ui uninstall - Uninstall"
  1469. echo "------------------------------------------"
  1470. }
  1471. show_menu() {
  1472. echo -e "
  1473. ${green}3X-UI Panel Management Script${plain}
  1474. ${green}0.${plain} Exit Script
  1475. ————————————————
  1476. ${green}1.${plain} Install
  1477. ${green}2.${plain} Update
  1478. ${green}3.${plain} Update Menu
  1479. ${green}4.${plain} Legacy Version
  1480. ${green}5.${plain} Uninstall
  1481. ————————————————
  1482. ${green}6.${plain} Reset Username & Password & Secret Token
  1483. ${green}7.${plain} Reset Web Base Path
  1484. ${green}8.${plain} Reset Settings
  1485. ${green}9.${plain} Change Port
  1486. ${green}10.${plain} View Current Settings
  1487. ————————————————
  1488. ${green}11.${plain} Start
  1489. ${green}12.${plain} Stop
  1490. ${green}13.${plain} Restart
  1491. ${green}14.${plain} Check Status
  1492. ${green}15.${plain} Logs Management
  1493. ————————————————
  1494. ${green}16.${plain} Enable Autostart
  1495. ${green}17.${plain} Disable Autostart
  1496. ————————————————
  1497. ${green}18.${plain} SSL Certificate Management
  1498. ${green}19.${plain} Cloudflare SSL Certificate
  1499. ${green}20.${plain} IP Limit Management
  1500. ${green}21.${plain} Firewall Management
  1501. ${green}22.${plain} SSH Port Forwarding Management
  1502. ————————————————
  1503. ${green}23.${plain} Enable BBR
  1504. ${green}24.${plain} Update Geo Files
  1505. ${green}25.${plain} Speedtest by Ookla
  1506. "
  1507. show_status
  1508. echo && read -p "Please enter your selection [0-25]: " num
  1509. case "${num}" in
  1510. 0)
  1511. exit 0
  1512. ;;
  1513. 1)
  1514. check_uninstall && install
  1515. ;;
  1516. 2)
  1517. check_install && update
  1518. ;;
  1519. 3)
  1520. check_install && update_menu
  1521. ;;
  1522. 4)
  1523. check_install && legacy_version
  1524. ;;
  1525. 5)
  1526. check_install && uninstall
  1527. ;;
  1528. 6)
  1529. check_install && reset_user
  1530. ;;
  1531. 7)
  1532. check_install && reset_webbasepath
  1533. ;;
  1534. 8)
  1535. check_install && reset_config
  1536. ;;
  1537. 9)
  1538. check_install && set_port
  1539. ;;
  1540. 10)
  1541. check_install && check_config
  1542. ;;
  1543. 11)
  1544. check_install && start
  1545. ;;
  1546. 12)
  1547. check_install && stop
  1548. ;;
  1549. 13)
  1550. check_install && restart
  1551. ;;
  1552. 14)
  1553. check_install && status
  1554. ;;
  1555. 15)
  1556. check_install && show_log
  1557. ;;
  1558. 16)
  1559. check_install && enable
  1560. ;;
  1561. 17)
  1562. check_install && disable
  1563. ;;
  1564. 18)
  1565. ssl_cert_issue_main
  1566. ;;
  1567. 19)
  1568. ssl_cert_issue_CF
  1569. ;;
  1570. 20)
  1571. iplimit_main
  1572. ;;
  1573. 21)
  1574. firewall_menu
  1575. ;;
  1576. 22)
  1577. SSH_port_forwarding
  1578. ;;
  1579. 23)
  1580. bbr_menu
  1581. ;;
  1582. 24)
  1583. update_geo
  1584. ;;
  1585. 25)
  1586. run_speedtest
  1587. ;;
  1588. *)
  1589. LOGE "Please enter the correct number [0-25]"
  1590. ;;
  1591. esac
  1592. }
  1593. if [[ $# > 0 ]]; then
  1594. case $1 in
  1595. "start")
  1596. check_install 0 && start 0
  1597. ;;
  1598. "stop")
  1599. check_install 0 && stop 0
  1600. ;;
  1601. "restart")
  1602. check_install 0 && restart 0
  1603. ;;
  1604. "status")
  1605. check_install 0 && status 0
  1606. ;;
  1607. "settings")
  1608. check_install 0 && check_config 0
  1609. ;;
  1610. "enable")
  1611. check_install 0 && enable 0
  1612. ;;
  1613. "disable")
  1614. check_install 0 && disable 0
  1615. ;;
  1616. "log")
  1617. check_install 0 && show_log 0
  1618. ;;
  1619. "banlog")
  1620. check_install 0 && show_banlog 0
  1621. ;;
  1622. "update")
  1623. check_install 0 && update 0
  1624. ;;
  1625. "legacy")
  1626. check_install 0 && legacy_version 0
  1627. ;;
  1628. "install")
  1629. check_uninstall 0 && install 0
  1630. ;;
  1631. "uninstall")
  1632. check_install 0 && uninstall 0
  1633. ;;
  1634. *) show_usage ;;
  1635. esac
  1636. else
  1637. show_menu
  1638. fi