v1.1.4

because the error for fedora

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,56 @@
+name: Issue Report
+description: "Create a report to help us improve."
+body:
+  - type:  checkboxes
+    id: terms
+    attributes:
+      label: Welcome
+      options:
+        - label: Yes, I'm using the latest major release. Only such installations are supported.
+          required: true
+        - label: Yes, I'm using the supported system. Only such systems are supported.
+          required: true
+        - label: Yes, I have read all WIKI document,nothing can help me in my problem.
+          required: true
+        - label: Yes, I've searched similar issues on GitHub and didn't find any.
+          required: true
+        - label: Yes, I've included all information below (version, config, log, etc).
+          required: true
+
+  - type: textarea
+    id: problem
+    attributes:
+      label: Description of the problem,screencshot would be good 
+      placeholder: Your problem description
+    validations:
+      required: true
+
+  - type: textarea
+    id: version
+    attributes:
+      label: Version of 3x-ui
+      value: |-
+        <details>
+
+        ```console
+        # Paste here
+        ```
+
+        </details>
+    validations:
+      required: true
+
+  - type: textarea
+    id: log
+    attributes:
+      label: x-ui log reports or xray log
+      value: |-
+        <details>
+
+        ```console
+        # paste log here
+        ```
+
+        </details>
+    validations:
+      required: true

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,20 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: enhancement
+assignees: ''
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.

.github/ISSUE_TEMPLATE/question-.md

@@ -0,0 +1,10 @@
+---
+name: 'Question '
+about: Describe this issue template's purpose here.
+title: ''
+labels: question
+assignees: ''
+
+---
+
+

.github/workflows/release.yml

@@ -6,7 +6,7 @@ jobs:
     name: build x-ui amd64 version
     runs-on: ubuntu-20.04
     steps:
-      - uses: actions/checkout@v3.4.0
+      - uses: actions/checkout@v3.5.0
       - name: Set up Go
         uses: actions/setup-go@v4.0.0
         with:
@@ -27,6 +27,7 @@ jobs:
           rm -f Xray-linux-64.zip geoip.dat geosite.dat
           wget https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geoip.dat
           wget https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geosite.dat
+          wget https://github.com/bootmortis/iran-hosted-domains/releases/latest/download/iran.dat
           mv xray xray-linux-amd64
           cd ..
           cd ..

README.md

@@ -1,8 +1,8 @@
 # 3x-ui
-![](https://img.shields.io/github/v/release/mhsanaei/3x-ui.svg)
-![](https://img.shields.io/github/actions/workflow/status/mhsanaei/3x-ui/release.yml.svg)
-![GO Version](https://img.shields.io/github/go-mod/go-version/mhsanaei/3x-ui.svg)
-![Downloads](https://img.shields.io/github/downloads/mhsanaei/3x-ui/total.svg)
+[![](https://img.shields.io/github/v/release/mhsanaei/3x-ui.svg)](https://github.com/MHSanaei/3x-ui/releases)
+[![](https://img.shields.io/github/actions/workflow/status/mhsanaei/3x-ui/release.yml.svg)](#)
+[![GO Version](https://img.shields.io/github/go-mod/go-version/mhsanaei/3x-ui.svg)](#)
+[![Downloads](https://img.shields.io/github/downloads/mhsanaei/3x-ui/total.svg)](#)
 [![License](https://img.shields.io/badge/license-GPL%20V3-blue.svg?longCache=true)](https://www.gnu.org/licenses/gpl-3.0.en.html)
 
 
@@ -15,7 +15,11 @@ xray panel supporting multi-protocol, **Multi-lang (English,Farsi,Chinese)**
 ```
 bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh)
 ```
-
+## Install custom version
+To install your desired version you can add the version to the end of install command. Example for ver `v1.0.9`:
+```
+bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh) v1.0.9
+```
 # SSL
 ```
 apt-get install certbot -y
@@ -30,6 +34,7 @@ certbot renew --dry-run
 - Port: 2053
 - username and password will be generated randomly if you skip to modify your own security(x-ui "7")
 - database path: /etc/x-ui/x-ui.db
+- xray config path: /usr/local/x-ui/bin/config.json
 
 before you set ssl on settings
 - http:// ip or domain:2053/xui
@@ -40,8 +45,9 @@ After you set ssl on settings
 # Enable Traffic For Users:
 
 **copy and paste to xray Configuration :** (you don't need to do this if you have a fresh install)
-- [for enable traffic](https://raw.githubusercontent.com/mhsanaei/3x-ui/main/media/for%20enable%20traffic.txt)
-- [for enable traffic+block all iran ip address](https://raw.githubusercontent.com/mhsanaei/3x-ui/main/media/for%20enable%20traffic%2Bblock%20all%20iran%20ip.txt)
+- [enable traffic](./media/enable-traffic.txt)
+- [enable traffic+block all IR IP address](./media/enable-traffic+block-IR-IP.txt)
+- [enable traffic+block all IR domain](./media/enable-traffic+block-IR-domain.txt)
 
 # Features
 

config/version

@@ -1 +1 @@
-1.1.0
+1.1.4

go.mod

@@ -12,11 +12,11 @@ require (
 	github.com/op/go-logging v0.0.0-20160315200505-970db520ece7
 	github.com/pelletier/go-toml/v2 v2.0.7
 	github.com/robfig/cron/v3 v3.0.1
-	github.com/shirou/gopsutil/v3 v3.23.2
+	github.com/shirou/gopsutil/v3 v3.23.3
 	github.com/xtls/xray-core v1.8.0
 	go.uber.org/atomic v1.10.0
 	golang.org/x/text v0.8.0
-	google.golang.org/grpc v1.53.0
+	google.golang.org/grpc v1.54.0
 	gorm.io/driver/sqlite v1.4.4
 	gorm.io/gorm v1.24.6
 )
@@ -47,6 +47,7 @@ require (
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/pires/go-proxyproto v0.6.2 // indirect
 	github.com/power-devops/perfstat v0.0.0-20221212215047-62379fc7944b // indirect
+	github.com/shoenig/go-m1cpu v0.1.4 // indirect
 	github.com/tklauser/go-sysconf v0.3.11 // indirect
 	github.com/tklauser/numcpus v0.6.0 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect

go.sum

@@ -137,8 +137,12 @@ github.com/sagernet/sing v0.1.7 h1:g4vjr3q8SUlBZSx97Emz5OBfSMBxxW5Q8C2PfdoSo08=
 github.com/sagernet/sing-shadowsocks v0.1.1 h1:uFK2rlVeD/b1xhDwSMbUI2goWc6fOKxp+ZeKHZq6C9Q=
 github.com/sagernet/wireguard-go v0.0.0-20221116151939-c99467f53f2c h1:vK2wyt9aWYHHvNLWniwijBu/n4pySypiKRhN32u/JGo=
 github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb h1:XfLJSPIOUX+osiMraVgIrMR27uMXnRJWGm1+GL8/63U=
-github.com/shirou/gopsutil/v3 v3.23.2 h1:PAWSuiAszn7IhPMBtXsbSCafej7PqUOvY6YywlQUExU=
-github.com/shirou/gopsutil/v3 v3.23.2/go.mod h1:gv0aQw33GLo3pG8SiWKiQrbDzbRY1K80RyZJ7V4Th1M=
+github.com/shirou/gopsutil/v3 v3.23.3 h1:Syt5vVZXUDXPEXpIBt5ziWsJ4LdSAAxF4l/xZeQgSEE=
+github.com/shirou/gopsutil/v3 v3.23.3/go.mod h1:lSBNN6t3+D6W5e5nXTxc8KIMMVxAcS+6IJlffjRRlMU=
+github.com/shoenig/go-m1cpu v0.1.4 h1:SZPIgRM2sEF9NJy50mRHu9PKGwxyyTTJIWvCtgVbozs=
+github.com/shoenig/go-m1cpu v0.1.4/go.mod h1:Wwvst4LR89UxjeFtLRMrpgRiyY4xPsejnVZym39dbAQ=
+github.com/shoenig/test v0.6.3 h1:GVXWJFk9PiOjN0KoJ7VrJGH6uLPnqxR7/fe3HUPfE0c=
+github.com/shoenig/test v0.6.3/go.mod h1:byHiCGXqrVaflBLAMq/srcZIHynQPQgeyvkvXnjqq0k=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
@@ -211,7 +215,6 @@ golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
@@ -235,8 +238,8 @@ golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8T
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/genproto v0.0.0-20230306155012-7f2fa6fef1f4 h1:DdoeryqhaXp1LtT/emMP1BRJPHHKFi5akj/nbx/zNTA=
 google.golang.org/genproto v0.0.0-20230306155012-7f2fa6fef1f4/go.mod h1:NWraEVixdDnqcqQ30jipen1STv2r/n24Wb7twVTGR4s=
-google.golang.org/grpc v1.53.0 h1:LAv2ds7cmFV/XTS3XG1NneeENYrXGmorPxsBbptIjNc=
-google.golang.org/grpc v1.53.0/go.mod h1:OnIrk0ipVdj4N5d9IUoFUx72/VlD7+jUsHwZgwSMQpw=
+google.golang.org/grpc v1.54.0 h1:EhTqbhiYeixwWQtAEZAxmV9MGqcjEU2mFx52xCzNyag=
+google.golang.org/grpc v1.54.0/go.mod h1:PUSEXI6iWghWaB6lXM4knEgpJNu2qUcKfDtNci3EC2g=
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 google.golang.org/protobuf v1.29.1 h1:7QBf+IK2gx70Ap/hDsOmam3GE0v9HicjfEdAxE62UoM=

install.sh

@@ -66,14 +66,33 @@ else
     echo -e "${red}Failed to check the OS version, please contact the author!${plain}" && exit 1
 fi
 
-
+# This function installs the base packages required for most scripts
 install_base() {
-    if [[ "${release}" == "centos" ]]; then
-        yum install wget curl tar -y
+    # Store the package names in a variable for easy modification
+    local packages="wget curl tar"
+
+    # Check for the package managers and install the packages if they are not already installed
+    if ! command -v wget >/dev/null 2>&1 || ! command -v curl >/dev/null 2>&1 || ! command -v tar >/dev/null 2>&1; then
+        if command -v apt >/dev/null 2>&1; then
+            apt-get update && apt-get install -y $packages
+        elif command -v dnf >/dev/null 2>&1; then
+            dnf install -y $packages
+        elif command -v yum >/dev/null 2>&1; then
+            yum install -y $packages
+        else
+            echo "ERROR: No package managers found. Please install wget, curl, and tar manually."
+            return 1
+        fi
+
+        # Print a confirmation message after the installation is complete
+        echo "The following packages have been successfully installed: $packages"
     else
-        apt install wget curl tar -y
+        # Print a message confirming that the packages are already installed
+        echo "The following packages are already installed: $packages"
     fi
 }
+
+
 #This function will be called when user installed x-ui out of sercurity
 config_after_install() {
     echo -e "${yellow}Install/update finished! For security it's recommended to modify panel settings ${plain}"
@@ -98,8 +117,8 @@ config_after_install() {
             /usr/local/x-ui/x-ui setting -username ${usernameTemp} -password ${passwordTemp}
             echo -e "this is a fresh installation,will generate random login info for security concerns:"
             echo -e "###############################################"
-            echo -e "${green}user name:${usernameTemp}${plain}"
-            echo -e "${green}user password:${passwordTemp}${plain}"
+            echo -e "${green}username:${usernameTemp}${plain}"
+            echo -e "${green}password:${passwordTemp}${plain}"
             echo -e "###############################################"
             echo -e "${red}if you forgot your login info,you can type x-ui and then type 7 to check after installation${plain}"
         else

media/enable-traffic+block-IR-IP.txt

@@ -3,7 +3,6 @@
     "loglevel": "warning", 
     "access": "./access.log"
   },
- 
   "api": {
     "services": [
       "HandlerService",

media/enable-traffic+block-IR-domain.txt

@@ -0,0 +1,81 @@
+{
+  "log": {
+    "loglevel": "warning",
+    "access": "./access.log"
+  },
+  "api": {
+    "services": [
+      "HandlerService",
+      "LoggerService",
+      "StatsService"
+    ],
+    "tag": "api"
+  },
+  "inbounds": [
+    {
+      "listen": "127.0.0.1",
+      "port": 62789,
+      "protocol": "dokodemo-door",
+      "settings": {
+        "address": "127.0.0.1"
+      },
+      "tag": "api"
+    }
+  ],
+  "outbounds": [
+    {
+      "protocol": "freedom",
+      "settings": {}
+    },
+    {
+      "protocol": "blackhole",
+      "settings": {},
+      "tag": "blocked"
+    }
+  ],
+  "policy": {
+    "levels": {
+      "0": {
+        "statsUserUplink": true,
+        "statsUserDownlink": true
+      }
+    },
+    "system": {
+      "statsInboundDownlink": true,
+      "statsInboundUplink": true
+    }
+  },
+  "routing": {
+    "rules": [
+      {
+        "inboundTag": [
+          "api"
+        ],
+        "outboundTag": "api",
+        "type": "field"
+      },
+      {
+        "domain": [
+          "regexp:.+.ir$"
+        ],
+        "outboundTag": "blocked",
+        "type": "field"
+      },
+      {
+        "outboundTag": "blocked",
+        "protocol": [
+          "bittorrent"
+        ],
+        "type": "field"
+      },
+      {
+        "outboundTag": "blocked",
+        "ip": [
+          "geoip:private"
+        ],
+        "type": "field"
+      }
+    ]
+  },
+  "stats": {}
+}

media/enable-traffic.txt

@@ -3,7 +3,6 @@
     "loglevel": "warning", 
     "access": "./access.log"
   },
- 
   "api": {
     "services": [
       "HandlerService",

web/assets/css/custom.css

@@ -156,6 +156,16 @@
     padding:16px;
 }
 
+.ant-menu-dark,
+.ant-menu-dark .ant-menu-sub,
+.ant-layout-header,
+.ant-layout-sider-dark,
+.ant-layout-sider-zero-width-trigger,
+.ant-dropdown-menu-dark,.ant-dropdown-menu-dark .ant-dropdown-menu,
+.ant-menu-dark.ant-menu-horizontal>.ant-menu-item,.ant-menu-dark.ant-menu-horizontal>.ant-menu-submenu {
+    background:#161b22
+}
+
 .ant-card-dark {
     color: hsla(0,0%,100%,.65);
     background-color: #1a212a;
@@ -178,9 +188,10 @@
 
 .ant-card-dark .ant-collapse-content,
 .ant-card-dark .ant-calendar,
-.ant-card-dark .ant-table-placeholder {
+.ant-card-dark .ant-table-placeholder,
+.ant-card-dark .ant-input-group-addon {
     color: hsla(0,0%,100%,.65);
-    background-color: #1a212a;
+    background-color: #262f3d;
 }
 
 .ant-card-dark .ant-list-item-meta-title,
@@ -198,7 +209,8 @@
 .ant-card-dark .ant-calendar-year-select,
 .ant-card-dark .ant-calendar-date,
 .ant-card-dark .ant-collapse>.ant-collapse-item>.ant-collapse-header,
-.ant-card-dark .ant-empty-normal {
+.ant-card-dark .ant-empty-normal,
+.ant-card-dark .ant-checkbox+span {
     color: hsla(0,0%,100%,.65);
 }
 
@@ -210,7 +222,7 @@
 
 .ant-card-dark tbody .ant-table-expanded-row {
     color: hsla(0,0%,100%,.65);
-    background-color: #023366; 
+    background-color: #1a212a; 
 }
 
 .ant-card-dark .ant-input,
@@ -219,7 +231,7 @@
 .ant-card-dark .ant-select-dropdown-menu-item-selected,
 .ant-card-dark .ant-select-selection {
     color: hsla(0,0%,100%,.65);
-    background-color: #023366;
+    background-color: #2e3b52;
 }
 
 .ant-card-dark .ant-collapse-item {
@@ -232,7 +244,7 @@
 .ant-card-dark .ant-modal-header,
 .ant-card-dark .ant-calendar-selected-day .ant-calendar-date {
     color: hsla(0,0%,100%,.65);
-    background-color: #242c3a; 
+    background-color: #222a37;
 }
 
 .client-table-header {
@@ -244,7 +256,7 @@
 }
 
 .ant-card-dark .client-table-header {
-    background-color:  #023366;
+    background-color:  #1a212a;
     color: hsla(0,0%,100%,.65);
 }
 
@@ -266,4 +278,62 @@
 .ant-drawer-dark .drawer-handle {
     background-color: #1a212a;
     border: 1px solid hsla(0,0%,100%,.30);
+}
+
+.ant-card-dark .ant-tag-blue {
+    color: #3c9ae8;
+    background: #111d2c;
+    border-color: #15395b;
+}
+
+.ant-card-dark .ant-tag-green {
+    color: #6abe39;
+    background: #162312;
+    border-color: #274916;
+}
+
+.ant-card-dark .ant-tag-cyan {
+    color: #33bcb7;
+    background: #112123;
+    border-color: #144848;
+}
+
+.ant-card-dark .ant-tag-red {
+    color: #e84749;
+    background: #2a1215;
+    border-color: #58181c;
+}
+
+.ant-card-dark .ant-tag-orange {
+    color: #e89a3c;
+    background: #2b1d11;
+    border-color: #593815;
+}
+
+.ant-card-dark .ant-table-row-expand-icon,
+.ant-card-dark .ant-checkbox-inner {
+    background: none;
+}
+
+.ant-card-dark .ant-switch-checked {
+    background-color: #0c61b0;
+}
+
+.ant-card-dark .ant-btn,
+.ant-card-dark .ant-radio-button-wrapper {
+    color: hsla(0,0%,100%,.65);
+    background: none;
+    border: 1px solid hsla(0,0%,100%,.65);
+}
+
+.ant-card-dark .ant-radio-button-wrapper:hover {
+    color: #177ddc;
+}
+
+.ant-card-dark .ant-btn-primary {
+    color:  hsla(0,0%,100%,.65);
+    background-color: #073763;
+    border-color: #1890ff;
+    text-shadow: 0 -1px 0 rgba(0,0,0,.12);
+    box-shadow: 0 2px 0 rgba(0,0,0,.045);
 }

web/assets/js/model/xray.js

@@ -17,16 +17,15 @@ const VmessMethods = {
 };
 
 const SSMethods = {
-    // AES_256_CFB: 'aes-256-cfb',
-    // AES_128_CFB: 'aes-128-cfb',
-    // CHACHA20: 'chacha20',
-    // CHACHA20_IETF: 'chacha20-ietf',
-    CHACHA20_POLY1305: 'chacha20-poly1305',
-    AES_256_GCM: 'aes-256-gcm',
-    AES_128_GCM: 'aes-128-gcm',
+	AES_128_GCM: 'aes-128-gcm',
+	AES_256_GCM: 'aes-256-gcm',
+	CHACHA20_POLY1305: 'chacha20-poly1305',
+	CHACHA20_IETF_POLY1305: 'chacha20-ietf-poly1305',
+	XCHACHA20_POLY1305: 'xchacha20-poly1305',
+	XCHACHA20_IETF_POLY1305: 'xchacha20-ietf-poly1305',
 	BLAKE3_AES_128_GCM: '2022-blake3-aes-128-gcm',
-    BLAKE3_AES_256_GCM: '2022-blake3-aes-256-gcm',
-    BLAKE3_CHACHA20_POLY1305: '2022-blake3-chacha20-poly1305',
+	BLAKE3_AES_256_GCM: '2022-blake3-aes-256-gcm',
+	BLAKE3_CHACHA20_POLY1305: '2022-blake3-chacha20-poly1305',
 };
 
 const RULE_IP = {
@@ -95,7 +94,6 @@ const UTLS_FINGERPRINT = {
 const ALPN_OPTION = {
     H2: "h2",
     HTTP1: "http/1.1",
-    BOTH: "h2,http/1.1",
 };
 
 Object.freeze(Protocols);
@@ -476,7 +474,7 @@ class GrpcStreamSettings extends XrayCommonClass {
 }
 
 class TlsStreamSettings extends XrayCommonClass {
-    constructor(serverName = '', minVersion = TLS_VERSION_OPTION.TLS12, maxVersion = TLS_VERSION_OPTION.TLS13,
+    constructor(serverName = '', minVersion = TLS_VERSION_OPTION.TLS10, maxVersion = TLS_VERSION_OPTION.TLS12,
         cipherSuites = '',
         certificates = [new TlsStreamSettings.Cert()], alpn=[''] ,settings=[new TlsStreamSettings.Settings()]) {
         super();
@@ -575,9 +573,9 @@ TlsStreamSettings.Cert = class extends XrayCommonClass {
 };
 
 TlsStreamSettings.Settings = class extends XrayCommonClass {
-  constructor(insecure = false, fingerprint = '', serverName = '') {
+  constructor(allowInsecure = false, fingerprint = '', serverName = '') {
     super();
-    this.inSecure = insecure;
+    this.allowInsecure = allowInsecure;
     this.fingerprint = fingerprint;
     this.serverName = serverName;
   }
@@ -590,7 +588,7 @@ TlsStreamSettings.Settings = class extends XrayCommonClass {
   }
   toJson() {
     return {
-      allowInsecure: this.inSecure,
+      allowInsecure: this.allowInsecure,
       fingerprint: this.fingerprint,
       serverName: this.serverName,
     };
@@ -941,7 +939,6 @@ class Inbound extends XrayCommonClass {
             case Protocols.VMESS:
             case Protocols.VLESS:
             case Protocols.TROJAN:
-            case Protocols.SHADOWSOCKS:
                 break;
             default:
                 return false;
@@ -993,7 +990,6 @@ class Inbound extends XrayCommonClass {
             case Protocols.VMESS:
             case Protocols.VLESS:
 			case Protocols.TROJAN:
-            case Protocols.SHADOWSOCKS:
                 return true;
             default:
                 return false;
@@ -1084,7 +1080,8 @@ class Inbound extends XrayCommonClass {
             tls: this.stream.security,
 			sni: this.stream.tls.settings[0]['serverName'],
             fp: this.stream.tls.settings[0]['fingerprint'],
-            alpn: this.stream.tls.alpn[0],
+            alpn: this.stream.tls.alpn.join(','),
+            allowInsecure: this.stream.tls.settings[0].allowInsecure,
         };
         return 'vmess://' + base64(JSON.stringify(obj, null, 2));
     }
@@ -1096,7 +1093,6 @@ class Inbound extends XrayCommonClass {
         const type = this.stream.network;
         const params = new Map();
         params.set("type", this.stream.network);
-		params.set("security", this.stream.security);
         switch (type) {
             case "tcp":
                 const tcp = this.stream.tcp;
@@ -1143,8 +1139,12 @@ class Inbound extends XrayCommonClass {
         }
 
         if (this.tls) {
+            params.set("security", "tls");
             params.set("fp" , this.stream.tls.settings[0]['fingerprint']);
-            params.set("alpn", this.stream.tls.alpn[0]);
+            params.set("alpn", this.stream.tls.alpn);
+            if(this.stream.tls.settings[0].allowInsecure){
+                params.set("allowInsecure", "1");
+            }
             if (!ObjectUtil.isEmpty(this.stream.tls.server)) {
                 address = this.stream.tls.server;
 			}
@@ -1156,14 +1156,17 @@ class Inbound extends XrayCommonClass {
             }
         }
 		
-		 if (this.xtls) {
-            if (!ObjectUtil.isEmpty(this.stream.tls.server)) {
-                address = this.stream.tls.server;
-                if (type === "tcp") {
-                    params.set("flow", this.settings.vlesses[clientIndex].flow);
-                }
+		if (this.XTLS) {
+            params.set("security", "xtls");
+            params.set("alpn", this.stream.tls.alpn);
+            if(this.stream.tls.settings[0].allowInsecure){
+                params.set("allowInsecure", "1");
+            }
+			if (!ObjectUtil.isEmpty(this.stream.tls.server)) {
+				address = this.stream.tls.server;
 			}
-        }
+			params.set("flow", this.settings.vlesses[clientIndex].flow);
+		}
 
         const link = `vless://${uuid}@${address}:${port}`;
         const url = new URL(link);
@@ -1180,12 +1183,7 @@ class Inbound extends XrayCommonClass {
         if (!ObjectUtil.isEmpty(server)) {
             address = server;
         }
-        if (settings.method == SSMethods.BLAKE3_AES_128_GCM || settings.method == SSMethods.BLAKE3_AES_256_GCM || settings.method == SSMethods.BLAKE3_CHACHA20_POLY1305) {
-            return `ss://${settings.method}:${settings.password}@${address}:${this.port}#${encodeURIComponent(remark)}`;
-        } else {
-            return 'ss://' + safeBase64(settings.method + ':' + settings.password + '@' + address + ':' + this.port)
-                + '#' + encodeURIComponent(remark);
-        }
+			return 'ss://' + safeBase64(settings.method + ':' + settings.password) + `@${address}:${this.port}#${encodeURIComponent(remark)}`;
     }
 
     genTrojanLink(address = '', remark = '', clientIndex = 0) {
@@ -1194,7 +1192,6 @@ class Inbound extends XrayCommonClass {
         const type = this.stream.network;
         const params = new Map();
 		params.set("type", this.stream.network);
-        params.set("security", this.stream.security);
         switch (type) {
             case "tcp":
                 const tcp = this.stream.tcp;
@@ -1241,24 +1238,31 @@ class Inbound extends XrayCommonClass {
         }
 
         if (this.tls) {
+            params.set("security", "tls");
             params.set("fp" , this.stream.tls.settings[0]['fingerprint']);
-            params.set("alpn", this.stream.tls.alpn[0]);
+            params.set("alpn", this.stream.tls.alpn);
+            if(this.stream.tls.settings[0].allowInsecure){
+                params.set("allowInsecure", "1");
+            }
             if (!ObjectUtil.isEmpty(this.stream.tls.server)) {
                 address = this.stream.tls.server;
-                }
-            if (this.stream.tls.settings[0]['serverName'] !== ''){
-                params.set("sni", this.stream.tls.settings[0]['serverName']);
 			}
+			if (this.stream.tls.settings[0]['serverName'] !== ''){
+                params.set("sni", this.stream.tls.settings[0]['serverName']);
+            }
         }
 		
-		if (this.xtls) {
+		if (this.XTLS) {
+            params.set("security", "xtls");
+            params.set("alpn", this.stream.tls.alpn);
+            if(this.stream.tls.settings[0].allowInsecure){
+                params.set("allowInsecure", "1");
+            }
             if (!ObjectUtil.isEmpty(this.stream.tls.server)) {
-                address = this.stream.tls.server;
-                 if (type === "tcp" && this.settings.trojans[clientIndex].flow.length > 0) {
-                    params.set("flow", this.settings.trojans[clientIndex].flow);
-                }
-			}
-        }
+            address = this.stream.tls.server;
+            }
+			params.set("flow", this.settings.trojans[clientIndex].flow);
+		}
         
         const link = `trojan://${settings.trojans[clientIndex].password}@${address}:${this.port}#${encodeURIComponent(remark)}`;
         const url = new URL(link);

web/controller/server.go

@@ -1,10 +1,11 @@
 package controller
 
 import (
-	"github.com/gin-gonic/gin"
 	"time"
 	"x-ui/web/global"
 	"x-ui/web/service"
+
+	"github.com/gin-gonic/gin"
 )
 
 type ServerController struct {
@@ -37,6 +38,7 @@ func (a *ServerController) initRouter(g *gin.RouterGroup) {
 	g.POST("/stopXrayService", a.stopXrayService)
 	g.POST("/restartXrayService", a.restartXrayService)
 	g.POST("/installXray/:version", a.installXray)
+	g.POST("/logs", a.getLogs)
 }
 
 func (a *ServerController) refreshStatus() {
@@ -87,13 +89,13 @@ func (a *ServerController) installXray(c *gin.Context) {
 }
 
 func (a *ServerController) stopXrayService(c *gin.Context) {
-        a.lastGetStatusTime = time.Now()
+	a.lastGetStatusTime = time.Now()
 	err := a.serverService.StopXrayService()
 	if err != nil {
 		jsonMsg(c, "", err)
 		return
 	}
-	jsonMsg(c, "Xray stoped",err)
+	jsonMsg(c, "Xray stoped", err)
 
 }
 func (a *ServerController) restartXrayService(c *gin.Context) {
@@ -102,6 +104,15 @@ func (a *ServerController) restartXrayService(c *gin.Context) {
 		jsonMsg(c, "", err)
 		return
 	}
-	jsonMsg(c, "Xray restarted",err)
+	jsonMsg(c, "Xray restarted", err)
 
-}
+}
+
+func (a *ServerController) getLogs(c *gin.Context) {
+	logs, err := a.serverService.GetLogs()
+	if err != nil {
+		jsonMsg(c, I18n(c, "getLogs"), err)
+		return
+	}
+	jsonObj(c, logs, nil)
+}

web/html/common/qrcode_modal.html

@@ -1,9 +1,10 @@
 {{define "qrcodeModal"}}
 <a-modal id="qrcode-modal" v-model="qrModal.visible" :title="qrModal.title"
-         :closable="true" width="300px" :ok-text="qrModal.okText"
+         :closable="true"
          :class="siderDrawer.isDarkTheme ? darkClass : ''"
-         cancel-text='{{ i18n "close" }}' :ok-button-props="{attrs:{id:'qr-modal-ok-btn'}}">
-         <a-tag color="green" style="margin-bottom: 10px;display: block;text-align: center;" >{{ i18n "pages.inbounds.clickOnQRcode" }}</a-tag>
+         :footer="null"
+         width="300px">
+    <a-tag color="green" style="margin-bottom: 10px;display: block;text-align: center;" >{{ i18n "pages.inbounds.clickOnQRcode" }}</a-tag>
     <canvas @click="copyToClipboard()" id="qrCode" style="width: 100%; height: 100%;"></canvas>
 </a-modal>
 
@@ -14,17 +15,15 @@
         content: '',
         inbound: new Inbound(),
         dbInbound: new DBInbound(),
-        okText: '',
         copyText: '',
         qrcode: null,
         clipboard: null,
         visible: false,
-        show: function (title='', content='', dbInbound=new DBInbound(),okText='{{ i18n "copy" }}', copyText='') {
+        show: function (title='', content='', dbInbound=new DBInbound(), copyText='') {
             this.title = title;
             this.content = content;
             this.dbInbound = dbInbound;
             this.inbound = dbInbound.toInbound();
-            this.okText = okText;
             if (ObjectUtil.isEmpty(copyText)) {
                 this.copyText = content;
             } else {
@@ -32,13 +31,6 @@
             }
             this.visible = true;
             qrModalApp.$nextTick(() => {
-                this.clipboard = new ClipboardJS('#qr-modal-ok-btn', {
-                    text: () => this.copyText,
-                });
-                this.clipboard.on('success', () => {
-                    app.$message.success('{{ i18n "copied" }}')
-                    this.clipboard.destroy();
-                });
                 if (this.qrcode === null) {
                     this.qrcode = new QRious({
                         element: document.querySelector('#qrCode'),

web/html/xui/client_bulk_modal.html

@@ -7,10 +7,11 @@
         <a-form-item label='{{ i18n "pages.client.method" }}'>
             <a-select v-model="clientsBulkModal.emailMethod" buttonStyle="solid" style="width: 350px" :dropdown-class-name="siderDrawer.isDarkTheme ? 'ant-card-dark' : ''">
                 <a-select-option :value="0">Random</a-select-option>
-                <a-select-option :value="1">Random_Prefix</a-select-option>
-                <a-select-option :value="2">Random_Prefix+Num</a-select-option>
-                <a-select-option :value="3">Random_Prefix+Num+Postfix</a-select-option>
-                <a-select-option :value="4">Random_Prefix+Num@Telegram Username</a-select-option>
+                <a-select-option :value="1">Random+Prefix</a-select-option>
+                <a-select-option :value="2">Random+Prefix+Num</a-select-option>
+                <a-select-option :value="3">Random+Prefix+Num+Postfix</a-select-option>
+                <a-select-option :value="4">Random+Prefix+Num@Telegram Username</a-select-option>
+                <a-select-option :value="5">Prefix+Num+Postfix [ BE CAREFUL! ]</a-select-option>
             </a-select>
         </a-form-item><br />
         <a-form-item v-if="clientsBulkModal.emailMethod>1">
@@ -91,11 +92,12 @@
                 start=0;
                 end=clientsBulkModal.quantity;
             }
-            prefix = (method>0 && clientsBulkModal.emailPrefix.length>0) ? "_" + clientsBulkModal.emailPrefix : "";
+            prefix = (method>0 && clientsBulkModal.emailPrefix.length>0) ? clientsBulkModal.emailPrefix : "";
             useNum=(method>1);
             postfix = (method>2 && clientsBulkModal.emailPostfix.length>0) ? (method == 4 ? "@" : "") + clientsBulkModal.emailPostfix : "";
             for (let i = start; i < end; i++) {
                 newClient = clientsBulkModal.newClient(clientsBulkModal.dbInbound.protocol);
+                if(method==5) newClient.email = "";
                 newClient.email += useNum ? prefix + i.toString() + postfix : prefix + postfix;
                 newClient._totalGB = clientsBulkModal.totalGB;
                 newClient._expiryTime = clientsBulkModal.expiryTime;

web/html/xui/common_sider.html

@@ -15,20 +15,6 @@
 <!--    <a-icon type="laptop"></a-icon>-->
 <!--    <span>Client</span>-->
 <!--</a-menu-item>-->
-<a-sub-menu>
-    <template slot="title">
-        <a-icon type="link"></a-icon>
-        <span>{{ i18n "menu.link"}}</span>
-    </template>
-     <a-menu-item key="https://github.com/mhsanaei/3x-ui/">
-        <a-icon type="github"></a-icon>
-        <span>Github</span>
-    </a-menu-item>
-    <a-menu-item key="https://t.me/panel3xui">
-        <a-icon type="usergroup-add"></a-icon>
-        <span>Telegram</span>
-    </a-menu-item>
-</a-sub-menu>
 <a-menu-item key="{{ .base_path }}logout">
     <a-icon type="logout"></a-icon>
     <span>{{ i18n "menu.logout"}}</span>

web/html/xui/form/client.html

@@ -5,10 +5,10 @@
     </template>
     <a-form-item>
         <span slot="label">
-            Email
+            <span>{{ i18n "pages.inbounds.Email" }}</span>
             <a-tooltip>
                 <template slot="title">
-                    The Email Must Be Completely Unique
+                    <span>{{ i18n "pages.inbounds.EmailDesc" }}</span>
                 </template>
                 <a-icon type="sync" @click="getNewEmail(client)"></a-icon>
             </a-tooltip>
@@ -26,10 +26,10 @@
     </a-form-item>
 	<a-form-item>
 		<span slot="label">
-			IP Count Limit
+			<span>{{ i18n "pages.inbounds.IPLimit" }}</span>
 			<a-tooltip>
 				<template slot="title">
-				Disable inbound if more than entered count (0 for disable limit ip)
+				<span>{{ i18n "pages.inbounds.IPLimitDesc" }}</span>
 				</template>
 				<a-icon type="question-circle" theme="filled"></a-icon>
 			</a-tooltip>
@@ -38,16 +38,16 @@
 	</a-form-item>
 	<a-form-item v-if="client.email && client.limitIp > 0 && isEdit">
 		<span slot="label">
-			IP Log
+			<span>{{ i18n "pages.inbounds.IPLimitlog" }}</span>
 			<a-tooltip>
 				<template slot="title">
-				IPs history Log (before enabling inbound after it has been disabled by IP limit, you should clear the log)
+				<span>{{ i18n "pages.inbounds.IPLimitlogDesc" }}</span>
 				</template>
 				<a-icon type="question-circle" theme="filled"></a-icon>
 			</a-tooltip>
 			<a-tooltip>
 				<template slot="title">
-				Clear The Log
+				<span>{{ i18n "pages.inbounds.IPLimitlogclear" }}</span>
 				</template>
 				<span style="color: #FF4D4F">
 				<a-icon type="delete" @click="clearDBClientIps(client.email)"></a-icon>

web/html/xui/form/protocol/dokodemo.html

@@ -8,9 +8,9 @@
     </a-form-item>
     <a-form-item label='{{ i18n "pages.inbounds.network"}}'>
         <a-select v-model="inbound.settings.network" style="width: 100px;" :dropdown-class-name="siderDrawer.isDarkTheme ? 'ant-card-dark' : ''">
-            <a-select-option value="tcp,udp">tcp+udp</a-select-option>
-            <a-select-option value="tcp">tcp</a-select-option>
-            <a-select-option value="udp">udp</a-select-option>
+            <a-select-option value="tcp,udp">TCP+UDP</a-select-option>
+            <a-select-option value="tcp">TCP</a-select-option>
+            <a-select-option value="udp">UDP</a-select-option>
         </a-select>
     </a-form-item>
     <a-form-item label="FollowRedirect">

web/html/xui/form/protocol/shadowsocks.html

@@ -1,18 +1,18 @@
 {{define "form/shadowsocks"}}
 <a-form layout="inline">
     <a-form-item label='{{ i18n "encryption" }}'>
-        <a-select v-model="inbound.settings.method" style="width: 165px;" :dropdown-class-name="siderDrawer.isDarkTheme ? 'ant-card-dark' : ''">
+        <a-select v-model="inbound.settings.method" style="width: 250px;" :dropdown-class-name="siderDrawer.isDarkTheme ? 'ant-card-dark' : ''">
             <a-select-option v-for="method in SSMethods" :value="method">[[ method ]]</a-select-option>
         </a-select>
     </a-form-item>
     <a-form-item label='{{ i18n "password" }}'>
-        <a-input v-model.trim="inbound.settings.password"></a-input>
+        <a-input v-model.trim="inbound.settings.password" style="width: 250px;"></a-input>
     </a-form-item>
     <a-form-item label='{{ i18n "pages.inbounds.network" }}'>
         <a-select v-model="inbound.settings.network" style="width: 100px;" :dropdown-class-name="siderDrawer.isDarkTheme ? 'ant-card-dark' : ''">
-            <a-select-option value="tcp,udp">tcp+udp</a-select-option>
-            <a-select-option value="tcp">tcp</a-select-option>
-            <a-select-option value="udp">udp</a-select-option>
+            <a-select-option value="tcp,udp">TCP+UDP</a-select-option>
+            <a-select-option value="tcp">TCP</a-select-option>
+            <a-select-option value="udp">UDP</a-select-option>
         </a-select>
     </a-form-item>
 </a-form>

web/html/xui/form/protocol/trojan.html

@@ -5,10 +5,10 @@
         <a-form layout="inline">
             <a-form-item>
                 <span slot="label">
-                    Email
+                    <span>{{ i18n "pages.inbounds.Email" }}</span>
                     <a-tooltip>
                         <template slot="title">
-                            The Email Must Be Completely Unique
+                            <span>{{ i18n "pages.inbounds.EmailDesc" }}</span>
                         </template>
                         <a-icon @click="getNewEmail(client)" type="sync"> </a-icon>
                     </a-tooltip>
@@ -21,10 +21,10 @@
         </a-form-item>
 		<a-form-item>
                 <span slot="label">
-                    IP Count Limit
+                    <span>{{ i18n "pages.inbounds.IPLimit" }}</span>
                     <a-tooltip>
                         <template slot="title">
-                            disable inbound if more than entered count (0 for disable limit ip)
+                            <span>{{ i18n "pages.inbounds.IPLimitDesc" }}</span>
                         </template>
                         <a-icon type="question-circle" theme="filled"></a-icon>
                     </a-tooltip>
@@ -76,7 +76,7 @@
         </table>
     </a-collapse-panel>
 </a-collapse>
-<template v-if="inbound.isTcp && inbound.tls">
+<template v-if="inbound.isTcp && (inbound.tls || inbound.xtls)">
     <a-form layout="inline">
         <a-form-item label="Fallbacks">
             <a-row>

web/html/xui/form/protocol/vless.html

@@ -5,10 +5,10 @@
         <a-form layout="inline">
             <a-form-item>
                 <span slot="label">
-                    Email
+                    <span>{{ i18n "pages.inbounds.Email" }}</span>
                     <a-tooltip>
                         <template slot="title">
-                            The Email Must Be Completely Unique
+                            <span>{{ i18n "pages.inbounds.EmailDesc" }}</span>
                         </template>
                         <a-icon type="sync" @click="getNewEmail(client)"></a-icon>
                     </a-tooltip>
@@ -21,10 +21,10 @@
         </a-form-item>
 		<a-form-item>
                 <span slot="label">
-                    IP Count Limit
+                    <span>{{ i18n "pages.inbounds.IPLimit" }}</span>
                     <a-tooltip>
                         <template slot="title">
-                            disable inbound if more than entered count (0 for disable limit ip)
+                            <span>{{ i18n "pages.inbounds.IPLimitDesc" }}</span>
                         </template>
                         <a-icon type="question-circle" theme="filled"></a-icon>
                     </a-tooltip>
@@ -82,7 +82,7 @@
         </table>
     </a-collapse-panel>
 </a-collapse>
-<template v-if="inbound.isTcp && inbound.tls">
+<template v-if="inbound.isTcp && (inbound.tls || inbound.xtls)">
     <a-form layout="inline">
         <a-form-item label="Fallbacks">
             <a-row>

web/html/xui/form/protocol/vmess.html

@@ -5,10 +5,10 @@
         <a-form layout="inline">
             <a-form-item>
                 <span slot="label">
-                    Email
+                    <span>{{ i18n "pages.inbounds.Email" }}</span>
                     <a-tooltip>
                         <template slot="title">
-                            The Email Must Be Completely Unique
+                            <span>{{ i18n "pages.inbounds.EmailDesc" }}</span>
                         </template>
                         <a-icon type="sync" @click="getNewEmail(client)"></a-icon>
                     </a-tooltip>
@@ -24,10 +24,10 @@
         </a-form-item>
 		<a-form-item>
                 <span slot="label">
-                    IP Count Limit
+                    <span>{{ i18n "pages.inbounds.IPLimit" }}</span>
                     <a-tooltip>
                         <template slot="title">
-                            Disable inbound if more than entered count (0 for disable limit ip)
+                            <span>{{ i18n "pages.inbounds.IPLimitDesc" }}</span>
                         </template>
                         <a-icon type="question-circle" theme="filled"></a-icon>
                     </a-tooltip>

web/html/xui/form/stream/stream_settings.html

@@ -8,7 +8,7 @@
             <a-select-option value="ws">WS</a-select-option>
             <a-select-option value="http">HTTP</a-select-option>
             <a-select-option value="quic">QUIC</a-select-option>
-            <a-select-option value="grpc">GRPC</a-select-option>
+            <a-select-option value="grpc">gRPC</a-select-option>
         </a-select>
     </a-form-item>
 </a-form>

web/html/xui/form/tls_settings.html

@@ -40,11 +40,13 @@
     <a-form-item label='{{ i18n "domainName" }}'>
         <a-input v-model.trim="inbound.stream.tls.server"></a-input>
     </a-form-item>
-    <a-form-item label="Alpn" v-if="inbound.tls">
-        <a-select v-model="inbound.stream.tls.alpn[0]" style="width:200px">
-            <a-select-option value=''>auto</a-select-option>
-            <a-select-option v-for="key in ALPN_OPTION" :value="key">[[ key ]]</a-select-option>
-        </a-select>
+    <a-form-item label="Alpn">
+        <a-checkbox-group v-model="inbound.stream.tls.alpn" style="width:200px">
+            <a-checkbox v-for="key in ALPN_OPTION" :value="key">[[ key ]]</a-checkbox>
+        </a-checkbox-group>
+    </a-form-item>
+    <a-form-item label="Allow insecure">
+        <a-switch v-model="inbound.stream.tls.settings[0].allowInsecure"></a-switch>
     </a-form-item>
     <a-form-item label='{{ i18n "certificate" }}'>
         <a-radio-group v-model="inbound.stream.tls.certs[0].useFile" button-style="solid">

web/html/xui/inbound_info_modal.html

@@ -59,13 +59,11 @@
     </table>
     <template v-if="infoModal.clientSettings">
     <a-divider>{{ i18n "pages.inbounds.client" }}</a-divider>
-    <table style="margin-bottom: 10px; width: 100%;">
-        <tr>
-            <th v-for="col in Object.keys(infoModal.clientSettings).slice(0, 3)">[[ col ]]</th>
-        </tr>
-        <tr>
-            <td v-for="col in Object.values(infoModal.clientSettings).slice(0, 3)"><a-tag color="green">[[ col ]]</a-tag></td>
-    </table>
+	<table style="margin-bottom: 10px;">
+        <tr v-for="col,index in Object.keys(infoModal.clientSettings).slice(0, 3)">
+            <td>[[ col ]]</td>
+            <td><a-tag color="green">[[ infoModal.clientSettings[col] ]]</a-tag></td>    
+	</table>
     <table style="margin-bottom: 10px; width: 100%;">
             <tr><th>{{ i18n "usage" }}</th><th>{{ i18n "pages.inbounds.totalFlow" }}</th><th>{{ i18n "pages.inbounds.expireDate" }}</th><th>{{ i18n "enable" }}</th></tr>    
         <tr>

web/html/xui/inbounds.html

@@ -11,10 +11,6 @@
     .ant-col-sm-24 {
         margin-top: 10px;
     }
-
-    .ant-table-row-expand-icon {
-        color: rgba(0,0,0,.65);
-    }
 </style>
 <body>
 <a-layout id="app" v-cloak>
@@ -56,6 +52,7 @@
                         <div slot="title">
                             <a-button type="primary" icon="plus" @click="openAddInbound">{{ i18n "pages.inbounds.addInbound" }}</a-button>
                             <a-button type="primary" icon="export" @click="exportAllLinks">{{ i18n "pages.inbounds.export" }}</a-button>
+							<a-button type="primary" icon="reload" @click="resetAllTraffic">{{ i18n "pages.inbounds.resetAllTraffic" }}</a-button>
                         </div>
                         <a-input v-model.lazy="searchKey" placeholder="{{ i18n "search" }}" autofocus style="max-width: 300px"></a-input>
                         <a-table :columns="columns" :row-key="dbInbound => dbInbound.id"
@@ -99,6 +96,9 @@
                                         </template>
                                         <a-menu-item key="resetTraffic">
                                             <a-icon type="retweet"></a-icon> {{ i18n "pages.inbounds.resetTraffic" }}
+                                        </a-menu-item>
+										<a-menu-item key="clone">
+                                            <a-icon type="block"></a-icon> {{ i18n "pages.inbounds.Clone"}}
                                         </a-menu-item>
                                         <a-menu-item key="delete">
                                             <span style="color: #FF4D4F">
@@ -314,11 +314,47 @@
                         break;
                     case "resetTraffic":
                         this.resetTraffic(dbInbound.id);
+                        break;
+					case "clone":
+                        this.openCloneInbound(dbInbound);
                         break;
                     case "delete":
                         this.delInbound(dbInbound.id);
                         break;
                 }
+            },
+			openCloneInbound(dbInbound) {
+                this.$confirm({
+                    title: '{{ i18n "pages.inbounds.cloneInbound"}} ' + dbInbound.remark,
+                    content: '{{ i18n "pages.inbounds.cloneInboundContent"}}',
+                    okText: '{{ i18n "pages.inbounds.cloneInboundOk"}}',
+                    cancelText: '{{ i18n "cancel" }}',
+                    onOk: () => {
+                        const baseInbound = dbInbound.toInbound();
+                        dbInbound.up = 0;
+                        dbInbound.down = 0;
+                        this.cloneInbound(baseInbound, dbInbound);
+                    },
+                });
+            },
+            async cloneInbound(baseInbound, dbInbound) {
+                const inbound = new Inbound();
+                const data = {
+                    up: dbInbound.up,
+                    down: dbInbound.down,
+                    total: dbInbound.total,
+                    remark: dbInbound.remark + " - Cloned",
+                    enable: dbInbound.enable,
+                    expiryTime: dbInbound.expiryTime,
+
+                    listen: inbound.listen,
+                    port: inbound.port,
+                    protocol: baseInbound.protocol,
+                    settings: inbound.settings.toString(),
+                    streamSettings: baseInbound.stream.toString(),
+                    sniffing: baseInbound.canSniffing() ? baseInbound.sniffing.toString() : '{}',
+                };
+                await this.submit('/xui/inbound/add', data, inModal);
             },
             openAddInbound() {
                 inModal.show({
@@ -465,6 +501,22 @@
                         this.updateInbound(inbound, dbInbound);
                     },
                 });
+            },
+			resetAllTraffic() {
+                    this.$confirm({
+                        title: '{{ i18n "pages.inbounds.resetAllTrafficTitle"}}',
+                        content: '{{ i18n "pages.inbounds.resetAllTrafficContent"}}',
+                        okText: '{{ i18n "pages.inbounds.resetAllTrafficOkText"}}',
+                        cancelText: '{{ i18n "pages.inbounds.resetAllTrafficCancelText"}}',
+                        onOk: async () => {
+                            for (const dbInbound of this.dbInbounds) {
+                                const inbound = dbInbound.toInbound();
+                                dbInbound.up = 0;
+                                dbInbound.down = 0;
+                                this.updateInbound(inbound, dbInbound);
+                            }
+                        },
+                    });
             },
             delInbound(dbInboundId) {
                 this.$confirm({

web/html/xui/index.html

@@ -84,16 +84,16 @@
                                 </template>
                                 <a-icon type="question-circle" theme="filled"></a-icon>
                             </a-tooltip>
-                            <a-tag color="green" @click="openSelectV2rayVersion">[[ status.xray.version ]]</a-tag>
-                            <a-tag color="blue" @click="stopXrayService">{{ i18n "pages.index.stopXray" }}</a-tag>
-                            <a-tag color="blue" @click="restartXrayService">{{ i18n "pages.index.restartXray" }}</a-tag>                    
-                            <a-tag color="blue" @click="openSelectV2rayVersion">{{ i18n "pages.index.xraySwitch" }}</a-tag>
+                            <a-tag color="green" style="cursor: pointer;" @click="openSelectV2rayVersion">[[ status.xray.version ]]</a-tag>
+                            <a-tag color="blue" style="cursor: pointer;" @click="stopXrayService">{{ i18n "pages.index.stopXray" }}</a-tag>
+                            <a-tag color="blue" style="cursor: pointer;" @click="restartXrayService">{{ i18n "pages.index.restartXray" }}</a-tag>                    
+                            <a-tag color="blue" style="cursor: pointer;" @click="openSelectV2rayVersion">{{ i18n "pages.index.xraySwitch" }}</a-tag>
                         </a-card>
                     </a-col>
                     <a-col :sm="24" :md="12">
                         <a-card hoverable :class="siderDrawer.isDarkTheme ? darkClass : ''">
                             {{ i18n "pages.index.operationHours" }}:
-                            <a-tag color="#87d068">[[ formatSecond(status.uptime) ]]</a-tag>
+                            <a-tag color="green">[[ formatSecond(status.uptime) ]]</a-tag>
                             <a-tooltip>
                                 <template slot="title">
                                     {{ i18n "pages.index.operationHoursDesc" }}
@@ -169,6 +169,13 @@
                                 </a-col>
                             </a-row>
                         </a-card>
+                    </a-col>
+					<a-col :sm="24" :md="12">
+                        <a-card hoverable :class="siderDrawer.isDarkTheme ? darkClass : ''">
+							 3x-ui: <a href="https://github.com/MHSanaei/3x-ui/releases" target="_blank"><a-tag color="green">v{{ .cur_ver }}</a-tag></a>
+							<a href="https://t.me/panel3xui" target="_blank"><a-tag color="green">Telegram</a-tag></a>
+							<a-tag color="blue" style="cursor: pointer;" @click="openLogs">Log Reports</a-tag>
+                        </a-card>
                     </a-col>
                 </a-row>
             </transition>
@@ -177,7 +184,7 @@
     <a-modal id="version-modal" v-model="versionModal.visible" title='{{ i18n "pages.index.xraySwitch" }}'
              :closable="true" @ok="() => versionModal.visible = false"
              :class="siderDrawer.isDarkTheme ? darkClass : ''"
-             ok-text='{{ i18n "confirm" }}' cancel-text='{{ i18n "cancel"}}'>
+             footer="">
         <h2>{{ i18n "pages.index.xraySwitchClick"}}</h2>
         <h2>{{ i18n "pages.index.xraySwitchClickDesk"}}</h2>
         <template v-for="version, index in versionModal.versions">
@@ -187,6 +194,17 @@
             </a-tag>
         </template>
     </a-modal>
+    <a-modal id="log-modal" v-model="logModal.visible" title="X-UI logs"
+             :closable="true" @ok="() => logModal.visible = false" @cancel="() => logModal.visible = false"
+             :class="siderDrawer.isDarkTheme ? darkClass : ''"
+             width="800px"
+             footer="">
+        <table style="margin: 0px; width: 100%; background-color: black; color: hsla(0,0%,100%,.65);">
+            <tr v-for="log , index in logModal.logs">
+                <td style="vertical-align: top;">[[ index ]]</td><td>[[ log ]]</td>
+            </tr>
+        </table>
+    </a-modal>
 </a-layout>
 {{template "js" .}}
 <script>
@@ -280,6 +298,18 @@
         },
     };
 
+    const logModal = {
+        visible: false,
+        logs: '',
+        show(logs) {
+            this.visible = true;
+            this.logs = logs;
+        },
+        hide() {
+            this.visible = false;
+        },
+    };
+
     const app = new Vue({
         delimiters: ['[[', ']]'],
         el: '#app',
@@ -287,6 +317,7 @@
             siderDrawer,
             status: new Status(),
             versionModal,
+            logModal,
             spinning: false,
             loadingTip: '{{ i18n "loading"}}',
         },
@@ -346,6 +377,15 @@
                     return;
                 }
             },
+            async openLogs(){
+                this.loading(true);
+                const msg = await HttpUtil.post('server/logs');
+                this.loading(false);
+                if (!msg.success) {
+                    return;
+                }
+                logModal.show(msg.obj);
+            }
         },
         async mounted() {
             while (true) {

web/html/xui/setting.html

@@ -40,7 +40,7 @@
 
                             <a-list item-layout="horizontal" :style="siderDrawer.isDarkTheme ? 'color: hsla(0,0%,100%,.65);': 'background: white;'">
                                 <setting-list-item type="text" title='{{ i18n "pages.setting.panelListeningIP"}}' desc='{{ i18n "pages.setting.panelListeningIPDesc"}}' v-model="allSetting.webListen"></setting-list-item>
-                                <setting-list-item type="text" title='{{ i18n "pages.setting.panelPort"}}' desc='{{ i18n "pages.setting.panelPortDesc"}}' v-model.number="allSetting.webPort"></setting-list-item>
+                                <setting-list-item type="number" title='{{ i18n "pages.setting.panelPort"}}' desc='{{ i18n "pages.setting.panelPortDesc"}}' v-model.number="allSetting.webPort"></setting-list-item>
                                 <setting-list-item type="text" title='{{ i18n "pages.setting.publicKeyPath"}}' desc='{{ i18n "pages.setting.publicKeyPathDesc"}}' v-model="allSetting.webCertFile"></setting-list-item>
                                 <setting-list-item type="text" title='{{ i18n "pages.setting.privateKeyPath"}}' desc='{{ i18n "pages.setting.privateKeyPathDesc"}}' v-model="allSetting.webKeyFile"></setting-list-item>
                                 <setting-list-item type="text" title='{{ i18n "pages.setting.panelUrlPath"}}' desc='{{ i18n "pages.setting.panelUrlPathDesc"}}' v-model="allSetting.webBasePath"></setting-list-item>
@@ -97,7 +97,9 @@
                             <a-list item-layout="horizontal" :style="siderDrawer.isDarkTheme ? 'color: hsla(0,0%,100%,.65);': 'background: white;'">
                                 <setting-list-item type="switch" title='{{ i18n "pages.setting.xrayConfigTorrent"}}' desc='{{ i18n "pages.setting.xrayConfigTorrentDesc"}}'  v-model="torrentSettings"></setting-list-item>
                                 <setting-list-item type="switch" title='{{ i18n "pages.setting.xrayConfigPrivateIp"}}' desc='{{ i18n "pages.setting.xrayConfigPrivateIpDesc"}}'  v-model="privateIpSettings"></setting-list-item>
-                                <a-divider>{{ i18n "pages.setting.advancedTemplate"}}</a-divider>
+                                <setting-list-item type="switch" title='{{ i18n "pages.setting.xrayConfigIRIp"}}' desc='{{ i18n "pages.setting.xrayConfigIRIpDesc"}}'  v-model="IRIpSettings"></setting-list-item>
+								<setting-list-item type="switch" title='{{ i18n "pages.setting.xrayConfigIRdomain"}}' desc='{{ i18n "pages.setting.xrayConfigIRdomainDesc"}}'  v-model="IRdomainSettings"></setting-list-item>
+								<a-divider>{{ i18n "pages.setting.advancedTemplate"}}</a-divider>
                                 <a-collapse>
                                     <a-collapse-panel header="{{ i18n "pages.setting.xrayConfigInbounds"}}">
                                         <setting-list-item type="textarea" title='{{ i18n "pages.setting.xrayConfigInbounds"}}' desc='{{ i18n "pages.setting.xrayConfigInboundsDesc"}}' v-model ="inboundSettings"></setting-list-item>
@@ -117,7 +119,7 @@
                             <a-list item-layout="horizontal" :style="siderDrawer.isDarkTheme ? 'color: hsla(0,0%,100%,.65);': 'background: white;'">
                                 <setting-list-item type="switch" title='{{ i18n "pages.setting.telegramBotEnable" }}' desc='{{ i18n "pages.setting.telegramBotEnableDesc" }}'  v-model="allSetting.tgBotEnable"></setting-list-item>
                                 <setting-list-item type="text" title='{{ i18n "pages.setting.telegramToken"}}' desc='{{ i18n "pages.setting.telegramTokenDesc"}}'  v-model="allSetting.tgBotToken"></setting-list-item>
-                                <setting-list-item type="number" title='{{ i18n "pages.setting.telegramChatId"}}' desc='{{ i18n "pages.setting.telegramChatIdDesc"}}'  v-model.number="allSetting.tgBotChatId"></setting-list-item>
+                                <setting-list-item type="text" title='{{ i18n "pages.setting.telegramChatId"}}' desc='{{ i18n "pages.setting.telegramChatIdDesc"}}'  v-model="allSetting.tgBotChatId"></setting-list-item>
                                 <setting-list-item type="text" title='{{ i18n "pages.setting.telegramNotifyTime"}}' desc='{{ i18n "pages.setting.telegramNotifyTimeDesc"}}'  v-model="allSetting.tgRunTime"></setting-list-item>
                                 <setting-list-item type="switch" title='{{ i18n "pages.setting.tgNotifyBackup" }}' desc='{{ i18n "pages.setting.tgNotifyBackupDesc" }}'  v-model="allSetting.tgBotBackup"></setting-list-item>
                                 <setting-list-item type="number" title='{{ i18n "pages.setting.tgNotifyExpireTimeDiff" }}' desc='{{ i18n "pages.setting.tgNotifyExpireTimeDiffDesc" }}'  v-model="allSetting.tgExpireDiff" :min="0"></setting-list-item>
@@ -304,6 +306,73 @@
                     this.templateSettings = newTemplateSettings
                 },
             },
+			IRIpSettings: {
+                get: function () {
+                    localIpFilter = false
+                    if(this.templateSettings != null){
+                        this.templateSettings.routing.rules.forEach(routingRule => {
+                            if(routingRule.hasOwnProperty("ip")){
+                                if (routingRule.ip[0] === "geoip:ir" && routingRule.outboundTag == "blocked"){
+                                    localIpFilter = true
+                                }
+                            }
+                        });
+                    }
+                    return localIpFilter
+                },
+                set: function (newValue) {
+                    newTemplateSettings = JSON.parse(this.allSetting.xrayTemplateConfig);
+                    if (newValue){
+                        newTemplateSettings.routing.rules.push(JSON.parse("{\"outboundTag\": \"blocked\",\"ip\": [\"geoip:ir\"],\"type\": \"field\"}"))
+                    }
+                    else {
+                        newTemplateSettings.routing.rules = [];
+                        this.templateSettings.routing.rules.forEach(routingRule => {
+                            if (routingRule.hasOwnProperty('ip')){
+                                if (routingRule.ip[0] === "geoip:ir" && routingRule.outboundTag == "blocked"){
+                                    return;
+                                }
+                            }
+                            newTemplateSettings.routing.rules.push(routingRule);
+                        });
+                    }
+                    this.templateSettings = newTemplateSettings
+                },
+            },
+			IRdomainSettings: {
+                get: function () {
+                    localdomainFilter = false
+                    if(this.templateSettings != null){
+                        this.templateSettings.routing.rules.forEach(routingRule => {
+                            if(routingRule.hasOwnProperty("domain")){
+                                if ((routingRule.domain[0] === "regexp:.+.ir$" || routingRule.domain[0] === "ext:iran.dat:ir" || routingRule.domain[0] === "ext:iran.dat:other") && routingRule.outboundTag == "blocked") {
+                                    localdomainFilter = true
+                                }
+                            }
+                        });
+                    }
+                    return localdomainFilter
+                },
+                set: function (newValue) {
+                    newTemplateSettings = JSON.parse(this.allSetting.xrayTemplateConfig);
+                    if (newValue){
+                        newTemplateSettings.routing.rules.push(JSON.parse("{\"outboundTag\": \"blocked\",\"domain\": [\"regexp:.+.ir$\", \"ext:iran.dat:ir\", \"ext:iran.dat:other\"],\"type\": \"field\"}"))
+                    }
+                    else {
+                        newTemplateSettings.routing.rules = [];
+                        this.templateSettings.routing.rules.forEach(routingRule => {
+                            if (routingRule.hasOwnProperty('domain')){
+                                if ((routingRule.domain[0] === "regexp:.+.ir$" || routingRule.domain[0] === "ext:iran.dat:ir" || routingRule.domain[0] === "ext:iran.dat:other") && routingRule.outboundTag == "blocked"){
+                                    return;
+                                }
+                            }
+                            newTemplateSettings.routing.rules.push(routingRule);
+                        });
+                    }
+                    this.templateSettings = newTemplateSettings
+                },
+            },
+			
         }
     });
 

web/job/check_clinet_ip_job.go

@@ -154,14 +154,16 @@ func GetInboundClientIps(clientEmail string) (*model.InboundClientIps, error) {
 	}
 	return InboundClientIps, nil
 }
-func addInboundClientIps(clientEmail string,ips []string) error {
+func addInboundClientIps(clientEmail string, ips []string) error {
 	inboundClientIps := &model.InboundClientIps{}
-    jsonIps, err := json.Marshal(ips)
+	jsonIps, err := json.Marshal(ips)
 	checkError(err)
 
+	// Trim any leading/trailing whitespace from clientEmail
+	clientEmail = strings.TrimSpace(clientEmail)
+
 	inboundClientIps.ClientEmail = clientEmail
 	inboundClientIps.Ips = string(jsonIps)
-	
 
 	db := database.GetDB()
 	tx := db.Begin()
@@ -247,47 +249,46 @@ func GetInboundByEmail(clientEmail string) (*model.Inbound, error) {
 	return inbounds, nil
 }
 
-func LimitDevice(){
-	
-	localIp,err := LocalIP()
-	checkError(err)
+func LimitDevice() {
+    var destIp, destPort, srcIp, srcPort string
+    
+    localIp,err := LocalIP()
+    checkError(err)
 
-	c := cmd.NewCmd("bash","-c","ss --tcp | grep -E '" + IPsToRegex(localIp) + "'| awk '{if($1==\"ESTAB\") print $4,$5;}'","| sort | uniq -c | sort -nr | head")
+    c := cmd.NewCmd("bash","-c","ss --tcp | grep -E '" + IPsToRegex(localIp) + "'| awk '{if($1==\"ESTAB\") print $4,$5;}'","| sort | uniq -c | sort -nr | head")
 
-	<-c.Start()
-	if len(c.Status().Stdout) > 0 {
-		ipRegx, _ := regexp.Compile(`[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+`)
-		portRegx, _ := regexp.Compile(`(?:(:))([0-9]..[^.][0-9]+)`)
+    <-c.Start()
+    if len(c.Status().Stdout) > 0 {
+        ipRegx, _ := regexp.Compile(`[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+`)
+        portRegx, _ := regexp.Compile(`(?:(:))([0-9]..[^.][0-9]+)`)
 
-		for _, row := range c.Status().Stdout {
-			
-			data := strings.Split(row," ")
-			
-			destIp,destPort,srcIp,srcPort := "","","",""
- 
+        for _, row := range c.Status().Stdout {
 
-			destIp = string(ipRegx.FindString(data[0]))
+            data := strings.Split(row," ")
 
-			destPort = portRegx.FindString(data[0])
-			destPort = strings.Replace(destPort,":","",-1)
-			
-			
-			srcIp = string(ipRegx.FindString(data[1]))
+            if len(data) < 2 {
+                continue // Skip this row if it doesn't have at least two elements
+            }
 
-			srcPort = portRegx.FindString(data[1])
-			srcPort = strings.Replace(srcPort,":","",-1)
+            destIp = string(ipRegx.FindString(data[0]))
+            destPort = portRegx.FindString(data[0])
+            destPort = strings.Replace(destPort,":","",-1)
 
-			if(contains(disAllowedIps,srcIp)){
-				dropCmd := cmd.NewCmd("bash","-c","ss -K dport = " + srcPort)
-				dropCmd.Start()
+            srcIp = string(ipRegx.FindString(data[1]))
+            srcPort = portRegx.FindString(data[1])
+            srcPort = strings.Replace(srcPort,":","",-1)
 
-				logger.Debug("request droped : ",srcIp,srcPort,"to",destIp,destPort)
-			} 
-		}
-	}
+            if contains(disAllowedIps,srcIp){
+                dropCmd := cmd.NewCmd("bash","-c","ss -K dport = " + srcPort)
+                dropCmd.Start()
 
+                logger.Debug("request droped : ",srcIp,srcPort,"to",destIp,destPort)
+            }
+        }
+    }
 }
 
+
 func LocalIP() ([]string, error) {
 	// get machine ips
 

web/service/inbound.go

@@ -634,3 +634,13 @@ func (s *InboundService) ClearClientIps(clientEmail string) error {
 	}
 	return nil
 }
+
+func (s *InboundService) SearchInbounds(query string) ([]*model.Inbound, error) {
+	db := database.GetDB()
+	var inbounds []*model.Inbound
+	err := db.Model(model.Inbound{}).Preload("ClientStats").Where("remark like ?", "%"+query+"%").Find(&inbounds).Error
+	if err != nil && err != gorm.ErrRecordNotFound {
+		return nil, err
+	}
+	return inbounds, nil
+}

web/service/server.go

@@ -9,7 +9,9 @@ import (
 	"io/fs"
 	"net/http"
 	"os"
+	"os/exec"
 	"runtime"
+	"strings"
 	"time"
 	"x-ui/logger"
 	"x-ui/util/sys"
@@ -200,24 +202,24 @@ func (s *ServerService) GetXrayVersions() ([]string, error) {
 
 func (s *ServerService) StopXrayService() (string error) {
 
-        err := s.xrayService.StopXray()
-                if err != nil {
-                        logger.Error("stop xray failed:", err)
-                        return err
-                }
+	err := s.xrayService.StopXray()
+	if err != nil {
+		logger.Error("stop xray failed:", err)
+		return err
+	}
 
 	return nil
 }
 
 func (s *ServerService) RestartXrayService() (string error) {
 
-        s.xrayService.StopXray()
-        defer func() {
-                err := s.xrayService.RestartXray(true)
-                if err != nil {
-                        logger.Error("start xray failed:", err)
+	s.xrayService.StopXray()
+	defer func() {
+		err := s.xrayService.RestartXray(true)
+		if err != nil {
+			logger.Error("start xray failed:", err)
 		}
-        }()
+	}()
 
 	return nil
 }
@@ -324,3 +326,26 @@ func (s *ServerService) UpdateXray(version string) error {
 	return nil
 
 }
+
+func (s *ServerService) GetLogs() ([]string, error) {
+	// Define the journalctl command and its arguments
+	var cmdArgs []string
+	if runtime.GOOS == "linux" {
+		cmdArgs = []string{"journalctl", "-u", "x-ui", "--no-pager", "-n", "100"}
+	} else {
+		return []string{"Unsupported operating system"}, nil
+	}
+
+	// Run the command
+	cmd := exec.Command(cmdArgs[0], cmdArgs[1:]...)
+	var out bytes.Buffer
+	cmd.Stdout = &out
+	err := cmd.Run()
+	if err != nil {
+		return nil, err
+	}
+
+	lines := strings.Split(out.String(), "\n")
+
+	return lines, nil
+}

web/service/tgbot.go

@@ -105,8 +105,6 @@ func (t *Tgbot) OnReceive() {
 		} else {
 			if update.Message.IsCommand() {
 				t.answerCommand(update.Message, chatId, isAdmin)
-			} else {
-				t.aswerChat(update.Message.Text, chatId, isAdmin)
 			}
 		}
 	}
@@ -128,10 +126,20 @@ func (t *Tgbot) answerCommand(message *tgbotapi.Message, chatId int64, isAdmin b
 	case "status":
 		msg = "bot is ok ✅"
 	case "usage":
-		if isAdmin {
-			t.searchClient(chatId, message.CommandArguments())
+		if len(message.CommandArguments()) > 1 {
+			if isAdmin {
+				t.searchClient(chatId, message.CommandArguments())
+			} else {
+				t.searchForClient(chatId, message.CommandArguments())
+			}
 		} else {
-			t.searchForClient(chatId, message.CommandArguments())
+			msg = "❗Please provide a text for search!"
+		}
+	case "inbound":
+		if isAdmin {
+			t.searchInbound(chatId, message.CommandArguments())
+		} else {
+			msg = "❗ Unknown command"
 		}
 	default:
 		msg = "❗ Unknown command"
@@ -139,10 +147,6 @@ func (t *Tgbot) answerCommand(message *tgbotapi.Message, chatId int64, isAdmin b
 	t.SendAnswer(chatId, msg, isAdmin)
 }
 
-func (t *Tgbot) aswerChat(message string, chatId int64, isAdmin bool) {
-	t.SendAnswer(chatId, "❗ Unknown message", isAdmin)
-}
-
 func (t *Tgbot) asnwerCallback(callbackQuery *tgbotapi.CallbackQuery, isAdmin bool) {
 	// Respond to the callback query, telling Telegram to show the user
 	// a message with the data received.
@@ -165,7 +169,7 @@ func (t *Tgbot) asnwerCallback(callbackQuery *tgbotapi.CallbackQuery, isAdmin bo
 	case "client_commands":
 		t.SendMsgToTgbot(callbackQuery.From.ID, "To search for statistics, just use folowing command:\r\n \r\n<code>/usage [UID|Passowrd]</code>\r\n \r\nUse UID for vmess and vless and Password for Trojan.")
 	case "commands":
-		t.SendMsgToTgbot(callbackQuery.From.ID, "To search for a client email, just use folowing command:\r\n \r\n<code>/usage email</code>")
+		t.SendMsgToTgbot(callbackQuery.From.ID, "Search for a client email:\r\n<code>/usage email</code>\r\n \r\nSearch for inbounds (with client stats):\r\n<code>/inbound [remark]</code>")
 	}
 }
 
@@ -272,6 +276,7 @@ func (t *Tgbot) getServerUsage() string {
 		name = ""
 	}
 	info = fmt.Sprintf("💻 Hostname: %s\r\n", name)
+	info += fmt.Sprintf("🚀X-UI Version: %s\r\n", config.GetVersion())
 	//get ip address
 	var ip string
 	var ipv6 string
@@ -423,6 +428,45 @@ func (t *Tgbot) searchClient(chatId int64, email string) {
 	}
 }
 
+func (t *Tgbot) searchInbound(chatId int64, remark string) {
+	inbouds, err := t.inboundService.SearchInbounds(remark)
+	if err != nil {
+		logger.Warning(err)
+		msg := "❌ Something went wrong!"
+		t.SendMsgToTgbot(chatId, msg)
+		return
+	}
+	for _, inbound := range inbouds {
+		info := ""
+		info += fmt.Sprintf("📍Inbound:%s\r\nPort:%d\r\n", inbound.Remark, inbound.Port)
+		info += fmt.Sprintf("Traffic: %s (↑%s,↓%s)\r\n", common.FormatTraffic((inbound.Up + inbound.Down)), common.FormatTraffic(inbound.Up), common.FormatTraffic(inbound.Down))
+		if inbound.ExpiryTime == 0 {
+			info += "Expire date: ♾ Unlimited\r\n \r\n"
+		} else {
+			info += fmt.Sprintf("Expire date:%s\r\n \r\n", time.Unix((inbound.ExpiryTime/1000), 0).Format("2006-01-02 15:04:05"))
+		}
+		t.SendMsgToTgbot(chatId, info)
+		for _, traffic := range inbound.ClientStats {
+			expiryTime := ""
+			if traffic.ExpiryTime == 0 {
+				expiryTime = "♾Unlimited"
+			} else {
+				expiryTime = time.Unix((traffic.ExpiryTime / 1000), 0).Format("2006-01-02 15:04:05")
+			}
+			total := ""
+			if traffic.Total == 0 {
+				total = "♾Unlimited"
+			} else {
+				total = common.FormatTraffic((traffic.Total))
+			}
+			output := fmt.Sprintf("💡 Active: %t\r\n📧 Email: %s\r\n🔼 Upload↑: %s\r\n🔽 Download↓: %s\r\n🔄 Total: %s / %s\r\n📅 Expire in: %s\r\n",
+				traffic.Enable, traffic.Email, common.FormatTraffic(traffic.Up), common.FormatTraffic(traffic.Down), common.FormatTraffic((traffic.Up + traffic.Down)),
+				total, expiryTime)
+			t.SendMsgToTgbot(chatId, output)
+		}
+	}
+}
+
 func (t *Tgbot) searchForClient(chatId int64, query string) {
 	traffic, err := t.inboundService.SearchClientTraffic(query)
 	if err != nil {
@@ -469,7 +513,7 @@ func (t *Tgbot) getExhausted() string {
 	}
 	ExpireThreshold, err := t.settingService.GetTgExpireDiff()
 	if err == nil && ExpireThreshold > 0 {
-		exDiff = int64(ExpireThreshold) * 84600
+		exDiff = int64(ExpireThreshold) * 84600000
 	}
 	inbounds, err := t.inboundService.GetAllInbounds()
 	if err != nil {
@@ -477,14 +521,14 @@ func (t *Tgbot) getExhausted() string {
 	}
 	for _, inbound := range inbounds {
 		if inbound.Enable {
-			if (inbound.ExpiryTime > 0 && (now-inbound.ExpiryTime < exDiff)) ||
+			if (inbound.ExpiryTime > 0 && (inbound.ExpiryTime-now < exDiff)) ||
 				(inbound.Total > 0 && (inbound.Total-inbound.Up+inbound.Down < trDiff)) {
 				exhaustedInbounds = append(exhaustedInbounds, *inbound)
 			}
 			if len(inbound.ClientStats) > 0 {
 				for _, client := range inbound.ClientStats {
 					if client.Enable {
-						if (client.ExpiryTime > 0 && (now-client.ExpiryTime < exDiff)) ||
+						if (client.ExpiryTime > 0 && (client.ExpiryTime-now < exDiff)) ||
 							(client.Total > 0 && (client.Total-client.Up+client.Down < trDiff)) {
 							exhaustedClients = append(exhaustedClients, client)
 						}
@@ -498,7 +542,7 @@ func (t *Tgbot) getExhausted() string {
 		}
 	}
 	output += fmt.Sprintf("Exhausted Inbounds count:\r\n🛑 Disabled: %d\r\n🔜 Exhaust soon: %d\r\n \r\n", len(disabledInbounds), len(exhaustedInbounds))
-	if len(disabledInbounds)+len(exhaustedInbounds) > 0 {
+	if len(exhaustedInbounds) > 0 {
 		output += "Exhausted Inbounds:\r\n"
 		for _, inbound := range exhaustedInbounds {
 			output += fmt.Sprintf("📍Inbound:%s\r\nPort:%d\r\nTraffic: %s (↑%s,↓%s)\r\n", inbound.Remark, inbound.Port, common.FormatTraffic((inbound.Up + inbound.Down)), common.FormatTraffic(inbound.Up), common.FormatTraffic(inbound.Down))
@@ -510,7 +554,7 @@ func (t *Tgbot) getExhausted() string {
 		}
 	}
 	output += fmt.Sprintf("Exhausted Clients count:\r\n🛑 Disabled: %d\r\n🔜 Exhaust soon: %d\r\n \r\n", len(disabledClients), len(exhaustedClients))
-	if len(disabledClients)+len(exhaustedClients) > 0 {
+	if len(exhaustedClients) > 0 {
 		output += "Exhausted Clients:\r\n"
 		for _, traffic := range exhaustedClients {
 			expiryTime := ""
@@ -525,7 +569,7 @@ func (t *Tgbot) getExhausted() string {
 			} else {
 				total = common.FormatTraffic((traffic.Total))
 			}
-			output += fmt.Sprintf("💡 Active: %t\r\n📧 Email: %s\r\n🔼 Upload↑: %s\r\n🔽 Download↓: %s\r\n🔄 Total: %s / %s\r\n📅 Expire in: %s\r\n",
+			output += fmt.Sprintf("💡 Active: %t\r\n📧 Email: %s\r\n🔼 Upload↑: %s\r\n🔽 Download↓: %s\r\n🔄 Total: %s / %s\r\n📅 Expire date: %s\r\n \r\n",
 				traffic.Enable, traffic.Email, common.FormatTraffic(traffic.Up), common.FormatTraffic(traffic.Down), common.FormatTraffic((traffic.Up + traffic.Down)),
 				total, expiryTime)
 		}
@@ -543,4 +587,10 @@ func (t *Tgbot) sendBackup(chatId int64) {
 	if err != nil {
 		logger.Warning("Error in uploading backup: ", err)
 	}
+	file = tgbotapi.FilePath(xray.GetConfigPath())
+	msg = tgbotapi.NewDocument(chatId, file)
+	_, err = bot.Send(msg)
+	if err != nil {
+		logger.Warning("Error in uploading config.json: ", err)
+	}
 }

web/translation/translate.en_US.toml

@@ -129,6 +129,22 @@
 "clickOnQRcode" = "Click on QR Code to Copy"
 "client" = "Client"
 "export" = "Export links"
+"Clone" = "Clone"
+"cloneInbound" = "Create"
+"cloneInboundContent" = "All items of this inbound except Port, Listening IP, Clients will be applied to the clone"
+"cloneInboundOk" = "Creating a clone from"
+"resetAllTraffic" = "Reset All Inbounds Traffic"
+"resetAllTrafficTitle" = "Reset all inbounds traffic"
+"resetAllTrafficContent" = "Are you sure to reset all inbounds traffic ?"
+"resetAllTrafficOkText" = "Confirm"
+"resetAllTrafficCancelText" = "Cancel"
+"IPLimit" = "IP Limit"
+"IPLimitDesc" = "disable inbound if more than entered count (0 for disable limit ip)"
+"Email" = "Email"
+"EmailDesc" = "The Email Must Be Completely Unique"
+"IPLimitlog" = "IP Log"
+"IPLimitlogDesc" = "IPs history Log (before enabling inbound after it has been disabled by IP limit, you should clear the log)"
+"IPLimitlogclear" = "Clear The Log"
 
 [pages.client]
 "add" = "Add client"
@@ -170,7 +186,7 @@
 "restartPanelDesc" = "Are you sure you want to restart the panel? Click OK to restart after 3 seconds. If you cannot access the panel after restarting, please go to the server to view the panel log information"
 "panelConfig" = "Panel Configuration"
 "userSetting" = "User Setting"
-"xrayConfiguration" = "xray Configuration"
+"xrayConfiguration" = "Xray Configuration"
 "TGReminder" = "TG Reminder Related Settings"
 "otherSetting" = "Other Setting"
 "panelListeningIP" = "Panel listening IP"
@@ -179,7 +195,7 @@
 "panelPortDesc" = "Restart the panel to take effect"
 "publicKeyPath" = "Panel certificate public key file path"
 "publicKeyPathDesc" = "Fill in an absolute path starting with '/', restart the panel to take effect"
-"privateKeyPath" = "Panel certificate key file path"
+"privateKeyPath" = "Panel certificate private key file path"
 "privateKeyPathDesc" = "Fill in an absolute path starting with '/', restart the panel to take effect"
 "panelUrlPath" = "panel url root path"
 "panelUrlPathDesc" = "Must start with '/' and end with '/', restart the panel to take effect"
@@ -193,8 +209,12 @@
 "xrayConfigTemplateDesc" = "Generate the final xray configuration file based on this template, restart the panel to take effect."
 "xrayConfigTorrent" = "Ban bittorrent usage"
 "xrayConfigTorrentDesc" = "Change the configuration temlate to avoid using bittorrent by users, restart the panel to take effect"
-"xrayConfigPrivateIp" = "Ban private ip range to connect"
+"xrayConfigPrivateIp" = "Ban private IP ranges to connect"
 "xrayConfigPrivateIpDesc" = "Change the configuration temlate to avoid connecting with private IP ranges, restart the panel to take effect"
+"xrayConfigIRIp" = "Ban Iran IP ranges to connect"
+"xrayConfigIRIpDesc" = "Change the configuration temlate to avoid connecting with Iran IP ranges, restart the panel to take effect"
+"xrayConfigIRdomain" = "Ban IR domains to connect"
+"xrayConfigIRdomainDesc" = "Change the configuration temlate to avoid connecting with IR domains, restart the panel to take effect"
 "xrayConfigInbounds" = "Configuration of Inbounds"
 "xrayConfigInboundsDesc" = "Change the configuration temlate to accept special clients, restart the panel to take effect"
 "xrayConfigOutbounds" = "Configuration of Outbounds"

web/translation/translate.fa_IR.toml

@@ -38,7 +38,7 @@
 "domainName" = "آدرس دامنه"
 "additional" = "آی دی جایگزین"
 "monitor" = "آی پی اتصال"
-"certificate" = "سرتیفیکیت"
+"certificate" = "گواهی دیجیتال"
 "fail" = "خطا"
 "success" = " موفق"
 "getVersion" = "دریافت ورژن"
@@ -74,8 +74,8 @@
 "xraySwitch" = "تغییر ورژن"
 "xraySwitchClick" = "ورژن مورد نظر را انتخاب کنید"
 "xraySwitchClickDesk" = "لطفا با دقت انتخاب کنید ، در صورت انتخاب اشتباه امکان قطعی سیستم وجود دارد ."
-"operationHours" = "ساعت فعال"
-"operationHoursDesc" = "ساعت فعال بعد از شروع سیستم"
+"operationHours" = "مدت فعالیت"
+"operationHoursDesc" = "مدت فعالیت سیستم بعد از روشن شدن"
 "systemLoad" = "بار روی سیستم"
 "connectionCount" = "تعداد کانکشن ها"
 "connectionCountDesc" = "تعداد کانکشن ها برای کل شبکه"
@@ -83,7 +83,7 @@
 "downSpeed" = "سرعت دانلود در حال حاضر سیستم"
 "totalSent" = "جمع کل ترافیک آپلود مصرفی"
 "totalReceive" = "جمع کل ترافیک دانلود مصرفی"
-"xraySwitchVersionDialog" = "تغییر ورژن Xray"
+"xraySwitchVersionDialog" = "تغییر ورژن"
 "xraySwitchVersionDialogDesc" = "آیا از تغییر ورژن مطمئن هستین"
 "dontRefreshh" = "در حال نصب ، لطفا رفرش نکنید "
 
@@ -122,13 +122,29 @@
 "noRecommendKeepDefault" = "توصیه می شود به عنوان پیش فرض حفظ شود"
 "certificatePath" = "مسیر فایل گواهی"
 "certificateContent" = "محتوای فایل گواهی"
-"publicKeyPath" = "مسیر فایل Certificate.crt"
-"publicKeyContent" = "محتوای Certificate.crt"
-"keyPath" = "مسیر فایل Private.key"
-"keyContent" = "محتوای Private.key"
+"publicKeyPath" = "مسیر کلید عمومی"
+"publicKeyContent" = "محتوای کلید عمومی"
+"keyPath" = "مسیر کلید خصوصی"
+"keyContent" = "محتوای کلید خصوصی"
 "clickOnQRcode" = "برای کپی بر روی کد تصویری کلیک کنید"
 "client" = "کاربر"
-"export" = "استخراج لینک‌ها"
+"export" = "استخراج لینکها"
+"Clone" = "شبیه سازی"
+"cloneInbound" = "ایجاد"
+"cloneInboundContent" = "همه موارد این ورودی بجز پورت ، ای پی و کلاینت ها شبیه سازی خواهند شد"
+"cloneInboundOk" = "ساختن شبیه ساز"
+"resetAllTraffic" = "ریست ترافیک کل ورودی ها"
+"resetAllTrafficTitle" = "ریست ترافیک کل ورودی ها"
+"resetAllTrafficContent" = "آیا مطمئن هستید که تمام ترافیک ورودی ها را ریست می کنید؟"
+"resetAllTrafficOkText" = "بله"
+"resetAllTrafficCancelText" = "انصراف"
+"IPLimit" = "محدودیت ای پی"
+"IPLimitDesc" = "غیرفعال کردن ورودی در صورت بیش از تعداد وارد شده (0 برای غیرفعال کردن محدودیت ای پی )"
+"Email" = "ایمیل"
+"EmailDesc" = "ایمیل باید کاملا منحصر به فرد باشد"
+"IPLimitlog" = "گزارش ها"
+"IPLimitlogDesc" = "گزارش سابقه ای پی (قبل از فعال کردن ورودی پس از غیرفعال شدن توسط محدودیت ای پی، باید گزارش را پاک کنید)"
+"IPLimitlogclear" = "پاک کردن گزارش ها"
 
 [pages.client]
 "add" = "کاربر جدید"
@@ -177,9 +193,9 @@
 "panelListeningIPDesc" = "برای استفاده از تمام IP ها به طور پیش فرض خالی بگذارید. پنل را مجدداً راه اندازی کنید تا اعمال شود"
 "panelPort" = "پورت پنل"
 "panelPortDesc" = "پنل را مجدداً راه اندازی کنید تا اعمال شود"
-"publicKeyPath" = "مسیر فایل پنل Certificate.crt"
+"publicKeyPath" = "مسیر فایل گواهی کلید عمومی پنل"
 "publicKeyPathDesc" = "باید یک مسیر مطلق باشد که با / شروع می شود . پنل را مجدداً راه اندازی کنید تا اعمال شود"
-"privateKeyPath" = "مسیر فایل پنل private.key"
+"privateKeyPath" = "مسیر فایل گواهی کلید خصوصی پنل"
 "privateKeyPathDesc" = "باید یک مسیر مطلق باشد که با / شروع می شود . پنل را مجدداً راه اندازی کنید تا اعمال شود"
 "panelUrlPath" = "آدرس روت پنل"
 "panelUrlPathDesc" = "باید با '/' شروع شود و با '/' تمام شود. پنل را مجدداً راه اندازی کنید تا اعمال شود"
@@ -195,6 +211,10 @@
 "xrayConfigTorrentDesc" = "الگوی تنظیمات را برای فیلتر کردن پروتکل بیت تورنت برای کاربران تغییر میدهد.  پنل را مجدداً راه اندازی کنید تا اعمال شود"
 "xrayConfigPrivateIp" = "جلوگیری از اتصال آی پی های نامعتبر"
 "xrayConfigPrivateIpDesc" = "الگوی تنظیمات را برای فیلتر کردن اتصال آی پی های نامعتبر و بسته های سرگردان تغییر میدهد.  پنل را مجدداً راه اندازی کنید تا اعمال شود"
+"xrayConfigIRIp" = "جلوگیری از اتصال آی پی های ایران"
+"xrayConfigIRIpDesc" = "الگوی تنظیمات را برای فیلتر کردن اتصال آی پی های ایران تغییر میدهد.  پنل را مجدداً راه اندازی کنید تا اعمال شود"
+"xrayConfigIRdomain" = "جلوگیری از اتصال دامنه های ایران"
+"xrayConfigIRdomainDesc" = "الگوی تنظیمات را برای فیلتر کردن اتصال دامنه های ایران تغییر میدهد.  پنل را مجدداً راه اندازی کنید تا اعمال شود"
 "xrayConfigInbounds" = "تنظیمات ورودی"
 "xrayConfigInboundsDesc" = "میتوانید الگوی تنظیمات را برای ورودی های خاص تنظیم نمایید.  پنل را مجدداً راه اندازی کنید تا اعمال شود"
 "xrayConfigOutbounds" = "تنظیمات خروجی"

web/translation/translate.zh_Hans.toml

@@ -129,6 +129,22 @@
 "clickOnQRcode" = "点击二维码复制"
 "client" = "客户"
 "export" = "导出链接"
+"Clone" = "克隆"
+"cloneInbound" = "创造"
+"cloneInboundContent" = "此入站的所有项目除 Port、Listening IP、Clients 将应用于克隆"
+"cloneInboundOk" = "从创建克隆"
+"resetAllTraffic" = "重置所有入站流量"
+"resetAllTrafficTitle" = "重置所有入站流量"
+"resetAllTrafficContent" = "您确定要重置所有入站流量吗？"
+"resetAllTrafficOkText" = "确认"
+"resetAllTrafficCancelText" = "取消"
+"IPLimit" = "IP限制"
+"IPLimitDesc" = "如果超过输入的计数则禁用入站（0 表示禁用限制 ip）"
+"Email" = "电子邮件"
+"EmailDesc" = "电子邮件必须完全唯"
+"IPLimitlog" = "IP日志"
+"IPLimitlogDesc" = "IP 历史日志 （通过IP限制禁用inbound之前，需要清空日志）"
+"IPLimitlogclear" = "清除日志"
 
 [pages.client]
 "add" = "添加客户端"
@@ -195,6 +211,10 @@
 "xrayConfigTorrentDesc" = "更改配置模板避免用户使用bittorrent，重启面板生效"
 "xrayConfigPrivateIp" = "禁止私人 ip 范围连接"
 "xrayConfigPrivateIpDesc" = "更改配置模板以避免连接私有 IP 范围，重启面板生效"
+"xrayConfigIRIp" = "禁止伊朗 IP 范围连接"
+"xrayConfigIRIpDesc" = "修改配置模板避免连接伊朗IP范围，重启面板生效"
+"xrayConfigIRdomain" = "禁止伊朗域连接"
+"xrayConfigIRdomainDesc" = "修改配置模板避免连接伊朗域名，重启面板生效"
 "xrayConfigInbounds" = "入站配置"
 "xrayConfigInboundsDesc" = "更改配置模板接受特殊客户端，重启面板生效"
 "xrayConfigOutbounds" = "出站配置"

web/web.go

@@ -156,6 +156,9 @@ func (s *Server) initRouter() (*gin.Engine, error) {
 	}
 
 	engine := gin.Default()
+	
+	// Add favicon
+	engine.StaticFile("/favicon.ico", "web/assets/favicon.ico")
 
 	secret, err := s.settingService.GetSecret()
 	if err != nil {

x-ui.sh

@@ -454,6 +454,64 @@ ssl_cert_issue() {
     fi
 }
 
+open_ports() {
+
+  # Check if the firewall is inactive
+  if sudo ufw status | grep -q "Status: active"; then
+    echo "firewall is already active"
+  else
+    # Open the necessary ports
+    sudo ufw allow ssh
+    sudo ufw allow http
+    sudo ufw allow https
+    sudo ufw allow 2053/tcp
+
+    # Enable the firewall
+    sudo ufw --force enable
+  fi
+
+  # Prompt the user to enter a list of ports
+  read -p "Enter the ports you want to open (e.g. 80,443,2053 or range 400-500): " ports
+
+  # Check if the input is valid
+  if ! [[ $ports =~ ^([0-9]+|[0-9]+-[0-9]+)(,([0-9]+|[0-9]+-[0-9]+))*$ ]]; then
+     echo "Error: Invalid input. Please enter a comma-separated list of ports or a range of ports (e.g. 80,443,2053 or 400-500)." >&2; exit 1
+  fi
+
+  # Open the specified ports using ufw
+  IFS=',' read -ra PORT_LIST <<< "$ports"
+  for port in "${PORT_LIST[@]}"; do
+    if [[ $port == *-* ]]; then
+      # Split the range into start and end ports
+      start_port=$(echo $port | cut -d'-' -f1)
+      end_port=$(echo $port | cut -d'-' -f2)
+      # Loop through the range and open each port
+      for ((i=start_port; i<=end_port; i++)); do
+        sudo ufw allow $i
+      done
+    else
+      sudo ufw allow "$port"
+    fi
+  done
+
+  # Confirm that the ports are open
+  sudo ufw status | grep $ports
+}
+
+
+
+update_geo(){
+    systemctl stop x-ui
+    cd /usr/local/x-ui/bin
+    rm -f geoip.dat geosite.dat iran.dat
+    wget -N https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geoip.dat
+    wget -N https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geosite.dat
+    wget -N https://github.com/bootmortis/iran-hosted-domains/releases/latest/download/iran.dat
+    systemctl start x-ui
+    echo -e "${green}Geosite and Geoip have been updated successfully!${plain}"
+before_show_menu
+}
+
 install_acme() {
     cd ~
     LOGI "install acme..."
@@ -490,14 +548,7 @@ ssl_cert_issue_standalone() {
     else
         LOGI "install socat succeed..."
     fi
-    #creat a directory for install cert
-    certPath=/root/cert
-    if [ ! -d "$certPath" ]; then
-        mkdir $certPath
-    else
-        rm -rf $certPath
-        mkdir $certPath
-    fi
+
     #get the domain here,and we need verify it
     local domain=""
     read -p "please input your domain:" domain
@@ -512,6 +563,16 @@ ssl_cert_issue_standalone() {
     else
         LOGI "your domain is ready for issuing cert now..."
     fi
+	
+	#create a directory for install cert
+	certPath="/root/cert/${domain}"
+	if [ ! -d "$certPath" ]; then
+		mkdir -p "$certPath"
+	else
+		rm -rf "$certPath"
+		mkdir -p "$certPath"
+	fi
+	
     #get needed port here
     local WebPort=80
     read -p "please choose which port do you use,default will be 80 port:" WebPort
@@ -531,9 +592,9 @@ ssl_cert_issue_standalone() {
         LOGE "issue certs succeed,installing certs..."
     fi
     #install cert
-    ~/.acme.sh/acme.sh --installcert -d ${domain} --ca-file /root/cert/ca.cer \
-        --cert-file /root/cert/${domain}.cer --key-file /root/cert/${domain}.key \
-        --fullchain-file /root/cert/fullchain.cer
+    ~/.acme.sh/acme.sh --installcert -d ${domain} \
+        --key-file /root/cert/${domain}/privkey.pem \
+        --fullchain-file /root/cert/${domain}/fullchain.pem
 
     if [ $? -ne 0 ]; then
         LOGE "install certs failed,exit"
@@ -542,17 +603,18 @@ ssl_cert_issue_standalone() {
     else
         LOGI "install certs succeed,enable auto renew..."
     fi
-    ~/.acme.sh/acme.sh --upgrade --auto-upgrade
-    if [ $? -ne 0 ]; then
-        LOGE "auto renew failed,certs details:"
-        ls -lah cert
-        chmod 755 $certPath
-        exit 1
-    else
-        LOGI "auto renew succeed,certs details:"
-        ls -lah cert
-        chmod 755 $certPath
-    fi
+	
+	~/.acme.sh/acme.sh --upgrade --auto-upgrade
+	if [ $? -ne 0 ]; then
+		LOGE "auto renew failed, certs details:"
+		ls -lah cert/*
+		chmod 755 $certPath/*
+		exit 1
+	else
+		LOGI "auto renew succeed, certs details:"
+		ls -lah cert/*
+		chmod 755 $certPath/*
+	fi
 
 }
 
@@ -573,13 +635,7 @@ ssl_cert_issue_by_cloudflare() {
         CF_Domain=""
         CF_GlobalKey=""
         CF_AccountEmail=""
-        certPath=/root/cert
-        if [ ! -d "$certPath" ]; then
-            mkdir $certPath
-        else
-            rm -rf $certPath
-            mkdir $certPath
-        fi
+        
         LOGD "please input your domain:"
         read -p "Input your domain here:" CF_Domain
         LOGD "your domain is:${CF_Domain},check it..."
@@ -593,6 +649,16 @@ ssl_cert_issue_by_cloudflare() {
         else
             LOGI "your domain is ready for issuing cert now..."
         fi
+		
+		#create a directory for install cert
+		certPath="/root/cert/${CF_Domain}"
+		if [ ! -d "$certPath" ]; then
+			mkdir -p "$certPath"
+		else
+			rm -rf "$certPath"
+			mkdir -p "$certPath"
+		fi
+	
         LOGD "please inout your cloudflare global API key:"
         read -p "Input your key here:" CF_GlobalKey
         LOGD "your cloudflare global API key is:${CF_GlobalKey}"
@@ -611,34 +677,54 @@ ssl_cert_issue_by_cloudflare() {
             LOGE "issue cert failed,exit"
             rm -rf ~/.acme.sh/${CF_Domain}
             exit 1
-        else
-            LOGI "Certificate issued Successfully, Installing..."
-        fi
-        ~/.acme.sh/acme.sh --installcert -d ${CF_Domain} -d *.${CF_Domain} --ca-file /root/cert/ca.cer \
-            --cert-file /root/cert/${CF_Domain}.cer --key-file /root/cert/${CF_Domain}.key \
-            --fullchain-file /root/cert/fullchain.cer
-        if [ $? -ne 0 ]; then
-            LOGE "install cert failed,exit"
-            rm -rf ~/.acme.sh/${CF_Domain}
-            exit 1
-        else
-            LOGI "Certificate installed Successfully,Turning on automatic updates..."
-        fi
-        ~/.acme.sh/acme.sh --upgrade --auto-upgrade
-        if [ $? -ne 0 ]; then
-            LOGE "Auto update setup Failed, script exiting..."
-            ls -lah cert
-            chmod 755 $certPath
-            exit 1
-        else
-            LOGI "The certificate is installed and auto-renewal is turned on, Specific information is as follows"
-            ls -lah cert
-            chmod 755 $certPath
-        fi
+		else
+			LOGI "Certificate issued Successfully, Installing..."
+		fi
+		~/.acme.sh/acme.sh --installcert -d ${CF_Domain} -d *.${CF_Domain} \
+			--key-file /root/cert/${CF_Domain}/privkey.pem \
+			--fullchain-file /root/cert/${CF_Domain}/fullchain.pem
+
+		if [ $? -ne 0 ]; then
+			LOGE "install cert failed,exit"
+			rm -rf ~/.acme.sh/${CF_Domain}
+			exit 1
+		else
+			LOGI "Certificate installed Successfully,Turning on automatic updates..."
+		fi
+		~/.acme.sh/acme.sh --upgrade --auto-upgrade
+		if [ $? -ne 0 ]; then
+			LOGE "auto renew failed, certs details:"
+			ls -lah cert/*
+			chmod 755 $certPath/*
+			exit 1
+		else
+			LOGI "auto renew succeed, certs details:"
+			ls -lah cert/*
+			chmod 755 $certPath/*
+		fi
     else
         show_menu
     fi
 }
+google_recaptcha() {
+  curl -O https://raw.githubusercontent.com/jinwyp/one_click_script/master/install_kernel.sh && chmod +x ./install_kernel.sh && ./install_kernel.sh
+  echo ""
+  before_show_menu
+}
+
+run_speedtest() {
+    # Check if Speedtest is already installed
+    if ! command -v speedtest &> /dev/null; then
+        # If not installed, install it
+        sudo apt-get update && sudo apt-get install -y curl
+        curl -s https://install.speedtest.net/app/cli/install.deb.sh | sudo bash
+        sudo apt-get install -y speedtest
+    fi
+
+    # Run Speedtest
+    speedtest
+}
+
 
 show_usage() {
     echo "x-ui control menu usages: "
@@ -681,10 +767,14 @@ show_menu() {
   ${green}14.${plain} Disabel x-ui On System Startup
 ————————————————
   ${green}15.${plain} Enable BBR 
-  ${green}16.${plain} Issuse Certs
+  ${green}16.${plain} Apply for an SSL Certificate
+  ${green}17.${plain} Update Geo Files
+  ${green}18.${plain} Active Firewall and open ports
+  ${green}19.${plain} Fixing Google reCAPTCHA
+  ${green}20.${plain} Speedtest by Ookla
  "
     show_status
-    echo && read -p "Please enter your selection [0-16]: " num
+    echo && read -p "Please enter your selection [0-20]: " num
 
     case "${num}" in
     0)
@@ -738,8 +828,20 @@ show_menu() {
     16)
         ssl_cert_issue
         ;;
+    17)
+        update_geo
+        ;;
+    18)
+        open_ports
+        ;;
+    19)
+        google_recaptcha
+        ;;
+	20)
+        run_speedtest
+        ;;
     *)
-        LOGE "Please enter the correct number [0-16]"
+        LOGE "Please enter the correct number [0-20]"
         ;;
     esac
 }