Skip to content

Commit 3f38c42

Browse files
TaraRostamiTaraRostami
authored
fail2ban: better ipv6 validation (#2615)
1 parent 4929566 commit 3f38c42

File tree

2 files changed

+63
-53
lines changed

2 files changed

+63
-53
lines changed

install.sh

+19-18
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22

33
red='\033[0;31m'
44
green='\033[0;32m'
5+
blue='\033[0;34m'
56
yellow='\033[0;33m'
67
plain='\033[0m'
78

@@ -260,24 +261,24 @@ install_x-ui() {
260261
systemctl start x-ui
261262
echo -e "${green}x-ui ${tag_version}${plain} installation finished, it is running now..."
262263
echo -e ""
263-
echo -e "x-ui control menu usages: "
264-
echo -e "----------------------------------------------"
265-
echo -e "SUBCOMMANDS:"
266-
echo -e "x-ui - Admin Management Script"
267-
echo -e "x-ui start - Start"
268-
echo -e "x-ui stop - Stop"
269-
echo -e "x-ui restart - Restart"
270-
echo -e "x-ui status - Current Status"
271-
echo -e "x-ui settings - Current Settings"
272-
echo -e "x-ui enable - Enable Autostart on OS Startup"
273-
echo -e "x-ui disable - Disable Autostart on OS Startup"
274-
echo -e "x-ui log - Check logs"
275-
echo -e "x-ui banlog - Check Fail2ban ban logs"
276-
echo -e "x-ui update - Update"
277-
echo -e "x-ui legacy - legacy version"
278-
echo -e "x-ui install - Install"
279-
echo -e "x-ui uninstall - Uninstall"
280-
echo -e "----------------------------------------------"
264+
echo -e "┌───────────────────────────────────────────────────────┐
265+
${blue}x-ui control menu usages (subcommands):${plain}
266+
267+
${blue}x-ui${plain} - Admin Management Script
268+
${blue}x-ui start${plain} - Start
269+
${blue}x-ui stop${plain} - Stop
270+
${blue}x-ui restart${plain} - Restart
271+
${blue}x-ui status${plain} - Current Status
272+
${blue}x-ui settings${plain} - Current Settings
273+
${blue}x-ui enable${plain} - Enable Autostart on OS Startup
274+
${blue}x-ui disable${plain} - Disable Autostart on OS Startup
275+
${blue}x-ui log${plain} - Check logs
276+
${blue}x-ui banlog${plain} - Check Fail2ban ban logs
277+
${blue}x-ui update${plain} - Update
278+
${blue}x-ui legacy${plain} - legacy version
279+
${blue}x-ui install${plain} - Install
280+
${blue}x-ui uninstall${plain} - Uninstall
281+
└───────────────────────────────────────────────────────┘"
281282
}
282283

283284
echo -e "${green}Running...${plain}"

x-ui.sh

+44-35
Original file line numberDiff line numberDiff line change
@@ -1353,6 +1353,11 @@ iplimit_remove_conflicts() {
13531353
done
13541354
}
13551355

1356+
ip_validation() {
1357+
ipv6_regex="^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$"
1358+
ipv4_regex="^((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]?|0)\.){3}(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]?|0)$"
1359+
}
1360+
13561361
iplimit_main() {
13571362
echo -e "\n${green}\t1.${plain} Install Fail2ban and configure IP Limit"
13581363
echo -e "${green}\t2.${plain} Change Ban Duration"
@@ -1406,7 +1411,8 @@ iplimit_main() {
14061411
;;
14071412
5)
14081413
read -rp "Enter the IP address you want to ban: " ban_ip
1409-
if [[ $ban_ip =~ ^(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9]))$ || $ban_ip =~ ^(([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})$ ]]; then
1414+
ip_validation
1415+
if [[ $ban_ip =~ $ipv4_regex || $ban_ip =~ $ipv6_regex ]]; then
14101416
fail2ban-client set 3x-ipl banip "$ban_ip"
14111417
echo -e "${green}IP Address ${ban_ip} has been banned successfully.${plain}"
14121418
else
@@ -1416,7 +1422,8 @@ iplimit_main() {
14161422
;;
14171423
6)
14181424
read -rp "Enter the IP address you want to unban: " unban_ip
1419-
if [[ $unban_ip =~ ^(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9]))$ || $unban_ip =~ ^(([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})$ ]]; then
1425+
ip_validation
1426+
if [[ $unban_ip =~ $ipv4_regex || $unban_ip =~ $ipv6_regex ]]; then
14201427
fail2ban-client set 3x-ipl unbanip "$unban_ip"
14211428
echo -e "${green}IP Address ${unban_ip} has been unbanned successfully.${plain}"
14221429
else
@@ -1673,39 +1680,41 @@ show_usage() {
16731680

16741681
show_menu() {
16751682
echo -e "
1676-
${green}3X-UI Panel Management Script${plain}
1677-
${green}0.${plain} Exit Script
1678-
————————————————
1679-
${green}1.${plain} Install
1680-
${green}2.${plain} Update
1681-
${green}3.${plain} Update Menu
1682-
${green}4.${plain} Legacy Version
1683-
${green}5.${plain} Uninstall
1684-
————————————————
1685-
${green}6.${plain} Reset Username & Password & Secret Token
1686-
${green}7.${plain} Reset Web Base Path
1687-
${green}8.${plain} Reset Settings
1688-
${green}9.${plain} Change Port
1689-
${green}10.${plain} View Current Settings
1690-
————————————————
1691-
${green}11.${plain} Start
1692-
${green}12.${plain} Stop
1693-
${green}13.${plain} Restart
1694-
${green}14.${plain} Check Status
1695-
${green}15.${plain} Logs Management
1696-
————————————————
1697-
${green}16.${plain} Enable Autostart
1698-
${green}17.${plain} Disable Autostart
1699-
————————————————
1700-
${green}18.${plain} SSL Certificate Management
1701-
${green}19.${plain} Cloudflare SSL Certificate
1702-
${green}20.${plain} IP Limit Management
1703-
${green}21.${plain} Firewall Management
1704-
${green}22.${plain} SSH Port Forwarding Management
1705-
————————————————
1706-
${green}23.${plain} Enable BBR
1707-
${green}24.${plain} Update Geo Files
1708-
${green}25.${plain} Speedtest by Ookla
1683+
╔────────────────────────────────────────────────╗
1684+
${green}3X-UI Panel Management Script${plain}
1685+
${green}0.${plain} Exit Script │
1686+
│────────────────────────────────────────────────│
1687+
${green}1.${plain} Install │
1688+
${green}2.${plain} Update │
1689+
${green}3.${plain} Update Menu │
1690+
${green}4.${plain} Legacy Version │
1691+
${green}5.${plain} Uninstall │
1692+
│────────────────────────────────────────────────│
1693+
${green}6.${plain} Reset Username & Password & Secret Token │
1694+
${green}7.${plain} Reset Web Base Path │
1695+
${green}8.${plain} Reset Settings │
1696+
${green}9.${plain} Change Port │
1697+
${green}10.${plain} View Current Settings │
1698+
│────────────────────────────────────────────────│
1699+
${green}11.${plain} Start │
1700+
${green}12.${plain} Stop │
1701+
${green}13.${plain} Restart │
1702+
${green}14.${plain} Check Status │
1703+
${green}15.${plain} Logs Management │
1704+
│────────────────────────────────────────────────│
1705+
${green}16.${plain} Enable Autostart │
1706+
${green}17.${plain} Disable Autostart │
1707+
│────────────────────────────────────────────────│
1708+
${green}18.${plain} SSL Certificate Management │
1709+
${green}19.${plain} Cloudflare SSL Certificate │
1710+
${green}20.${plain} IP Limit Management │
1711+
${green}21.${plain} Firewall Management │
1712+
${green}22.${plain} SSH Port Forwarding Management │
1713+
│────────────────────────────────────────────────│
1714+
${green}23.${plain} Enable BBR │
1715+
${green}24.${plain} Update Geo Files │
1716+
${green}25.${plain} Speedtest by Ookla │
1717+
╚────────────────────────────────────────────────╝
17091718
"
17101719
show_status
17111720
echo && read -p "Please enter your selection [0-25]: " num

0 commit comments

Comments
 (0)