v2.4.2

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.66.2 to 1.67.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.66.2...v1.67.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/workflows/release.yml

@@ -83,7 +83,7 @@ jobs:
           cd x-ui/bin
           
           # Download dependencies
-          Xray_URL="https://github.com/XTLS/Xray-core/releases/download/v1.8.24/"
+          Xray_URL="https://github.com/XTLS/Xray-core/releases/download/v24.9.19/"
           if [ "${{ matrix.platform }}" == "amd64" ]; then
             wget ${Xray_URL}Xray-linux-64.zip
             unzip Xray-linux-64.zip

DockerInit.sh

@@ -27,7 +27,7 @@ case $1 in
 esac
 mkdir -p build/bin
 cd build/bin
-wget "https://github.com/XTLS/Xray-core/releases/download/v1.8.24/Xray-linux-${ARCH}.zip"
+wget "https://github.com/XTLS/Xray-core/releases/download/v24.9.19/Xray-linux-${ARCH}.zip"
 unzip "Xray-linux-${ARCH}.zip"
 rm -f "Xray-linux-${ARCH}.zip" geoip.dat geosite.dat
 mv xray "xray-linux-${FNAME}"

README.es_ES.md

@@ -32,10 +32,10 @@ bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.
 
 ## Instalar una Versión Personalizada
 
-Para instalar la versión deseada, agrega la versión al final del comando de instalación. Por ejemplo, ver `v2.3.14`:
+Para instalar la versión deseada, agrega la versión al final del comando de instalación. Por ejemplo, ver `v2.4.2`:
 
 ```
-bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh) v2.3.14
+bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh) v2.4.2
 ```
 
 ## Certificado SSL
@@ -225,6 +225,7 @@ location /sub {
 - AlmaLinux 9+
 - Rockylinux 9+
 - OpenSUSE Tubleweed
+- Amazon Linux 2023
 
 ## Arquitecturas y Dispositivos Compatibles
 
@@ -276,88 +277,100 @@ Nuestra plataforma ofrece compatibilidad con una amplia gama de arquitecturas y
 - Soporta exportar/importar base de datos desde el panel
 
 
-## Configuraciones por Defecto
+## Configuración Predeterminada del Panel
 
 <details>
-  <summary>Haz clic para detalles de las configuraciones por defecto</summary>
+  <summary>Haz clic para ver los detalles de la configuración predeterminada</summary>
 
-  ### Información
+### Nombre de Usuario & Contraseña & Ruta Base Web:
+
+  Estos se generarán aleatoriamente si no los modificas.
+
+  - **Puerto:** el puerto predeterminado para el panel es `2053`
+
+### Gestión de la Base de Datos:
+
+  Puedes realizar copias de seguridad y restauraciones de la base de datos directamente desde el panel.
 
-- **Puerto:** 2053
-- **Usuario y Contraseña:** Se generarán aleatoriamente si omites la modificación.
 - **Ruta de la Base de Datos:**
-  - /etc/x-ui/x-ui.db
-- **Ruta de Configuración de Xray:**
-  - /usr/local/x-ui/bin/config.json
-- **Ruta del Panel Web sin Implementar SSL:**
-  - http://ip:2053/panel
-  - http://domain:2053/panel
-- **Ruta del Panel Web con Implementación de SSL:**
-  - https://domain:2053/panel
+  - `/etc/x-ui/x-ui.db`
+
+### Ruta Base Web
+
+1. **Restablecer la Ruta Base Web:**
+   - Abre tu terminal.
+   - Ejecuta el comando `x-ui`.
+   - Selecciona la opción `Restablecer la Ruta Base Web`.
+
+2. **Generar o Personalizar la Ruta:**
+   - La ruta se generará aleatoriamente, o puedes ingresar una ruta personalizada.
+
+3. **Ver Configuración Actual:**
+   - Para ver tu configuración actual, utiliza el comando `x-ui settings` en el terminal o selecciona `Ver Configuración Actual` en `x-ui`.
+
+### Recomendación de Seguridad:
+- Para mayor seguridad, utiliza una palabra larga y aleatoria en la estructura de tu URL.
+
+**Ejemplos:**
+- `http://ip:port/*webbasepath*/panel`
+- `http://domain:port/*webbasepath*/panel`
 
 </details>
 
-## Configuración WARP
+## Configuración de WARP
 
 <details>
-  <summary>Haz clic para detalles de la configuración WARP</summary>
+  <summary>Haz clic para ver los detalles de la configuración de WARP</summary>
 
 #### Uso
 
-Si deseas usar enrutamiento a WARP antes de la versión v2.1.0, sigue los pasos a continuación:
+**Para versiones `v2.1.0` y posteriores:**
 
-**1.** Instala WARP en **Modo de Proxy SOCKS**:
-
-   ```sh
-   bash <(curl -sSL https://raw.githubusercontent.com/hamid-gh98/x-ui-scripts/main/install_warp_proxy.sh)
-   ```
-
-**2.** Si ya instalaste warp, puedes desinstalarlo usando el siguiente comando:
-
-   ```sh
-   warp u
-   ```
-
-**3.** Activa la configuración que necesites en el panel
-
-   Características de Configuración:
-
-   - Bloquear Anuncios
-   - Enrutar Google + Netflix + Spotify + OpenAI (ChatGPT) a WARP
-   - Corregir error 403 de Google
+WARP está integrado, no se requiere instalación adicional. Simplemente habilita la configuración necesaria en el panel.
 
 </details>
 
 ## Límite de IP
 
 <details>
-  <summary>Haz clic para más detalles del límite de IP</summary>
+  <summary>Haz clic para ver los detalles del límite de IP</summary>
 
 #### Uso
 
-**Nota:** El Límite de IP no funcionará correctamente cuando se use IP Tunnel
-
-- Para versiones hasta `v1.6.1`:
+**Nota:** El Límite de IP no funcionará correctamente cuando uses Túnel IP.
 
+- **Para versiones hasta `v1.6.1`:**
   - El límite de IP está integrado en el panel.
 
-- Para versiones `v1.7.0` y posteriores:
+**Para versiones `v1.7.0` y posteriores:**
 
-  - Para que el Límite de IP funcione correctamente, necesitas instalar fail2ban y sus archivos requeridos siguiendo estos pasos:
+Para habilitar la funcionalidad de límite de IP, necesitas instalar `fail2ban` y los archivos requeridos siguiendo estos pasos:
 
-    1. Usa el comando `x-ui` dentro de la terminal.
-    2. Selecciona `Gestión de Límite de IP`.
-    3. Elige las opciones apropiadas según tus necesidades.
+1. Ejecuta el comando `x-ui` en el terminal, luego elige `Gestión de Límite de IP`.
+2. Verás las siguientes opciones:
 
-  - asegúrate de tener ./access.log en tu Configuración de Xray después de la v2.1.3 tenemos una opción para ello
+   - **Cambiar la Duración del Bloqueo:** Ajustar la duración de los bloqueos.
+   - **Desbloquear a Todos:** Levantar todos los bloqueos actuales.
+   - **Revisar los Registros:** Revisar los registros.
+   - **Estado de Fail2ban:** Verificar el estado de `fail2ban`.
+   - **Reiniciar Fail2ban:** Reiniciar el servicio `fail2ban`.
+   - **Desinstalar Fail2ban:** Desinstalar Fail2ban con la configuración.
 
-  ```sh
+3. Agrega una ruta para el registro de acceso en el panel configurando `Xray Configs/log/Access log` a `./access.log`, luego guarda y reinicia Xray.
+
+- **Para versiones anteriores a `v2.1.3`:**
+  - Necesitas configurar manualmente la ruta del registro de acceso en tu configuración de Xray:
+
+    ```sh
     "log": {
       "access": "./access.log",
       "dnsLog": false,
       "loglevel": "warning"
     },
-  ```
+    ```
+
+- **Para versiones `v2.1.3` y posteriores:**
+  - Hay una opción para configurar `access.log` directamente desde el panel.
 
 </details>
 

README.md

@@ -32,10 +32,10 @@ bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.
 
 ## Install Custom Version
 
-To install your desired version, add the version to the end of the installation command. e.g., ver `v2.3.14`:
+To install your desired version, add the version to the end of the installation command. e.g., ver `v2.4.2`:
 
 ```
-bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh) v2.3.14
+bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh) v2.4.2
 ```
 
 ## SSL Certificate
@@ -169,6 +169,8 @@ systemctl restart x-ui
    docker compose up -d
    ```
 
+  Add ```--pull always``` flag to make docker automatically recreate container if a newer image is pulled. See https://docs.docker.com/reference/cli/docker/container/run/#pull for more info.
+
    **OR**
 
    ```sh
@@ -252,6 +254,7 @@ location /sub {
 - Rocky Linux 9+
 - Oracle Linux 8+
 - OpenSUSE Tubleweed
+- Amazon Linux 2023
 
 ## Supported Architectures and Devices
 
@@ -286,6 +289,7 @@ Our platform offers compatibility with a diverse range of architectures and devi
 - Indonesian
 - Ukrainian
 - Turkish
+- Português (Brazil)
 
 
 ## Features
@@ -358,17 +362,6 @@ Our platform offers compatibility with a diverse range of architectures and devi
 
 WARP is built-in, and no additional installation is required. Simply turn on the necessary configuration in the panel.
 
-**For versions before `v2.1.0`:**
-
-1. Run the `x-ui` command in the terminal, then choose `WARP Management`.
-2. You will see the following options:
-
-   - **Account Type (free, plus, team):** Choose the appropriate account type.
-   - **Enable/Disable WireProxy:** Toggle WireProxy on or off.
-   - **Uninstall WARP:** Remove the WARP application.
-
-3. Configure the settings as needed in the panel.
-
 </details>
 
 ## IP Limit

README.ru_RU.md

@@ -12,7 +12,7 @@
 
 > **Отказ от ответственности:** Этот проект предназначен только для личного обучения и общения. Пожалуйста, не используйте его в незаконных целях и не применяйте в производственной среде.
 
-**Если этот проект оказался полезным для вас, вы можете оценить его, постативив звёздочку** :star2:
+**Если этот проект оказался полезным для вас, вы можете оценить его, поставив звёздочку** :star2:
 
 <p align="left">
   <a href="https://buymeacoffee.com/mhsanaei" target="_blank">
@@ -32,10 +32,10 @@ bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.
 
 ## Установка определённой версии
 
-Чтобы установить нужную вам версию, добавьте номер версии в конец команды установки. Например, `v2.3.14`:
+Чтобы установить нужную вам версию, добавьте номер версии в конец команды установки. Например, `v2.4.2`:
 
 ```
-bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh) v2.3.14
+bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh) v2.4.2
 ```
 
 ## SSL Сертификат
@@ -53,7 +53,7 @@ bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.
 
    - **Get SSL:** Получить SSL сертификаты.
    - **Revoke:** Отозвать существующие SSL сертификаты.
-   - **Force Renew:** Принудительно превыпустить SSL сертификаты.
+   - **Force Renew:** Принудительно перевыпустить SSL сертификаты.
 
 ### Certbot
 
@@ -76,7 +76,7 @@ certbot renew --dry-run
 **Как получить глобальный API-ключ Cloudflare:**
 
 1. Выполните команду `x-ui` в терминале, затем выберите `Cloudflare SSL Certificate`.
-2. Посетите ссылку: [Cloudflare API Tokens](https://dash.cloudflare.com/profile/api-tokens).
+2. Перейдите по ссылке: [Cloudflare API Tokens](https://dash.cloudflare.com/profile/api-tokens).
 3. Нажмите на "View Global API Key" (см. скриншот ниже):
    ![](media/APIKey1.PNG)
 4. Возможно, вам потребуется повторно пройти аутентификацию. После этого ключ API будет отображён (см. скриншот ниже):
@@ -168,6 +168,8 @@ systemctl restart x-ui
    docker compose up -d
    ```
 
+  Добавьте параметр ```--pull always``` для автоматического обновления контейнера, когда публикуется новый образ. Подробности: https://docs.docker.com/reference/cli/docker/container/run/#pull
+
    **ИЛИ**
 
    ```sh
@@ -251,6 +253,7 @@ location /sub {
 - Rocky Linux 9+
 - Oracle Linux 8+
 - OpenSUSE Tubleweed
+- Amazon Linux 2023
 
 ## Поддерживаемые архитектуры и устройства
 
@@ -285,6 +288,7 @@ location /sub {
 - Индонезийский
 - Украинский
 - Турецкий
+- Португальский (Бразилия)
 
 ## Возможности
 
@@ -329,7 +333,7 @@ location /sub {
    - Выберите опцию `Reset Web Base Path`.
 
 2. **Генерация или настройка пути:**
-   - Путь будет случайным образом сгенерирован, или вы можете ввести пользовательский путь.
+   - Путь будет сгенерирован случайным образом, или вы можете ввести собственный путь.
 
 3. **Просмотр текущих настроек:**
    - Чтобы просмотреть текущие настройки, используйте команду `x-ui settings` в терминале или опцию `View Current Settings` в `x-ui`.
@@ -354,17 +358,6 @@ location /sub {
 
 WARP встроен, и дополнительная установка не требуется. Просто включите необходимую конфигурацию в панели.
 
-**Для версий до `v2.1.0`:**
-
-1. Выполните команду `x-ui` в терминале, затем выберите `WARP Management`.
-2. Вам будут предложены следующие опции:
-
-   - **Account Type (free, plus, team):** Выбрать соответствующий тип учетной записи.
-   - **Enable/Disable WireProxy:** Включить или отключить WireProxy.
-   - **Uninstall WARP:** Удалить приложение WARP.
-
-3. Настройте параметры по мере необходимости в панели.
-
 </details>
 
 ## Ограничение IP
@@ -441,7 +434,7 @@ WARP встроен, и дополнительная установка не т
 
 - Периодические отчеты
 - Уведомления о входе
-- Уведомления о пороге CPU
+- Уведомления о пороге загруженности процессора
 - Уведомления о времени истечения и трафике заранее
 - Поддерживает меню отчетов клиента, если имя пользователя телеграм клиента добавлено в конфигурации пользователя
 - Поддержка отчета о трафике через Telegram, поиск по UUID (VMESS/VLESS) или паролю (TROJAN) - анонимно
@@ -455,7 +448,7 @@ WARP встроен, и дополнительная установка не т
 
 ### Настройка телеграм-бота
 
-- Запустить [Botfather](https://t.me/BotFather) в вашем аккаунте Telegram:
+- Запустите [Botfather](https://t.me/BotFather) в вашем аккаунте Telegram:
     ![Botfather](./media/botfather.png)
 
 - Создайте нового бота с помощью команды /newbot: у вас спросят 2 вопроса: отображаемое имя и имя пользователя для вашего бота. Обратите внимание, что имя пользователя должно заканчиваться на слово "bot".
@@ -470,7 +463,7 @@ WARP встроен, и дополнительная установка не т
 Введите токен вашего бота в поле ввода номер 3.
 Введите ID пользователя в поле ввода номер 4. Telegram-аккаунты с этим ID будут администраторами бота. (Вы можете ввести несколько ID, разделяя их запятой)
 
-- Как получить ID пользователя Telegram? Используйте этого [бота](https://t.me/useridinfobot). Запустите бота, и он предоставит вам ваше ID пользователя Telegram.
+- Как получить ID пользователя Telegram? Используйте этот [бот](https://t.me/useridinfobot). Запустите бота, и он отобразит ваш ID пользователя Telegram.
 ![ID пользователя](./media/user-id.png)
 
 </details>
@@ -504,7 +497,7 @@ WARP встроен, и дополнительная установка не т
 | `POST` | `"/resetAllTraffics"`              | Сбросить трафик всех входящих соединений
 | `POST` | `"/resetAllClientTraffics/:id"`    | Сбросить трафик всех клиентов в входящем соединении
 | `POST` | `"/delDepletedClients/:id"`        | Удалить истекших клиентов в входящем соединении (-1: всех)
-| `POST` | `"/onlines"`                       | Получить пользователей, которые онлайн (список email'ов)
+| `POST` | `"/onlines"`                       | Получить пользователей, которые находятся онлайн (список email'ов)
 
 \*- Поле `clientId` должно быть заполнено следующим образом:
 

README.zh_CN.md

@@ -32,36 +32,58 @@ bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.
 
 ## 安装指定版本
 
-要安装所需的版本，请将该版本添加到安装命令的末尾。 e.g., ver `v2.3.14`:
+要安装所需的版本，请将该版本添加到安装命令的末尾。 e.g., ver `v2.4.2`:
 
 ```
-bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh) v2.3.14
+bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh) v2.4.2
 ```
 
-## SSL 认证
+### SSL证书
 
 <details>
-  <summary>点击查看 SSL 认证</summary>
+  <summary>点击查看SSL证书详情</summary>
 
-### Cloudflare
+### ACME
 
-管理脚本具有用于 Cloudflare 的内置 SSL 证书应用程序。若要使用此脚本申请证书，需要满足以下条件：
+使用ACME管理SSL证书：
 
-- Cloudflare 邮箱地址
-- Cloudflare Global API Key
-- 域名已通过 cloudflare 解析到当前服务器
-
-**1:** 在终端中运行`x-ui`， 选择 `Cloudflare SSL Certificate`.
+1. 确保您的域名正确解析到服务器。
+2. 在终端中运行 `x-ui` 命令，然后选择 `SSL证书管理`。
+3. 您将看到以下选项：
 
+   - **获取SSL证书:** 获取SSL证书。
+   - **吊销:** 吊销现有的SSL证书。
+   - **强制更新:** 强制更新SSL证书。
 
 ### Certbot
-```
+
+安装并使用Certbot：
+
+```sh
 apt-get install certbot -y
 certbot certonly --standalone --agree-tos --register-unsafely-without-email -d yourdomain.com
 certbot renew --dry-run
 ```
 
-***Tip:*** *管理脚本具有 Certbot 。使用 `x-ui` 命令， 选择 `SSL Certificate Management`.*
+### Cloudflare
+
+管理脚本内置了Cloudflare的SSL证书申请。要使用此脚本申请证书，您需要以下信息：
+
+- Cloudflare注册的电子邮件
+- Cloudflare全局API密钥
+- 域名必须通过Cloudflare解析到当前服务器
+
+**如何获取Cloudflare全局API密钥：**
+
+1. 在终端中运行 `x-ui` 命令，然后选择 `Cloudflare SSL证书`。
+2. 访问链接：[Cloudflare API Tokens](https://dash.cloudflare.com/profile/api-tokens)。
+3. 点击“查看全局API密钥”（参见下图）：
+   ![](media/APIKey1.PNG)
+4. 您可能需要重新验证您的账户。之后将显示API密钥（参见下图）：
+   ![](media/APIKey2.png)
+
+使用时，只需输入您的 `域名`、`电子邮件` 和 `API密钥`。如下图所示：
+   ![](media/DetailEnter.png)
 
 </details>
 
@@ -226,6 +248,7 @@ location /sub {
 - AlmaLinux 9+
 - Rockylinux 9+
 - OpenSUSE Tubleweed
+- Amazon Linux 2023
 
 ## 支持的架构和设备
 <details>
@@ -276,88 +299,100 @@ location /sub {
 - 支持从面板导出/导入数据库
 
 
-## 默认设置
+## 默认面板设置
 
 <details>
-  <summary>点击查看 默认设置</summary>
+  <summary>点击查看默认设置详情</summary>
 
-  ### 信息
+### 用户名 & 密码 & Web基础路径：
 
-- **端口：** 2053
-- **用户名 & 密码：** 当您跳过设置时，此项会随机生成。
-- **数据库路径：**
-  - /etc/x-ui/x-ui.db
-- **Xray 配置路径：**
-  - /usr/local/x-ui/bin/config.json
-- **面板链接（无SSL）：**
-  - http://ip:2053/panel
-  - http://domain:2053/panel
-- **面板链接（有SSL）：**
-  - https://domain:2053/panel
+  如果不修改这些，它们将会随机生成。
+
+  - **端口号:** 面板的默认端口号是 `2053`
+
+### 数据库管理：
+
+  您可以直接在面板中方便地进行数据库备份和还原。
+
+- **数据库路径:**
+  - `/etc/x-ui/x-ui.db`
+
+### Web 基础路径
+
+1. **重置 Web 基础路径:**
+   - 打开终端。
+   - 运行 `x-ui` 命令。
+   - 选择 `重置 Web 基础路径` 选项。
+
+2. **生成或自定义路径:**
+   - 路径将会随机生成，或者您可以输入自定义路径。
+
+3. **查看当前设置:**
+   - 要查看当前设置，请在终端中使用 `x-ui settings` 命令，或在 `x-ui` 面板中点击 `查看当前设置`。
+
+### 安全建议：
+- 为了提高安全性，建议在URL结构中使用一个长的随机词。
+
+**示例：**
+- `http://ip:port/*webbasepath*/panel`
+- `http://domain:port/*webbasepath*/panel`
 
 </details>
 
 ## WARP 配置
 
 <details>
-  <summary>点击查看 WARP 配置</summary>
+  <summary>点击查看 WARP 配置详情</summary>
 
-#### 使用
+#### 使用方法
 
-如果要在 v2.1.0 之前使用 WARP 路由，请按照以下步骤操作：
+**对于 `v2.1.0` 及之后的版本：**
 
-**1.** 在 **SOCKS Proxy Mode** 模式中安装Wrap
-
-   ```sh
-   bash <(curl -sSL https://raw.githubusercontent.com/hamid-gh98/x-ui-scripts/main/install_warp_proxy.sh)
-   ```
-
-**2.** 如果您已经安装了 warp，您可以使用以下命令卸载：
-
-   ```sh
-   warp u
-   ```
-
-**3.** 在面板中打开您需要的配置
-
-   配置:
-
-   - Block Ads
-   - Route Google + Netflix + Spotify + OpenAI (ChatGPT) to WARP
-   - Fix Google 403 error
+WARP 已内置，无需额外安装。只需在面板中开启相关配置即可。
 
 </details>
 
 ## IP 限制
 
 <details>
-  <summary>点击查看 IP 限制</summary>
+  <summary>点击查看 IP 限制详情</summary>
 
-#### 使用
+#### 使用方法
 
-**注意：** 使用 IP 隧道时，IP 限制无法正常工作。
+**注意:** 当使用 IP 隧道时，IP 限制将无法正常工作。
 
-- 适用于最高 `v1.6.1` ：
+- **对于 `v1.6.1` 及之前的版本：**
+  - IP 限制功能已内置于面板中。
 
-  - IP 限制 已被集成在面板中。
+**对于 `v1.7.0` 及更新的版本：**
 
-- 适用于 `v1.7.0` 以及更新的版本：
+要启用 IP 限制功能，您需要安装 `fail2ban` 及其所需的文件，步骤如下：
 
-  - 要使 IP 限制正常工作，您需要按照以下步骤安装 fail2ban 及其所需的文件：
+1. 在终端中运行 `x-ui` 命令，然后选择 `IP 限制管理`。
+2. 您将看到以下选项：
 
-    1. 使用面板内置的 `x-ui` 指令
-    2. 选择 `IP Limit Management`.
-    3. 根据您的需要选择合适的选项。
+   - **更改封禁时长:** 调整封禁时长。
+   - **解除所有封禁:** 解除当前的所有封禁。
+   - **查看日志:** 查看日志。
+   - **Fail2ban 状态:** 检查 `fail2ban` 的状态。
+   - **重启 Fail2ban:** 重启 `fail2ban` 服务。
+   - **卸载 Fail2ban:** 卸载带有配置的 Fail2ban。
 
-  - 确保您的 Xray 配置上有 ./access.log 。在 v2.1.3 之后，我们有一个选项。
+3. 在面板中通过设置 `Xray 配置/log/访问日志` 为 `./access.log` 添加访问日志路径，然后保存并重启 Xray。
 
-  ```sh
+- **对于 `v2.1.3` 之前的版本：**
+  - 您需要在 Xray 配置中手动设置访问日志路径：
+
+    ```sh
     "log": {
       "access": "./access.log",
       "dnsLog": false,
       "loglevel": "warning"
     },
-  ```
+    ```
+
+- **对于 `v2.1.3` 及之后的版本：**
+  - 面板中直接提供了配置 `access.log` 的选项。
 
 </details>
 

config/version

@@ -1 +1 @@
-2.3.14
+2.4.2

database/model/model.go

@@ -46,6 +46,7 @@ type Inbound struct {
 	StreamSettings string   `json:"streamSettings" form:"streamSettings"`
 	Tag            string   `json:"tag" form:"tag" gorm:"unique"`
 	Sniffing       string   `json:"sniffing" form:"sniffing"`
+	Allocate       string   `json:"allocate" form:"allocate"`
 }
 
 type OutboundTraffics struct {
@@ -75,6 +76,7 @@ func (i *Inbound) GenXrayInboundConfig() *xray.InboundConfig {
 		StreamSettings: json_util.RawMessage(i.StreamSettings),
 		Tag:            i.Tag,
 		Sniffing:       json_util.RawMessage(i.Sniffing),
+		Allocate:       json_util.RawMessage(i.Allocate),
 	}
 }
 

go.mod

@@ -1,13 +1,13 @@
 module x-ui
 
-go 1.23.0
+go 1.23.1
 
 require (
 	github.com/gin-contrib/gzip v1.0.1
 	github.com/gin-contrib/sessions v1.0.1
 	github.com/gin-gonic/gin v1.10.0
 	github.com/goccy/go-json v0.10.3
-	github.com/mymmrac/telego v0.31.2
+	github.com/mymmrac/telego v0.31.3
 	github.com/nicksnyder/go-i18n/v2 v2.4.0
 	github.com/op/go-logging v0.0.0-20160315200505-970db520ece7
 	github.com/pelletier/go-toml/v2 v2.2.3
@@ -17,14 +17,14 @@ require (
 	github.com/xtls/xray-core v1.8.24
 	go.uber.org/atomic v1.11.0
 	golang.org/x/text v0.18.0
-	google.golang.org/grpc v1.66.0
+	google.golang.org/grpc v1.67.0
 	gorm.io/driver/sqlite v1.5.6
-	gorm.io/gorm v1.25.11
+	gorm.io/gorm v1.25.12
 )
 
 require (
 	github.com/andybalholm/brotli v1.1.0 // indirect
-	github.com/bytedance/sonic v1.12.2 // indirect
+	github.com/bytedance/sonic v1.12.3 // indirect
 	github.com/bytedance/sonic/loader v0.2.0 // indirect
 	github.com/cloudflare/circl v1.4.0 // indirect
 	github.com/cloudwego/base64x v0.1.4 // indirect
@@ -37,10 +37,10 @@ require (
 	github.com/go-ole/go-ole v1.3.0 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
-	github.com/go-playground/validator/v10 v10.22.0 // indirect
+	github.com/go-playground/validator/v10 v10.22.1 // indirect
 	github.com/go-task/slim-sprig/v3 v3.0.0 // indirect
 	github.com/google/btree v1.1.3 // indirect
-	github.com/google/pprof v0.0.0-20240903155634-a8630aee4ab9 // indirect
+	github.com/google/pprof v0.0.0-20240910150728-a0b0bb1d4134 // indirect
 	github.com/gorilla/context v1.1.2 // indirect
 	github.com/gorilla/securecookie v1.1.2 // indirect
 	github.com/gorilla/sessions v1.4.0 // indirect
@@ -49,10 +49,10 @@ require (
 	github.com/jinzhu/inflection v1.0.0 // indirect
 	github.com/jinzhu/now v1.1.5 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/klauspost/compress v1.17.9 // indirect
+	github.com/klauspost/compress v1.17.10 // indirect
 	github.com/klauspost/cpuid/v2 v2.2.8 // indirect
 	github.com/leodido/go-urn v1.4.0 // indirect
-	github.com/lufia/plan9stats v0.0.0-20240819163618-b1d8f4d146e7 // indirect
+	github.com/lufia/plan9stats v0.0.0-20240909124753-873cd0166683 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mattn/go-sqlite3 v1.14.23 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
@@ -60,12 +60,12 @@ require (
 	github.com/onsi/ginkgo/v2 v2.20.2 // indirect
 	github.com/pires/go-proxyproto v0.7.0 // indirect
 	github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 // indirect
-	github.com/quic-go/qpack v0.5.0 // indirect
-	github.com/quic-go/quic-go v0.46.0 // indirect
+	github.com/quic-go/qpack v0.5.1 // indirect
+	github.com/quic-go/quic-go v0.47.0 // indirect
 	github.com/refraction-networking/utls v1.6.7 // indirect
 	github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 // indirect
-	github.com/rogpeppe/go-internal v1.12.0 // indirect
-	github.com/sagernet/sing v0.4.2 // indirect
+	github.com/rogpeppe/go-internal v1.13.1 // indirect
+	github.com/sagernet/sing v0.4.3 // indirect
 	github.com/sagernet/sing-shadowsocks v0.2.7 // indirect
 	github.com/savsgio/gotils v0.0.0-20240704082632-aef3928b8a38 // indirect
 	github.com/seiflotfy/cuckoofilter v0.0.0-20240715131351-a2f2c23f1771 // indirect
@@ -79,19 +79,19 @@ require (
 	github.com/valyala/fastjson v1.6.4 // indirect
 	github.com/vishvananda/netlink v1.3.0 // indirect
 	github.com/vishvananda/netns v0.0.4 // indirect
-	github.com/xtls/reality v0.0.0-20240712055506-48f0b2d5ed6d // indirect
+	github.com/xtls/reality v0.0.0-20240909153216-e26ae2305463 // indirect
 	github.com/yusufpapurcu/wmi v1.2.4 // indirect
 	go.uber.org/mock v0.4.0 // indirect
 	go4.org/netipx v0.0.0-20231129151722-fdeea329fbba // indirect
 	golang.org/x/arch v0.10.0 // indirect
-	golang.org/x/crypto v0.26.0 // indirect
-	golang.org/x/exp v0.0.0-20240904232852-e7e105dedf7e // indirect
+	golang.org/x/crypto v0.27.0 // indirect
+	golang.org/x/exp v0.0.0-20240909161429-701f63a606c0 // indirect
 	golang.org/x/mod v0.21.0 // indirect
-	golang.org/x/net v0.28.0 // indirect
+	golang.org/x/net v0.29.0 // indirect
 	golang.org/x/sync v0.8.0 // indirect
 	golang.org/x/sys v0.25.0 // indirect
 	golang.org/x/time v0.6.0 // indirect
-	golang.org/x/tools v0.24.0 // indirect
+	golang.org/x/tools v0.25.0 // indirect
 	golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 // indirect
 	golang.zx2c4.com/wireguard v0.0.0-20231211153847-12269c276173 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20240826202546-f6391c0de4c7 // indirect

go.sum

@@ -20,6 +20,8 @@ github.com/bradfitz/go-smtpd v0.0.0-20170404230938-deb6d6237625/go.mod h1:HYsPBT
 github.com/buger/jsonparser v0.0.0-20181115193947-bf1c66bbce23/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s=
 github.com/bytedance/sonic v1.12.2 h1:oaMFuRTpMHYLpCntGca65YWt5ny+wAceDERTkT2L9lg=
 github.com/bytedance/sonic v1.12.2/go.mod h1:B8Gt/XvtZ3Fqj+iSKMypzymZxw/FVwgIGKzMzT9r/rk=
+github.com/bytedance/sonic v1.12.3 h1:W2MGa7RCU1QTeYRTPE3+88mVC0yXmsRQRChiyVocVjU=
+github.com/bytedance/sonic v1.12.3/go.mod h1:B8Gt/XvtZ3Fqj+iSKMypzymZxw/FVwgIGKzMzT9r/rk=
 github.com/bytedance/sonic/loader v0.1.1/go.mod h1:ncP89zfokxS5LZrJxl5z0UJcsk4M4yY2JpfqGeCtNLU=
 github.com/bytedance/sonic/loader v0.2.0 h1:zNprn+lsIP06C/IqCHs3gPQIvnvpKbbxyXQP1iU4kWM=
 github.com/bytedance/sonic/loader v0.2.0/go.mod h1:ncP89zfokxS5LZrJxl5z0UJcsk4M4yY2JpfqGeCtNLU=
@@ -70,8 +72,8 @@ github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/o
 github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
 github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
 github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
-github.com/go-playground/validator/v10 v10.22.0 h1:k6HsTZ0sTnROkhS//R0O+55JgM8C4Bx7ia+JlgcnOao=
-github.com/go-playground/validator/v10 v10.22.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM=
+github.com/go-playground/validator/v10 v10.22.1 h1:40JcKH+bBNGFczGuoBYgX4I6m/i27HYW8P9FDk5PbgA=
+github.com/go-playground/validator/v10 v10.22.1/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM=
 github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI=
 github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8=
 github.com/goccy/go-json v0.10.3 h1:KZ5WoDbxAIgm2HNbYckL0se1fHD6rz5j4ywS6ebzDqA=
@@ -98,8 +100,8 @@ github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
 github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
 github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
-github.com/google/pprof v0.0.0-20240903155634-a8630aee4ab9 h1:q5g0N9eal4bmJwXHC5z0QCKs8qhS35hFfq0BAYsIwZI=
-github.com/google/pprof v0.0.0-20240903155634-a8630aee4ab9/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144=
+github.com/google/pprof v0.0.0-20240910150728-a0b0bb1d4134 h1:c5FlPPgxOn7kJz3VoPLkQYQXGBS3EklQ4Zfi57uOuqQ=
+github.com/google/pprof v0.0.0-20240910150728-a0b0bb1d4134/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144=
 github.com/googleapis/gax-go v2.0.0+incompatible/go.mod h1:SFVmujtThgffbyetf+mdk2eWhX2bMyUtNHzFKcPA9HY=
 github.com/googleapis/gax-go/v2 v2.0.3/go.mod h1:LLvjysVCY1JZeum8Z6l8qUty8fiNwE08qbEPm1M08qg=
 github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
@@ -127,6 +129,8 @@ github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA=
 github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw=
+github.com/klauspost/compress v1.17.10 h1:oXAz+Vh0PMUvJczoi+flxpnBEPxoER1IaAnU/NMPtT0=
+github.com/klauspost/compress v1.17.10/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0=
 github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
 github.com/klauspost/cpuid/v2 v2.2.8 h1:+StwCXwm9PdpiEkPyzBXIy+M9KUb4ODm0Zarf1kS5BM=
 github.com/klauspost/cpuid/v2 v2.2.8/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws=
@@ -140,8 +144,8 @@ github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ=
 github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI=
-github.com/lufia/plan9stats v0.0.0-20240819163618-b1d8f4d146e7 h1:5RK988zAqB3/AN3opGfRpoQgAVqr6/A5+qRTi67VUZY=
-github.com/lufia/plan9stats v0.0.0-20240819163618-b1d8f4d146e7/go.mod h1:ilwx/Dta8jXAgpFYFvSWEMwxmbWXyiUHkd5FwyKhb5k=
+github.com/lufia/plan9stats v0.0.0-20240909124753-873cd0166683 h1:7UMa6KCCMjZEMDtTVdcGu0B1GmmC7QJKiCCjyTAWQy0=
+github.com/lufia/plan9stats v0.0.0-20240909124753-873cd0166683/go.mod h1:ilwx/Dta8jXAgpFYFvSWEMwxmbWXyiUHkd5FwyKhb5k=
 github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI=
 github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
 github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
@@ -158,8 +162,8 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJ
 github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
 github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
 github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
-github.com/mymmrac/telego v0.31.2 h1:srvQOQtb5ZswmqIr03VuAkIF076bi25n7fyQ51Ifstw=
-github.com/mymmrac/telego v0.31.2/go.mod h1:dyuyrOIagRstnm2ZNWuVilPdsslQyEgwYww9zkDqdJU=
+github.com/mymmrac/telego v0.31.3 h1:yZlD+dm+1W6p3OmCG8K+MbS02Y6paUgwPnqfZN3RWQQ=
+github.com/mymmrac/telego v0.31.3/go.mod h1:coOoqXVmjFnwBlzusjfEezbQ7RH9wQnDowJdMm+bnEo=
 github.com/neelance/astrewrite v0.0.0-20160511093645-99348263ae86/go.mod h1:kHJEU3ofeGjhHklVoIGuVj85JJwZ6kWPaJwCIxgnFmo=
 github.com/neelance/sourcemap v0.0.0-20151028013722-8c68805598ab/go.mod h1:Qr6/a/Q4r9LP1IltGz7tA7iOK1WonHEYhu1HRBA7ZiM=
 github.com/nicksnyder/go-i18n/v2 v2.4.0 h1:3IcvPOAvnCKwNm0TB0dLDTuawWEj+ax/RERNC+diLMM=
@@ -186,10 +190,10 @@ github.com/prometheus/client_golang v0.8.0/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXP
 github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
 github.com/prometheus/common v0.0.0-20180801064454-c7de2306084e/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
 github.com/prometheus/procfs v0.0.0-20180725123919-05ee40e3a273/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
-github.com/quic-go/qpack v0.5.0 h1:jldbr38Ef/swDfxtvNvvUIYNg5LNm3Oa9W+IZvCm4q0=
-github.com/quic-go/qpack v0.5.0/go.mod h1:+PC4XFrEskIVkcLzpEkbLqq1uCoxPhQuvK5rH1ZgaEg=
-github.com/quic-go/quic-go v0.46.0 h1:uuwLClEEyk1DNvchH8uCByQVjo3yKL9opKulExNDs7Y=
-github.com/quic-go/quic-go v0.46.0/go.mod h1:1dLehS7TIR64+vxGR70GDcatWTOtMX2PUtnKsjbTurI=
+github.com/quic-go/qpack v0.5.1 h1:giqksBPnT/HDtZ6VhtFKgoLOWmlyo9Ei6u9PqzIMbhI=
+github.com/quic-go/qpack v0.5.1/go.mod h1:+PC4XFrEskIVkcLzpEkbLqq1uCoxPhQuvK5rH1ZgaEg=
+github.com/quic-go/quic-go v0.47.0 h1:yXs3v7r2bm1wmPTYNLKAAJTHMYkPEsfYJmTazXrCZ7Y=
+github.com/quic-go/quic-go v0.47.0/go.mod h1:3bCapYsJvXGZcipOHuu7plYtaV6tnF+z7wIFsU0WK9E=
 github.com/refraction-networking/utls v1.6.7 h1:zVJ7sP1dJx/WtVuITug3qYUq034cDq9B2MR1K67ULZM=
 github.com/refraction-networking/utls v1.6.7/go.mod h1:BC3O4vQzye5hqpmDTWUqi4P5DDhzJfkV1tdqtawQIH0=
 github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg=
@@ -198,9 +202,11 @@ github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs=
 github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro=
 github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
 github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
+github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII=
+github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o=
 github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
-github.com/sagernet/sing v0.4.2 h1:jzGNJdZVRI0xlAfFugsIQUPvyB9SuWvbJK7zQCXc4QM=
-github.com/sagernet/sing v0.4.2/go.mod h1:ieZHA/+Y9YZfXs2I3WtuwgyCZ6GPsIR7HdKb1SdEnls=
+github.com/sagernet/sing v0.4.3 h1:Ty/NAiNnVd6844k7ujlL5lkzydhcTH5Psc432jXA4Y8=
+github.com/sagernet/sing v0.4.3/go.mod h1:ieZHA/+Y9YZfXs2I3WtuwgyCZ6GPsIR7HdKb1SdEnls=
 github.com/sagernet/sing-shadowsocks v0.2.7 h1:zaopR1tbHEw5Nk6FAkM05wCslV6ahVegEZaKMv9ipx8=
 github.com/sagernet/sing-shadowsocks v0.2.7/go.mod h1:0rIKJZBR65Qi0zwdKezt4s57y/Tl1ofkaq6NlkzVuyE=
 github.com/savsgio/gotils v0.0.0-20240704082632-aef3928b8a38 h1:D0vL7YNisV2yqE55+q0lFuGse6U8lxlg7fYTctlT5Gc=
@@ -273,8 +279,8 @@ github.com/vishvananda/netlink v1.3.0 h1:X7l42GfcV4S6E4vHTsw48qbrV+9PVojNfIhZcwQ
 github.com/vishvananda/netlink v1.3.0/go.mod h1:i6NetklAujEcC6fK0JPjT8qSwWyO0HLn4UKG+hGqeJs=
 github.com/vishvananda/netns v0.0.4 h1:Oeaw1EM2JMxD51g9uhtC0D7erkIjgmj8+JZc26m1YX8=
 github.com/vishvananda/netns v0.0.4/go.mod h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZlaprSwhNNJM=
-github.com/xtls/reality v0.0.0-20240712055506-48f0b2d5ed6d h1:+B97uD9uHLgAAulhigmys4BVwZZypzK7gPN3WtpgRJg=
-github.com/xtls/reality v0.0.0-20240712055506-48f0b2d5ed6d/go.mod h1:dm4y/1QwzjGaK17ofi0Vs6NpKAHegZky8qk6J2JJZAE=
+github.com/xtls/reality v0.0.0-20240909153216-e26ae2305463 h1:g1Cj7d+my6k/HHxLAyxPwyX8i7FGRr6ulBDMkBzg2BM=
+github.com/xtls/reality v0.0.0-20240909153216-e26ae2305463/go.mod h1:BjIOLmkEEtAgloAiVUcYj0Mt+YU00JARZw8AEU0IwAg=
 github.com/xtls/xray-core v1.8.24 h1:Y2NumdlnJ9C9gvh1Ivs2+73ui5XQgB70wZXYCiI9DyY=
 github.com/xtls/xray-core v1.8.24/go.mod h1:cWIOI6iBBOsB0HHU9PGhaiBhaMPfiktUjwA0IWolWJc=
 github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo0=
@@ -293,11 +299,11 @@ golang.org/x/build v0.0.0-20190111050920-041ab4dc3f9d/go.mod h1:OWs+y06UdEOHN4y+
 golang.org/x/crypto v0.0.0-20181030102418-4d3f4d9ffa16/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190313024323-a1f597ede03a/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw=
-golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54=
+golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A=
+golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
-golang.org/x/exp v0.0.0-20240904232852-e7e105dedf7e h1:I88y4caeGeuDQxgdoFPUq097j7kNfw6uvuiNxUBfcBk=
-golang.org/x/exp v0.0.0-20240904232852-e7e105dedf7e/go.mod h1:akd2r19cwCdwSwWeIdzYQGa/EZZyqcOdwWiwj5L5eKQ=
+golang.org/x/exp v0.0.0-20240909161429-701f63a606c0 h1:e66Fs6Z+fZTbFBAxKfP3PALWBtpfqks2bwGcexMxgtk=
+golang.org/x/exp v0.0.0-20240909161429-701f63a606c0/go.mod h1:2TbTHSBQa924w8M6Xs1QcRcFwyucIwBGpK1p2f1YFFY=
 golang.org/x/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
@@ -311,8 +317,8 @@ golang.org/x/net v0.0.0-20181106065722-10aee1819953/go.mod h1:mL1N/T3taQHkDXs73r
 golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190313220215-9f648a60d977/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE=
-golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg=
+golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo=
+golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
@@ -350,8 +356,8 @@ golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGm
 golang.org/x/tools v0.0.0-20181030000716-a0a13e073c7b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
-golang.org/x/tools v0.24.0 h1:J1shsA93PJUEVaUSaay7UXAyE8aimq3GW0pjlolpa24=
-golang.org/x/tools v0.24.0/go.mod h1:YhNqVBIfWHdzvTLs0d8LCuMhkKUgSUKldakyV7W/WDQ=
+golang.org/x/tools v0.25.0 h1:oFU9pkj/iJgs+0DT+VMHrx+oBKs/LJMV+Uvg78sl+fE=
+golang.org/x/tools v0.25.0/go.mod h1:/vtpO8WL1N9cQC3FN5zPqb//fRXskFHbLKk4OW1Q7rg=
 golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 h1:B82qJJgjvYKsXS9jeunTOisW56dUokqW/FOteYJJ/yg=
 golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2/go.mod h1:deeaetjYA+DHMHg+sMSMI58GrEteJUUzzw7en6TJQcI=
 golang.zx2c4.com/wireguard v0.0.0-20231211153847-12269c276173 h1:/jFs0duh4rdb8uIfPMv78iAJGcPKDeqAFnaLBropIC4=
@@ -374,8 +380,8 @@ google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmE
 google.golang.org/grpc v1.16.0/go.mod h1:0JHn/cJsOMiMfNA9+DeHDlAU7KAAB5GDlYFpa9MZMio=
 google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs=
 google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
-google.golang.org/grpc v1.66.0 h1:DibZuoBznOxbDQxRINckZcUvnCEvrW9pcWIE2yF9r1c=
-google.golang.org/grpc v1.66.0/go.mod h1:s3/l6xSSCURdVfAnL+TqCNMyTDAGN6+lZeVxnZR128Y=
+google.golang.org/grpc v1.67.0 h1:IdH9y6PF5MPSdAntIcpjQ+tXO41pcQsfZV2RxtQgVcw=
+google.golang.org/grpc v1.67.0/go.mod h1:1gLDyUQU7CTLJI90u3nXZ9ekeghjeM7pTDZlqFNg2AA=
 google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
 google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
@@ -392,8 +398,8 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gorm.io/driver/sqlite v1.5.6 h1:fO/X46qn5NUEEOZtnjJRWRzZMe8nqJiQ9E+0hi+hKQE=
 gorm.io/driver/sqlite v1.5.6/go.mod h1:U+J8craQU6Fzkcvu8oLeAQmi50TkwPEhHDEjQZXDah4=
-gorm.io/gorm v1.25.11 h1:/Wfyg1B/je1hnDx3sMkX+gAlxrlZpn6X0BXRlwXlvHg=
-gorm.io/gorm v1.25.11/go.mod h1:xh7N7RHfYlNc5EmcI/El95gXusucDrQnHXe0+CgWcLQ=
+gorm.io/gorm v1.25.12 h1:I0u8i2hWQItBq1WfE0o2+WuL9+8L21K9e2HHSTE/0f8=
+gorm.io/gorm v1.25.12/go.mod h1:xh7N7RHfYlNc5EmcI/El95gXusucDrQnHXe0+CgWcLQ=
 grpc.go4.org v0.0.0-20170609214715-11d0a25b4919/go.mod h1:77eQGdRu53HpSqPFJFmuJdjuHRquDANNeA4x7B8WQ9o=
 gvisor.dev/gvisor v0.0.0-20231202080848-1f7806d17489 h1:ze1vwAdliUAr68RQ5NtufWaXaOg8WUO2OACzEV+TNdE=
 gvisor.dev/gvisor v0.0.0-20231202080848-1f7806d17489/go.mod h1:10sU+Uh5KKNv1+2x2A0Gvzt8FjD3ASIhorV3YsauXhk=

install.sh

@@ -39,12 +39,12 @@ arch() {
 echo "arch: $(arch)"
 
 os_version=""
-os_version=$(grep -i version_id /etc/os-release | cut -d \" -f2 | cut -d . -f1)
+os_version=$(grep "^VERSION_ID" /etc/os-release | cut -d '=' -f2 | tr -d '"')
 
 if [[ "${release}" == "arch" ]]; then
     echo "Your OS is Arch Linux"
 elif [[ "${release}" == "parch" ]]; then
-    echo "Your OS is Parch linux"
+    echo "Your OS is Parch Linux"
 elif [[ "${release}" == "manjaro" ]]; then
     echo "Your OS is Manjaro"
 elif [[ "${release}" == "armbian" ]]; then
@@ -63,6 +63,10 @@ elif [[ "${release}" == "fedora" ]]; then
     if [[ ${os_version} -lt 36 ]]; then
         echo -e "${red} Please use Fedora 36 or higher version!${plain}\n" && exit 1
     fi
+elif [[ "${release}" == "amzn" ]]; then
+    if [[ ${os_version} != "2023" ]]; then
+        echo -e "${red} Please use Amazon Linux 2023!${plain}\n" && exit 1
+    fi
 elif [[ "${release}" == "debian" ]]; then
     if [[ ${os_version} -lt 11 ]]; then
         echo -e "${red} Please use Debian 11 or higher ${plain}\n" && exit 1
@@ -94,8 +98,8 @@ else
     echo "- Rocky Linux 9+"
     echo "- Oracle Linux 8+"
     echo "- OpenSUSE Tumbleweed"
+    echo "- Amazon Linux 2023"
     exit 1
-
 fi
 
 install_base() {

sub/default.json

@@ -23,6 +23,7 @@
         "destOverride": [
           "http",
           "tls",
+          "quic",
           "fakedns"
         ],
         "enabled": true

sub/sub.go

@@ -92,9 +92,9 @@ func (s *Server) initRouter() (*gin.Engine, error) {
 		SubJsonFragment = ""
 	}
 
-	SubJsonNoise, err := s.settingService.GetSubJsonNoise()
+	SubJsonNoises, err := s.settingService.GetSubJsonNoises()
 	if err != nil {
-		SubJsonNoise = ""
+		SubJsonNoises = ""
 	}
 
 	SubJsonMux, err := s.settingService.GetSubJsonMux()
@@ -111,7 +111,7 @@ func (s *Server) initRouter() (*gin.Engine, error) {
 
 	s.sub = NewSUBController(
 		g, LinksPath, JsonPath, Encrypt, ShowInfo, RemarkModel, SubUpdates,
-		SubJsonFragment, SubJsonNoise, SubJsonMux, SubJsonRules)
+		SubJsonFragment, SubJsonNoises, SubJsonMux, SubJsonRules)
 
 	return engine, nil
 }

sub/subJsonService.go

@@ -21,14 +21,14 @@ type SubJsonService struct {
 	configJson       map[string]interface{}
 	defaultOutbounds []json_util.RawMessage
 	fragment         string
-	noise            string
+	noises            string
 	mux              string
 
 	inboundService service.InboundService
 	SubService     *SubService
 }
 
-func NewSubJsonService(fragment string, noise string, mux string, rules string, subService *SubService) *SubJsonService {
+func NewSubJsonService(fragment string, noises string, mux string, rules string, subService *SubService) *SubJsonService {
 	var configJson map[string]interface{}
 	var defaultOutbounds []json_util.RawMessage
 	json.Unmarshal([]byte(defaultJson), &configJson)
@@ -53,15 +53,15 @@ func NewSubJsonService(fragment string, noise string, mux string, rules string,
 		defaultOutbounds = append(defaultOutbounds, json_util.RawMessage(fragment))
 	}
 
-	if noise != "" {
-		defaultOutbounds = append(defaultOutbounds, json_util.RawMessage(noise))
+	if noises != "" {
+		defaultOutbounds = append(defaultOutbounds, json_util.RawMessage(noises))
 	}
 
 	return &SubJsonService{
 		configJson:       configJson,
 		defaultOutbounds: defaultOutbounds,
 		fragment:         fragment,
-		noise:            noise,
+		noises:            noises,
 		mux:              mux,
 		SubService:       subService,
 	}
@@ -268,13 +268,13 @@ func (s *SubJsonService) realityData(rData map[string]interface{}) map[string]in
 	rltyData["spiderX"] = "/" + random.Seq(15)
 	shortIds, ok := rData["shortIds"].([]interface{})
 	if ok && len(shortIds) > 0 {
-		rltyData["shortId"] = shortIds
+		rltyData["shortId"] = shortIds[random.Num(len(shortIds))].(string)
 	} else {
 		rltyData["shortId"] = ""
 	}
 	serverNames, ok := rData["serverNames"].([]interface{})
 	if ok && len(serverNames) > 0 {
-		rltyData["serverName"] = serverNames
+		rltyData["serverName"] = serverNames[random.Num(len(serverNames))].(string)
 	} else {
 		rltyData["serverName"] = ""
 	}

sub/subService.go

@@ -213,12 +213,6 @@ func (s *SubService) genVmessLink(inbound *model.Inbound, email string) string {
 		http, _ := stream["httpSettings"].(map[string]interface{})
 		obj["path"], _ = http["path"].(string)
 		obj["host"] = searchHost(http)
-	case "quic":
-		quic, _ := stream["quicSettings"].(map[string]interface{})
-		header := quic["header"].(map[string]interface{})
-		obj["type"], _ = header["type"].(string)
-		obj["host"], _ = quic["security"].(string)
-		obj["path"], _ = quic["key"].(string)
 	case "grpc":
 		grpc, _ := stream["grpcSettings"].(map[string]interface{})
 		obj["path"] = grpc["serviceName"].(string)
@@ -370,12 +364,6 @@ func (s *SubService) genVlessLink(inbound *model.Inbound, email string) string {
 		http, _ := stream["httpSettings"].(map[string]interface{})
 		params["path"] = http["path"].(string)
 		params["host"] = searchHost(http)
-	case "quic":
-		quic, _ := stream["quicSettings"].(map[string]interface{})
-		params["quicSecurity"] = quic["security"].(string)
-		params["key"] = quic["key"].(string)
-		header := quic["header"].(map[string]interface{})
-		params["headerType"] = header["type"].(string)
 	case "grpc":
 		grpc, _ := stream["grpcSettings"].(map[string]interface{})
 		params["serviceName"] = grpc["serviceName"].(string)
@@ -604,12 +592,6 @@ func (s *SubService) genTrojanLink(inbound *model.Inbound, email string) string
 		http, _ := stream["httpSettings"].(map[string]interface{})
 		params["path"] = http["path"].(string)
 		params["host"] = searchHost(http)
-	case "quic":
-		quic, _ := stream["quicSettings"].(map[string]interface{})
-		params["quicSecurity"] = quic["security"].(string)
-		params["key"] = quic["key"].(string)
-		header := quic["header"].(map[string]interface{})
-		params["headerType"] = header["type"].(string)
 	case "grpc":
 		grpc, _ := stream["grpcSettings"].(map[string]interface{})
 		params["serviceName"] = grpc["serviceName"].(string)
@@ -839,12 +821,6 @@ func (s *SubService) genShadowsocksLink(inbound *model.Inbound, email string) st
 		http, _ := stream["httpSettings"].(map[string]interface{})
 		params["path"] = http["path"].(string)
 		params["host"] = searchHost(http)
-	case "quic":
-		quic, _ := stream["quicSettings"].(map[string]interface{})
-		params["quicSecurity"] = quic["security"].(string)
-		params["key"] = quic["key"].(string)
-		header := quic["header"].(map[string]interface{})
-		params["headerType"] = header["type"].(string)
 	case "grpc":
 		grpc, _ := stream["grpcSettings"].(map[string]interface{})
 		params["serviceName"] = grpc["serviceName"].(string)

web/assets/js/model/outbound.js

@@ -471,7 +471,6 @@ class StreamSettings extends CommonClass {
         this.kcp = kcpSettings;
         this.ws = wsSettings;
         this.http = httpSettings;
-        this.quic = quicSettings;
         this.grpc = grpcSettings;
         this.httpupgrade = httpupgradeSettings;
         this.splithttp = splithttpSettings;
@@ -523,7 +522,6 @@ class StreamSettings extends CommonClass {
             kcpSettings: network === 'kcp' ? this.kcp.toJson() : undefined,
             wsSettings: network === 'ws' ? this.ws.toJson() : undefined,
             httpSettings: network === 'http' ? this.http.toJson() : undefined,
-            quicSettings: network === 'quic' ? this.quic.toJson() : undefined,
             grpcSettings: network === 'grpc' ? this.grpc.toJson() : undefined,
             httpupgradeSettings: network === 'httpupgrade' ? this.httpupgrade.toJson() : undefined,
             splithttpSettings: network === 'splithttp' ? this.splithttp.toJson() : undefined,
@@ -591,7 +589,7 @@ class Outbound extends CommonClass {
 
     canEnableTls() {
         if (![Protocols.VMess, Protocols.VLESS, Protocols.Trojan, Protocols.Shadowsocks].includes(this.protocol)) return false;
-        return ["tcp", "ws", "http", "quic", "grpc", "httpupgrade", "splithttp"].includes(this.stream.network);
+        return ["tcp", "ws", "http", "grpc", "httpupgrade", "splithttp"].includes(this.stream.network);
     }
 
     //this is used for xtls-rprx-vision
@@ -707,11 +705,6 @@ class Outbound extends CommonClass {
             stream.http = new HttpStreamSettings(
                 json.path,
                 json.host);
-        } else if (network === 'quic') {
-            stream.quic = new QuicStreamSettings(
-                json.host ? json.host : 'none',
-                json.path,
-                json.type ? json.type : 'none');
         } else if (network === 'grpc') {
             stream.grpc = new GrpcStreamSettings(json.path, json.authority, json.type == 'multi');
         } else if (network === 'httpupgrade') {
@@ -753,11 +746,6 @@ class Outbound extends CommonClass {
             stream.ws = new WsStreamSettings(path, host);
         } else if (type === 'http' || type == 'h2') {
             stream.http = new HttpStreamSettings(path, host);
-        } else if (type === 'quic') {
-            stream.quic = new QuicStreamSettings(
-                url.searchParams.get('quicSecurity') ?? 'none',
-                url.searchParams.get('key') ?? '',
-                headerType ?? 'none');
         } else if (type === 'grpc') {
             stream.grpc = new GrpcStreamSettings(
                 url.searchParams.get('serviceName') ?? '',
@@ -863,39 +851,44 @@ Outbound.Settings = class extends CommonClass {
 Outbound.FreedomSettings = class extends CommonClass {
     constructor(
         domainStrategy = '',
-        timeout = '',
         redirect = '',
         fragment = {},
-        noise = {}
+        noises = []
     ) {
         super();
         this.domainStrategy = domainStrategy;
-        this.timeout = timeout;
         this.redirect = redirect;
         this.fragment = fragment;
-        this.noise = noise;
+        this.noises = noises;
+    }
+
+    addNoise() {
+        this.noises.push(new Outbound.FreedomSettings.Noise());
+    }
+
+    delNoise(index) {
+        this.noises.splice(index, 1);
     }
 
     static fromJson(json = {}) {
         return new Outbound.FreedomSettings(
             json.domainStrategy,
-            json.timeout,
             json.redirect,
             json.fragment ? Outbound.FreedomSettings.Fragment.fromJson(json.fragment) : undefined,
-            json.noise ? Outbound.FreedomSettings.Noise.fromJson(json.noise) : undefined,
+            json.noises ? json.noises.map(noise => Outbound.FreedomSettings.Noise.fromJson(noise)) : [new Outbound.FreedomSettings.Noise()],
         );
     }
 
     toJson() {
         return {
             domainStrategy: ObjectUtil.isEmpty(this.domainStrategy) ? undefined : this.domainStrategy,
-            timeout: this.timeout,
             redirect: this.redirect,
             fragment: Object.keys(this.fragment).length === 0 ? undefined : this.fragment,
-            noise: Object.keys(this.noise).length === 0 ? undefined : this.noise,
+            noises: Outbound.FreedomSettings.Noise.toJsonArray(this.noises),
         };
     }
 };
+
 Outbound.FreedomSettings.Fragment = class extends CommonClass {
     constructor(packets = '1-3', length = '', interval = '') {
         super();
@@ -912,19 +905,38 @@ Outbound.FreedomSettings.Fragment = class extends CommonClass {
         );
     }
 };
+
 Outbound.FreedomSettings.Noise = class extends CommonClass {
-    constructor(packet = '', delay = '') {
+    constructor(
+        type = 'rand',
+        packet = '10-20',
+        delay = '10-16'
+    ) {
         super();
+        this.type = type;
         this.packet = packet;
         this.delay = delay;
     }
 
     static fromJson(json = {}) {
         return new Outbound.FreedomSettings.Noise(
+            json.type,
             json.packet,
             json.delay,
         );
     }
+
+    toJson() {
+        return {
+            type: this.type,
+            packet: this.packet,
+            delay: this.delay,
+        };
+    }
+
+    static toJsonArray(noises) {
+        return noises.map(noise => noise.toJson());
+    }
 };
 
 Outbound.BlackholeSettings = class extends CommonClass {
@@ -946,11 +958,19 @@ Outbound.BlackholeSettings = class extends CommonClass {
     }
 };
 Outbound.DNSSettings = class extends CommonClass {
-    constructor(network = 'udp', address = '1.1.1.1', port = 53) {
+    constructor(
+        network = 'udp',
+        address = '1.1.1.1',
+        port = 53,
+        nonIPQuery = 'drop',
+        blockTypes = []
+    ) {
         super();
         this.network = network;
         this.address = address;
         this.port = port;
+        this.nonIPQuery = nonIPQuery;
+        this.blockTypes = blockTypes;
     }
 
     static fromJson(json = {}) {
@@ -958,6 +978,8 @@ Outbound.DNSSettings = class extends CommonClass {
             json.network,
             json.address,
             json.port,
+            json.nonIPQuery,
+            json.blockTypes,
         );
     }
 };

web/assets/js/model/setting.js

@@ -7,7 +7,7 @@ class AllSetting {
         this.webCertFile = "";
         this.webKeyFile = "";
         this.webBasePath = "/";
-        this.sessionMaxAge = 0;
+        this.sessionMaxAge = 60;
         this.pageSize = 50;
         this.expireDiff = 0;
         this.trafficDiff = 0;
@@ -38,7 +38,7 @@ class AllSetting {
         this.subURI = "";
         this.subJsonURI = "";
         this.subJsonFragment = "";
-        this.subJsonNoise = "";
+        this.subJsonNoises = "";
         this.subJsonMux = "";
         this.subJsonRules = "";
 

web/assets/js/model/xray.js

@@ -449,37 +449,6 @@ class HttpStreamSettings extends XrayCommonClass {
     }
 }
 
-class QuicStreamSettings extends XrayCommonClass {
-    constructor(
-        security = 'none',
-        key = RandomUtil.randomSeq(10),
-        type = 'none'
-    ) {
-        super();
-        this.security = security;
-        this.key = key;
-        this.type = type;
-    }
-
-    static fromJson(json = {}) {
-        return new QuicStreamSettings(
-            json.security,
-            json.key,
-            json.header ? json.header.type : 'none',
-        );
-    }
-
-    toJson() {
-        return {
-            security: this.security,
-            key: this.key,
-            header: {
-                type: this.type,
-            }
-        }
-    }
-}
-
 class GrpcStreamSettings extends XrayCommonClass {
     constructor(
         serviceName = "",
@@ -560,6 +529,12 @@ class SplitHTTPStreamSettings extends XrayCommonClass {
         scMinPostsIntervalMs = "10-50",
         noSSEHeader = false,
         xPaddingBytes = "100-1000",
+        xmux = { 
+            maxConcurrency: 0,
+            maxConnections: 0,
+            cMaxReuseTimes: 0,
+            cMaxLifetimeMs: 0
+        }
     ) {
         super();
         this.path = path;
@@ -570,6 +545,7 @@ class SplitHTTPStreamSettings extends XrayCommonClass {
         this.scMinPostsIntervalMs = scMinPostsIntervalMs;
         this.noSSEHeader = noSSEHeader;
         this.xPaddingBytes = xPaddingBytes;
+        this.xmux = xmux;   
     }
 
     addHeader(name, value) {
@@ -590,6 +566,7 @@ class SplitHTTPStreamSettings extends XrayCommonClass {
             json.scMinPostsIntervalMs,
             json.noSSEHeader,
             json.xPaddingBytes,
+            json.xmux,
         );
     }
 
@@ -603,6 +580,12 @@ class SplitHTTPStreamSettings extends XrayCommonClass {
             scMinPostsIntervalMs: this.scMinPostsIntervalMs,
             noSSEHeader: this.noSSEHeader,
             xPaddingBytes: this.xPaddingBytes,
+            xmux: {
+                maxConcurrency: this.xmux.maxConcurrency,
+                maxConnections: this.xmux.maxConnections,
+                cMaxReuseTimes: this.xmux.cMaxReuseTimes,
+                cMaxLifetimeMs: this.xmux.cMaxLifetimeMs
+            }
         };
     }
 }
@@ -1092,7 +1075,6 @@ class StreamSettings extends XrayCommonClass {
         kcpSettings = new KcpStreamSettings(),
         wsSettings = new WsStreamSettings(),
         httpSettings = new HttpStreamSettings(),
-        quicSettings = new QuicStreamSettings(),
         grpcSettings = new GrpcStreamSettings(),
         httpupgradeSettings = new HTTPUpgradeStreamSettings(),
         splithttpSettings = new SplitHTTPStreamSettings(),
@@ -1109,7 +1091,6 @@ class StreamSettings extends XrayCommonClass {
         this.kcp = kcpSettings;
         this.ws = wsSettings;
         this.http = httpSettings;
-        this.quic = quicSettings;
         this.grpc = grpcSettings;
         this.httpupgrade = httpupgradeSettings;
         this.splithttp = splithttpSettings;
@@ -1173,7 +1154,6 @@ class StreamSettings extends XrayCommonClass {
             KcpStreamSettings.fromJson(json.kcpSettings),
             WsStreamSettings.fromJson(json.wsSettings),
             HttpStreamSettings.fromJson(json.httpSettings),
-            QuicStreamSettings.fromJson(json.quicSettings),
             GrpcStreamSettings.fromJson(json.grpcSettings),
             HTTPUpgradeStreamSettings.fromJson(json.httpupgradeSettings),
             SplitHTTPStreamSettings.fromJson(json.splithttpSettings),
@@ -1194,7 +1174,6 @@ class StreamSettings extends XrayCommonClass {
             kcpSettings: network === 'kcp' ? this.kcp.toJson() : undefined,
             wsSettings: network === 'ws' ? this.ws.toJson() : undefined,
             httpSettings: network === 'http' ? this.http.toJson() : undefined,
-            quicSettings: network === 'quic' ? this.quic.toJson() : undefined,
             grpcSettings: network === 'grpc' ? this.grpc.toJson() : undefined,
             httpupgradeSettings: network === 'httpupgrade' ? this.httpupgrade.toJson() : undefined,
             splithttpSettings: network === 'splithttp' ? this.splithttp.toJson() : undefined,
@@ -1232,6 +1211,27 @@ class Sniffing extends XrayCommonClass {
     }
 }
 
+class Allocate extends XrayCommonClass {
+    constructor(
+        strategy = "always",
+        refresh = 5,
+        concurrency = 3,
+    ) {
+        super();
+        this.strategy = strategy;
+        this.refresh = refresh;
+        this.concurrency = concurrency;
+    }
+
+    static fromJson(json = {}) {
+        return new Allocate(
+            json.strategy,
+            json.refresh,
+            json.concurrency,
+        );
+    }
+}
+
 class Inbound extends XrayCommonClass {
     constructor(
         port = RandomUtil.randomIntRange(10000, 60000),
@@ -1241,6 +1241,7 @@ class Inbound extends XrayCommonClass {
         streamSettings = new StreamSettings(),
         tag = '',
         sniffing = new Sniffing(),
+        allocate = new Allocate(),
         clientStats = '',
     ) {
         super();
@@ -1251,6 +1252,7 @@ class Inbound extends XrayCommonClass {
         this.stream = streamSettings;
         this.tag = tag;
         this.sniffing = sniffing;
+        this.allocate = allocate;
         this.clientStats = clientStats;
     }
     getClientStats() {
@@ -1311,10 +1313,6 @@ class Inbound extends XrayCommonClass {
         return this.network === "kcp";
     }
 
-    get isQuic() {
-        return this.network === "quic"
-    }
-
     get isGrpc() {
         return this.network === "grpc";
     }
@@ -1393,18 +1391,6 @@ class Inbound extends XrayCommonClass {
         return null;
     }
 
-    get quicSecurity() {
-        return this.stream.quic.security;
-    }
-
-    get quicKey() {
-        return this.stream.quic.key;
-    }
-
-    get quicType() {
-        return this.stream.quic.type;
-    }
-
     get kcpType() {
         return this.stream.kcp.type;
     }
@@ -1424,7 +1410,7 @@ class Inbound extends XrayCommonClass {
 
     canEnableTls() {
         if (![Protocols.VMESS, Protocols.VLESS, Protocols.TROJAN, Protocols.SHADOWSOCKS].includes(this.protocol)) return false;
-        return ["tcp", "ws", "http", "quic", "grpc", "httpupgrade", "splithttp"].includes(this.network);
+        return ["tcp", "ws", "http", "grpc", "httpupgrade", "splithttp"].includes(this.network);
     }
 
     //this is used for xtls-rprx-vision
@@ -1457,6 +1443,7 @@ class Inbound extends XrayCommonClass {
         this.stream = new StreamSettings();
         this.tag = '';
         this.sniffing = new Sniffing();
+        this.allocate = new Allocate();
     }
 
     genVmessLink(address = '', port = this.port, forceTls, remark = '', clientId, security) {
@@ -1497,10 +1484,6 @@ class Inbound extends XrayCommonClass {
             obj.net = 'h2';
             obj.path = this.stream.http.path;
             obj.host = this.stream.http.host.join(',');
-        } else if (network === 'quic') {
-            obj.type = this.stream.quic.type;
-            obj.host = this.stream.quic.security;
-            obj.path = this.stream.quic.key;
         } else if (network === 'grpc') {
             obj.path = this.stream.grpc.serviceName;
             obj.authority = this.stream.grpc.authority;
@@ -1570,12 +1553,6 @@ class Inbound extends XrayCommonClass {
                 params.set("path", http.path);
                 params.set("host", http.host);
                 break;
-            case "quic":
-                const quic = this.stream.quic;
-                params.set("quicSecurity", quic.security);
-                params.set("key", quic.key);
-                params.set("headerType", quic.type);
-                break;
             case "grpc":
                 const grpc = this.stream.grpc;
                 params.set("serviceName", grpc.serviceName);
@@ -1691,12 +1668,6 @@ class Inbound extends XrayCommonClass {
                 params.set("path", http.path);
                 params.set("host", http.host);
                 break;
-            case "quic":
-                const quic = this.stream.quic;
-                params.set("quicSecurity", quic.security);
-                params.set("key", quic.key);
-                params.set("headerType", quic.type);
-                break;
             case "grpc":
                 const grpc = this.stream.grpc;
                 params.set("serviceName", grpc.serviceName);
@@ -1779,12 +1750,6 @@ class Inbound extends XrayCommonClass {
                 params.set("path", http.path);
                 params.set("host", http.host);
                 break;
-            case "quic":
-                const quic = this.stream.quic;
-                params.set("quicSecurity", quic.security);
-                params.set("key", quic.key);
-                params.set("headerType", quic.type);
-                break;
             case "grpc":
                 const grpc = this.stream.grpc;
                 params.set("serviceName", grpc.serviceName);
@@ -1958,6 +1923,7 @@ class Inbound extends XrayCommonClass {
             StreamSettings.fromJson(json.streamSettings),
             json.tag,
             Sniffing.fromJson(json.sniffing),
+            Allocate.fromJson(json.allocate),
             json.clientStats
         )
     }
@@ -1975,6 +1941,7 @@ class Inbound extends XrayCommonClass {
             streamSettings: streamSettings,
             tag: this.tag,
             sniffing: this.sniffing.toJson(),
+            allocate: this.allocate.toJson(),
             clientStats: this.clientStats
         };
     }
@@ -2546,15 +2513,13 @@ Inbound.DokodemoSettings = class extends Inbound.Settings {
         address,
         port,
         network = 'tcp,udp',
-        followRedirect = false,
-        timeout = 30
+        followRedirect = false
     ) {
         super(protocol);
         this.address = address;
         this.port = port;
         this.network = network;
         this.followRedirect = followRedirect;
-        this.timeout = timeout;
     }
 
     static fromJson(json = {}) {
@@ -2564,7 +2529,6 @@ Inbound.DokodemoSettings = class extends Inbound.Settings {
             json.port,
             json.network,
             json.followRedirect,
-            json.timeout,
         );
     }
 
@@ -2574,7 +2538,6 @@ Inbound.DokodemoSettings = class extends Inbound.Settings {
             port: this.port,
             network: this.network,
             followRedirect: this.followRedirect,
-            timeout: this.timeout,
         };
     }
 };
@@ -2634,9 +2597,14 @@ Inbound.SocksSettings.SocksAccount = class extends XrayCommonClass {
 };
 
 Inbound.HttpSettings = class extends Inbound.Settings {
-    constructor(protocol, accounts = [new Inbound.HttpSettings.HttpAccount()]) {
+    constructor(
+        protocol, 
+        accounts = [new Inbound.HttpSettings.HttpAccount()],
+        allowTransparent = false,
+    ) {
         super(protocol);
         this.accounts = accounts;
+        this.allowTransparent = allowTransparent;
     }
 
     addAccount(account) {
@@ -2651,12 +2619,14 @@ Inbound.HttpSettings = class extends Inbound.Settings {
         return new Inbound.HttpSettings(
             Protocols.HTTP,
             json.accounts.map(account => Inbound.HttpSettings.HttpAccount.fromJson(account)),
+            json.allowTransparent,
         );
     }
 
     toJson() {
         return {
             accounts: Inbound.HttpSettings.toJsonArray(this.accounts),
+            allowTransparent: this.allowTransparent,
         };
     }
 };

web/controller/index.go

@@ -83,10 +83,6 @@ func (a *IndexController) login(c *gin.Context) {
 		logger.Warning("Unable to get session's max age from DB")
 	}
 
-	if sessionMaxAge <= 0 {
-		sessionMaxAge = 60
-	}
-
 	err = session.SetMaxAge(c, sessionMaxAge*60)
 	if err != nil {
 		logger.Warning("Unable to set session's max age")

web/entity/entity.go

@@ -52,7 +52,7 @@ type AllSetting struct {
 	SubJsonPath      string `json:"subJsonPath" form:"subJsonPath"`
 	SubJsonURI       string `json:"subJsonURI" form:"subJsonURI"`
 	SubJsonFragment  string `json:"subJsonFragment" form:"subJsonFragment"`
-	SubJsonNoise     string `json:"subJsonNoise" form:"subJsonNoise"`
+	SubJsonNoises    string `json:"subJsonNoises" form:"subJsonNoises"`
 	SubJsonMux       string `json:"subJsonMux" form:"subJsonMux"`
 	SubJsonRules     string `json:"subJsonRules" form:"subJsonRules"`
 	Datepicker       string `json:"datepicker" form:"datepicker"`

web/html/login.html

@@ -449,7 +449,7 @@
                     <a-row justify="center" class="centered">
                       <a-col :span="24">
                         <a-select ref="selectLang" v-model="lang"
-                                  @change="setLang(lang)" style="width: 150px;"
+                                  @change="setLang(lang)" style="width: 200px;"
                                   :dropdown-class-name="themeSwitcher.currentTheme">
                           <a-select-option :value="l.value" label="English" v-for="l in supportLangs">
                             <span role="img" aria-label="l.name" v-text="l.icon"></span>

web/html/xui/client_bulk_modal.html

@@ -28,7 +28,7 @@
         <a-form-item label='{{ i18n "pages.client.clientCount" }}' v-if="clientsBulkModal.emailMethod < 2">
             <a-input-number v-model="clientsBulkModal.quantity" :min="1" :max="100"></a-input-number>
         </a-form-item>
-        <a-form-item v-if="inbound.protocol === Protocols.VMESS" label='Security'>
+        <a-form-item label='{{ i18n "security" }}' v-if="inbound.protocol === Protocols.VMESS">
             <a-select v-model="clientsBulkModal.security" :dropdown-class-name="themeSwitcher.currentTheme">
                 <a-select-option v-for="key in USERS_SECURITY" :value="key">[[ key ]]</a-select-option>
             </a-select>

web/html/xui/form/allocate.html

@@ -0,0 +1,16 @@
+{{define "form/allocate"}}
+<a-divider style="margin:5px 0 0;">Allocate</a-divider>
+<a-form :colon="false" :label-col="{ md: {span:8} }" :wrapper-col="{ md: {span:14} }">
+    <a-form-item label='Strategy'>
+      <a-select v-model="inbound.allocate.strategy" :dropdown-class-name="themeSwitcher.currentTheme">
+        <a-select-option v-for="s in ['always','random']" :value="s">[[ s ]]</a-select-option>
+      </a-select>
+    </a-form-item>
+    <a-form-item label='Refresh'>
+      <a-input-number v-model.number="inbound.allocate.refresh" min="0"></a-input-number>
+    </a-form-item>
+    <a-form-item label='Concurrency'>
+      <a-input-number v-model.number="inbound.allocate.concurrency" min="0"></a-input-number>
+    </a-form-item>
+</a-form>
+{{end}}

web/html/xui/form/client.html

@@ -39,7 +39,7 @@
         </template>
         <a-input v-model.trim="client.id"></a-input>
     </a-form-item>
-    <a-form-item v-if="inbound.protocol === Protocols.VMESS" label='Security'>
+    <a-form-item v-if="inbound.protocol === Protocols.VMESS" label='{{ i18n "security" }}'>
         <a-select v-model="client.security" :dropdown-class-name="themeSwitcher.currentTheme">
             <a-select-option v-for="key in USERS_SECURITY" :value="key">[[ key ]]</a-select-option>
         </a-select>

web/html/xui/form/inbound.html

@@ -118,4 +118,10 @@
 <template>
     {{template "form/sniffing"}}
 </template>
+
+<!-- allocate -->
+<template>
+    {{template "form/allocate"}}
+</template>
+
 {{end}}

web/html/xui/form/outbound.html

@@ -22,9 +22,6 @@
             <a-select-option v-for="s in OutboundDomainStrategies" :value="s">[[ s ]]</a-select-option>
           </a-select>
         </a-form-item>
-        <a-form-item label='Timeout'>
-          <a-input-number v-model.number="outbound.settings.timeout" min="0" ></a-input-number>
-        </a-form-item>
         <a-form-item label='Redirect'>
           <a-input v-model="outbound.settings.redirect"></a-input>
         </a-form-item>
@@ -46,16 +43,39 @@
             <a-input v-model.trim="outbound.settings.fragment.interval"></a-input>
           </a-form-item>
         </template>
-        <a-form-item label='Noise'>
-          <a-switch :checked="Object.keys(outbound.settings.noise).length >0" @change="checked => outbound.settings.noise = checked ? new Outbound.FreedomSettings.Noise() : {}"></a-switch>
+
+        <!-- Switch for Noises -->
+        <a-form-item label='Noises'>
+          <a-switch :checked="outbound.settings.noises.length > 0"
+            @change="checked => outbound.settings.noises = checked ? [new Outbound.FreedomSettings.Noise()] : []">
+          </a-switch>
         </a-form-item>
-        <template v-if="Object.keys(outbound.settings.noise).length >0">
-          <a-form-item label='Packet'>
-            <a-input v-model.trim="outbound.settings.noise.packet"></a-input>
-          </a-form-item>
-          <a-form-item label='Delay'>
-            <a-input v-model.trim="outbound.settings.noise.delay"></a-input>
+
+        <!-- Add Noise Button -->
+        <template v-if="outbound.settings.noises.length > 0">
+          <a-form-item label="Noises">
+            <a-button icon="plus" type="primary" size="small" @click="outbound.settings.addNoise()"></a-button>
           </a-form-item>
+        
+        <!-- Noise Configurations -->
+          <a-form v-for="(noise, index) in outbound.settings.noises" :key="index" :colon="false" :label-col="{ md: {span:8} }"
+            :wrapper-col="{ md: {span:14} }">
+            <a-divider style="margin:0;"> Noise [[ index + 1 ]]
+              <a-icon v-if="outbound.settings.noises.length > 1" type="delete" @click="() => outbound.settings.delNoise(index)"
+                style="color: rgb(255, 77, 79); cursor: pointer;"></a-icon>
+            </a-divider>
+            <a-form-item label='Type'>
+              <a-select v-model="noise.type" :dropdown-class-name="themeSwitcher.currentTheme">
+                <a-select-option v-for="s in ['rand','base64','str']" :value="s">[[ s ]]</a-select-option>
+              </a-select>
+            </a-form-item>
+            <a-form-item label='Packet'>
+              <a-input v-model.trim="noise.packet"></a-input>
+            </a-form-item>
+            <a-form-item label='Delay'>
+              <a-input v-model.trim="noise.delay"></a-input>
+            </a-form-item>
+          </a-form>
         </template>
       </template>
 
@@ -75,6 +95,14 @@
             <a-select-option v-for="s in ['udp','tcp']" :value="s">[[ s ]]</a-select-option>
           </a-select>
         </a-form-item>
+        <a-form-item label='non-IP queries'>
+          <a-select v-model="outbound.settings.nonIPQuery" :dropdown-class-name="themeSwitcher.currentTheme">
+            <a-select-option v-for="s in ['drop','skip']" :value="s">[[ s ]]</a-select-option>
+          </a-select>
+        </a-form-item>
+        <a-form-item v-if="outbound.settings.nonIPQuery === 'skip'" label='Block Types' >
+          <a-input v-model.number="outbound.settings.blockTypes"></a-input>
+        </a-form-item>
       </template>
 
       <!-- wireguard settings -->
@@ -179,11 +207,15 @@
         <a-form-item label='ID'>
           <a-input v-model.trim="outbound.settings.id"></a-input>
         </a-form-item>
-        <a-form-item label='Security'>
-          <a-select v-model="outbound.settings.security" :dropdown-class-name="themeSwitcher.currentTheme">
-            <a-select-option v-for="key in USERS_SECURITY" :value="key">[[ key ]]</a-select-option>
-          </a-select>
-        </a-form-item>
+
+        <!-- vmess settings -->
+        <template v-if="outbound.protocol === Protocols.VMess">
+          <a-form-item label='Security'>
+            <a-select v-model="outbound.settings.security" :dropdown-class-name="themeSwitcher.currentTheme">
+              <a-select-option v-for="key in USERS_SECURITY" :value="key">[[ key ]]</a-select-option>
+            </a-select>
+          </a-form-item>
+        </template>
 
         <!-- vless settings -->
         <template v-if="outbound.canEnableTlsFlow()">
@@ -239,7 +271,6 @@
             <a-select-option value="kcp">mKCP</a-select-option>
             <a-select-option value="ws">WebSocket</a-select-option>
             <a-select-option value="http">H2</a-select-option>
-            <a-select-option value="quic">QUIC</a-select-option>
             <a-select-option value="grpc">gRPC</a-select-option>
             <a-select-option value="httpupgrade">HTTPUpgrade</a-select-option>
             <a-select-option value="splithttp">SplitHTTP</a-select-option>
@@ -317,31 +348,7 @@
             <a-input v-model.trim="outbound.stream.http.path"></a-input>
           </a-form-item>
         </template>
-
-        <!-- quic -->
-        <template v-if="outbound.stream.network === 'quic'">
-          <a-form-item label='{{ i18n "pages.inbounds.stream.quic.encryption" }}'>
-            <a-select v-model="outbound.stream.quic.security" :dropdown-class-name="themeSwitcher.currentTheme">
-              <a-select-option value="none">None</a-select-option>
-              <a-select-option value="aes-128-gcm">AES-128-GCM</a-select-option>
-              <a-select-option value="chacha20-poly1305">CHACHA20-POLY1305</a-select-option>
-            </a-select>
-          </a-form-item>
-          <a-form-item label='{{ i18n "password" }}'>
-            <a-input v-model.trim="outbound.stream.quic.key"></a-input>
-          </a-form-item>
-          <a-form-item label='{{ i18n "camouflage" }}'>
-            <a-select v-model="outbound.stream.quic.type" :dropdown-class-name="themeSwitcher.currentTheme">
-              <a-select-option value="none">None</a-select-option>
-              <a-select-option value="srtp">SRTP</a-select-option>
-              <a-select-option value="utp">uTP</a-select-option>
-              <a-select-option value="wechat-video">WeChat</a-select-option>
-              <a-select-option value="dtls">DTLS 1.2</a-select-option>
-              <a-select-option value="wireguard">WireGuard</a-select-option>
-            </a-select>
-          </a-form-item>
-        </template>
-
+        
         <!-- grpc -->
         <template v-if="outbound.stream.network === 'grpc'">
           <a-form-item label='Service Name'>

web/html/xui/form/protocol/dokodemo.html

@@ -16,8 +16,5 @@
     <a-form-item label='Follow Redirect'>
         <a-switch v-model="inbound.settings.followRedirect"></a-switch>
     </a-form-item>
-    <a-form-item label='Timeout'>
-        <a-input-number v-model.number="inbound.settings.timeout" :min="0"></a-input-number>
-    </a-form-item>
 </a-form>
 {{end}}

web/html/xui/form/protocol/http.html

@@ -19,5 +19,8 @@
       </template>
     </a-input>
   </a-input-group>
+  <a-form-item label="Allow Transparent">
+    <a-switch v-model="inbound.settings.allowTransparent" />
+  </a-form-item>
 </a-form>
 {{end}}

web/html/xui/form/protocol/vmess.html

@@ -10,7 +10,7 @@
             <tr class="client-table-header">
                 <th>{{ i18n "pages.inbounds.email" }}</th>
                 <th>ID</th>
-                <th>Security</th>
+                <th>{{ i18n "security" }}</th>
             </tr>
             <tr v-for="(client, index) in inbound.settings.vmesses" :class="index % 2 == 1 ? 'client-table-odd-row' : ''">
                 <td>[[ client.email ]]</td>

web/html/xui/form/sniffing.html

@@ -1,9 +1,9 @@
 {{define "form/sniffing"}}
-<a-divider style="margin:5px 0 0;"></a-divider>
+<a-divider style="margin:5px 0 0;">Sniffing</a-divider>
 <a-form :colon="false" :label-col="{ md: {span:8} }" :wrapper-col="{ md: {span:14} }">
   <a-form-item>
     <span slot="label">
-        Sniffing
+      {{ i18n "enabled" }}
         <a-tooltip>
             <template slot="title">
                 <span>{{ i18n "pages.inbounds.noRecommendKeepDefault" }}</span>

web/html/xui/form/stream/stream_quic.html

@@ -1,33 +0,0 @@
-{{define "form/streamQUIC"}}
-<a-form :colon="false" :label-col="{ md: {span:8} }" :wrapper-col="{ md: {span:14} }">
-    <a-form-item label='{{ i18n "pages.inbounds.stream.quic.encryption" }}'>
-        <a-select v-model="inbound.stream.quic.security" :dropdown-class-name="themeSwitcher.currentTheme">
-            <a-select-option value="none">None</a-select-option>
-            <a-select-option value="aes-128-gcm">AES-128-GCM</a-select-option>
-            <a-select-option value="chacha20-poly1305">CHACHA20-POLY1305</a-select-option>
-        </a-select>
-    </a-form-item>
-    <a-form-item>
-        <template slot="label">
-            <a-tooltip>
-                <template slot="title">
-                    <span>{{ i18n "reset" }}</span>
-                </template>
-                {{ i18n "password" }}
-                <a-icon @click="inbound.stream.quic.key = RandomUtil.randomSeq(10)"type="sync"> </a-icon>
-            </a-tooltip>
-        </template>
-        <a-input v-model.trim="inbound.stream.quic.key"></a-input>
-    </a-form-item>
-    <a-form-item label='{{ i18n "camouflage" }}'>
-        <a-select v-model="inbound.stream.quic.type" style="width: 50%" :dropdown-class-name="themeSwitcher.currentTheme">
-            <a-select-option value="none">None</a-select-option>
-            <a-select-option value="srtp">SRTP</a-select-option>
-            <a-select-option value="utp">uTP</a-select-option>
-            <a-select-option value="wechat-video">WeChat</a-select-option>
-            <a-select-option value="dtls">DTLS 1.2</a-select-option>
-            <a-select-option value="wireguard">WireGuard</a-select-option>
-        </a-select>
-    </a-form-item>
-</a-form>
-{{end}}

web/html/xui/form/stream/stream_settings.html

@@ -8,7 +8,6 @@
             <a-select-option value="kcp">mKCP</a-select-option>
             <a-select-option value="ws">WebSocket</a-select-option>
             <a-select-option value="http">H2</a-select-option>
-            <a-select-option value="quic">QUIC</a-select-option>
             <a-select-option value="grpc">gRPC</a-select-option>
             <a-select-option value="httpupgrade">HTTPUpgrade</a-select-option>
             <a-select-option value="splithttp">SplitHTTP</a-select-option>
@@ -36,11 +35,6 @@
     {{template "form/streamHTTP"}}
 </template>
 
-<!-- quic -->
-<template v-if="inbound.stream.network === 'quic'">
-    {{template "form/streamQUIC"}}
-</template>
-
 <!-- grpc -->
 <template v-if="inbound.stream.network === 'grpc'">
     {{template "form/streamGRPC"}}

web/html/xui/form/stream/stream_splithttp.html

@@ -34,5 +34,17 @@
     <a-form-item label="No SSE Header">
         <a-switch v-model="inbound.stream.splithttp.noSSEHeader"></a-switch>
     </a-form-item>
+    <a-form-item label="Max Concurrency">
+        <a-input-number v-model="inbound.stream.splithttp.xmux.maxConcurrency"></a-input-number>
+    </a-form-item>
+    <a-form-item label="Max Connections">
+        <a-input-number v-model="inbound.stream.splithttp.xmux.maxConnections"></a-input-number>
+    </a-form-item>
+    <a-form-item label="Max Reuse Times">
+        <a-input-number v-model="inbound.stream.splithttp.xmux.cMaxReuseTimes"></a-input-number>
+    </a-form-item>
+    <a-form-item label="Max Lifetime (ms)">
+        <a-input-number v-model="inbound.stream.splithttp.xmux.cMaxLifetimeMs"></a-input-number>
+    </a-form-item>
 </a-form>
 {{end}}

web/html/xui/form/tls_settings.html

@@ -184,6 +184,9 @@
     <a-form-item label='SNI'>
       <a-input v-model.trim="inbound.stream.reality.serverNames"></a-input>
     </a-form-item>
+    <a-form-item label='Max Time Diff (ms)'>
+      <a-input-number v-model.number="inbound.stream.reality.maxTimediff" :min="0"></a-input-number>
+    </a-form-item>
     <a-form-item>
       <template slot="label">
         <a-tooltip>

web/html/xui/inbound_info_modal.html

@@ -58,26 +58,6 @@
               </td>
             </tr>
           </template>
-          <template v-if="inbound.isQuic">
-            <tr>
-              <td>quic {{ i18n "encryption" }}</td>
-              <td>
-                <a-tag>[[ inbound.quicSecurity ]]</a-tag>
-              </td>
-            </tr>
-            <tr>
-              <td>quic {{ i18n "password" }}</td>
-              <td>
-                <a-tag>[[ inbound.quicKey ]]</a-tag>
-              </td>
-            </tr>
-            <tr>
-              <td>quic {{ i18n "camouflage" }}</td>
-              <td>
-                <a-tag>[[ inbound.quicType ]]</a-tag>
-              </td>
-            </tr>
-          </template>
           <template v-if="inbound.isKcp">
             <tr>
               <td>kcp {{ i18n "encryption" }}</td>
@@ -159,6 +139,12 @@
             <a-tag>[[ infoModal.clientSettings.id ]]</a-tag>
           </td>
         </tr>
+        <tr v-if="dbInbound.isVMess">
+          <td>{{ i18n "security" }}</td>
+          <td>
+            <a-tag>[[ infoModal.clientSettings.security ]]</a-tag>
+          </td>
+        </tr>
         <tr v-if="infoModal.inbound.canEnableTlsFlow()">
           <td>Flow</td>
           <td v-if="infoModal.clientSettings.flow">

web/html/xui/inbounds.html

@@ -733,7 +733,7 @@
                     this.inbounds.push(to_inbound);
                     this.dbInbounds.push(dbInbound);
                     if ([Protocols.VMESS, Protocols.VLESS, Protocols.TROJAN, Protocols.SHADOWSOCKS].includes(inbound.protocol)) {
-                        if (inbound.protocol === Protocols.SHADOWSOCKS && (!to_inbound.isSSMultiUser)) {
+                        if (dbInbound.isSS && (!to_inbound.isSSMultiUser)) {
                             continue;
                         }
                         this.clientCount[inbound.id] = this.getClientCounts(inbound, to_inbound);
@@ -935,6 +935,7 @@
                     settings: Inbound.Settings.getSettings(baseInbound.protocol).toString(),
                     streamSettings: baseInbound.stream.toString(),
                     sniffing: baseInbound.sniffing.toString(),
+                    allocate: baseInbound.allocate.toString(),
                 };
                 await this.submit('/panel/inbound/add', data, inModal);
             },
@@ -980,6 +981,7 @@
                 };
                 if (inbound.canEnableStream()) data.streamSettings = inbound.stream.toString();
                 data.sniffing = inbound.sniffing.toString();
+                data.allocate = inbound.allocate.toString();
 
                 await this.submit('/panel/inbound/add', data, inModal);
             },
@@ -999,6 +1001,7 @@
                 };
                 if (inbound.canEnableStream()) data.streamSettings = inbound.stream.toString();
                 data.sniffing = inbound.sniffing.toString();
+                data.allocate = inbound.allocate.toString();
 
                 await this.submit(`/panel/inbound/update/${dbInbound.id}`, data, inModal);
             },

web/html/xui/settings.html

@@ -138,7 +138,7 @@
                   <setting-list-item type="text" title='{{ i18n "pages.settings.publicKeyPath"}}' desc='{{ i18n "pages.settings.publicKeyPathDesc"}}' v-model="allSetting.webCertFile"></setting-list-item>
                   <setting-list-item type="text" title='{{ i18n "pages.settings.privateKeyPath"}}' desc='{{ i18n "pages.settings.privateKeyPathDesc"}}' v-model="allSetting.webKeyFile"></setting-list-item>
                   <setting-list-item type="text" title='{{ i18n "pages.settings.panelUrlPath"}}' desc='{{ i18n "pages.settings.panelUrlPathDesc"}}' v-model="allSetting.webBasePath"></setting-list-item>
-                  <setting-list-item type="number" title='{{ i18n "pages.settings.sessionMaxAge" }}' desc='{{ i18n "pages.settings.sessionMaxAgeDesc" }}' v-model="allSetting.sessionMaxAge" :min="0"></setting-list-item>
+                  <setting-list-item type="number" title='{{ i18n "pages.settings.sessionMaxAge" }}' desc='{{ i18n "pages.settings.sessionMaxAgeDesc" }}' v-model="allSetting.sessionMaxAge" :min="60"></setting-list-item>
                   <setting-list-item type="number" title='{{ i18n "pages.settings.pageSize" }}' desc='{{ i18n "pages.settings.pageSizeDesc" }}' v-model="allSetting.pageSize" :min="0" :step="5"></setting-list-item>
                   <setting-list-item type="number" title='{{ i18n "pages.settings.expireTimeDiff" }}' desc='{{ i18n "pages.settings.expireTimeDiffDesc" }}' v-model="allSetting.expireDiff" :min="0"></setting-list-item>
                   <setting-list-item type="number" title='{{ i18n "pages.settings.trafficDiff" }}' desc='{{ i18n "pages.settings.trafficDiffDesc" }}' v-model="allSetting.trafficDiff" :min="0"></setting-list-item>
@@ -305,20 +305,38 @@
                   <a-list-item style="padding: 20px">
                     <a-row>
                       <a-col :lg="24" :xl="12">
-                        <a-list-item-meta title='Noise'>
-                          <template slot="description">{{ i18n "pages.settings.noiseDesc"}}</template>
+                        <a-list-item-meta title='Noises'>
+                          <template slot="description">{{ i18n "pages.settings.noisesDesc"}}</template>
                         </a-list-item-meta>
                       </a-col>
                       <a-col :lg="24" :xl="12">
-                        <a-switch v-model="noise"></a-switch>
+                        <a-switch v-model="noises"></a-switch>
                       </a-col>
                     </a-row>
-                    <a-collapse v-if="noise" style="margin-top: 14px;">
-                      <a-collapse-panel header='{{ i18n "pages.settings.noiseSett"}}' v-if="noise">
-                        <setting-list-item style="padding: 10px 20px" type="text" title='Packet (ms)' v-model="noisePacket" placeholder="rand:5-10"></setting-list-item>
-                        <setting-list-item style="padding: 10px 20px" type="text" title='Delay (ms)' v-model="noiseDelay" placeholder="10-20"></setting-list-item>
+                    <a-collapse v-if="noises" style="margin-top: 14px;">
+                      <a-collapse-panel v-for="(noise, index) in noisesArray" :key="index" :header="`Noise ${index + 1}`">
+                        <a-list-item style="padding: 10px 20px">
+                          <a-row>
+                            <a-col :lg="24" :xl="12">
+                              <a-list-item-meta title='Type'></a-list-item-meta>
+                            </a-col>
+                            <a-col :lg="24" :xl="12">
+                              <a-select :value="noise.type" style="width: 100%" :dropdown-class-name="themeSwitcher.currentTheme"
+                                @change="(value) => updateNoiseType(index, value)">
+                                <a-select-option :value="p" :label="p" v-for="p in ['rand', 'base64', 'str']" :key="p">
+                                  [[ p ]] </a-select-option>
+                              </a-select>
+                            </a-col>
+                          </a-row>
+                        </a-list-item>
+                        <setting-list-item style="padding: 10px 20px" type="text" title='Packet' :value="noise.packet"
+                          @input="(value) => updateNoisePacket(index, value)" placeholder="5-10"></setting-list-item>
+                        <setting-list-item style="padding: 10px 20px" type="text" title='Delay (ms)' :value="noise.delay"
+                          @input="(value) => updateNoiseDelay(index, value)" placeholder="10-20"></setting-list-item>
+                        <a-button v-if="noisesArray.length > 1" type="danger" @click="removeNoise(index)">Remove</a-button>
                       </a-collapse-panel>
                     </a-collapse>
+                    <a-button v-if="noises" type="primary" @click="addNoise" style="margin-top: 10px">Add Noise</a-button>
                   </a-list-item>
                   <a-list-item style="padding: 20px">
                     <a-row>
@@ -362,9 +380,14 @@
                       </a-col>
                     </a-row>
                     <a-collapse v-if="enableDirect" style="margin-top: 14px;">
-                      <a-collapse-panel header='{{ i18n "pages.settings.directSett"}}'>
+                      <a-collapse-panel header='Geo IP'>
                         <a-list-item style="padding: 10px 20px">
-                          <a-checkbox-group v-model="directCountries" name="Countries" :options="countryOptions"></a-checkbox-group>
+                          <a-checkbox-group v-model="geoIP" name="Geo IP" :options="geoIPOptions"></a-checkbox-group>
+                        </a-list-item>
+                      </a-collapse-panel>
+                      <a-collapse-panel header='Geo Site'>
+                        <a-list-item style="padding: 10px 20px">
+                          <a-checkbox-group v-model="geoSite" name="Geo Site" :options="geoSiteOptions"></a-checkbox-group>
                         </a-list-item>
                       </a-collapse-panel>
                     </a-collapse>
@@ -419,15 +442,14 @@
           }
         }
       },
-      defaultNoise: {
-        tag: "noise",
+      defaultNoises: {
+        tag: "noises",
         protocol: "freedom",
         settings: {
           domainStrategy: "AsIs",
-          noise: {
-            packet: "rand:5-10",
-            delay: "10-20",
-          }
+          noises: [
+            { type: "rand", packet: "10-20", delay: "10-16" },
+          ],
         },
       },
       defaultMux: {
@@ -441,8 +463,7 @@
           type: "field",
           outboundTag: "direct",
           domain: [
-            "geosite:category-ir",
-            "geosite:cn"
+            "geosite:category-ir"
           ],
           "enabled": true
         },
@@ -451,17 +472,30 @@
           outboundTag: "direct",
           ip: [
             "geoip:private",
-            "geoip:ir",
-            "geoip:cn"
+            "geoip:ir"
           ],
           enabled: true
         },
       ],
-      countryOptions: [
+      geoIPOptions: [
         { label: 'Private IP/Domain', value: 'private' },
         { label: '🇮🇷 Iran', value: 'ir' },
         { label: '🇨🇳 China', value: 'cn' },
         { label: '🇷🇺 Russia', value: 'ru' },
+        { label: '🇻🇳 Vietnam', value: 'vn' },
+        { label: '🇪🇸 Spain', value: 'es' },
+        { label: '🇮🇩 Indonesia', value: 'id' },
+        { label: '🇺🇦 Ukraine', value: 'ua' },
+        { label: '🇹🇷 Türkiye', value: 'tr' },
+        { label: '🇧🇷 Brazil', value: 'br' },
+      ],
+      geoSiteOptions: [
+        { label: '🇮🇷 Iran', value: 'ir' },
+        { label: '🇨🇳 China', value: 'cn' },
+        { label: '🇷🇺 Russia', value: 'ru' },
+        { label: 'Apple', value: 'apple' },
+        { label: 'Meta', value: 'meta' },
+        { label: 'Google', value: 'google' },
       ],
       get remarkModel() {
         rm = this.allSetting.remarkModel;
@@ -591,6 +625,30 @@
           this.user.loginSecret = "";
         }
       },
+      addNoise() {
+        const newNoise = { type: "rand", packet: "10-20", delay: "10-16" };
+        this.noisesArray = [...this.noisesArray, newNoise];
+      },
+      removeNoise(index) {
+        const newNoises = [...this.noisesArray];
+        newNoises.splice(index, 1);
+        this.noisesArray = newNoises;
+      },
+      updateNoiseType(index, value) {
+        const updatedNoises = [...this.noisesArray];
+        updatedNoises[index] = { ...updatedNoises[index], type: value };
+        this.noisesArray = updatedNoises;
+      },
+      updateNoisePacket(index, value) {
+        const updatedNoises = [...this.noisesArray];
+        updatedNoises[index] = { ...updatedNoises[index], packet: value };
+        this.noisesArray = updatedNoises;
+      },
+      updateNoiseDelay(index, value) {
+        const updatedNoises = [...this.noisesArray];
+        updatedNoises[index] = { ...updatedNoises[index], delay: value };
+        this.noisesArray = updatedNoises;
+      },
     },
     computed: {
       fragment: {
@@ -629,29 +687,27 @@
           }
         }
       },
-      noise: {
-        get: function () { return this.allSetting?.subJsonNoise != ""; },
-        set: function (v) {
-          this.allSetting.subJsonNoise = v ? JSON.stringify(this.defaultNoise) : "";
-        }
-      },
-      noisePacket: {
-        get: function () { return this.noise ? JSON.parse(this.allSetting.subJsonNoise).settings.noise.packet : ""; },
-        set: function (v) {
-          if (v != "") {
-            newNoise = JSON.parse(this.allSetting.subJsonNoise);
-            newNoise.settings.noise.packet = v;
-            this.allSetting.subJsonNoise = JSON.stringify(newNoise);
+      noises: {
+        get() {
+          return this.allSetting?.subJsonNoises != "";
+        },
+        set(v) {
+          if (v) {
+            this.allSetting.subJsonNoises = JSON.stringify(this.defaultNoises);
+          } else {
+            this.allSetting.subJsonNoises = "";
           }
         }
       },
-      noiseDelay: {
-        get: function () { return this.noise ? JSON.parse(this.allSetting.subJsonNoise).settings.noise.delay : ""; },
-        set: function (v) {
-          if (v != "") {
-            newNoise = JSON.parse(this.allSetting.subJsonNoise);
-            newNoise.settings.noise.delay = v;
-            this.allSetting.subJsonNoise = JSON.stringify(newNoise);
+      noisesArray: {
+        get() {
+          return this.noises ? JSON.parse(this.allSetting.subJsonNoises).settings.noises : [];
+        },
+        set(value) {
+          if (this.noises) {
+            const newNoises = JSON.parse(this.allSetting.subJsonNoises);
+            newNoises.settings.noises = value;
+            this.allSetting.subJsonNoises = JSON.stringify(newNoises);
           }
         }
       },
@@ -691,28 +747,49 @@
           this.allSetting.subJsonRules = v ? JSON.stringify(this.defaultRules) : "";
         }
       },
-      directCountries: {
+      geoIP: {
         get: function () {
           if (!this.enableDirect) return [];
-          rules = JSON.parse(this.allSetting.subJsonRules);
+          const rules = JSON.parse(this.allSetting.subJsonRules);
           return Array.isArray(rules) ? rules[1].ip.map(d => d.replace("geoip:", "")) : [];
         },
         set: function (v) {
-          rules = JSON.parse(this.allSetting.subJsonRules);
+          const rules = JSON.parse(this.allSetting.subJsonRules);
           if (!Array.isArray(rules)) return;
-          rules[0].domain = [];
+
           rules[1].ip = [];
+          v.forEach(d => {
+            rules[1].ip.push("geoip:" + d);
+          });
+          this.allSetting.subJsonRules = JSON.stringify(rules);
+        }
+      },
+      geoSite: {
+        get: function () {
+          if (!this.enableDirect) return [];
+          const rules = JSON.parse(this.allSetting.subJsonRules);
+          return Array.isArray(rules) ?
+            rules[0].domain.map(d => {
+              if (d.startsWith("geosite:category-")) {
+                return d.replace("geosite:category-", ""); 
+              }
+              return d.replace("geosite:", "");
+            })
+            : [];
+        },
+        set: function (v) {
+          const rules = JSON.parse(this.allSetting.subJsonRules);
+          if (!Array.isArray(rules)) return;
+
+          rules[0].domain = [];
           v.forEach(d => {
             let category = '';
-            if (["cn", "private"].includes(d)) {
+            if (["cn", "apple", "meta", "google"].includes(d)) {
               category = "";
-            } else if (d === 'ru') {
-              category = "category-gov-";
-            } else {
+            } else if (["ru", "ir"].includes(d)) {
               category = "category-";
             }
             rules[0].domain.push("geosite:" + category + d);
-            rules[1].ip.push("geoip:" + d);
           });
           this.allSetting.subJsonRules = JSON.stringify(rules);
         }

web/html/xui/xray.html

@@ -163,8 +163,8 @@
                         </a-col>
                         <a-col :lg="24" :xl="12">
                           <template>
-                            <a-select v-model="setLogLevel" :dropdown-class-name="themeSwitcher.currentTheme" style="width: 100%">
-                              <a-select-option v-for="s in logLevel" :value="s">[[ s ]]</a-select-option>
+                            <a-select v-model="logLevel" :dropdown-class-name="themeSwitcher.currentTheme" style="width: 100%">
+                                <a-select-option v-for="s in log.loglevel" :value="s">[[ s ]]</a-select-option>
                             </a-select>
                           </template>
                         </a-col>
@@ -178,7 +178,8 @@
                         <a-col :lg="24" :xl="12">
                           <template>
                             <a-select v-model="accessLog" :dropdown-class-name="themeSwitcher.currentTheme" style="width: 100%">
-                              <a-select-option v-for="s in access" :key="s" :value="s">[[ s ]]</a-select-option>
+                                <a-select-option value=''>Empty</a-select-option>
+                                <a-select-option v-for="s in log.access" :value="s">[[ s ]]</a-select-option>
                             </a-select>
                           </template>
                         </a-col>
@@ -192,11 +193,28 @@
                         <a-col :lg="24" :xl="12">
                           <template>
                             <a-select v-model="errorLog" :dropdown-class-name="themeSwitcher.currentTheme" style="width: 100%">
-                              <a-select-option v-for="s in error" :key="s" :value="s">[[ s ]]</a-select-option>
+                                <a-select-option value=''>Empty</a-select-option>
+                                <a-select-option v-for="s in log.error" :value="s">[[ s ]]</a-select-option>
                             </a-select>
                           </template>
                         </a-col>
                       </a-row>
+                      <a-row style="padding: 10px 20px">
+                        <a-col :lg="24" :xl="12">
+                          <a-list-item-meta title='{{ i18n "pages.xray.maskAddress" }}'
+                            description='{{ i18n "pages.xray.maskAddressDesc" }}'>
+                          </a-list-item-meta>
+                        </a-col>
+                        <a-col :lg="24" :xl="12">
+                          <template>
+                            <a-select v-model="maskAddressLog" :dropdown-class-name="themeSwitcher.currentTheme" style="width: 100%">
+                                <a-select-option value=''>Empty</a-select-option>
+                                <a-select-option v-for="s in log.maskAddress" :value="s">[[ s ]]</a-select-option>
+                            </a-select>
+                          </template>
+                        </a-col>
+                      </a-row>
+                      <setting-list-item type="switch" title='{{ i18n "pages.xray.dnsLog"}}' desc='{{ i18n "pages.xray.dnsLogDesc"}}' v-model="dnslog"></setting-list-item>
                     </a-list-item>
                   </a-collapse-panel>
                   <a-collapse-panel header='{{ i18n "pages.xray.blockConfigs"}}'>
@@ -791,9 +809,13 @@
                 protocol: "freedom"
             },
             routingDomainStrategies: ["AsIs", "IPIfNonMatch", "IPOnDemand"],
-            logLevel: ["none" , "debug" , "info" , "warning", "error"],
-            access: [],
-            error: [],
+            log: {
+                loglevel: ["none", "debug", "info", "warning", "error"],
+                access: ["none", "./access.log"],
+                error: ["none", "./error.log"],
+                dnsLog: false,
+                maskAddress: ["quarter", "half", "full"],
+            },
             settingsData: {
                 protocols: {
                     bittorrent: ["bittorrent"],
@@ -828,10 +850,11 @@
                         "regexp:.*\\.cn$"
                     ],
                     ru: [
-                        "geosite:category-gov-ru",
+                        "geosite:category-ru",  //https://github.com/v2fly/domain-list-community/blob/master/data/category-ru
                         "regexp:.*\\.ru$"
                     ],
                     ir: [
+                        "geosite:category-ir",  // https://github.com/v2fly/domain-list-community/blob/master/data/category-ir
                         "regexp:.*\\.ir$",
                         "regexp:.*\\.xn--mgba3a4f16a$",  // .ایران
                         "ext:geosite_IR.dat:ir"
@@ -1519,27 +1542,11 @@
             templateSettings: {
                 get: function () {
                     const parsedSettings = this.xraySetting ? JSON.parse(this.xraySetting) : null;
-                    let accessLogPath = "./access.log";
-                    let errorLogPath = "./error.log";
-
-                    if (parsedSettings && parsedSettings.log) {
-                        if (parsedSettings.log.access && parsedSettings.log.access !== "none") {
-                            accessLogPath = parsedSettings.log.access;
-                        }
-                        if (parsedSettings.log.error && parsedSettings.log.error !== "none") {
-                            errorLogPath = parsedSettings.log.error;
-                        }
-                    }
-
-                    this.access = ["none", accessLogPath];
-                    this.error = ["none", errorLogPath];
                     return parsedSettings;
                 },
                 set: function (newValue) {
-                    if (newValue && newValue.log) {
+                    if (newValue) {
                         this.xraySetting = JSON.stringify(newValue, null, 2);
-                        this.access = ["none", newValue.log.access || "./access.log"];
-                        this.error = ["none", newValue.log.error || "./error.log"];
                     }
                 },
             },
@@ -1688,7 +1695,7 @@
                     this.templateSettings = newTemplateSettings;
                 }
             },
-            setLogLevel: {
+            logLevel: {
                 get: function () {
                     if (!this.templateSettings || !this.templateSettings.log || !this.templateSettings.log.loglevel) return "warning";
                     return this.templateSettings.log.loglevel;
@@ -1721,6 +1728,28 @@
                     this.templateSettings = newTemplateSettings;
                 }
             },
+            dnslog: {
+                get: function () {
+                    if (!this.templateSettings || !this.templateSettings.log || !this.templateSettings.log.dnsLog) return false;
+                    return this.templateSettings.log.dnsLog;
+                },
+                set: function (newValue) {
+                    newTemplateSettings = this.templateSettings;
+                    newTemplateSettings.log.dnsLog = newValue;
+                    this.templateSettings = newTemplateSettings;
+                }
+            },
+            maskAddressLog: {
+                get: function () {
+                    if (!this.templateSettings || !this.templateSettings.log || !this.templateSettings.log.maskAddress) return "";
+                    return this.templateSettings.log.maskAddress;
+                },
+                set: function (newValue) {
+                    newTemplateSettings = this.templateSettings;
+                    newTemplateSettings.log.maskAddress = newValue;
+                    this.templateSettings = newTemplateSettings;
+                }
+            },
             blockedIPs: {
                 get: function () {
                     return this.templateRuleGetter({ outboundTag: "blocked", property: "ip" });

web/job/check_client_ip_job.go

@@ -36,20 +36,15 @@ func (j *CheckClientIpJob) Run() {
 	}
 
 	shouldClearAccessLog := false
-	f2bInstalled := j.checkFail2BanInstalled()
-	isAccessLogAvailable := j.checkAccessLogAvailable(f2bInstalled)
+	iplimitActive := j.hasLimitIp()
+	f2bInstalled := j.checkFail2BanInstalled(iplimitActive)
+	isAccessLogAvailable := j.checkAccessLogAvailable(iplimitActive)
 
-	if j.hasLimitIp() {
-		if f2bInstalled && isAccessLogAvailable {
-			shouldClearAccessLog = j.processLogFile()
-		} else {
-			if !f2bInstalled {
-				logger.Warning("[iplimit] fail2ban is not installed. IP limiting may not work properly.")
-			}
-		}
+	if iplimitActive && f2bInstalled && isAccessLogAvailable {
+		shouldClearAccessLog = j.processLogFile()
 	}
 
-	if shouldClearAccessLog || isAccessLogAvailable && time.Now().Unix()-j.lastClear > 3600 {
+	if shouldClearAccessLog || (isAccessLogAvailable && time.Now().Unix()-j.lastClear > 3600) {
 		j.clearAccessLog()
 	}
 }
@@ -122,13 +117,13 @@ func (j *CheckClientIpJob) processLogFile() bool {
 	for scanner.Scan() {
 		line := scanner.Text()
 
-		ipRegx, _ := regexp.Compile(`(\d+\.\d+\.\d+\.\d+).* accepted`)
-		emailRegx, _ := regexp.Compile(`email:.+`)
+		ipRegx, _ := regexp.Compile(`from \[?([0-9a-fA-F:.]+)\]?:\d+ accepted`)
+		emailRegx, _ := regexp.Compile(`email: (\S+)$`)
 
 		matches := ipRegx.FindStringSubmatch(line)
 		if len(matches) > 1 {
 			ip := matches[1]
-			if ip == "127.0.0.1" {
+			if ip == "127.0.0.1" || ip == "::1" {
 				continue
 			}
 
@@ -136,7 +131,7 @@ func (j *CheckClientIpJob) processLogFile() bool {
 			if matchesEmail == "" {
 				continue
 			}
-			matchesEmail = strings.TrimSpace(strings.Split(matchesEmail, "email: ")[1])
+			matchesEmail = strings.Split(matchesEmail, "email: ")[1]
 
 			if InboundClientIps[matchesEmail] != nil {
 				if j.contains(InboundClientIps[matchesEmail], ip) {
@@ -167,35 +162,33 @@ func (j *CheckClientIpJob) processLogFile() bool {
 	return shouldCleanLog
 }
 
-func (j *CheckClientIpJob) checkFail2BanInstalled() bool {
+func (j *CheckClientIpJob) checkFail2BanInstalled(iplimitActive bool) bool {
 	cmd := "fail2ban-client"
 	args := []string{"-h"}
 	err := exec.Command(cmd, args...).Run()
-	return err == nil
+
+	if iplimitActive && err != nil {
+		logger.Warning("[LimitIP] Fail2Ban is not installed, Please install Fail2Ban from the x-ui bash menu.")
+		return false
+	}
+
+	return true
 }
 
-func (j *CheckClientIpJob) checkAccessLogAvailable(handleWarning bool) bool {
-	isAvailable := true
-	warningMsg := ""
+func (j *CheckClientIpJob) checkAccessLogAvailable(iplimitActive bool) bool {
 	accessLogPath, err := xray.GetAccessLogPath()
 	if err != nil {
 		return false
 	}
 
-	// access log is not available if it is set to 'none' or an empty string
-	switch accessLogPath {
-	case "none":
-		warningMsg = "Access log is set to 'none', check your Xray Configs"
-		isAvailable = false
-	case "":
-		warningMsg = "Access log doesn't exist in your Xray Configs"
-		isAvailable = false
+	if accessLogPath == "none" || accessLogPath == "" {
+		if iplimitActive {
+			logger.Warning("[LimitIP] Access log path is not set, Please configure the access log path in Xray configs.")
+		}
+		return false
 	}
 
-	if handleWarning && warningMsg != "" {
-		logger.Warning(warningMsg)
-	}
-	return isAvailable
+	return true
 }
 
 func (j *CheckClientIpJob) checkError(e error) {

web/service/config.json

@@ -2,8 +2,9 @@
   "log": {
     "access": "none",
     "dnsLog": false,
-    "error": "./error.log",
-    "loglevel": "warning"
+    "error": "",
+    "loglevel": "warning",
+    "maskAddress": ""
   },
   "api": {
     "tag": "api",

web/service/inbound.go

@@ -2,7 +2,9 @@ package service
 
 import (
 	"encoding/json"
+	"errors"
 	"fmt"
+	"regexp"
 	"strconv"
 	"strings"
 	"time"
@@ -329,6 +331,7 @@ func (s *InboundService) UpdateInbound(inbound *model.Inbound) (*model.Inbound,
 	oldInbound.Settings = inbound.Settings
 	oldInbound.StreamSettings = inbound.StreamSettings
 	oldInbound.Sniffing = inbound.Sniffing
+	oldInbound.Allocate = inbound.Allocate
 	if inbound.Listen == "" || inbound.Listen == "0.0.0.0" || inbound.Listen == "::" || inbound.Listen == "::0" {
 		oldInbound.Tag = fmt.Sprintf("inbound-%v", inbound.Port)
 	} else {
@@ -411,6 +414,12 @@ func (s *InboundService) AddInboundClient(data *model.Inbound) (bool, error) {
 		return false, err
 	}
 
+	email := clients[0].Email
+	valid, err := validateEmail(email)
+	if !valid {
+		return false, err
+	}
+
 	var settings map[string]interface{}
 	err = json.Unmarshal([]byte(data.Settings), &settings)
 	if err != nil {
@@ -601,6 +610,12 @@ func (s *InboundService) UpdateInboundClient(data *model.Inbound, clientId strin
 		return false, err
 	}
 
+	email := clients[0].Email
+	valid, err := validateEmail(email)
+	if !valid {
+		return false, err
+	}
+
 	var settings map[string]interface{}
 	err = json.Unmarshal([]byte(data.Settings), &settings)
 	if err != nil {
@@ -2007,3 +2022,20 @@ func (s *InboundService) MigrateDB() {
 func (s *InboundService) GetOnlineClients() []string {
 	return p.GetOnlineClients()
 }
+
+func validateEmail(email string) (bool, error) {
+	if strings.Contains(email, " ") {
+		return false, errors.New("email contains spaces, please remove them")
+	}
+
+	if email != strings.ToLower(email) {
+		return false, errors.New("email contains uppercase letters, please convert to lowercase")
+	}
+
+	emailPattern := `^[a-z0-9@._-]+$`
+	if !regexp.MustCompile(emailPattern).MatchString(email) {
+		return false, errors.New("email contains invalid characters, please use only lowercase letters, digits, and @._-")
+	}
+
+	return true, nil
+}

web/service/setting.go

@@ -32,7 +32,7 @@ var defaultValueMap = map[string]string{
 	"webKeyFile":         "",
 	"secret":             random.Seq(32),
 	"webBasePath":        "/",
-	"sessionMaxAge":      "0",
+	"sessionMaxAge":      "60",
 	"pageSize":           "50",
 	"expireDiff":         "0",
 	"trafficDiff":        "0",
@@ -62,7 +62,7 @@ var defaultValueMap = map[string]string{
 	"subJsonPath":        "/json/",
 	"subJsonURI":         "",
 	"subJsonFragment":    "",
-	"subJsonNoise":       "",
+	"subJsonNoises":      "",
 	"subJsonMux":         "",
 	"subJsonRules":       "",
 	"datepicker":         "gregorian",
@@ -459,8 +459,8 @@ func (s *SettingService) GetSubJsonFragment() (string, error) {
 	return s.getString("subJsonFragment")
 }
 
-func (s *SettingService) GetSubJsonNoise() (string, error) {
-	return s.getString("subJsonNoise")
+func (s *SettingService) GetSubJsonNoises() (string, error) {
+	return s.getString("subJsonNoises")
 }
 
 func (s *SettingService) GetSubJsonMux() (string, error) {

web/translation/translate.en_US.toml

@@ -225,9 +225,6 @@
 "requestHeader" = "Request Header"
 "responseHeader" = "Response Header"
 
-[pages.inbounds.stream.quic]
-"encryption" = "Encryption"
-
 [pages.settings]
 "title" = "Panel Settings"
 "save" = "Save"
@@ -312,14 +309,14 @@
 "fragment" = "Fragmentation"
 "fragmentDesc" = "Enable fragmentation for TLS hello packet."
 "fragmentSett" = "Fragmentation Settings"
-"noiseDesc" = "Enable Noise."
-"noiseSett" = "Noise Settings"
+"noisesDesc" = "Enable Noises."
+"noisesSett" = "Noises Settings"
 "mux" = "Mux"
 "muxDesc" = "Transmit multiple independent data streams within an established data stream."
 "muxSett" = "Mux Settings"
 "direct" = "Direct Connection"
 "directDesc" = "Directly establishes connections with domains or IP ranges of a specific country."
-"directSett" = "Direct Connection Options"
+
 
 [pages.xray]
 "title" = "Xray Configs"
@@ -425,6 +422,10 @@
 "accessLogDesc" = "The file path for the access log. The special value 'none' disabled access logs"
 "errorLog" = "Error Log"
 "errorLogDesc" = "The file path for the error log. The special value 'none' disabled error logs"
+"dnsLog" = "DNS Log"
+"dnsLogDesc" = "Whether to enable DNS query logs"
+"maskAddress" = "Mask Address"
+"maskAddressDesc" = "IP address mask, when enabled, will automatically replace the IP address that appears in the log."
 
 [pages.xray.rules]
 "first" = "First"

web/translation/translate.es_ES.toml

@@ -225,9 +225,6 @@
 "requestHeader" = "Encabezado de solicitud"
 "responseHeader" = "Encabezado de respuesta"
 
-[pages.inbounds.stream.quic]
-"encryption" = "Cifrado"
-
 [pages.settings]
 "title" = "Configuraciones"
 "save" = "Guardar"
@@ -312,14 +309,14 @@
 "fragment" = "Fragmentación"
 "fragmentDesc" = "Habilitar la fragmentación para el paquete de saludo de TLS"
 "fragmentSett" = "Configuración de Fragmentación"
-"noiseDesc" = "Activar Noise."
-"noiseSett" = "Configuración de Noise"
+"noisesDesc" = "Activar Noises."
+"noisesSett" = "Configuración de Noises"
 "mux" = "Mux"
 "muxDesc" = "Transmite múltiples flujos de datos independientes dentro de un flujo de datos establecido."
 "muxSett" = "Configuración Mux"
 "direct" = "Conexión Directa"
 "directDesc" = "Establece conexiones directas con dominios o rangos de IP de un país específico."
-"directSett" = "Opciones de Conexión Directa"
+
 
 [pages.xray]
 "title" = "Xray Configuración"
@@ -425,6 +422,10 @@
 "accessLogDesc" = "La ruta del archivo para el registro de acceso. El valor especial 'ninguno' deshabilita los registros de acceso"
 "errorLog" = "Registro de Errores"
 "errorLogDesc" = "La ruta del archivo para el registro de errores. El valor especial 'none' desactiva los registros de errores."
+"dnsLog" = "Registro DNS"
+"dnsLogDesc" = "Si habilitar los registros de consulta DNS"
+"maskAddress" = "Enmascarar Dirección"
+"maskAddressDesc" = "Máscara de dirección IP, cuando se habilita, reemplazará automáticamente la dirección IP que aparece en el registro."
 
 [pages.xray.rules]
 "first" = "Primero"

web/translation/translate.fa_IR.toml

@@ -225,9 +225,6 @@
 "requestHeader" = "سربرگ درخواست"
 "responseHeader" = "سربرگ پاسخ"
 
-[pages.inbounds.stream.quic]
-"encryption" = "رمزنگاری"
-
 [pages.settings]
 "title" = "تنظیمات پنل"
 "save" = "ذخیره"
@@ -312,14 +309,14 @@
 "fragment" = "فرگمنت"
 "fragmentDesc" = "فعال کردن فرگمنت برای بسته‌ی نخست تی‌ال‌اس"
 "fragmentSett" = "تنظیمات فرگمنت"
-"noiseDesc" = "فعال کردن Noise."
-"noiseSett" = "تنظیمات Noise"
+"noisesDesc" = "فعال کردن Noises."
+"noisesSett" = "تنظیمات Noises"
 "mux" = "ماکس"
 "muxDesc" = "چندین جریان داده مستقل را در یک جریان داده ثابت منتقل می کند"
 "muxSett" = "تنظیمات ماکس"
 "direct" = "اتصال مستقیم"
 "directDesc" = "به طور مستقیم با دامنه ها یا محدوده آی‌پی یک کشور خاص ارتباط برقرار می کند"
-"directSett" = "گزینه های اتصال مستقیم"
+
 
 [pages.xray]
 "title" = "پیکربندی ایکس‌ری"
@@ -425,6 +422,10 @@
 "accessLogDesc" = "مسیر فایل برای گزارش دسترسی. مقدار ویژه «هیچ» گزارش‌های دسترسی را غیرفعال میکند."
 "errorLog" = "گزارش خطا"
 "errorLogDesc" = "مسیر فایل برای ورود به سیستم خطا. مقدار ویژه «هیچ» گزارش های خطا را غیرفعال میکند"
+"dnsLog" = "گزارش DNS"
+"dnsLogDesc" = "آیا ثبت‌های درخواست DNS را فعال کنید"
+"maskAddress" = "پنهان کردن آدرس"
+"maskAddressDesc" = "پوشش آدرس IP، هنگامی که فعال می‌شود، به طور خودکار آدرس IP که در لاگ ظاهر می‌شود را جایگزین می‌کند."
 
 [pages.xray.rules]
 "first" = "اولین"

web/translation/translate.id_ID.toml

@@ -225,9 +225,6 @@
 "requestHeader" = "Header Permintaan"
 "responseHeader" = "Header Respons"
 
-[pages.inbounds.stream.quic]
-"encryption" = "Enkripsi"
-
 [pages.settings]
 "title" = "Pengaturan Panel"
 "save" = "Simpan"
@@ -312,14 +309,14 @@
 "fragment" = "Fragmentasi"
 "fragmentDesc" = "Aktifkan fragmentasi untuk paket hello TLS"
 "fragmentSett" = "Pengaturan Fragmentasi"
-"noiseDesc" = "Aktifkan Noise."
-"noiseSett" = "Pengaturan Noise"
+"noisesDesc" = "Aktifkan Noises."
+"noisesSett" = "Pengaturan Noises"
 "mux" = "Mux"
 "muxDesc" = "Mengirimkan beberapa aliran data independen dalam aliran data yang sudah ada."
 "muxSett" = "Pengaturan Mux"
 "direct" = "Koneksi langsung"
 "directDesc" = "Secara langsung membuat koneksi dengan domain atau rentang IP negara tertentu."
-"directSett" = "Opsi Koneksi Langsung"
+
 
 [pages.xray]
 "title" = "Konfigurasi Xray"
@@ -425,6 +422,10 @@
 "accessLogDesc" = "Jalur file untuk log akses. Nilai khusus 'tidak ada' menonaktifkan log akses"
 "errorLog" = "Catatan eror"
 "errorLogDesc" = "Jalur file untuk log kesalahan. Nilai khusus 'tidak ada' menonaktifkan log kesalahan"
+"dnsLog" = "Log DNS"
+"dnsLogDesc" = "Apakah akan mengaktifkan log kueri DNS"
+"maskAddress" = "Alamat Masker"
+"maskAddressDesc" = "Masker alamat IP, ketika diaktifkan, akan secara otomatis mengganti alamat IP yang muncul di log."
 
 [pages.xray.rules]
 "first" = "Pertama"

web/translation/translate.pt_BR.toml

@@ -225,9 +225,6 @@
 "requestHeader" = "Cabeçalho da Requisição"
 "responseHeader" = "Cabeçalho da Resposta"
 
-[pages.inbounds.stream.quic]
-"encryption" = "Criptografia"
-
 [pages.settings]
 "title" = "Configurações do Painel"
 "save" = "Salvar"
@@ -312,14 +309,14 @@
 "fragment" = "Fragmentação"
 "fragmentDesc" = "Ativa a fragmentação para o pacote TLS hello."
 "fragmentSett" = "Configurações de Fragmentação"
-"noiseDesc" = "Ativar Noise."
-"noiseSett" = "Configurações de Noise"
+"noisesDesc" = "Ativar Noises."
+"noisesSett" = "Configurações de Noises"
 "mux" = "Mux"
 "muxDesc" = "Transmitir múltiplos fluxos de dados independentes dentro de um fluxo de dados estabelecido."
 "muxSett" = "Configurações de Mux"
 "direct" = "Conexão Direta"
 "directDesc" = "Estabelece conexões diretamente com domínios ou intervalos de IP de um país específico."
-"directSett" = "Opções de Conexão Direta"
+
 
 [pages.xray]
 "title" = "Configurações Xray"
@@ -425,6 +422,10 @@
 "accessLogDesc" = "O caminho do arquivo para o log de acesso. O valor especial 'none' desativa os logs de acesso."
 "errorLog" = "Log de Erros"
 "errorLogDesc" = "O caminho do arquivo para o log de erros. O valor especial 'none' desativa os logs de erro."
+"dnsLog" = "Log DNS"
+"dnsLogDesc" = "Se ativar logs de consulta DNS"
+"maskAddress" = "Mascarar Endereço"
+"maskAddressDesc" = "Máscara de endereço IP, quando ativado, substitui automaticamente o endereço IP que aparece no log."
 
 [pages.xray.rules]
 "first" = "Primeiro"

web/translation/translate.ru_RU.toml

@@ -225,9 +225,6 @@
 "requestHeader" = "Заголовок запроса"
 "responseHeader" = "Заголовок ответа"
 
-[pages.inbounds.stream.quic]
-"encryption" = "Шифрование"
-
 [pages.settings]
 "title" = "Настройки"
 "save" = "Сохранить"
@@ -312,14 +309,14 @@
 "fragment" = "Фрагментация"
 "fragmentDesc" = "Включить фрагментацию для пакета приветствия TLS"
 "fragmentSett" = "Настройки фрагментации"
-"noiseDesc" = "Включить Noise."
-"noiseSett" = "Настройки Noise"
+"noisesDesc" = "Включить Noises."
+"noisesSett" = "Настройки Noises"
 "mux" = "Mux"
 "muxDesc" = "Передача нескольких независимых потоков данных в рамках установленного потока данных."
 "muxSett" = "Mux Настройки"
 "direct" = "Прямая связь"
 "directDesc" = "Напрямую устанавливает соединения с доменами или диапазонами IP конкретной страны."
-"directSett" = "Варианты прямого подключения"
+
 
 [pages.xray]
 "title" = "Настройки Xray"
@@ -425,6 +422,10 @@
 "accessLogDesc" = "Путь к файлу журнала доступа. Специальное значение «none» отключило журналы доступа."
 "errorLog" = "Журнал ошибок"
 "errorLogDesc" = "Путь к файлу журнала ошибок. Специальное значение «none» отключает журналы ошибок."
+"dnsLog" = "DNS Журнал"
+"dnsLogDesc" = "Включить логи запросов DNS"
+"maskAddress" = "Маскировать Адрес"
+"maskAddressDesc" = "Маска IP-адреса, при активации автоматически заменяет IP-адрес, который появляется в логе."
 
 [pages.xray.rules]
 "first" = "Первый"

web/translation/translate.tr_TR.toml

@@ -225,9 +225,6 @@
 "requestHeader" = "İstek Başlığı"
 "responseHeader" = "Yanıt Başlığı"
 
-[pages.inbounds.stream.quic]
-"encryption" = "Şifreleme"
-
 [pages.settings]
 "title" = "Panel Ayarları"
 "save" = "Kaydet"
@@ -312,14 +309,14 @@
 "fragment" = "Parçalama"
 "fragmentDesc" = "TLS merhaba paketinin parçalanmasını etkinleştir."
 "fragmentSett" = "Parçalama Ayarları"
-"noiseDesc" = "Noise'i Etkinleştir."
-"noiseSett" = "Noise Ayarları"
+"noisesDesc" = "Noises'i Etkinleştir."
+"noisesSett" = "Noises Ayarları"
 "mux" = "Mux"
 "muxDesc" = "Kurulmuş bir veri akışında birden çok bağımsız veri akışını iletir."
 "muxSett" = "Mux Ayarları"
 "direct" = "Doğrudan Bağlantı"
 "directDesc" = "Belirli bir ülkenin alan adları veya IP aralıkları ile doğrudan bağlantı kurar."
-"directSett" = "Doğrudan Bağlantı Seçenekleri"
+
 
 [pages.xray]
 "title" = "Xray Yapılandırmaları"
@@ -425,6 +422,10 @@
 "accessLogDesc" = "Erişim günlüğü için dosya yolu. 'none' özel değeri erişim günlüklerini devre dışı bırakır"
 "errorLog" = "Hata Günlüğü"
 "errorLogDesc" = "Hata günlüğü için dosya yolu. 'none' özel değeri hata günlüklerini devre dışı bırakır"
+"dnsLog" = "DNS Günlüğü"
+"dnsLogDesc" = "DNS sorgu günlüklerini etkinleştirin"
+"maskAddress" = "Adres Maskesi"
+"maskAddressDesc" = "IP adresi maskesi, etkinleştirildiğinde, günlükte görünen IP adresini otomatik olarak değiştirecektir."
 
 [pages.xray.rules]
 "first" = "İlk"

web/translation/translate.uk_UA.toml

@@ -225,9 +225,6 @@
 "requestHeader" = "Заголовок запиту"
 "responseHeader" = "Заголовок відповіді"
 
-[pages.inbounds.stream.quic]
-"encryption" = "Шифрування"
-
 [pages.settings]
 "title" = "Параметри панелі"
 "save" = "Зберегти"
@@ -312,14 +309,14 @@
 "fragment" = "Фрагментація"
 "fragmentDesc" = "Увімкнути фрагментацію для пакету привітання TLS"
 "fragmentSett" = "Параметри фрагментації"
-"noiseDesc" = "Увімкнути Noise."
-"noiseSett" = "Налаштування Noise"
+"noisesDesc" = "Увімкнути Noises."
+"noisesSett" = "Налаштування Noises"
 "mux" = "Mux"
 "muxDesc" = "Передавати кілька незалежних потоків даних у межах встановленого потоку даних."
 "muxSett" = "Налаштування Mux"
 "direct" = "Пряме підключення"
 "directDesc" = "Безпосередньо встановлює з’єднання з доменами або діапазонами IP певної країни."
-"directSett" = "Параметри прямого підключення"
+
 
 [pages.xray]
 "title" = "Xray конфігурації"
@@ -425,6 +422,10 @@
 "accessLogDesc" = "Шлях до файлу журналу доступу. Спеціальне значення 'none' вимикає журнали доступу"
 "errorLog" = "Журнал помилок"
 "errorLogDesc" = "Шлях до файлу журналу помилок. Спеціальне значення 'none' вимикає журнали помилок"
+"dnsLog" = "Журнал DNS"
+"dnsLogDesc" = "Чи включити журнали запитів DNS"
+"maskAddress" = "Маскувати Адресу"
+"maskAddressDesc" = "Маска IP-адреси, при активації автоматично замінює IP-адресу, яка з'являється у журналі."
 
 [pages.xray.rules]
 "first" = "Перший"

web/translation/translate.vi_VN.toml

@@ -225,9 +225,6 @@
 "requestHeader" = "Header yêu cầu"
 "responseHeader" = "Header phản hồi"
 
-[pages.inbounds.stream.quic]
-"encryption" = "Mã hóa"
-
 [pages.settings]
 "title" = "Cài đặt"
 "save" = "Lưu"
@@ -312,14 +309,14 @@
 "fragment" = "Sự phân mảnh"
 "fragmentDesc" = "Kích hoạt phân mảnh cho gói TLS hello"
 "fragmentSett" = "Cài đặt phân mảnh"
-"noiseDesc" = "Bật Noise."
-"noiseSett" = "Cài đặt Noise"
+"noisesDesc" = "Bật Noises."
+"noisesSett" = "Cài đặt Noises"
 "mux" = "Mux"
 "muxDesc" = "Truyền nhiều luồng dữ liệu độc lập trong luồng dữ liệu đã thiết lập."
 "muxSett" = "Mux Cài đặt"
 "direct" = "Kết nối trực tiếp"
 "directDesc" = "Trực tiếp thiết lập kết nối với tên miền hoặc dải IP của một quốc gia cụ thể."
-"directSett" = "Tùy chọn kết nối trực tiếp"
+
 
 [pages.xray]
 "title" = "Cài đặt Xray"
@@ -425,6 +422,10 @@
 "accessLogDesc" = "Đường dẫn tệp cho nhật ký truy cập. Nhật ký truy cập bị vô hiệu hóa có giá trị đặc biệt 'không'"
 "errorLog" = "Nhật ký lỗi"
 "errorLogDesc" = "Đường dẫn tệp cho nhật ký lỗi. Nhật ký lỗi bị vô hiệu hóa có giá trị đặc biệt 'không'"
+"dnsLog" = "Nhật ký DNS"
+"dnsLogDesc" = "Có bật nhật ký truy vấn DNS không"
+"maskAddress" = "Ẩn Địa Chỉ"
+"maskAddressDesc" = "Mặt nạ địa chỉ IP, khi được bật, sẽ tự động thay thế địa chỉ IP xuất hiện trong nhật ký."
 
 [pages.xray.rules]
 "first" = "Đầu tiên"

web/translation/translate.zh_CN.toml

@@ -225,9 +225,6 @@
 "requestHeader" = "请求头"
 "responseHeader" = "响应头"
 
-[pages.inbounds.stream.quic]
-"encryption" = "加密"
-
 [pages.settings]
 "title" = "面板设置"
 "save" = "保存"
@@ -312,14 +309,14 @@
 "fragment" = "分片"
 "fragmentDesc" = "启用 TLS hello 数据包分片"
 "fragmentSett" = "设置"
-"noiseDesc" = "启用 Noise."
-"noiseSett" = "Noise 设置"
+"noisesDesc" = "启用 Noises."
+"noisesSett" = "Noises 设置"
 "mux" = "多路复用器"
 "muxDesc" = "在已建立的数据流内传输多个独立的数据流"
 "muxSett" = "复用器设置"
 "direct" = "直接连接"
 "directDesc" = "直接与特定国家的域或IP范围建立连接"
-"directSett" = "直接连接选项"
+
 
 [pages.xray]
 "title" = "Xray 配置"
@@ -425,6 +422,10 @@
 "accessLogDesc" = "访问日志的文件路径。特殊值 'none' 禁用访问日志"
 "errorLog" = "错误日志"
 "errorLogDesc" = "错误日志的文件路径。特殊值 'none' 禁用错误日志"
+"dnsLog" = "DNS 日志"
+"dnsLogDesc" = "是否启用 DNS 查询日志"
+"maskAddress" = "隐藏地址"
+"maskAddressDesc" = "IP 地址掩码，启用时会自动替换日志中出现的 IP 地址。"
 
 [pages.xray.rules]
 "first" = "置顶"

x-ui.sh

@@ -36,12 +36,12 @@ fi
 echo "The OS release is: $release"
 
 os_version=""
-os_version=$(grep -i version_id /etc/os-release | cut -d \" -f2 | cut -d . -f1)
+os_version=$(grep "^VERSION_ID" /etc/os-release | cut -d '=' -f2 | tr -d '"')
 
 if [[ "${release}" == "arch" ]]; then
     echo "Your OS is Arch Linux"
 elif [[ "${release}" == "parch" ]]; then
-    echo "Your OS is Parch linux"
+    echo "Your OS is Parch Linux"
 elif [[ "${release}" == "manjaro" ]]; then
     echo "Your OS is Manjaro"
 elif [[ "${release}" == "armbian" ]]; then
@@ -60,6 +60,10 @@ elif [[ "${release}" == "fedora" ]]; then
     if [[ ${os_version} -lt 36 ]]; then
         echo -e "${red} Please use Fedora 36 or higher version!${plain}\n" && exit 1
     fi
+elif [[ "${release}" == "amzn" ]]; then
+    if [[ ${os_version} != "2023" ]]; then
+        echo -e "${red} Please use Amazon Linux 2023!${plain}\n" && exit 1
+    fi
 elif [[ "${release}" == "debian" ]]; then
     if [[ ${os_version} -lt 11 ]]; then
         echo -e "${red} Please use Debian 11 or higher ${plain}\n" && exit 1
@@ -91,8 +95,8 @@ else
     echo "- Rocky Linux 9+"
     echo "- Oracle Linux 8+"
     echo "- OpenSUSE Tumbleweed"
+    echo "- Amazon Linux 2023"
     exit 1
-
 fi
 
 # Declare Variables
@@ -978,33 +982,6 @@ ssl_cert_issue_CF() {
     fi
 }
 
-warp_cloudflare() {
-    echo -e "${green}\t1.${plain} Install WARP socks5 proxy"
-    echo -e "${green}\t2.${plain} Account Type (free, plus, team)"
-    echo -e "${green}\t3.${plain} Turn on/off WireProxy"
-    echo -e "${green}\t4.${plain} Uninstall WARP"
-    echo -e "${green}\t0.${plain} Back to Main Menu"
-    read -p "Choose an option: " choice
-    case "$choice" in
-    0)
-        show_menu
-        ;;
-    1)
-        bash <(curl -sSL https://raw.githubusercontent.com/hamid-gh98/x-ui-scripts/main/install_warp_proxy.sh)
-        ;;
-    2)
-        warp a
-        ;;
-    3)
-        warp y
-        ;;
-    4)
-        warp u
-        ;;
-    *) echo "Invalid choice" ;;
-    esac
-}
-
 run_speedtest() {
     # Check if Speedtest is already installed
     if ! command -v speedtest &>/dev/null; then
@@ -1349,15 +1326,14 @@ show_menu() {
   ${green}18.${plain} SSL Certificate Management
   ${green}19.${plain} Cloudflare SSL Certificate
   ${green}20.${plain} IP Limit Management
-  ${green}21.${plain} WARP Management
-  ${green}22.${plain} Firewall Management
+  ${green}21.${plain} Firewall Management
 ————————————————
-  ${green}23.${plain} Enable BBR 
-  ${green}24.${plain} Update Geo Files
-  ${green}25.${plain} Speedtest by Ookla
+  ${green}22.${plain} Enable BBR 
+  ${green}23.${plain} Update Geo Files
+  ${green}24.${plain} Speedtest by Ookla
 "
     show_status
-    echo && read -p "Please enter your selection [0-25]: " num
+    echo && read -p "Please enter your selection [0-24]: " num
 
     case "${num}" in
     0)
@@ -1424,22 +1400,19 @@ show_menu() {
         iplimit_main
         ;;
     21)
-        warp_cloudflare
-        ;;
-    22)
         firewall_menu
         ;;
-    23)
+    22)
         bbr_menu
         ;;
-    24)
+    23)
         update_geo
         ;;
-    25)
+    24)
         run_speedtest
         ;;
     *)
-        LOGE "Please enter the correct number [0-25]"
+        LOGE "Please enter the correct number [0-24]"
         ;;
     esac
 }

xray/inbound.go

@@ -14,6 +14,7 @@ type InboundConfig struct {
 	StreamSettings json_util.RawMessage `json:"streamSettings"`
 	Tag            string               `json:"tag"`
 	Sniffing       json_util.RawMessage `json:"sniffing"`
+	Allocate       json_util.RawMessage `json:"allocate"`
 }
 
 func (c *InboundConfig) Equals(other *InboundConfig) bool {
@@ -38,5 +39,8 @@ func (c *InboundConfig) Equals(other *InboundConfig) bool {
 	if !bytes.Equal(c.Sniffing, other.Sniffing) {
 		return false
 	}
+	if !bytes.Equal(c.Allocate, other.Allocate) {
+		return false
+	}
 	return true
 }