fix: protocol checking during random uuidv4 generation

fixes the https://github.com/MHSanaei/3x-ui/issues/2750 issue
v2.5.5
2025-03-10 22:09:51 +07:00 · 2025-03-10 14:33:58 +01:00 · 2025-03-10 14:31:06 +01:00 · 2025-03-10 13:46:46 +01:00 · 2025-03-10 09:51:31 +01:00 · 2025-03-09 19:37:53 +07:00
159 changed files with 12074 additions and 6356 deletions
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@@ -0,0 +1,14 @@
+# These are supported funding model platforms
+
+github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
+patreon: # Replace with a single Patreon username
+open_collective: # Replace with a single Open Collective username
+ko_fi: # Replace with a single Ko-fi username
+tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
+community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
+liberapay: # Replace with a single Liberapay username
+issuehunt: # Replace with a single IssueHunt username
+lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry
+polar: # Replace with a single Polar username
+buy_me_a_coffee: mhsanaei
+custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -0,0 +1,24 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: bug
+assignees: ''
+
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+**Version (please complete the following information):**
+ - 3X-UI Version : [e.g. 2.3.5]
+ - Xray Version : [e.g. 1.8.13]
+
+**Additional context**
+Add any other context about the problem here.
--- a/.github/ISSUE_TEMPLATE/bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yml
@@ -1,56 +0,0 @@
-name: Issue Report
-description: "Create a report to help us improve."
-body:
-  - type:  checkboxes
-    id: terms
-    attributes:
-      label: Welcome
-      options:
-        - label: Yes, I'm using the latest major release. Only such installations are supported.
-          required: true
-        - label: Yes, I'm using the supported system. Only such systems are supported.
-          required: true
-        - label: Yes, I have read all WIKI document,nothing can help me in my problem.
-          required: true
-        - label: Yes, I've searched similar issues on GitHub and didn't find any.
-          required: true
-        - label: Yes, I've included all information below (version, config, log, etc).
-          required: true
-
-  - type: textarea
-    id: problem
-    attributes:
-      label: Description of the problem,screencshot would be good 
-      placeholder: Your problem description
-    validations:
-      required: true
-
-  - type: textarea
-    id: version
-    attributes:
-      label: Version of 3x-ui
-      value: |-
-        <details>
-
-        ```console
-        # Paste here
-        ```
-
-        </details>
-    validations:
-      required: true
-
-  - type: textarea
-    id: log
-    attributes:
-      label: x-ui log reports or xray log
-      value: |-
-        <details>
-
-        ```console
-        # paste log here
-        ```
-
-        </details>
-    validations:
-      required: true
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,10 +0,0 @@
-version: 2
-updates:
-  - package-ecosystem: "gomod" # See documentation for possible values
-    directory: "/" # Location of package manifests
-    schedule:
-      interval: "daily"
-  - package-ecosystem: "github-actions"
-    directory: "/"
-    schedule:
-      interval: "daily"
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -1,41 +1,57 @@
 name: Release 3X-UI for Docker
 on:
+  workflow_dispatch:
  push:
    tags:
-      - "*"
-  workflow_dispatch:
+      - "v*.*.*"

 jobs:
-  build_and_push:
-    runs-on: ubuntu-latest
+  build:
+    runs-on: ubuntu-20.04

    steps:
-      - name: Check out the code
-        uses: actions/checkout@v4
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
+    - uses: actions/checkout@v4
+      with:
+        submodules: true
+   
+    - name: Docker meta
+      id: meta
+      uses: docker/metadata-action@v5
+      with:
+        images: |
+          hsanaeii/3x-ui
+          ghcr.io/mhsanaei/3x-ui
+        tags: |
+          type=ref,event=branch
+          type=ref,event=tag
+          type=pep440,pattern={{version}}

-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+    - name: Set up QEMU
+      uses: docker/setup-qemu-action@v3

-      - name: Login to GHCR
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+      with:
+        install: true

-      - name: Docker meta
-        id: meta
-        uses: docker/metadata-action@v5
-        with:
-          images: ghcr.io/${{ github.repository }}
+    - name: Login to Docker Hub
+      uses: docker/login-action@v3
+      with:
+        username: ${{ secrets.DOCKER_HUB_USERNAME }}
+        password: ${{ secrets.DOCKER_HUB_TOKEN }}

-      - name: Build and push Docker image
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          push: ${{ github.event_name != 'pull_request' }}
-          platforms: linux/amd64, linux/arm64/v8, linux/arm/v7, linux/arm/v6, linux/386
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
+    - name: Login to GHCR
+      uses: docker/login-action@v3
+      with:
+        registry: ghcr.io
+        username: ${{ github.repository_owner }}
+        password: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Build and push Docker image
+      uses: docker/build-push-action@v6
+      with:
+        context: .
+        push: true
+        platforms: linux/amd64, linux/arm64/v8, linux/arm/v7, linux/arm/v6, linux/386
+        tags: ${{ steps.meta.outputs.tags }}
+        labels: ${{ steps.meta.outputs.labels }}
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -1,10 +1,10 @@
 name: Release 3X-UI

 on:
+  workflow_dispatch:
  push:
    tags:
-      - "*"
-  workflow_dispatch:
+      - "v*.*.*"

 jobs:
  build:
@@ -26,7 +26,7 @@ jobs:
      - name: Setup Go
        uses: actions/setup-go@v5
        with:
-          go-version: '1.22'
+          go-version-file: go.mod

      - name: Install dependencies
        run: |
@@ -72,7 +72,7 @@ jobs:
            export GOARCH=s390x
            export CC=s390x-linux-gnu-gcc
          fi
-          go build -o xui-release -v main.go
+          go build -ldflags "-w -s" -o xui-release -v main.go
          
          mkdir x-ui
          cp xui-release x-ui/
@@ -83,49 +83,55 @@ jobs:
          cd x-ui/bin
          
          # Download dependencies
-          Xray_URL="https://github.com/XTLS/Xray-core/releases/download/v1.8.11/"
+          Xray_URL="https://github.com/XTLS/Xray-core/releases/download/v25.3.6/"
          if [ "${{ matrix.platform }}" == "amd64" ]; then
-            wget ${Xray_URL}Xray-linux-64.zip
+            wget -q ${Xray_URL}Xray-linux-64.zip
            unzip Xray-linux-64.zip
            rm -f Xray-linux-64.zip
          elif [ "${{ matrix.platform }}" == "arm64" ]; then
-            wget ${Xray_URL}Xray-linux-arm64-v8a.zip
+            wget -q ${Xray_URL}Xray-linux-arm64-v8a.zip
            unzip Xray-linux-arm64-v8a.zip
            rm -f Xray-linux-arm64-v8a.zip
          elif [ "${{ matrix.platform }}" == "armv7" ]; then
-            wget ${Xray_URL}Xray-linux-arm32-v7a.zip
+            wget -q ${Xray_URL}Xray-linux-arm32-v7a.zip
            unzip Xray-linux-arm32-v7a.zip
            rm -f Xray-linux-arm32-v7a.zip
          elif [ "${{ matrix.platform }}" == "armv6" ]; then
-            wget ${Xray_URL}Xray-linux-arm32-v6.zip
+            wget -q ${Xray_URL}Xray-linux-arm32-v6.zip
            unzip Xray-linux-arm32-v6.zip
            rm -f Xray-linux-arm32-v6.zip
          elif [ "${{ matrix.platform }}" == "386" ]; then
-            wget ${Xray_URL}Xray-linux-32.zip
+            wget -q ${Xray_URL}Xray-linux-32.zip
            unzip Xray-linux-32.zip
            rm -f Xray-linux-32.zip
          elif [ "${{ matrix.platform }}" == "armv5" ]; then
-            wget ${Xray_URL}Xray-linux-arm32-v5.zip
+            wget -q ${Xray_URL}Xray-linux-arm32-v5.zip
            unzip Xray-linux-arm32-v5.zip
            rm -f Xray-linux-arm32-v5.zip
          elif [ "${{ matrix.platform }}" == "s390x" ]; then
-            wget ${Xray_URL}Xray-linux-s390x.zip
+            wget -q ${Xray_URL}Xray-linux-s390x.zip
            unzip Xray-linux-s390x.zip
            rm -f Xray-linux-s390x.zip
          fi
          rm -f geoip.dat geosite.dat
-          wget https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geoip.dat
-          wget https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geosite.dat
-          wget -O geoip_IR.dat https://github.com/chocolate4u/Iran-v2ray-rules/releases/latest/download/geoip.dat
-          wget -O geosite_IR.dat https://github.com/chocolate4u/Iran-v2ray-rules/releases/latest/download/geosite.dat
-          wget -O geoip_VN.dat https://github.com/vuong2023/vn-v2ray-rules/releases/latest/download/geoip.dat
-          wget -O geosite_VN.dat https://github.com/vuong2023/vn-v2ray-rules/releases/latest/download/geosite.dat
+          wget -q https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geoip.dat
+          wget -q https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geosite.dat
+          wget -q -O geoip_IR.dat https://github.com/chocolate4u/Iran-v2ray-rules/releases/latest/download/geoip.dat
+          wget -q -O geosite_IR.dat https://github.com/chocolate4u/Iran-v2ray-rules/releases/latest/download/geosite.dat
+          wget -q -O geoip_RU.dat https://github.com/runetfreedom/russia-v2ray-rules-dat/releases/latest/download/geoip.dat
+          wget -q -O geosite_RU.dat https://github.com/runetfreedom/russia-v2ray-rules-dat/releases/latest/download/geosite.dat
          mv xray xray-linux-${{ matrix.platform }}
          cd ../..
          
      - name: Package
        run: tar -zcvf x-ui-linux-${{ matrix.platform }}.tar.gz x-ui
-        
+
+      - name: Upload files to Artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: x-ui-linux-${{ matrix.platform }}
+          path: ./x-ui-linux-${{ matrix.platform }}.tar.gz
+
      - name: Upload files to GH release
        uses: svenstaro/upload-release-action@v2
        with:
--- a/DockerEntrypoint.sh
+++ b/DockerEntrypoint.sh
@@ -1,7 +1,7 @@
 #!/bin/sh

 # Start fail2ban
-fail2ban-client -x start
+[ $X_UI_ENABLE_FAIL2BAN == "true" ] && fail2ban-client -x start

 # Run x-ui
 exec /app/x-ui
--- a/DockerInit.sh
+++ b/DockerInit.sh
@@ -27,14 +27,14 @@ case $1 in
 esac
 mkdir -p build/bin
 cd build/bin
-wget "https://github.com/XTLS/Xray-core/releases/download/v1.8.11/Xray-linux-${ARCH}.zip"
+wget -q "https://github.com/XTLS/Xray-core/releases/download/v25.3.6/Xray-linux-${ARCH}.zip"
 unzip "Xray-linux-${ARCH}.zip"
 rm -f "Xray-linux-${ARCH}.zip" geoip.dat geosite.dat
 mv xray "xray-linux-${FNAME}"
-wget https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geoip.dat
-wget https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geosite.dat
-wget -O geoip_IR.dat https://github.com/chocolate4u/Iran-v2ray-rules/releases/latest/download/geoip.dat
-wget -O geosite_IR.dat https://github.com/chocolate4u/Iran-v2ray-rules/releases/latest/download/geosite.dat
-wget -O geoip_VN.dat https://github.com/vuong2023/vn-v2ray-rules/releases/latest/download/geoip.dat
-wget -O geosite_VN.dat https://github.com/vuong2023/vn-v2ray-rules/releases/latest/download/geosite.dat
+wget -q https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geoip.dat
+wget -q https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geosite.dat
+wget -q -O geoip_IR.dat https://github.com/chocolate4u/Iran-v2ray-rules/releases/latest/download/geoip.dat
+wget -q -O geosite_IR.dat https://github.com/chocolate4u/Iran-v2ray-rules/releases/latest/download/geosite.dat
+wget -q -O geoip_RU.dat https://github.com/runetfreedom/russia-v2ray-rules-dat/releases/latest/download/geoip.dat
+wget -q -O geosite_RU.dat https://github.com/runetfreedom/russia-v2ray-rules-dat/releases/latest/download/geosite.dat
 cd ../../
--- a/5
+++ b/5
@@ -1,7 +1,7 @@
 # ========================================================
 # Stage: Builder
 # ========================================================
-FROM golang:1.22-alpine AS builder
+FROM golang:1.24-alpine AS builder
 WORKDIR /app
 ARG TARGETARCH

@@ -15,7 +15,7 @@ COPY . .

 ENV CGO_ENABLED=1
 ENV CGO_CFLAGS="-D_LARGEFILE64_SOURCE"
-RUN go build -o build/x-ui main.go
+RUN go build -ldflags "-w -s" -o build/x-ui main.go
 RUN ./DockerInit.sh "$TARGETARCH"

 # ========================================================
@@ -48,6 +48,7 @@ RUN chmod +x \
  /app/x-ui \
  /usr/bin/x-ui

+ENV X_UI_ENABLE_FAIL2BAN="true"
 VOLUME [ "/etc/x-ui" ]
 CMD [ "./x-ui" ]
 ENTRYPOINT [ "/app/DockerEntrypoint.sh" ]
--- a/README.es_ES.md
+++ b/README.es_ES.md
@@ -1,8 +1,11 @@
-# 3X-UI
+[English](/README.md) | [فارسی](/README.fa_IR.md) | [中文](/README.zh_CN.md) | [Español](/README.es_ES.md) | [Русский](/README.ru_RU.md)

-[English](/README.md) | [Chinese](/README.zh.md) | [Español](/README.es_ES.md)
-
-<p align="center"><a href="#"><img src="./media/3X-UI.png" alt="Image"></a></p>
+<p align="center">
+  <picture>
+    <source media="(prefers-color-scheme: dark)" srcset="./media/3x-ui-dark.png">
+    <img alt="3x-ui" src="./media/3x-ui-light.png">
+  </picture>
+</p>

 **Un Panel Web Avanzado • Construido sobre Xray Core**

@@ -16,9 +19,15 @@

 **Si este proyecto te es útil, podrías considerar darle una**:star2:

-<p align="left"><a href="#"><img width="125" src="https://github.com/MHSanaei/3x-ui/assets/115543613/7aa895dd-048a-42e7-989b-afd41a74e2e1" alt="Image"></a></p>
+<p align="left">
+  <a href="https://buymeacoffee.com/mhsanaei" target="_blank">
+    <img src="./media/buymeacoffe.png" alt="Image">
+  </a>
+</p>

 - USDT (TRC20): `TXncxkvhkDWGts487Pjqq1qT9JmwRUz8CC`
+- MATIC (polygon): `0x41C9548675D044c6Bfb425786C765bc37427256A`
+- LTC (Litecoin): `ltc1q2ach7x6d2zq0n4l0t4zl7d7xe2s6fs7a3vspwv`

 ## Instalar y Actualizar

@@ -26,38 +35,62 @@
 bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh)
 ```

-## Instalar una Versión Personalizada
+## Instalar versión antigua (no recomendamos)

-Para instalar la versión deseada, agrega la versión al final del comando de instalación. Por ejemplo, ver `v2.3.3`:
+Para instalar la versión deseada, utiliza el siguiente comando de instalación. Por ejemplo, ver `v1.7.9`:

 ```
-bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh) v2.3.3
+VERSION=v1.7.9 && <(curl -Ls "https://raw.githubusercontent.com/mhsanaei/3x-ui/$VERSION/install.sh") $VERSION
 ```

 ## Certificado SSL

 <details>
-  <summary>Haz clic para el Certificado SSL</summary>
+  <summary>Haga clic para ver los detalles del certificado SSL</summary>

-### Cloudflare
+### ACME

-El script de gestión tiene una aplicación de certificado SSL incorporada para Cloudflare. Para usar este script para colocar un certificado, necesitas lo siguiente:
+Para gestionar certificados SSL utilizando ACME:

- Correo electrónico registrado en Cloudflare
- Clave Global de API de Cloudflare
- El nombre de dominio se ha resuelto en el servidor actual a través de Cloudflare
-
-**1:** Ejecuta el comando`x-ui`en la terminal, luego elige `Certificado SSL de Cloudflare`.
+1. Asegúrate de que tu dominio esté correctamente resuelto al servidor.
+2. Ejecuta el comando `x-ui` en la terminal y elige `Gestión de Certificados SSL`.
+3. Se te presentarán las siguientes opciones:

+   - **Get SSL:** Obtener certificados SSL.
+   - **Revoke:** Revocar certificados SSL existentes.
+   - **Force Renew:** Forzar la renovación de certificados SSL.
+   - **Show Existing Domains:** Mostrar todos los certificados de dominio disponibles en el servidor.  
+   - **Set Certificate Paths for the Panel:** Especificar el certificado para tu dominio que será utilizado por el panel. 

 ### Certbot
-```
+
+Para instalar y usar Certbot:
+
+```sh
 apt-get install certbot -y
 certbot certonly --standalone --agree-tos --register-unsafely-without-email -d yourdomain.com
 certbot renew --dry-run
 ```

-***Consejo:*** *Certbot también está integrado en el script de gestión. Puedes ejecutar el comando `x-ui` , luego elegir `Gestión de Certificados SSL`.*
+### Cloudflare
+
+El script de gestión incluye una aplicación de certificado SSL integrada para Cloudflare. Para usar este script para solicitar un certificado, necesitas lo siguiente:
+
+- Correo electrónico registrado en Cloudflare
+- Clave API Global de Cloudflare
+- El nombre de dominio debe estar resuelto al servidor actual a través de Cloudflare
+
+**Cómo obtener la Clave API Global de Cloudflare:**
+
+1. Ejecuta el comando `x-ui` en la terminal y elige `Certificado SSL de Cloudflare`.
+2. Visita el enlace: [Tokens de API de Cloudflare](https://dash.cloudflare.com/profile/api-tokens).
+3. Haz clic en "Ver Clave API Global" (consulta la captura de pantalla a continuación):
+   ![](media/APIKey1.PNG)
+4. Es posible que necesites volver a autenticar tu cuenta. Después de eso, se mostrará la Clave API (consulta la captura de pantalla a continuación):
+   ![](media/APIKey2.png)
+
+Al utilizarlo, simplemente ingresa tu `nombre de dominio`, `correo electrónico` y `CLAVE API`. El diagrama es el siguiente:
+   ![](media/DetailEnter.png)

 </details>

@@ -173,19 +206,59 @@ eliminar 3x-ui de docker

 </details>

+## Configuración de Nginx
+<details>
+  <summary>Haga clic aquí para configurar el proxy inverso</summary>
+
+#### Proxy inverso Nginx
+```nginx
+location / {
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header Host $http_host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header Range $http_range;
+    proxy_set_header If-Range $http_if_range; 
+    proxy_redirect off;
+    proxy_pass http://127.0.0.1:2053;
+}
+```
+
+#### Nginx sub-path
+- EAsegúrese de que la "Ruta Raíz de la URL del Panel" en la configuración del panel `/sub` es la misma.
+- El `url` en la configuración del panel debe terminar con `/`.   
+
+```nginx
+location /sub {
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header Host $http_host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header Range $http_range;
+    proxy_set_header If-Range $http_if_range; 
+    proxy_redirect off;
+    proxy_pass http://127.0.0.1:2053;
+}
+```
+</details>

 ## SO Recomendados

 - Ubuntu 20.04+
 - Debian 11+
 - CentOS 8+
+- OpenEuler 22.03+
 - Fedora 36+
 - Arch Linux
+- Parch Linux
 - Manjaro
 - Armbian
- AlmaLinux 9+
- Rockylinux 9+
+- AlmaLinux 8.0+
+- Rocky Linux 8+
+- Oracle Linux 8+
 - OpenSUSE Tubleweed
+- Amazon Linux 2023
+- Windows x64

 ## Arquitecturas y Dispositivos Compatibles

@@ -209,14 +282,18 @@ Nuestra plataforma ofrece compatibilidad con una amplia gama de arquitecturas y

 ## Idiomas

- Inglés
- Farsi
- Chino
- Ruso
- Vietnamita
- Español
- Indonesio
- Ucraniano
+- English (inglés)  
+- Persian (persa)  
+- Traditional Chinese (chino tradicional)  
+- Simplified Chinese (chino simplificado)  
+- Japanese (japonés)  
+- Russian (ruso)  
+- Vietnamese (vietnamita)  
+- Spanish (español)  
+- Indonesian (indonesio)  
+- Ukrainian (ucraniano)  
+- Turkish (turco)  
+- Português (Brazil) (portugués (Brasil))  


 ## Características
@@ -237,88 +314,103 @@ Nuestra plataforma ofrece compatibilidad con una amplia gama de arquitecturas y
 - Soporta exportar/importar base de datos desde el panel


-## Configuraciones por Defecto
+## Configuración Predeterminada del Panel

 <details>
-  <summary>Haz clic para detalles de las configuraciones por defecto</summary>
+  <summary>Haz clic para ver los detalles de la configuración predeterminada</summary>

-  ### Información
+### Nombre de usuario, Contraseña, Puerto y Ruta Base Web

+Si elige no modificar estas configuraciones, se generarán aleatoriamente (esto no se aplica a Docker).
+
+**Configuraciones predeterminadas para Docker:**
+- **Nombre de usuario:** admin
+- **Contraseña:** admin
 - **Puerto:** 2053
- **Usuario y Contraseña:** Se generarán aleatoriamente si omites la modificación.
+
+### Gestión de la Base de Datos:
+
+  Puedes realizar copias de seguridad y restauraciones de la base de datos directamente desde el panel.
+
 - **Ruta de la Base de Datos:**
-  - /etc/x-ui/x-ui.db
- **Ruta de Configuración de Xray:**
-  - /usr/local/x-ui/bin/config.json
- **Ruta del Panel Web sin Implementar SSL:**
-  - http://ip:2053/panel
-  - http://domain:2053/panel
- **Ruta del Panel Web con Implementación de SSL:**
-  - https://domain:2053/panel
- 
+  - `/etc/x-ui/x-ui.db`
+
+### Ruta Base Web
+
+1. **Restablecer la Ruta Base Web:**
+   - Abre tu terminal.
+   - Ejecuta el comando `x-ui`.
+   - Selecciona la opción `Restablecer la Ruta Base Web`.
+
+2. **Generar o Personalizar la Ruta:**
+   - La ruta se generará aleatoriamente, o puedes ingresar una ruta personalizada.
+
+3. **Ver Configuración Actual:**
+   - Para ver tu configuración actual, utiliza el comando `x-ui settings` en el terminal o selecciona `Ver Configuración Actual` en `x-ui`.
+
+### Recomendación de Seguridad:
+- Para mayor seguridad, utiliza una palabra larga y aleatoria en la estructura de tu URL.
+
+**Ejemplos:**
+- `http://ip:port/*webbasepath*/panel`
+- `http://domain:port/*webbasepath*/panel`
+
 </details>

-## [Configuración WARP](https://gitlab.com/fscarmen/warp)
+## Configuración de WARP

 <details>
-  <summary>Haz clic para detalles de la configuración WARP</summary>
+  <summary>Haz clic para ver los detalles de la configuración de WARP</summary>

 #### Uso

-Si deseas usar enrutamiento a WARP antes de la versión v2.1.0, sigue los pasos a continuación:
+**Para versiones `v2.1.0` y posteriores:**

-**1.** Instala WARP en **Modo de Proxy SOCKS**:
-
-   ```sh
-   bash <(curl -sSL https://raw.githubusercontent.com/hamid-gh98/x-ui-scripts/main/install_warp_proxy.sh)
-   ```
-
-**2.** Si ya instalaste warp, puedes desinstalarlo usando el siguiente comando:
-
-   ```sh
-   warp u
-   ```
-
-**3.** Activa la configuración que necesites en el panel
-
-   Características de Configuración:
-
-   - Bloquear Anuncios
-   - Enrutar Google + Netflix + Spotify + OpenAI (ChatGPT) a WARP
-   - Corregir error 403 de Google
+WARP está integrado, no se requiere instalación adicional. Simplemente habilita la configuración necesaria en el panel.

 </details>

 ## Límite de IP

 <details>
-  <summary>Haz clic para más detalles del límite de IP</summary>
+  <summary>Haz clic para ver los detalles del límite de IP</summary>

 #### Uso

-**Nota:** El Límite de IP no funcionará correctamente cuando se use IP Tunnel
-
- Para versiones hasta `v1.6.1`:
+**Nota:** El Límite de IP no funcionará correctamente cuando uses Túnel IP.

+- **Para versiones hasta `v1.6.1`:**
  - El límite de IP está integrado en el panel.

- Para versiones `v1.7.0` y posteriores:
+**Para versiones `v1.7.0` y posteriores:**

-  - Para que el Límite de IP funcione correctamente, necesitas instalar fail2ban y sus archivos requeridos siguiendo estos pasos:
+Para habilitar la funcionalidad de límite de IP, necesitas instalar `fail2ban` y los archivos requeridos siguiendo estos pasos:

-    1. Usa el comando `x-ui` dentro de la terminal.
-    2. Selecciona `Gestión de Límite de IP`.
-    3. Elige las opciones apropiadas según tus necesidades.
-   
-  - asegúrate de tener ./access.log en tu Configuración de Xray después de la v2.1.3 tenemos una opción para ello
-  
-  ```sh
+1. Ejecuta el comando `x-ui` en el terminal, luego elige `Gestión de Límite de IP`.
+2. Verás las siguientes opciones:
+
+   - **Cambiar la Duración del Bloqueo:** Ajustar la duración de los bloqueos.
+   - **Desbloquear a Todos:** Levantar todos los bloqueos actuales.
+   - **Revisar los Registros:** Revisar los registros.
+   - **Estado de Fail2ban:** Verificar el estado de `fail2ban`.
+   - **Reiniciar Fail2ban:** Reiniciar el servicio `fail2ban`.
+   - **Desinstalar Fail2ban:** Desinstalar Fail2ban con la configuración.
+
+3. Agrega una ruta para el registro de acceso en el panel configurando `Xray Configs/log/Access log` a `./access.log`, luego guarda y reinicia Xray.
+
+- **Para versiones anteriores a `v2.1.3`:**
+  - Necesitas configurar manualmente la ruta del registro de acceso en tu configuración de Xray:
+
+    ```sh
    "log": {
      "access": "./access.log",
      "dnsLog": false,
      "loglevel": "warning"
    },
-  ```
+    ```
+
+- **Para versiones `v2.1.3` y posteriores:**
+  - Hay una opción para configurar `access.log` directamente desde el panel.

 </details>

@@ -369,7 +461,7 @@ El panel web admite tráfico diario, inicio de sesión en el panel, copia de seg

 - Inicia [Botfather](https://t.me/BotFather) en tu cuenta de Telegram:
    ![Botfather](./media/botfather.png)
-  
+
 - Crea un nuevo bot usando el comando /newbot: Te hará 2 preguntas, Un nombre y un nombre de usuario para tu bot. Ten en cuenta que el nombre de usuario debe terminar con la palabra "bot".
    ![Create new bot](./media/newbot.png)

@@ -394,6 +486,7 @@ Ingresa el ID de chat de usuario en el campo de entrada número 4. Las cuentas d

 #### Uso

+- [Documentación de API](https://www.postman.com/hsanaei/3x-ui/collection/q1l5l0u/3x-ui)
 - `/login` con `POST` datos de usuario: `{username: '', password: ''}` para iniciar sesión
 - `/panel/api/inbounds` base para las siguientes acciones:

@@ -423,9 +516,7 @@ Ingresa el ID de chat de usuario en el campo de entrada número 4. Las cuentas d
 - `client.password` para TROJAN
 - `client.email` para Shadowsocks

-
- [Documentación de API](https://documenter.getpostman.com/view/16802678/2s9YkgD5jm)
- [<img src="https://run.pstmn.io/button.svg" alt="Run In Postman" style="width: 128px; height: 32px;">](https://app.getpostman.com/run-collection/16802678-1a4c9270-ac77-40ed-959a-7aa56dc4a415?action=collection%2Ffork&source=rip_markdown&collection-url=entityId%3D16802678-1a4c9270-ac77-40ed-959a-7aa56dc4a415%26entityType%3Dcollection%26workspaceId%3D2cd38c01-c851-4a15-a972-f181c23359d9)
+- [<img src="https://run.pstmn.io/button.svg" alt="Run In Postman" style="width: 128px; height: 32px;">](https://app.getpostman.com/run-collection/5146551-dda3cab3-0e33-485f-96f9-d4262f437ac5?action=collection%2Ffork&source=rip_markdown&collection-url=entityId%3D5146551-dda3cab3-0e33-485f-96f9-d4262f437ac5%26entityType%3Dcollection%26workspaceId%3Dd64f609f-485a-4951-9b8f-876b3f917124)
 </details>

 ## Variables de Entorno
@@ -453,13 +544,34 @@ XUI_BIN_FOLDER="bin" XUI_DB_FOLDER="/etc/x-ui" go build main.go

 ## Vista previa

-![1](./media/1.png)
-![2](./media/2.png)
-![3](./media/3.png)
-![4](./media/4.png)
-![5](./media/5.png)
-![6](./media/6.png)
-![7](./media/7.png)
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/01-overview-dark.png">
+  <img alt="3x-ui" src="./media/01-overview-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/02-inbounds-dark.png">
+  <img alt="3x-ui" src="./media/02-inbounds-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/03-add-inbound-dark.png">
+  <img alt="3x-ui" src="./media/03-add-inbound-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/04-add-client-dark.png">
+  <img alt="3x-ui" src="./media/04-add-client-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/05-settings-dark.png">
+  <img alt="3x-ui" src="./media/05-settings-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/06-configs-dark.png">
+  <img alt="3x-ui" src="./media/06-configs-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/07-bot-dark.png">
+  <img alt="3x-ui" src="./media/07-bot-light.png">
+</picture>

 ## Un agradecimiento especial a

@@ -468,8 +580,8 @@ XUI_BIN_FOLDER="bin" XUI_DB_FOLDER="/etc/x-ui" go build main.go
 ## Reconocimientos

 - [Iran v2ray rules](https://github.com/chocolate4u/Iran-v2ray-rules) (Licencia: **GPL-3.0**): _Reglas de enrutamiento mejoradas de v2ray/xray y v2ray/xray-clients con dominios iraníes integrados y un enfoque en seguridad y bloqueo de anuncios._
- [Vietnam Adblock rules](https://github.com/vuong2023/vn-v2ray-rules) (License: **GPL-3.0**): _Un dominio alojado en Vietnam y una lista de bloqueo con la máxima eficiencia para vietnamitas._
+- [Russia v2ray rules](https://github.com/runetfreedom/russia-v2ray-rules-dat) (License: **GPL-3.0**): _Este repositorio contiene reglas de enrutamiento de V2Ray actualizadas automáticamente basadas en datos de dominios y direcciones bloqueados en Rusia._

 ## Estrellas a lo largo del tiempo

-[![Stargazers over time](https://starchart.cc/MHSanaei/3x-ui.svg)](https://starchart.cc/MHSanaei/3x-ui)
+[![Stargazers over time](https://starchart.cc/MHSanaei/3x-ui.svg?variant=adaptive)](https://starchart.cc/MHSanaei/3x-ui)
--- a/README.fa_IR.md
+++ b/README.fa_IR.md
@@ -0,0 +1,527 @@
+[English](/README.md) | [فارسی](/README.fa_IR.md) | [中文](/README.zh_CN.md) | [Español](/README.es_ES.md) | [Русский](/README.ru_RU.md)
+
+<p align="center">
+  <picture>
+    <source media="(prefers-color-scheme: dark)" srcset="./media/3x-ui-dark.png">
+    <img alt="3x-ui" src="./media/3x-ui-light.png">
+  </picture>
+</p>
+
+**یک پنل وب پیشرفته • ساخته شده بر پایه Xray Core**
+
+[![](https://img.shields.io/github/v/release/mhsanaei/3x-ui.svg)](https://github.com/MHSanaei/3x-ui/releases)
+[![](https://img.shields.io/github/actions/workflow/status/mhsanaei/3x-ui/release.yml.svg)](#)
+[![GO Version](https://img.shields.io/github/go-mod/go-version/mhsanaei/3x-ui.svg)](#)
+[![Downloads](https://img.shields.io/github/downloads/mhsanaei/3x-ui/total.svg)](#)
+[![License](https://img.shields.io/badge/license-GPL%20V3-blue.svg?longCache=true)](https://www.gnu.org/licenses/gpl-3.0.en.html)
+
+> **سلب مسئولیت:** این پروژه صرفاً برای اهداف آموزشی و تحقیقاتی است. استفاده از آن برای مقاصد غیرقانونی یا در محیط‌های عملیاتی ممنوع است.
+
+**اگر این پروژه برای شما مفید بوده، می‌توانید با دادن یک**:star2: از آن حمایت کنید.
+
+<p align="left">
+  <a href="https://buymeacoffee.com/mhsanaei" target="_blank">
+    <img src="./media/buymeacoffe.png" alt="Image">
+  </a>
+</p>
+
+- USDT (TRC20): `TXncxkvhkDWGts487Pjqq1qT9JmwRUz8CC`
+- MATIC (polygon): `0x41C9548675D044c6Bfb425786C765bc37427256A`
+- LTC (Litecoin): `ltc1q2ach7x6d2zq0n4l0t4zl7d7xe2s6fs7a3vspwv`
+
+## نصب و ارتقا
+
+```
+bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh)
+```
+
+## نصب نسخه‌های قدیمی (توصیه نمی‌شود)
+
+برای نصب نسخه خاصی از دستور زیر استفاده کنید. مثال برای نسخه `v1.7.9`:
+
+```
+VERSION=v1.7.9 && bash <(curl -Ls "https://raw.githubusercontent.com/mhsanaei/3x-ui/$VERSION/install.sh") $VERSION
+```
+
+## گواهی SSL
+
+<details>
+  <summary>جزئیات گواهی SSL</summary>
+
+### ACME
+
+برای مدیریت گواهی‌های SSL با استفاده از ACME:
+
+1. اطمینان حاصل کنید دامنه شما به درستی به سرور متصل است.
+2. دستور `x-ui` را در ترمینال اجرا کرده و گزینه `مدیریت گواهی SSL` را انتخاب کنید.
+3. گزینه‌های زیر نمایش داده می‌شوند:
+
+   - **دریافت SSL:** دریافت گواهی SSL
+   - **لغو:** لغو گواهی‌های موجود
+   - **تمدید اجباری:** تمدید اجباری گواهی‌ها
+   - **نمایش دامنه‌های موجود:** نمایش تمام دامنه‌های دارای گواهی  
+   - **تنظیم مسیر گواهی برای پنل:** تنظیم مسیر گواهی برای دامنه شما
+
+### Certbot
+
+نصب و استفاده از Certbot:
+
+```sh
+apt-get install certbot -y
+certbot certonly --standalone --agree-tos --register-unsafely-without-email -d yourdomain.com
+certbot renew --dry-run
+```
+
+### Cloudflare
+
+اسکریپت داخلی برای دریافت گواهی SSL از Cloudflare. نیازمند:
+
+- ایمیل ثبت‌شده در Cloudflare
+- کلید API جهانی Cloudflare
+- دامنه باید از طریق Cloudflare به سرور متصل باشد
+
+**دریافت کلید API جهانی Cloudflare:**
+
+1. دستور `x-ui` را اجرا و گزینه `گواهی SSL کلادفلر` را انتخاب کنید.
+2. به لینک [Cloudflare API Tokens](https://dash.cloudflare.com/profile/api-tokens) مراجعه کنید.
+3. روی "View Global API Key" کلیک کنید:
+   ![](media/APIKey1.PNG)
+4. پس از احراز هویت، کلید API نمایش داده می‌شود:
+   ![](media/APIKey2.png)
+
+در هنگام استفاده، نام دامنه، ایمیل و کلید API را وارد کنید:
+   ![](media/DetailEnter.png)
+
+</details>
+
+## نصب دستی و ارتقا
+
+<details>
+  <summary>جزئیات نصب دستی</summary>
+
+#### استفاده
+
+1. دریافت آخرین نسخه از سرور:
+
+```sh
+ARCH=$(uname -m)
+case "${ARCH}" in
+  x86_64 | x64 | amd64) XUI_ARCH="amd64" ;;
+  i*86 | x86) XUI_ARCH="386" ;;
+  armv8* | armv8 | arm64 | aarch64) XUI_ARCH="arm64" ;;
+  armv7* | armv7) XUI_ARCH="armv7" ;;
+  armv6* | armv6) XUI_ARCH="armv6" ;;
+  armv5* | armv5) XUI_ARCH="armv5" ;;
+  s390x) echo 's390x' ;;
+  *) XUI_ARCH="amd64" ;;
+esac
+
+wget https://github.com/MHSanaei/3x-ui/releases/latest/download/x-ui-linux-${XUI_ARCH}.tar.gz
+```
+
+2. نصب یا ارتقا:
+
+```sh
+ARCH=$(uname -m)
+case "${ARCH}" in
+  x86_64 | x64 | amd64) XUI_ARCH="amd64" ;;
+  i*86 | x86) XUI_ARCH="386" ;;
+  armv8* | armv8 | arm64 | aarch64) XUI_ARCH="arm64" ;;
+  armv7* | armv7) XUI_ARCH="armv7" ;;
+  armv6* | armv6) XUI_ARCH="armv6" ;;
+  armv5* | armv5) XUI_ARCH="armv5" ;;
+  s390x) echo 's390x' ;;
+  *) XUI_ARCH="amd64" ;;
+esac
+
+cd /root/
+rm -rf x-ui/ /usr/local/x-ui/ /usr/bin/x-ui
+tar zxvf x-ui-linux-${XUI_ARCH}.tar.gz
+chmod +x x-ui/x-ui x-ui/bin/xray-linux-* x-ui/x-ui.sh
+cp x-ui/x-ui.sh /usr/bin/x-ui
+cp -f x-ui/x-ui.service /etc/systemd/system/
+mv x-ui/ /usr/local/
+systemctl daemon-reload
+systemctl enable x-ui
+systemctl restart x-ui
+```
+
+</details>
+
+## نصب با Docker
+
+<details>
+  <summary>جزئیات Docker</summary>
+
+#### استفاده
+
+1. **نصب Docker:**
+
+   ```sh
+   bash <(curl -sSL https://get.docker.com)
+   ```
+
+2. **کلون پروژه:**
+
+   ```sh
+   git clone https://github.com/MHSanaei/3x-ui.git
+   cd 3x-ui
+   ```
+
+3. **راه‌اندازی سرویس:**
+
+   ```sh
+   docker compose up -d
+   ```
+
+   یا
+
+   ```sh
+   docker run -itd \
+      -e XRAY_VMESS_AEAD_FORCED=false \
+      -v $PWD/db/:/etc/x-ui/ \
+      -v $PWD/cert/:/root/cert/ \
+      --network=host \
+      --restart=unless-stopped \
+      --name 3x-ui \
+      ghcr.io/mhsanaei/3x-ui:latest
+   ```
+
+4. **به‌روزرسانی:**
+
+   ```sh
+   cd 3x-ui
+   docker compose down
+   docker compose pull 3x-ui
+   docker compose up -d
+   ```
+
+5. **حذف:**
+
+   ```sh
+   docker stop 3x-ui
+   docker rm 3x-ui
+   cd --
+   rm -r 3x-ui
+   ```
+
+</details>
+
+## تنظیمات Nginx
+<details>
+  <summary>پیکربندی Reverse Proxy</summary>
+
+#### Nginx Reverse Proxy
+```nginx
+location / {
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header Host $http_host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header Range $http_range;
+    proxy_set_header If-Range $http_if_range; 
+    proxy_redirect off;
+    proxy_pass http://127.0.0.1:2053;
+}
+```
+
+#### مسیر فرعی در Nginx
+- اطمینان حاصل کنید "URI Path" در تنظیمات پنل یکسان باشد.
+- `url` در تنظیمات پنل باید با `/` پایان یابد.   
+
+```nginx
+location /sub {
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header Host $http_host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header Range $http_range;
+    proxy_set_header If-Range $http_if_range; 
+    proxy_redirect off;
+    proxy_pass http://127.0.0.1:2053;
+}
+```
+</details>
+
+## سیستم‌عامل‌های توصیه شده
+
+- Ubuntu 20.04+
+- Debian 11+
+- CentOS 8+
+- OpenEuler 22.03+
+- Fedora 36+
+- Arch Linux
+- Parch Linux
+- Manjaro
+- Armbian
+- AlmaLinux 8.0+
+- Rocky Linux 8+
+- Oracle Linux 8+
+- OpenSUSE Tubleweed
+- Amazon Linux 2023
+- Windows x64
+
+## معماری‌ها و دستگاه‌های پشتیبانی شده
+
+<details>
+  <summary>جزئیات معماری‌ها و دستگاه‌ها</summary>
+
+- **amd64**: معماری استاندارد برای کامپیوترهای شخصی و سرورها
+- **x86 / i386**: سیستم‌های دسکتاپ و لپ‌تاپ
+- **armv8 / arm64 / aarch64**: دستگاه‌های موبایل و embedded مانند Raspberry Pi 4
+- **armv7 / arm / arm32**: دستگاه‌های قدیمی مانند Orange Pi Zero
+- **armv6 / arm / arm32**: دستگاه‌های بسیار قدیمی مانند Raspberry Pi 1
+- **armv5 / arm / arm32**: سیستم‌های embedded قدیمی
+- **s390x**: کامپیوترهای IBM mainframe
+</details>
+
+## زبان‌های پشتیبانی شده
+
+- انگلیسی
+- فارسی
+- چینی سنتی
+- چینی ساده‌شده
+- ژاپنی
+- روسی
+- ویتنامی
+- اسپانیایی
+- اندونزیایی
+- اوکراینی
+- ترکی
+- پرتغالی (برزیل)
+
+## ویژگی‌ها
+
+- مانیتورینگ وضعیت سیستم
+- جستجو در بین inboundها و کلاینت‌ها
+- تم تاریک/روشن
+- پشتیبانی از چند کاربر و پروتکل
+- پروتکل‌های VMESS، VLESS، Trojan، Shadowsocks، Dokodemo-door، Socks، HTTP، WireGuard
+- پشتیبانی از XTLS شامل RPRX-Direct، Vision، REALITY
+- آمار ترافیک، محدودیت ترافیک، محدودیت زمانی
+- تنظیمات سفارشی Xray
+- پشتیبانی از HTTPS برای پنل
+- دریافت خودکار گواهی SSL
+- مسیرهای API اصلاح شده
+- پشتیبانی از تغییر تنظیمات از طریق پنل
+- امکان export/import دیتابیس
+
+## تنظیمات پیش‌فرض پنل
+
+<details>
+  <summary>جزئیات تنظیمات پیش‌فرض</summary>
+
+### نام کاربری، رمز عبور، پورت و مسیر وب
+
+در صورت عدم تغییر، این موارد به صورت تصادفی ایجاد می‌شوند (به جز Docker).
+
+**تنظیمات پیش‌فرض Docker:**
+- **نام کاربری:** admin
+- **رمز عبور:** admin
+- **پورت:** 2053
+
+### مدیریت دیتابیس:
+
+  امکان Backup و Restore دیتابیس از طریق پنل.
+
+- **مسیر دیتابیس:**
+  - `/etc/x-ui/x-ui.db`
+
+### مسیر پایه وب
+
+1. **بازنشانی مسیر:**
+   - اجرای دستور `x-ui`
+   - انتخاب گزینه `Reset Web Base Path`
+
+2. **ساخت یا تنظیم مسیر:**
+   - مسیر به صورت تصادفی ساخته شده یا قابل تنظیم است
+
+3. **مشاهده تنظیمات فعلی:**
+   - استفاده از دستور `x-ui settings` یا `View Current Settings` در `x-ui`
+
+**توصیه امنیتی:**
+- استفاده از مسیرهای طولانی و تصادفی برای افزایش امنیت
+
+**مثال:**
+- `http://ip:port/*webbasepath*/panel`
+- `http://domain:port/*webbasepath*/panel`
+
+</details>
+
+## پیکربندی WARP
+
+<details>
+  <summary>جزئیات WARP</summary>
+
+#### استفاده
+
+**برای نسخه‌های `v2.1.0` و جدیدتر:**
+
+WARP به صورت داخلی پشتیبانی می‌شود. تنها نیاز به فعال‌سازی در پنل است.
+
+</details>
+
+## محدودیت IP
+
+<details>
+  <summary>جزئیات محدودیت IP</summary>
+
+#### استفاده
+
+**توجه:** محدودیت IP در صورت استفاده از IP Tunnel کار نمی‌کند.
+
+- **تا نسخه `v1.6.1`:**
+  - محدودیت IP به صورت داخلی در پنل وجود دارد
+
+**برای نسخه‌های `v1.7.0` و جدیدتر:**
+
+برای فعال‌سازی نیاز به نصب `fail2ban` است:
+
+1. اجرای دستور `x-ui` و انتخاب `مدیریت محدودیت IP`
+2. گزینه‌های موجود:
+
+   - **تغییر مدت زمان Ban**
+   - **حذف تمام Banها**
+   - **مشاهده لاگ‌ها**
+   - **وضعیت Fail2ban**
+   - **راه‌اندازی مجدد Fail2ban**
+   - **حذف Fail2ban**
+
+3. تنظیم مسیر `Access log` در پنل به `./access.log` و ذخیره و راه‌اندازی مجدد Xray
+
+- **قبل از نسخه `v2.1.3`:**
+  - تنظیم دستی `access.log` در تنظیمات Xray:
+
+    ```sh
+    "log": {
+      "access": "./access.log",
+      "dnsLog": false,
+      "loglevel": "warning"
+    },
+    ```
+
+- **از نسخه `v2.1.3`:**
+  - امکان تنظیم `access.log` از طریق پنل
+
+</details>
+
+## ربات تلگرام
+
+<details>
+  <summary>جزئیات ربات تلگرام</summary>
+
+#### استفاده
+
+ربات تلگرام برای اطلاع‌رسانی ترافیک، ورود به پنل، Backup دیتابیس و ... استفاده می‌شود. نیازمند تنظیم:
+
+- توکن تلگرام
+- Chat ID ادمین‌ها
+- زمان اطلاع‌رسانی (Cron syntax)
+- اطلاع‌رسانی انقضا
+- اطلاع‌رسانی ترافیک
+- Backup دیتابیس
+- اطلاع‌رسانی مصرف CPU
+
+**سینتکس نمونه:**
+
+- `30 \* \* \* \* \*` - اطلاع در ثانیه 30 هر دقیقه
+- `@hourly` - هر ساعت
+- `@daily` - هر روز
+
+### ویژگی‌های ربات
+
+- گزارش دوره‌ای
+- اطلاع ورود به پنل
+- اطلاع مصرف CPU
+- اطلاع پیش‌از موعد انقضا و ترافیک
+- گزارش ترافیک کلاینت‌ها
+- منوی مبتنی بر دستور
+- جستجوی کلاینت بر اساس ایمیل
+- بررسی inboundها
+- بررسی وضعیت سرور
+- دریافت Backup
+- چندزبانه
+
+### راه‌اندازی ربات
+
+- شروع [Botfather](https://t.me/BotFather) در تلگرام:
+    ![Botfather](./media/botfather.png)
+
+- ساخت ربات جدید با دستور /newbot:
+    ![Create new bot](./media/newbot.png)
+
+- شروع ربات ساخته شده:
+    ![token](./media/token.png)
+
+- تنظیمات پنل:
+![Panel Config](./media/panel-bot-config.png)
+
+وارد کردن توکن و Chat ID (دریافت از [این ربات](https://t.me/useridinfobot)):
+![User ID](./media/user-id.png)
+
+</details>
+
+## مسیرهای API
+
+<details>
+  <summary>جزئیات API</summary>
+
+#### استفاده
+
+- [مستندات API](https://www.postman.com/hsanaei/3x-ui/collection/q1l5l0u/3x-ui)
+- `/login` با `POST` داده کاربر: `{username: '', password: ''}`
+
+| Method | مسیر                               | عملکرد                                      |
+| :----: | ---------------------------------- | ------------------------------------------- |
+| `GET`  | `"/list"`                          | دریافت تمام inboundها                      |
+| `GET`  | `"/get/:id"`                       | دریافت inbound بر اساس id                  |
+| `POST` | `"/add"`                           | افزودن inbound                              |
+| `POST` | `"/del/:id"`                       | حذف inbound                                 |
+
+- [<img src="https://run.pstmn.io/button.svg" alt="Run In Postman" style="width: 128px; height: 32px;">](https://app.getpostman.com/run-collection/5146551-dda3cab3-0e33-485f-96f9-d4262f437ac5?action=collection%2Ffork&source=rip_markdown&collection-url=entityId%3D5146551-dda3cab3-0e33-485f-96f9-d4262f437ac5%26entityType%3Dcollection%26workspaceId%3Dd64f609f-485a-4951-9b8f-876b3f917124)
+</details>
+
+## متغیرهای محیطی
+
+<details>
+  <summary>جزئیات متغیرها</summary>
+
+#### استفاده
+
+| متغیر         |                      نوع                      | پیش‌فرض       |
+| ------------- | :--------------------------------------------: | :------------ |
+| XUI_LOG_LEVEL | `"debug"` \| `"info"` \| `"warn"` \| `"error"` | `"info"`      |
+| XUI_DEBUG     |                   `boolean`                    | `false`       |
+| XUI_BIN_FOLDER|                    `string`                    | `"bin"`       |
+
+مثال:
+
+```sh
+XUI_BIN_FOLDER="bin" XUI_DB_FOLDER="/etc/x-ui" go build main.go
+```
+
+</details>
+
+## پیش‌نمایش
+
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/01-overview-dark.png">
+  <img alt="3x-ui" src="./media/01-overview-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/02-inbounds-dark.png">
+  <img alt="3x-ui" src="./media/02-inbounds-light.png">
+</picture>
+
+## قدردانی ویژه از
+
+- [alireza0](https://github.com/alireza0/)
+
+## تشکر و قدردانی
+
+- [Iran v2ray rules](https://github.com/chocolate4u/Iran-v2ray-rules) (مجوز: **GPL-3.0**)
+- [Russia v2ray rules](https://github.com/runetfreedom/russia-v2ray-rules-dat) (مجوز: **GPL-3.0**)
+
+## Stargazers over Time
+
+[![Stargazers over time](https://starchart.cc/MHSanaei/3x-ui.svg?variant=adaptive)](https://starchart.cc/MHSanaei/3x-ui)
--- a/README.md
+++ b/README.md
@@ -1,8 +1,11 @@
-# 3X-UI
+[English](/README.md) | [فارسی](/README.fa_IR.md) | [中文](/README.zh_CN.md) | [Español](/README.es_ES.md) | [Русский](/README.ru_RU.md)

-[English](/README.md) | [Chinese](/README.zh.md) | [Español](/README.es_ES.md)
-
-<p align="center"><a href="#"><img src="./media/3X-UI.png" alt="Image"></a></p>
+<p align="center">
+  <picture>
+    <source media="(prefers-color-scheme: dark)" srcset="./media/3x-ui-dark.png">
+    <img alt="3x-ui" src="./media/3x-ui-light.png">
+  </picture>
+</p>

 **An Advanced Web Panel • Built on Xray Core**

@@ -16,9 +19,15 @@

 **If this project is helpful to you, you may wish to give it a**:star2:

-<p align="left"><a href="#"><img width="125" src="https://github.com/MHSanaei/3x-ui/assets/115543613/7aa895dd-048a-42e7-989b-afd41a74e2e1" alt="Image"></a></p>
+<p align="left">
+  <a href="https://buymeacoffee.com/mhsanaei" target="_blank">
+    <img src="./media/buymeacoffe.png" alt="Image">
+  </a>
+</p>

 - USDT (TRC20): `TXncxkvhkDWGts487Pjqq1qT9JmwRUz8CC`
+- MATIC (polygon): `0x41C9548675D044c6Bfb425786C765bc37427256A`
+- LTC (Litecoin): `ltc1q2ach7x6d2zq0n4l0t4zl7d7xe2s6fs7a3vspwv`

 ## Install & Upgrade

@@ -26,50 +35,63 @@
 bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh)
 ```

-## Install Custom Version
+## Install legacy Version (we don't recommend)

-To install your desired version, add the version to the end of the installation command. e.g., ver `v2.3.3`:
+To install your desired version, use following installation command. e.g., ver `v1.7.9`:

 ```
-bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh) v2.3.3
+VERSION=v1.7.9 && bash <(curl -Ls "https://raw.githubusercontent.com/mhsanaei/3x-ui/$VERSION/install.sh") $VERSION
 ```

 ## SSL Certificate

 <details>
-  <summary>Click for SSL Certificate</summary>
+  <summary>Click for SSL Certificate details</summary>

-### Cloudflare
+### ACME

-The Management script has a built-in SSL certificate application for Cloudflare. To use this script to apply for a certificate, you need the following:
+To manage SSL certificates using ACME:

- Cloudflare registered email
- Cloudflare Global API Key
- The domain name has been resolved to the current server through cloudflare
+1. Ensure your domain is correctly resolved to the server.
+2. Run the `x-ui` command in the terminal, then choose `SSL Certificate Management`.
+3. You will be presented with the following options:

-How to get the Cloudflare Global API Key:
-
-1. Run the`x-ui`command on the terminal, then choose `Cloudflare SSL Certificate`.
-
-2. Visit the link https://dash.cloudflare.com/profile/api-tokens
-
-3. Click on View Global API Key (See the screenshot below)
-        ![](media/APIKey1.PNG)
-
-4. You may have to re-authenticate your account. After that, the API Key will be shown (See the screenshot below)\
-        ![](media/APIKey2.png)
-
-When using, just enter `domain name`, `email`, `API KEY`, the diagram is as follows:
-        ![](media/DetailEnter.png)
+   - **Get SSL:** Obtain SSL certificates.
+   - **Revoke:** Revoke existing SSL certificates.
+   - **Force Renew:** Force renewal of SSL certificates.
+   - **Show Existing Domains:** Display all domain certificates available on the server.  
+   - **Set Certificate Paths for the Panel:** Specify the certificate for your domain to be used by the panel. 

 ### Certbot
-```
+
+To install and use Certbot:
+
+```sh
 apt-get install certbot -y
 certbot certonly --standalone --agree-tos --register-unsafely-without-email -d yourdomain.com
 certbot renew --dry-run
 ```

-***Tip:*** *Certbot is also built into the Management script. You can run the `x-ui` command, then choose `SSL Certificate Management`.*
+### Cloudflare
+
+The management script includes a built-in SSL certificate application for Cloudflare. To use this script to apply for a certificate, you need the following:
+
+- Cloudflare registered email
+- Cloudflare Global API Key
+- The domain name must be resolved to the current server through Cloudflare
+
+**How to get the Cloudflare Global API Key:**
+
+1. Run the `x-ui` command in the terminal, then choose `Cloudflare SSL Certificate`.
+2. Visit the link: [Cloudflare API Tokens](https://dash.cloudflare.com/profile/api-tokens).
+3. Click on "View Global API Key" (see the screenshot below):
+   ![](media/APIKey1.PNG)
+4. You may need to re-authenticate your account. After that, the API Key will be shown (see the screenshot below):
+   ![](media/APIKey2.png)
+
+When using, just enter your `domain name`, `email`, and `API KEY`. The diagram is as follows:
+   ![](media/DetailEnter.png)
+

 </details>

@@ -135,26 +157,28 @@ systemctl restart x-ui

 #### Usage

-1. Install Docker:
+1. **Install Docker:**

   ```sh
   bash <(curl -sSL https://get.docker.com)
   ```

-2. Clone the Project Repository:
+2. **Clone the Project Repository:**

   ```sh
   git clone https://github.com/MHSanaei/3x-ui.git
   cd 3x-ui
   ```

-3. Start the Service
+3. **Start the Service:**

   ```sh
   docker compose up -d
   ```

-   OR
+  Add ```--pull always``` flag to make docker automatically recreate container if a newer image is pulled. See https://docs.docker.com/reference/cli/docker/container/run/#pull for more info.
+
+   **OR**

   ```sh
   docker run -itd \
@@ -167,41 +191,79 @@ systemctl restart x-ui
      ghcr.io/mhsanaei/3x-ui:latest
   ```

-update to latest version
+4. **Update to the Latest Version:**

   ```sh
-    cd 3x-ui
-    docker compose down
-    docker compose pull 3x-ui
-    docker compose up -d
+   cd 3x-ui
+   docker compose down
+   docker compose pull 3x-ui
+   docker compose up -d
   ```

-remove 3x-ui from docker 
+5. **Remove 3x-ui from Docker:**

   ```sh
-    docker stop 3x-ui
-    docker rm 3x-ui
-    cd --
-    rm -r 3x-ui
+   docker stop 3x-ui
+   docker rm 3x-ui
+   cd --
+   rm -r 3x-ui
   ```

 </details>

+## Nginx Settings
+<details>
+  <summary>Click for Reverse Proxy Configuration</summary>
+
+#### Nginx Reverse Proxy
+```nginx
+location / {
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header Host $http_host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header Range $http_range;
+    proxy_set_header If-Range $http_if_range; 
+    proxy_redirect off;
+    proxy_pass http://127.0.0.1:2053;
+}
+```
+
+#### Nginx sub-path
+- Ensure that the "URI Path" in the `/sub` panel settings is the same.
+- The `url` in the panel settings needs to end with `/`.   
+
+```nginx
+location /sub {
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header Host $http_host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header Range $http_range;
+    proxy_set_header If-Range $http_if_range; 
+    proxy_redirect off;
+    proxy_pass http://127.0.0.1:2053;
+}
+```
+</details>

 ## Recommended OS

 - Ubuntu 20.04+
 - Debian 11+
 - CentOS 8+
+- OpenEuler 22.03+
 - Fedora 36+
 - Arch Linux
 - Parch Linux
 - Manjaro
 - Armbian
- AlmaLinux 9+
- Rocky Linux 9+
+- AlmaLinux 8.0+
+- Rocky Linux 8+
 - Oracle Linux 8+
 - OpenSUSE Tubleweed
+- Amazon Linux 2023
+- Windows x64

 ## Supported Architectures and Devices

@@ -228,13 +290,17 @@ Our platform offers compatibility with a diverse range of architectures and devi
 ## Languages

 - English
- Farsi
- Chinese
+- Persian
+- Traditional Chinese
+- Simplified Chinese
+- Japanese
 - Russian
 - Vietnamese
 - Spanish
- Indonesian 
+- Indonesian
 - Ukrainian
+- Turkish
+- Português (Brazil)


 ## Features
@@ -243,7 +309,7 @@ Our platform offers compatibility with a diverse range of architectures and devi
 - Search within all inbounds and clients
 - Dark/Light theme
 - Supports multi-user and multi-protocol
- Supports protocols, including VMess, VLESS, Trojan, Shadowsocks, Dokodemo-door, Socks, HTTP, wireguard
+- Supports protocols, including VMESS, VLESS, Trojan, Shadowsocks, Dokodemo-door, Socks, HTTP, wireguard
 - Supports XTLS native Protocols, including RPRX-Direct, Vision, REALITY
 - Traffic statistics, traffic limit, expiration time limit
 - Customizable Xray configuration templates
@@ -255,55 +321,60 @@ Our platform offers compatibility with a diverse range of architectures and devi
 - Supports export/import database from the panel


-## Default Settings
+## Default Panel Settings

 <details>
  <summary>Click for default settings details</summary>

-  ### Information
+### Username, Password, Port, and Web Base Path

+If you choose not to modify these settings, they will be generated randomly (this does not apply to Docker).
+
+**Default Settings for Docker:**
+- **Username:** admin
+- **Password:** admin
 - **Port:** 2053
- **Username & Password:** It will be generated randomly if you skip modifying.
+
+### Database Management:
+
+  You can conveniently perform database Backups and Restores directly from the panel.
+
 - **Database Path:**
-  - /etc/x-ui/x-ui.db
- **Xray Config Path:**
-  - /usr/local/x-ui/bin/config.json
- **Web Panel Path w/o Deploying SSL:**
-  - http://ip:2053/panel
-  - http://domain:2053/panel
- **Web Panel Path w/ Deploying SSL:**
-  - https://domain:2053/panel
- 
+  - `/etc/x-ui/x-ui.db`
+
+
+### Web Base Path
+
+1. **Reset Web Base Path:**
+   - Open your terminal.
+   - Run the `x-ui` command.
+   - Select the option to `Reset Web Base Path`.
+
+2. **Generate or Customize Path:**
+   - The path will be randomly generated, or you can enter a custom path.
+
+3. **View Current Settings:**
+   - To view your current settings, use the `x-ui settings` command in the terminal or `View Current Settings` in `x-ui`
+
+### Security Recommendation:
+- For enhanced security, use a long, random word in your URL structure.
+
+**Examples:**
+- `http://ip:port/*webbasepath*/panel`
+- `http://domain:port/*webbasepath*/panel`
+
 </details>

-## [WARP Configuration](https://gitlab.com/fscarmen/warp)
+## WARP Configuration

 <details>
  <summary>Click for WARP configuration details</summary>

 #### Usage

-If you want to use routing to WARP before v2.1.0 follow steps as below:
+**For versions `v2.1.0` and later:**

-**1.** Install WARP on **SOCKS Proxy Mode**:
-
-   ```sh
-   bash <(curl -sSL https://raw.githubusercontent.com/hamid-gh98/x-ui-scripts/main/install_warp_proxy.sh)
-   ```
-
-**2.** If you already installed warp, you can uninstall using below command:
-
-   ```sh
-   warp u
-   ```
-
-**3.** Turn on the config you need in panel
-
-   Config Features:
-
-   - Block Ads
-   - Route Google + Netflix + Spotify + OpenAI (ChatGPT) to WARP
-   - Fix Google 403 error
+WARP is built-in, and no additional installation is required. Simply turn on the necessary configuration in the panel.

 </details>

@@ -314,29 +385,40 @@ If you want to use routing to WARP before v2.1.0 follow steps as below:

 #### Usage

-**Note:** IP Limit won't work correctly when using IP Tunnel
+**Note:** IP Limit won't work correctly when using IP Tunnel.

- For versions up to `v1.6.1`:
+- **For versions up to `v1.6.1`:**
+  - The IP limit is built-in to the panel

-  - IP limit is built-in into the panel.
+**For versions `v1.7.0` and newer:**

- For versions `v1.7.0` and newer:
+To enable the IP Limit functionality, you need to install `fail2ban` and its required files by following these steps:

-  - To make IP Limit work properly, you need to install fail2ban and its required files by following these steps:
+1. Run the `x-ui` command in the terminal, then choose `IP Limit Management`.
+2. You will see the following options:

-    1. Use the `x-ui` command inside the shell.
-    2. Select `IP Limit Management`.
-    3. Choose the appropriate options based on your needs.
-   
-  - make sure you have ./access.log on your Xray Configuration after v2.1.3 we have an option for it
-  
-  ```sh
+   - **Change Ban Duration:** Adjust the duration of bans.
+   - **Unban Everyone:** Lift all current bans.
+   - **Check Logs:** Review the logs.
+   - **Fail2ban Status:** Check the status of `fail2ban`.
+   - **Restart Fail2ban:** Restart the `fail2ban` service.
+   - **Uninstall Fail2ban:** Uninstall Fail2ban with configuration.
+
+3. Add a path for the access log on the panel by setting `Xray Configs/log/Access log` to `./access.log` then save and restart xray.
+
+- **For versions before `v2.1.3`:**
+  - You need to set the access log path manually in your Xray configuration:
+
+    ```sh
    "log": {
      "access": "./access.log",
      "dnsLog": false,
      "loglevel": "warning"
    },
-  ```
+    ```
+
+- **For versions `v2.1.3` and newer:**
+  - There is an option for configuring `access.log` directly from the panel.

 </details>

@@ -375,19 +457,19 @@ The web panel supports daily traffic, panel login, database backup, system statu
 - Threshold for Expiration time and Traffic to report in advance
 - Support client report menu if client's telegram username added to the user's configurations
 - Support telegram traffic report searched with UUID (VMESS/VLESS) or Password (TROJAN) - anonymously
- Menu based bot
- Search client by email ( only admin )
+- Menu-based bot
+- Search client by email (only admin)
 - Check all inbounds
 - Check server status
 - Check depleted users
 - Receive backup by request and in periodic reports
- Multi language bot
+- Multi-language bot

 ### Setting up Telegram bot

 - Start [Botfather](https://t.me/BotFather) in your Telegram account:
    ![Botfather](./media/botfather.png)
-  
+
 - Create a new Bot using /newbot command: It will ask you 2 questions, A name and a username for your bot. Note that the username has to end with the word "bot".
    ![Create new bot](./media/newbot.png)

@@ -412,6 +494,7 @@ Enter the user ID in input field number 4. The Telegram accounts with this id wi

 #### Usage

+- [API Documentation](https://www.postman.com/hsanaei/3x-ui/collection/q1l5l0u/3x-ui)
 - `/login` with `POST` user data: `{username: '', password: ''}` for login
 - `/panel/api/inbounds` base for following actions:

@@ -420,6 +503,7 @@ Enter the user ID in input field number 4. The Telegram accounts with this id wi
 | `GET`  | `"/list"`                          | Get all inbounds                            |
 | `GET`  | `"/get/:id"`                       | Get inbound with inbound.id                 |
 | `GET`  | `"/getClientTraffics/:email"`      | Get Client Traffics with email              |
+| `GET`  | `"/getClientTrafficsById/:id"`     | Get client's traffic By ID |
 | `GET`  | `"/createbackup"`                  | Telegram bot sends backup to admins         |
 | `POST` | `"/add"`                           | Add inbound                                 |
 | `POST` | `"/del/:id"`                       | Delete Inbound                              |
@@ -441,9 +525,7 @@ Enter the user ID in input field number 4. The Telegram accounts with this id wi
 - `client.password` for TROJAN
 - `client.email` for Shadowsocks

-
- [API Documentation](https://documenter.getpostman.com/view/16802678/2s9YkgD5jm)
- [<img src="https://run.pstmn.io/button.svg" alt="Run In Postman" style="width: 128px; height: 32px;">](https://app.getpostman.com/run-collection/16802678-1a4c9270-ac77-40ed-959a-7aa56dc4a415?action=collection%2Ffork&source=rip_markdown&collection-url=entityId%3D16802678-1a4c9270-ac77-40ed-959a-7aa56dc4a415%26entityType%3Dcollection%26workspaceId%3D2cd38c01-c851-4a15-a972-f181c23359d9)
+- [<img src="https://run.pstmn.io/button.svg" alt="Run In Postman" style="width: 128px; height: 32px;">](https://app.getpostman.com/run-collection/5146551-dda3cab3-0e33-485f-96f9-d4262f437ac5?action=collection%2Ffork&source=rip_markdown&collection-url=entityId%3D5146551-dda3cab3-0e33-485f-96f9-d4262f437ac5%26entityType%3Dcollection%26workspaceId%3Dd64f609f-485a-4951-9b8f-876b3f917124)
 </details>

 ## Environment Variables
@@ -471,13 +553,34 @@ XUI_BIN_FOLDER="bin" XUI_DB_FOLDER="/etc/x-ui" go build main.go

 ## Preview

-![1](./media/1.png)
-![2](./media/2.png)
-![3](./media/3.png)
-![4](./media/4.png)
-![5](./media/5.png)
-![6](./media/6.png)
-![7](./media/7.png)
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/01-overview-dark.png">
+  <img alt="3x-ui" src="./media/01-overview-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/02-inbounds-dark.png">
+  <img alt="3x-ui" src="./media/02-inbounds-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/03-add-inbound-dark.png">
+  <img alt="3x-ui" src="./media/03-add-inbound-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/04-add-client-dark.png">
+  <img alt="3x-ui" src="./media/04-add-client-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/05-settings-dark.png">
+  <img alt="3x-ui" src="./media/05-settings-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/06-configs-dark.png">
+  <img alt="3x-ui" src="./media/06-configs-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/07-bot-dark.png">
+  <img alt="3x-ui" src="./media/07-bot-light.png">
+</picture>

 ## A Special Thanks to

@@ -486,8 +589,8 @@ XUI_BIN_FOLDER="bin" XUI_DB_FOLDER="/etc/x-ui" go build main.go
 ## Acknowledgment

 - [Iran v2ray rules](https://github.com/chocolate4u/Iran-v2ray-rules) (License: **GPL-3.0**): _Enhanced v2ray/xray and v2ray/xray-clients routing rules with built-in Iranian domains and a focus on security and adblocking._
- [Vietnam Adblock rules](https://github.com/vuong2023/vn-v2ray-rules) (License: **GPL-3.0**): _A hosted domain hosted in Vietnam and blocklist with the most efficiency for Vietnamese._
+- [Russia v2ray rules](https://github.com/runetfreedom/russia-v2ray-rules-dat) (License: **GPL-3.0**): _This repository contains automatically updated V2Ray routing rules based on data on blocked domains and addresses in Russia._

 ## Stargazers over Time

-[![Stargazers over time](https://starchart.cc/MHSanaei/3x-ui.svg)](https://starchart.cc/MHSanaei/3x-ui)
+[![Stargazers over time](https://starchart.cc/MHSanaei/3x-ui.svg?variant=adaptive)](https://starchart.cc/MHSanaei/3x-ui)
--- a/README.ru_RU.md
+++ b/README.ru_RU.md
@@ -0,0 +1,594 @@
+[English](/README.md) | [فارسی](/README.fa_IR.md) | [中文](/README.zh_CN.md) | [Español](/README.es_ES.md) | [Русский](/README.ru_RU.md)
+
+<p align="center">
+  <picture>
+    <source media="(prefers-color-scheme: dark)" srcset="./media/3x-ui-dark.png">
+    <img alt="3x-ui" src="./media/3x-ui-light.png">
+  </picture>
+</p>
+
+**Продвинутая веб-панель • Построена на основе Xray Core**
+
+[![](https://img.shields.io/github/v/release/mhsanaei/3x-ui.svg)](https://github.com/MHSanaei/3x-ui/releases)
+[![](https://img.shields.io/github/actions/workflow/status/mhsanaei/3x-ui/release.yml.svg)](#)
+[![GO Version](https://img.shields.io/github/go-mod/go-version/mhsanaei/3x-ui.svg)](#)
+[![Downloads](https://img.shields.io/github/downloads/mhsanaei/3x-ui/total.svg)](#)
+[![License](https://img.shields.io/badge/license-GPL%20V3-blue.svg?longCache=true)](https://www.gnu.org/licenses/gpl-3.0.en.html)
+
+> **Отказ от ответственности:** Этот проект предназначен только для личного обучения и общения. Пожалуйста, не используйте его в незаконных целях и не применяйте в производственной среде.
+
+**Если этот проект оказался полезным для вас, вы можете оценить его, поставив звёздочку** :star2:
+
+<p align="left">
+  <a href="https://buymeacoffee.com/mhsanaei" target="_blank">
+    <img src="./media/buymeacoffe.png" alt="Image">
+  </a>
+</p>
+
+- USDT (TRC20): `TXncxkvhkDWGts487Pjqq1qT9JmwRUz8CC`
+- MATIC (polygon): `0x41C9548675D044c6Bfb425786C765bc37427256A`
+- LTC (Litecoin): `ltc1q2ach7x6d2zq0n4l0t4zl7d7xe2s6fs7a3vspwv`
+
+## Установка и обновление
+
+```
+bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh)
+```
+
+## Установить старую версию (мы не рекомендуем)
+
+Чтобы установить желаемую версию, используйте следующую команду установки. Например, ver `v1.7.9`:
+
+```
+VERSION=v1.7.9 && <(curl -Ls "https://raw.githubusercontent.com/mhsanaei/3x-ui/$VERSION/install.sh") $VERSION
+```
+
+## SSL Сертификат
+
+<details>
+  <summary>Нажмите для получения информации об SSL сертификате</summary>
+
+### ACME
+
+Для управления SSL сертификатами с помощью ACME:
+
+1. Убедитесь, что ваш домен правильно настроен и указывает на сервер.
+2. Выполните команду `x-ui` в терминале, затем выберите `SSL Certificate Management`.
+3. Вам будут предложены следующие опции:
+
+   - **Get SSL:** Получить SSL сертификаты.
+   - **Revoke:** Отозвать существующие SSL сертификаты.
+   - **Force Renew:** Принудительно перевыпустить SSL сертификаты.
+   - **Show Existing Domains:** Отобразить все сертификаты доменов, доступные на сервере.  
+   - **Set Certificate Paths for the Panel:** Укажите сертификат для вашего домена, который будет использоваться панелью.
+
+### Certbot
+
+Для установки и использования Certbot:
+
+```sh
+apt-get install certbot -y
+certbot certonly --standalone --agree-tos --register-unsafely-without-email -d вашдомен.com
+certbot renew --dry-run
+```
+
+### Cloudflare
+
+Скрипт управления включает встроенное приложение для получения SSL сертификата через Cloudflare. Чтобы использовать этот скрипт для запроса сертификата, вам потребуется следующее:
+
+- Email, зарегистрированный в Cloudflare
+- Глобальный API-ключ Cloudflare
+- Доменное имя должно указывать на текущий сервер через Cloudflare
+
+**Как получить глобальный API-ключ Cloudflare:**
+
+1. Выполните команду `x-ui` в терминале, затем выберите `Cloudflare SSL Certificate`.
+2. Перейдите по ссылке: [Cloudflare API Tokens](https://dash.cloudflare.com/profile/api-tokens).
+3. Нажмите на "View Global API Key" (см. скриншот ниже):
+   ![](media/APIKey1.PNG)
+4. Возможно, вам потребуется повторно пройти аутентификацию. После этого ключ API будет отображён (см. скриншот ниже):
+   ![](media/APIKey2.png)
+
+При использовании просто введите ваше `доменное имя`, `email` и `API-ключ`. Схема приведена ниже:
+   ![](media/DetailEnter.png)
+
+</details>
+
+## Ручная установка и обновление
+
+<details>
+  <summary>Нажмите для получения информации о ручной установке</summary>
+
+#### Использование
+
+1. Чтобы скачать последнюю версию архива напрямую на ваш сервер, выполните следующую команду:
+
+```sh
+ARCH=$(uname -m)
+case "${ARCH}" in
+  x86_64 | x64 | amd64) XUI_ARCH="amd64" ;;
+  i*86 | x86) XUI_ARCH="386" ;;
+  armv8* | armv8 | arm64 | aarch64) XUI_ARCH="arm64" ;;
+  armv7* | armv7) XUI_ARCH="armv7" ;;
+  armv6* | armv6) XUI_ARCH="armv6" ;;
+  armv5* | armv5) XUI_ARCH="armv5" ;;
+  s390x) echo 's390x' ;;
+  *) XUI_ARCH="amd64" ;;
+esac
+
+
+wget https://github.com/MHSanaei/3x-ui/releases/latest/download/x-ui-linux-${XUI_ARCH}.tar.gz
+```
+
+2. После загрузки архива выполните следующие команды для установки или обновления x-ui:
+
+```sh
+ARCH=$(uname -m)
+case "${ARCH}" in
+  x86_64 | x64 | amd64) XUI_ARCH="amd64" ;;
+  i*86 | x86) XUI_ARCH="386" ;;
+  armv8* | armv8 | arm64 | aarch64) XUI_ARCH="arm64" ;;
+  armv7* | armv7) XUI_ARCH="armv7" ;;
+  armv6* | armv6) XUI_ARCH="armv6" ;;
+  armv5* | armv5) XUI_ARCH="armv5" ;;
+  s390x) echo 's390x' ;;
+  *) XUI_ARCH="amd64" ;;
+esac
+
+cd /root/
+rm -rf x-ui/ /usr/local/x-ui/ /usr/bin/x-ui
+tar zxvf x-ui-linux-${XUI_ARCH}.tar.gz
+chmod +x x-ui/x-ui x-ui/bin/xray-linux-* x-ui/x-ui.sh
+cp x-ui/x-ui.sh /usr/bin/x-ui
+cp -f x-ui/x-ui.service /etc/systemd/system/
+mv x-ui/ /usr/local/
+systemctl daemon-reload
+systemctl enable x-ui
+systemctl restart x-ui
+```
+
+</details>
+
+## Установка с помощью Docker
+
+<details>
+  <summary>Нажмите для получения информации о Docker</summary>
+
+#### Использование
+
+1. **Установите Docker:**
+
+   ```sh
+   bash <(curl -sSL https://get.docker.com)
+   ```
+
+2. **Склонируйте репозиторий проекта:**
+
+   ```sh
+   git clone https://github.com/MHSanaei/3x-ui.git
+   cd 3x-ui
+   ```
+
+3. **Запустите сервис:**
+
+   ```sh
+   docker compose up -d
+   ```
+
+  Добавьте параметр ```--pull always``` для автоматического обновления контейнера, когда публикуется новый образ. Подробности: https://docs.docker.com/reference/cli/docker/container/run/#pull
+
+   **ИЛИ**
+
+   ```sh
+   docker run -itd \
+      -e XRAY_VMESS_AEAD_FORCED=false \
+      -v $PWD/db/:/etc/x-ui/ \
+      -v $PWD/cert/:/root/cert/ \
+      --network=host \
+      --restart=unless-stopped \
+      --name 3x-ui \
+      ghcr.io/mhsanaei/3x-ui:latest
+   ```
+
+4. **Обновление до последней версии:**
+
+   ```sh
+   cd 3x-ui
+   docker compose down
+   docker compose pull 3x-ui
+   docker compose up -d
+   ```
+
+5. **Удаление 3x-ui из Docker:**
+
+   ```sh
+   docker stop 3x-ui
+   docker rm 3x-ui
+   cd --
+   rm -r 3x-ui
+   ```
+
+</details>
+
+## Настройки Nginx
+<details>
+  <summary>Нажмите чтобы просмотреть конфигурацию обратного прокси-сервера</summary>
+
+#### Обратный прокси-сервер Nginx
+```nginx
+location / {
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header Host $http_host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header Range $http_range;
+    proxy_set_header If-Range $http_if_range; 
+    proxy_redirect off;
+    proxy_pass http://127.0.0.1:2053;
+}
+```
+
+#### Nginx sub-path
+- Убедитесь, что "корневой путь URL адреса панели" в настройках панели и `/sub` совпадают.
+- В настройках панели `url` должен заканчиваться на `/`.    
+
+```nginx
+location /sub {
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header Host $http_host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header Range $http_range;
+    proxy_set_header If-Range $http_if_range; 
+    proxy_redirect off;
+    proxy_pass http://127.0.0.1:2053;
+}
+```
+</details>
+
+## Рекомендуемые ОС
+
+- Ubuntu 20.04+
+- Debian 11+
+- CentOS 8+
+- OpenEuler 22.03+
+- Fedora 36+
+- Arch Linux
+- Parch Linux
+- Manjaro
+- Armbian
+- AlmaLinux 8.0+
+- Rocky Linux 8+
+- Oracle Linux 8+
+- OpenSUSE Tubleweed
+- Amazon Linux 2023
+- Windows x64
+
+## Поддерживаемые архитектуры и устройства
+
+<details>
+  <summary>Нажмите для получения информации о поддерживаемых архитектурах и устройствах</summary>
+
+Наша платформа поддерживает разнообразные архитектуры и устройства, обеспечивая гибкость в различных вычислительных средах. Вот основные архитектуры, которые мы поддерживаем:
+
+- **amd64**: Эта распространенная архитектура является стандартом для персональных компьютеров и серверов, обеспечивая беспроблемную работу большинства современных операционных систем.
+
+- **x86 / i386**: Широко используется в настольных и портативных компьютерах. Эта архитектура имеет широкую поддержку со стороны множества операционных систем и приложений, включая, но не ограничиваясь, Windows, macOS и Linux.
+
+- **armv8 / arm64 / aarch64**: Предназначена для современных мобильных и встроенных устройств, таких как смартфоны и планшеты. Эта архитектура представлена устройствами, такими как Raspberry Pi 4, Raspberry Pi 3, Raspberry Pi Zero 2/Zero 2 W, Orange Pi 3 LTS и другими.
+
+- **armv7 / arm / arm32**: Служит архитектурой для старых мобильных и встроенных устройств, оставаясь широко используемой в таких устройствах, как Orange Pi Zero LTS, Orange Pi PC Plus, Raspberry Pi 2 и других.
+
+- **armv6 / arm / arm32**: Ориентирована на очень старые встроенные устройства, эта архитектура, хотя и менее распространенная, всё ещё используется. Например, такие устройства, как Raspberry Pi 1, Raspberry Pi Zero/Zero W, полагаются на эту архитектуру.
+
+- **armv5 / arm / arm32**: Более старая архитектура, ассоциируемая с ранними встроенными системами, сегодня менее распространена, но всё ещё может быть найдена в устаревших устройствах, таких как ранние версии Raspberry Pi и некоторые старые смартфоны.
+
+- **s390x**: Эта архитектура обычно используется в мейнфреймах IBM и обеспечивает высокую производительность и надежность для корпоративных рабочих нагрузок.
+</details>
+
+## Языки
+
+- English (английский)  
+- Persian (персидский)  
+- Traditional Chinese (традиционный китайский)  
+- Simplified Chinese (упрощенный китайский)  
+- Japanese (японский)  
+- Russian (русский)  
+- Vietnamese (вьетнамский)  
+- Spanish (испанский)  
+- Indonesian (индонезийский)  
+- Ukrainian (украинский)  
+- Turkish (турецкий)  
+- Português (Brazil) (португальский (Бразилия))
+
+## Возможности
+
+- Мониторинг состояния системы
+- Поиск по всем входящим подключениям и клиентам
+- Тёмная/светлая тема
+- Поддержка нескольких пользователей и протоколов
+- Поддержка протоколов, включая VMESS, VLESS, Trojan, Shadowsocks, Dokodemo-door, Socks, HTTP, WireGuard
+- Поддержка протоколов XTLS, включая RPRX-Direct, Vision, REALITY
+- Статистика трафика, ограничение трафика, ограничение по времени истечения
+- Настраиваемые шаблоны конфигурации Xray
+- Поддержка HTTPS доступа к панели (ваше доменное имя + SSL сертификат)
+- Поддержка установки SSL-сертификата в один клик и автоматического перевыпуска
+- Для получения более продвинутых настроек обращайтесь к панели
+- Исправляет маршруты API (настройка пользователя будет создана через API)
+- Поддержка изменения конфигураций по различным элементам, предоставленным в панели
+- Поддержка экспорта/импорта базы данных из панели
+
+## Настройки панели по умолчанию
+
+<details>
+  <summary>Нажмите для получения информации о настройках по умолчанию</summary>
+
+### Имя пользователя, Пароль, Порт и Web Base Path
+
+Если вы не измените эти настройки, они будут сгенерированы случайным образом (это не относится к Docker).
+
+**Настройки по умолчанию для Docker:**
+- **Имя пользователя:** admin
+- **Пароль:** admin
+- **Порт:** 2053
+
+### Управление базой данных:
+
+Вы можете удобно выполнять резервное копирование и восстановление базы данных прямо из панели.
+
+- **Путь к базе данных:**
+  - `/etc/x-ui/x-ui.db`
+
+### Webbasepath
+
+1. **Сбросить webbasepath:**
+   - Откройте терминал.
+   - Выполните команду `x-ui`.
+   - Выберите опцию `Reset Web Base Path`.
+
+2. **Генерация или настройка пути:**
+   - Путь будет сгенерирован случайным образом, или вы можете ввести собственный путь.
+
+3. **Просмотр текущих настроек:**
+   - Чтобы просмотреть текущие настройки, используйте команду `x-ui settings` в терминале или опцию `View Current Settings` в `x-ui`.
+
+### Рекомендации по безопасности:
+- Для повышения безопасности используйте длинное случайное слово в структуре вашего URL.
+
+**Примеры:**
+- `http://ip_адрес:порт/*webbasepath*/panel`
+- `http://домен:порт/*webbasepath*/panel`
+
+</details>
+
+## Настройка WARP
+
+<details>
+  <summary>Нажмите для получения информации о настройке WARP</summary>
+
+#### Использование
+
+**Для версий `v2.1.0` и новее:**
+
+WARP встроен, и дополнительная установка не требуется. Просто включите необходимую конфигурацию в панели.
+
+</details>
+
+## Ограничение IP
+
+<details>
+  <summary>Нажмите для получения информации об ограничении IP</summary>
+
+#### Использование
+
+**Примечание:** Ограничение IP не будет работать корректно при использовании IP Tunnel.
+
+- **Для версий до `v1.6.1`:**
+  - Ограничение IP встроено в панель.
+
+**Для версий `v1.7.0` и новее:**
+
+Чтобы включить функциональность ограничения IP, вам нужно установить `fail2ban` и его необходимые файлы, выполнив следующие шаги:
+
+1. Выполните команду `x-ui` в терминале, затем выберите `IP Limit Management`.
+2. Вам будут предложены следующие опции:
+
+   - **Change Ban Duration:** Отрегулировать длительность блокировок.
+   - **Unban Everyone:** Снять все текущие блокировки.
+   - **Check Logs:** Просмотреть логи.
+   - **Fail2ban Status:** Проверить статус `fail2ban`.
+   - **Restart Fail2ban:** Перезапустить службу `fail2ban`.
+   - **Uninstall Fail2ban:** Удалить Fail2ban с его конфигурацией.
+
+3. Добавьте путь к логам доступа в панели, установив `Xray Configs/log/Access log` в `./access.log`, затем сохраните и перезапустите xray.
+
+- **Для версий до `v2.1.3`:**
+  - Вам нужно вручную установить путь к логам доступа в вашей конфигурации Xray:
+
+    ```sh
+    "log": {
+      "access": "./access.log",
+      "dnsLog": false,
+      "loglevel": "warning"
+    },
+    ```
+
+- **Для версий `v2.1.3` и новее:**
+  - Есть возможность настройки `access.log` непосредственно из панели.
+
+</details>
+
+## Телеграм-бот
+
+<details>
+  <summary>Нажмите для получения информации о телеграм-боте</summary>
+
+#### Использование
+
+Веб-панель поддерживает уведомления и функции, такие как ежедневный трафик, вход в панель, резервное копирование базы данных, состояние системы, информация о клиентах и другие, через телеграм-бота. Чтобы использовать бота, вам нужно настроить параметры, связанные с ботом, в панели, включая:
+
+- Токен Telegram
+- ID чата админа(-ов)
+- Время уведомлений (в синтаксисе cron)
+- Уведомления о дате истечения
+- Уведомления о лимите трафика
+- Резервное копирование базы данных
+- Уведомления о загрузке CPU
+
+**Примеры синтаксиса:**
+
+- `30 * * * * *` - Уведомлять на 30-й секунде каждого часа
+- `0 */10 * * * *` - Уведомлять на первой секунде каждых 10 минут
+- `@hourly` - Ежечасное уведомление
+- `@daily` - Ежедневное уведомление (в 00:00)
+- `@weekly` - Еженедельное уведомление
+- `@every 8h` - Уведомлять каждые 8 часов
+
+### Возможности телеграм-бота
+
+- Периодические отчеты
+- Уведомления о входе
+- Уведомления о пороге загруженности процессора
+- Уведомления о времени истечения и трафике заранее
+- Поддерживает меню отчетов клиента, если имя пользователя телеграм клиента добавлено в конфигурации пользователя
+- Поддержка отчета о трафике через Telegram, поиск по UUID (VMESS/VLESS) или паролю (TROJAN) - анонимно
+- Бот, основанный на меню
+- Поиск клиента по email (только администратор)
+- Проверка всех входящих соединений
+- Проверка состояния сервера
+- Проверка истекших пользователей
+- Получение резервных копий по запросу и в периодических отчётах
+- Многоязычный бот
+
+### Настройка телеграм-бота
+
+- Запустите [Botfather](https://t.me/BotFather) в вашем аккаунте Telegram:
+    ![Botfather](./media/botfather.png)
+
+- Создайте нового бота с помощью команды /newbot: у вас спросят 2 вопроса: отображаемое имя и имя пользователя для вашего бота. Обратите внимание, что имя пользователя должно заканчиваться на слово "bot".
+    ![Создать нового бота](./media/newbot.png)
+
+- Запустите созданного бота. Ссылку на вашего бота можно найти здесь.
+    ![токен](./media/token.png)
+
+- Перейдите в панель и настройте параметры телеграм-бота следующим образом:
+![Настройки панели](./media/panel-bot-config.png)
+
+Введите токен вашего бота в поле ввода номер 3.
+Введите ID пользователя в поле ввода номер 4. Telegram-аккаунты с этим ID будут администраторами бота. (Вы можете ввести несколько ID, разделяя их запятой)
+
+- Как получить ID пользователя Telegram? Используйте этот [бот](https://t.me/useridinfobot). Запустите бота, и он отобразит ваш ID пользователя Telegram.
+![ID пользователя](./media/user-id.png)
+
+</details>
+
+## Маршруты API
+
+<details>
+  <summary>Нажмите для получения информации о маршрутах API</summary>
+
+#### Использование
+
+- [API документация](https://www.postman.com/hsanaei/3x-ui/collection/q1l5l0u/3x-ui)
+- `/login` с `POST`-данными: `{username: '', password: ''}` для входа
+- `/panel/api/inbounds` это базовый путь для следующих действий:
+
+| Метод  | Путь                               | Действие
+| :----: | -----------------------------------| -------------------------------------------
+| `GET`  | `"/list"`                          | Получить все входящие соединения
+| `GET`  | `"/get/:id"`                       | Получить входящее соединение с inbound.id
+| `GET`  | `"/getClientTraffics/:email"`      | Получить трафик клиента по email
+| `GET`  | `"/getClientTrafficsById/:id"`     | Получить трафик клиента по ID
+| `GET`  | `"/createbackup"`                  | Telegram-бот отправит резервную копию администраторам
+| `POST` | `"/add"`                           | Добавить входящее соединение
+| `POST` | `"/del/:id"`                       | Удалить входящее соединение
+| `POST` | `"/update/:id"`                    | Обновить входящее соединение
+| `POST` | `"/clientIps/:email"`              | IP-адрес клиента
+| `POST` | `"/clearClientIps/:email"`         | Очистить IP-адреса клиента
+| `POST` | `"/addClient"`                     | Добавить клиента к входящему соединению
+| `POST` | `"/:id/delClient/:clientId"`       | Удалить клиента по clientId\*
+| `POST` | `"/updateClient/:clientId"`        | Обновить клиента по clientId\*
+| `POST` | `"/:id/resetClientTraffic/:email"` | Сбросить трафик клиента
+| `POST` | `"/resetAllTraffics"`              | Сбросить трафик всех входящих соединений
+| `POST` | `"/resetAllClientTraffics/:id"`    | Сбросить трафик всех клиентов в входящем соединении
+| `POST` | `"/delDepletedClients/:id"`        | Удалить истекших клиентов в входящем соединении (-1: всех)
+| `POST` | `"/onlines"`                       | Получить пользователей, которые находятся онлайн (список email'ов)
+
+\*- Поле `clientId` должно быть заполнено следующим образом:
+
+- `client.id` для VMESS и VLESS
+- `client.password` для TROJAN
+- `client.email` для Shadowsocks
+
+</details>
+
+
+- [<img src="https://run.pstmn.io/button.svg" alt="Run In Postman" style="width: 128px; height: 32px;">](https://app.getpostman.com/run-collection/5146551-dda3cab3-0e33-485f-96f9-d4262f437ac5?action=collection%2Ffork&source=rip_markdown&collection-url=entityId%3D5146551-dda3cab3-0e33-485f-96f9-d4262f437ac5%26entityType%3Dcollection%26workspaceId%3Dd64f609f-485a-4951-9b8f-876b3f917124)
+</details>
+
+## Переменные среды
+
+<details>
+  <summary>Нажмите для получения информации о переменных среды</summary>
+
+#### Использование
+
+| Переменная       |                      Тип                       | Значение по умолчанию |
+| ---------------- | :------------------------------------------:   | :-------------------- |
+| XUI_LOG_LEVEL    | `"debug"` \| `"info"` \| `"warn"` \| `"error"` | `"info"`             |
+| XUI_DEBUG        |                   `boolean`                    | `false`              |
+| XUI_BIN_FOLDER   |                    `string`                    | `"bin"`              |
+| XUI_DB_FOLDER    |                    `string`                    | `"/etc/x-ui"`        |
+| XUI_LOG_FOLDER   |                    `string`                    | `"/var/log"`         |
+
+Пример:
+
+```sh
+XUI_BIN_FOLDER="bin" XUI_DB_FOLDER="/etc/x-ui" go build main.go
+```
+
+</details>
+
+## Предварительный Просмотр
+
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/01-overview-dark.png">
+  <img alt="3x-ui" src="./media/01-overview-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/02-inbounds-dark.png">
+  <img alt="3x-ui" src="./media/02-inbounds-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/03-add-inbound-dark.png">
+  <img alt="3x-ui" src="./media/03-add-inbound-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/04-add-client-dark.png">
+  <img alt="3x-ui" src="./media/04-add-client-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/05-settings-dark.png">
+  <img alt="3x-ui" src="./media/05-settings-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/06-configs-dark.png">
+  <img alt="3x-ui" src="./media/06-configs-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/07-bot-dark.png">
+  <img alt="3x-ui" src="./media/07-bot-light.png">
+</picture>
+
+## Особая благодарность
+
+- [alireza0](https://github.com/alireza0/)
+
+## Благодарности
+
+- [Iran v2ray rules](https://github.com/chocolate4u/Iran-v2ray-rules) (License: **GPL-3.0**): _Enhanced v2ray/xray and v2ray/xray-clients routing rules with built-in Iranian domains and a focus on security and adblocking._
+- [Russia v2ray rules](https://github.com/runetfreedom/russia-v2ray-rules-dat) (License: **GPL-3.0**): _Этот репозиторий содержит автоматически обновляемые правила маршрутизации V2Ray на основе данных о заблокированных доменах и адресах в России._
+
+## Число звёзд со временем
+
+[![Stargazers over time](https://starchart.cc/MHSanaei/3x-ui.svg?variant=adaptive)](https://starchart.cc/MHSanaei/3x-ui)
--- a/README.zh_CN.md
+++ b/README.zh_CN.md
@@ -1,8 +1,11 @@
-# 3X-UI
+[English](/README.md) | [فارسی](/README.fa_IR.md) | [中文](/README.zh_CN.md) | [Español](/README.es_ES.md) | [Русский](/README.ru_RU.md)

-[English](/README.md) | [Chinese](/README.zh.md) | [Español](/README.es_ES.md)
-
-<p align="center"><a href="#"><img src="./media/3X-UI.png" alt="Image"></a></p>
+<p align="center">
+  <picture>
+    <source media="(prefers-color-scheme: dark)" srcset="./media/3x-ui-dark.png">
+    <img alt="3x-ui" src="./media/3x-ui-light.png">
+  </picture>
+</p>

 **一个更好的面板 • 基于Xray Core构建**

@@ -16,9 +19,15 @@

 **如果此项目对你有用，请给一个**:star2:

-<p align="left"><a href="#"><img width="125" src="https://github.com/MHSanaei/3x-ui/assets/115543613/7aa895dd-048a-42e7-989b-afd41a74e2e1" alt="Image"></a></p>
+<p align="left">
+  <a href="https://buymeacoffee.com/mhsanaei" target="_blank">
+    <img src="./media/buymeacoffe.png" alt="Image">
+  </a>
+</p>

 - USDT (TRC20): `TXncxkvhkDWGts487Pjqq1qT9JmwRUz8CC`
+- MATIC (polygon): `0x41C9548675D044c6Bfb425786C765bc37427256A`
+- LTC (Litecoin): `ltc1q2ach7x6d2zq0n4l0t4zl7d7xe2s6fs7a3vspwv`

 ## 安装 & 升级

@@ -26,38 +35,62 @@
 bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh)
 ```

-## 安装指定版本
+## 安装旧版本 (我们不建议)

-要安装所需的版本，请将该版本添加到安装命令的末尾。 e.g., ver `v2.3.3`:
+要安装您想要的版本，请使用以下安装命令。例如，ver `v1.7.9`:

 ```
-bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh) v2.3.3
+VERSION=v1.7.9 && <(curl -Ls "https://raw.githubusercontent.com/mhsanaei/3x-ui/$VERSION/install.sh") $VERSION
 ```

-## SSL 认证
+### SSL证书

 <details>
-  <summary>点击查看 SSL 认证</summary>
+  <summary>点击查看SSL证书详情</summary>

-### Cloudflare
+### ACME

-管理脚本具有用于 Cloudflare 的内置 SSL 证书应用程序。若要使用此脚本申请证书，需要满足以下条件：
+使用ACME管理SSL证书：

- Cloudflare 邮箱地址
- Cloudflare Global API Key
- 域名已通过 cloudflare 解析到当前服务器
-
-**1:** 在终端中运行`x-ui`， 选择 `Cloudflare SSL Certificate`.
+1. 确保您的域名正确解析到服务器。
+2. 在终端中运行 `x-ui` 命令，然后选择 `SSL证书管理`。
+3. 您将看到以下选项：

+   - **Get SSL:** 获取SSL证书。
+   - **Revoke:** 吊销现有的SSL证书。
+   - **Force Renew:** 强制更新SSL证书。
+   - **Show Existing Domains:** 显示服务器上所有可用的域证书。  
+   - **Set Certificate Paths for the Panel:** 指定用于面板的域证书。

 ### Certbot
-```
+
+安装并使用Certbot：
+
+```sh
 apt-get install certbot -y
 certbot certonly --standalone --agree-tos --register-unsafely-without-email -d yourdomain.com
 certbot renew --dry-run
 ```

-***Tip:*** *管理脚本具有 Certbot 。使用 `x-ui` 命令， 选择 `SSL Certificate Management`.*
+### Cloudflare
+
+管理脚本内置了Cloudflare的SSL证书申请。要使用此脚本申请证书，您需要以下信息：
+
+- Cloudflare注册的电子邮件
+- Cloudflare全局API密钥
+- 域名必须通过Cloudflare解析到当前服务器
+
+**如何获取Cloudflare全局API密钥：**
+
+1. 在终端中运行 `x-ui` 命令，然后选择 `Cloudflare SSL证书`。
+2. 访问链接：[Cloudflare API Tokens](https://dash.cloudflare.com/profile/api-tokens)。
+3. 点击“查看全局API密钥”（参见下图）：
+   ![](media/APIKey1.PNG)
+4. 您可能需要重新验证您的账户。之后将显示API密钥（参见下图）：
+   ![](media/APIKey2.png)
+
+使用时，只需输入您的 `域名`、`电子邮件` 和 `API密钥`。如下图所示：
+   ![](media/DetailEnter.png)

 </details>

@@ -162,7 +195,7 @@ systemctl restart x-ui
    docker compose up -d
   ```

-从Docker中删除3x-ui 
+从Docker中删除3x-ui

   ```sh
    docker stop 3x-ui
@@ -174,18 +207,59 @@ systemctl restart x-ui
 </details>


+## Nginx 设置
+<details>
+  <summary>点击查看 反向代理配置</summary>
+
+#### Nginx反向代理
+```nginx
+location / {
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header Host $http_host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header Range $http_range;
+    proxy_set_header If-Range $http_if_range; 
+    proxy_redirect off;
+    proxy_pass http://127.0.0.1:2053;
+}
+```
+
+#### Nginx子路径
+- 确保 `/sub` 面板设置中的"面板url根路径"一致
+- 面板设置中的 `url` 需要以 `/` 结尾   
+
+```nginx
+location /sub {
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header Host $http_host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header Range $http_range;
+    proxy_set_header If-Range $http_if_range; 
+    proxy_redirect off;
+    proxy_pass http://127.0.0.1:2053;
+}
+```
+</details>
+
 ## 建议使用的操作系统

 - Ubuntu 20.04+
 - Debian 11+
 - CentOS 8+
+- OpenEuler 22.03+
 - Fedora 36+
 - Arch Linux
+- Parch Linux
 - Manjaro
 - Armbian
- AlmaLinux 9+
- Rockylinux 9+
+- AlmaLinux 8.0+
+- Rocky Linux 8+
+- Oracle Linux 8+
 - OpenSUSE Tubleweed
+- Amazon Linux 2023
+- Windows x64

 ## 支持的架构和设备
 <details>
@@ -208,14 +282,18 @@ systemctl restart x-ui

 ## Languages

- English（英语）
- Farsi（伊朗语）
- Chinese（中文）
- Russian（俄语）
- Vietnamese（越南语）
- Spanish（西班牙语）
- Indonesian （印度尼西亚语）
- Ukrainian（乌克兰语）
+- English（英语）  
+- Persian（波斯语）  
+- Traditional Chinese（繁体中文）  
+- Simplified Chinese（简体中文）  
+- Japanese（日语）  
+- Russian（俄语）  
+- Vietnamese（越南语）  
+- Spanish（西班牙语）  
+- Indonesian（印尼语）  
+- Ukrainian（乌克兰语）  
+- Turkish（土耳其语）  
+- Português (Brazil)（葡萄牙语（巴西））


 ## Features
@@ -236,88 +314,103 @@ systemctl restart x-ui
 - 支持从面板导出/导入数据库


-## 默认设置
+## 默认面板设置

 <details>
-  <summary>点击查看 默认设置</summary>
+  <summary>点击查看默认设置详情</summary>

-  ### 信息
+### 用户名、密码、端口和 Web Base Path

+如果您选择不修改这些设置，它们将随机生成（不适用于 Docker）。
+
+**Docker 的默认设置：**
+- **用户名：** admin
+- **密码：** admin
 - **端口：** 2053
- **用户名 & 密码：** 当您跳过设置时，此项会随机生成。
- **数据库路径：**
-  - /etc/x-ui/x-ui.db
- **Xray 配置路径：**
-  - /usr/local/x-ui/bin/config.json
- **面板链接（无SSL）：**
-  - http://ip:2053/panel
-  - http://domain:2053/panel
- **面板链接（有SSL）：**
-  - https://domain:2053/panel
- 
+
+### 数据库管理：
+
+  您可以直接在面板中方便地进行数据库备份和还原。
+
+- **数据库路径:**
+  - `/etc/x-ui/x-ui.db`
+
+### Web 基础路径
+
+1. **重置 Web 基础路径:**
+   - 打开终端。
+   - 运行 `x-ui` 命令。
+   - 选择 `重置 Web 基础路径` 选项。
+
+2. **生成或自定义路径:**
+   - 路径将会随机生成，或者您可以输入自定义路径。
+
+3. **查看当前设置:**
+   - 要查看当前设置，请在终端中使用 `x-ui settings` 命令，或在 `x-ui` 面板中点击 `查看当前设置`。
+
+### 安全建议：
+- 为了提高安全性，建议在URL结构中使用一个长的随机词。
+
+**示例：**
+- `http://ip:port/*webbasepath*/panel`
+- `http://domain:port/*webbasepath*/panel`
+
 </details>

-## [WARP 配置](https://gitlab.com/fscarmen/warp)
+## WARP 配置

 <details>
-  <summary>点击查看 WARP 配置</summary>
+  <summary>点击查看 WARP 配置详情</summary>

-#### 使用
+#### 使用方法

-如果要在 v2.1.0 之前使用 WARP 路由，请按照以下步骤操作：
+**对于 `v2.1.0` 及之后的版本：**

-**1.** 在 **SOCKS Proxy Mode** 模式中安装Wrap
-
-   ```sh
-   bash <(curl -sSL https://raw.githubusercontent.com/hamid-gh98/x-ui-scripts/main/install_warp_proxy.sh)
-   ```
-
-**2.** 如果您已经安装了 warp，您可以使用以下命令卸载：
-
-   ```sh
-   warp u
-   ```
-
-**3.** 在面板中打开您需要的配置
-
-   配置:
-
-   - Block Ads
-   - Route Google + Netflix + Spotify + OpenAI (ChatGPT) to WARP
-   - Fix Google 403 error
+WARP 已内置，无需额外安装。只需在面板中开启相关配置即可。

 </details>

 ## IP 限制

 <details>
-  <summary>点击查看 IP 限制</summary>
+  <summary>点击查看 IP 限制详情</summary>

-#### 使用
+#### 使用方法

-**注意：** 使用 IP 隧道时，IP 限制无法正常工作。
+**注意:** 当使用 IP 隧道时，IP 限制将无法正常工作。

- 适用于最高 `v1.6.1` ：
+- **对于 `v1.6.1` 及之前的版本：**
+  - IP 限制功能已内置于面板中。

-  - IP 限制 已被集成在面板中。
+**对于 `v1.7.0` 及更新的版本：**

- 适用于 `v1.7.0` 以及更新的版本：
+要启用 IP 限制功能，您需要安装 `fail2ban` 及其所需的文件，步骤如下：

-  - 要使 IP 限制正常工作，您需要按照以下步骤安装 fail2ban 及其所需的文件：
+1. 在终端中运行 `x-ui` 命令，然后选择 `IP 限制管理`。
+2. 您将看到以下选项：

-    1. 使用面板内置的 `x-ui` 指令
-    2. 选择 `IP Limit Management`.
-    3. 根据您的需要选择合适的选项。
-   
-  - 确保您的 Xray 配置上有 ./access.log 。在 v2.1.3 之后，我们有一个选项。
-  
-  ```sh
+   - **更改封禁时长:** 调整封禁时长。
+   - **解除所有封禁:** 解除当前的所有封禁。
+   - **查看日志:** 查看日志。
+   - **Fail2ban 状态:** 检查 `fail2ban` 的状态。
+   - **重启 Fail2ban:** 重启 `fail2ban` 服务。
+   - **卸载 Fail2ban:** 卸载带有配置的 Fail2ban。
+
+3. 在面板中通过设置 `Xray 配置/log/访问日志` 为 `./access.log` 添加访问日志路径，然后保存并重启 Xray。
+
+- **对于 `v2.1.3` 之前的版本：**
+  - 您需要在 Xray 配置中手动设置访问日志路径：
+
+    ```sh
    "log": {
      "access": "./access.log",
      "dnsLog": false,
      "loglevel": "warning"
    },
-  ```
+    ```
+
+- **对于 `v2.1.3` 及之后的版本：**
+  - 面板中直接提供了配置 `access.log` 的选项。

 </details>

@@ -368,7 +461,7 @@ Web 面板通过 Telegram Bot 支持每日流量、面板登录、数据库备

 - 与 [Botfather](https://t.me/BotFather) 对话：
    ![Botfather](./media/botfather.png)
-  
+
 - 使用 /newbot 创建新机器人：你需要提供机器人名称以及用户名，注意名称中末尾要包含“bot”
    ![创建机器人](./media/newbot.png)

@@ -393,6 +486,7 @@ Web 面板通过 Telegram Bot 支持每日流量、面板登录、数据库备

 #### 使用

+- [API 文档](https://www.postman.com/hsanaei/3x-ui/collection/q1l5l0u/3x-ui)
 - `/login` 使用 `POST` 用户名称 & 密码： `{username: '', password: ''}` 登录
 - `/panel/api/inbounds` 以下操作的基础：

@@ -422,9 +516,7 @@ Web 面板通过 Telegram Bot 支持每日流量、面板登录、数据库备
 - `client.password`  TROJAN
 - `client.email`  Shadowsocks

-
- [API 文档](https://documenter.getpostman.com/view/16802678/2s9YkgD5jm)
- [<img src="https://run.pstmn.io/button.svg" alt="Run In Postman" style="width: 128px; height: 32px;">](https://app.getpostman.com/run-collection/16802678-1a4c9270-ac77-40ed-959a-7aa56dc4a415?action=collection%2Ffork&source=rip_markdown&collection-url=entityId%3D16802678-1a4c9270-ac77-40ed-959a-7aa56dc4a415%26entityType%3Dcollection%26workspaceId%3D2cd38c01-c851-4a15-a972-f181c23359d9)
+- [<img src="https://run.pstmn.io/button.svg" alt="Run In Postman" style="width: 128px; height: 32px;">](https://app.getpostman.com/run-collection/5146551-dda3cab3-0e33-485f-96f9-d4262f437ac5?action=collection%2Ffork&source=rip_markdown&collection-url=entityId%3D5146551-dda3cab3-0e33-485f-96f9-d4262f437ac5%26entityType%3Dcollection%26workspaceId%3Dd64f609f-485a-4951-9b8f-876b3f917124)
 </details>

 ## 环境变量
@@ -452,13 +544,34 @@ XUI_BIN_FOLDER="bin" XUI_DB_FOLDER="/etc/x-ui" go build main.go

 ## 预览

-![1](./media/1.png)
-![2](./media/2.png)
-![3](./media/3.png)
-![4](./media/4.png)
-![5](./media/5.png)
-![6](./media/6.png)
-![7](./media/7.png)
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/01-overview-dark.png">
+  <img alt="3x-ui" src="./media/01-overview-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/02-inbounds-dark.png">
+  <img alt="3x-ui" src="./media/02-inbounds-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/03-add-inbound-dark.png">
+  <img alt="3x-ui" src="./media/03-add-inbound-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/04-add-client-dark.png">
+  <img alt="3x-ui" src="./media/04-add-client-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/05-settings-dark.png">
+  <img alt="3x-ui" src="./media/05-settings-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/06-configs-dark.png">
+  <img alt="3x-ui" src="./media/06-configs-light.png">
+</picture>
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./media/07-bot-dark.png">
+  <img alt="3x-ui" src="./media/07-bot-light.png">
+</picture>

 ## 特别感谢

@@ -467,8 +580,8 @@ XUI_BIN_FOLDER="bin" XUI_DB_FOLDER="/etc/x-ui" go build main.go
 ## 致谢

 - [Iran v2ray rules](https://github.com/chocolate4u/Iran-v2ray-rules) (License: **GPL-3.0**): _Enhanced v2ray/xray and v2ray/xray-clients routing rules with built-in Iranian domains and a focus on security and adblocking._
- [Vietnam Adblock rules](https://github.com/vuong2023/vn-v2ray-rules) (License: **GPL-3.0**): _A hosted domain hosted in Vietnam and blocklist with the most efficiency for Vietnamese._
+- [Russia v2ray rules](https://github.com/runetfreedom/russia-v2ray-rules-dat) (License: **GPL-3.0**): _This repository contains automatically updated V2Ray routing rules based on data on blocked domains and addresses in Russia._

 ## Star趋势

-[![Stargazers over time](https://starchart.cc/MHSanaei/3x-ui.svg)](https://starchart.cc/MHSanaei/3x-ui)
+[![Stargazers over time](https://starchart.cc/MHSanaei/3x-ui.svg?variant=adaptive)](https://starchart.cc/MHSanaei/3x-ui)
--- a/config/version
+++ b/config/version
@@ -1 +1 @@
-2.3.3
+2.5.5
--- a/database/db.go
+++ b/database/db.go
@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"io"
 	"io/fs"
+	"log"
 	"os"
 	"path"

@@ -18,54 +19,51 @@ import (

 var db *gorm.DB

-var initializers = []func() error{
-	initUser,
-	initInbound,
-	initOutbound,
-	initSetting,
-	initInboundClientIps,
-	initClientTraffic,
+const (
+	defaultUsername = "admin"
+	defaultPassword = "admin"
+	defaultSecret   = ""
+)
+
+func initModels() error {
+	models := []interface{}{
+		&model.User{},
+		&model.Inbound{},
+		&model.OutboundTraffics{},
+		&model.Setting{},
+		&model.InboundClientIps{},
+		&xray.ClientTraffic{},
+	}
+	for _, model := range models {
+		if err := db.AutoMigrate(model); err != nil {
+			log.Printf("Error auto migrating model: %v", err)
+			return err
+		}
+	}
+	return nil
 }

 func initUser() error {
-	err := db.AutoMigrate(&model.User{})
+	empty, err := isTableEmpty("users")
 	if err != nil {
+		log.Printf("Error checking if users table is empty: %v", err)
 		return err
 	}
-	var count int64
-	err = db.Model(&model.User{}).Count(&count).Error
-	if err != nil {
-		return err
-	}
-	if count == 0 {
+	if empty {
 		user := &model.User{
-			Username:    "admin",
-			Password:    "admin",
-			LoginSecret: "",
+			Username:    defaultUsername,
+			Password:    defaultPassword,
+			LoginSecret: defaultSecret,
 		}
 		return db.Create(user).Error
 	}
 	return nil
 }

-func initInbound() error {
-	return db.AutoMigrate(&model.Inbound{})
-}
-
-func initOutbound() error {
-	return db.AutoMigrate(&model.OutboundTraffics{})
-}
-
-func initSetting() error {
-	return db.AutoMigrate(&model.Setting{})
-}
-
-func initInboundClientIps() error {
-	return db.AutoMigrate(&model.InboundClientIps{})
-}
-
-func initClientTraffic() error {
-	return db.AutoMigrate(&xray.ClientTraffic{})
+func isTableEmpty(tableName string) (bool, error) {
+	var count int64
+	err := db.Table(tableName).Count(&count).Error
+	return count == 0, err
 }

 func InitDB(dbPath string) error {
@@ -91,15 +89,27 @@ func InitDB(dbPath string) error {
 		return err
 	}

-	for _, initialize := range initializers {
-		if err := initialize(); err != nil {
-			return err
-		}
+	if err := initModels(); err != nil {
+		return err
+	}
+	if err := initUser(); err != nil {
+		return err
 	}

 	return nil
 }

+func CloseDB() error {
+	if db != nil {
+		sqlDB, err := db.DB()
+		if err != nil {
+			return err
+		}
+		return sqlDB.Close()
+	}
+	return nil
+}
+
 func GetDB() *gorm.DB {
 	return db
 }
--- a/database/model/model.go
+++ b/database/model/model.go
@@ -10,12 +10,14 @@ import (
 type Protocol string

 const (
-	VMess       Protocol = "vmess"
+	VMESS       Protocol = "vmess"
 	VLESS       Protocol = "vless"
-	Dokodemo    Protocol = "Dokodemo-door"
-	Http        Protocol = "http"
+	DOKODEMO    Protocol = "dokodemo-door"
+	HTTP        Protocol = "http"
 	Trojan      Protocol = "trojan"
 	Shadowsocks Protocol = "shadowsocks"
+	Socks       Protocol = "socks"
+	WireGuard   Protocol = "wireguard"
 )

 type User struct {
@@ -44,6 +46,7 @@ type Inbound struct {
 	StreamSettings string   `json:"streamSettings" form:"streamSettings"`
 	Tag            string   `json:"tag" form:"tag" gorm:"unique"`
 	Sniffing       string   `json:"sniffing" form:"sniffing"`
+	Allocate       string   `json:"allocate" form:"allocate"`
 }

 type OutboundTraffics struct {
@@ -73,6 +76,7 @@ func (i *Inbound) GenXrayInboundConfig() *xray.InboundConfig {
 		StreamSettings: json_util.RawMessage(i.StreamSettings),
 		Tag:            i.Tag,
 		Sniffing:       json_util.RawMessage(i.Sniffing),
+		Allocate:       json_util.RawMessage(i.Allocate),
 	}
 }

@@ -84,6 +88,7 @@ type Setting struct {

 type Client struct {
 	ID         string `json:"id"`
+	Security   string `json:"security"`
 	Password   string `json:"password"`
 	Flow       string `json:"flow"`
 	Email      string `json:"email"`
@@ -93,5 +98,6 @@ type Client struct {
 	Enable     bool   `json:"enable" form:"enable"`
 	TgID       int64  `json:"tgId" form:"tgId"`
 	SubID      string `json:"subId" form:"subId"`
+	Comment    string `json:"comment" form:"comment"`
 	Reset      int    `json:"reset" form:"reset"`
 }
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -11,6 +11,7 @@ services:
      - $PWD/cert/:/root/cert/
    environment:
      XRAY_VMESS_AEAD_FORCED: "false"
+      X_UI_ENABLE_FAIL2BAN: "true"
    tty: true
    network_mode: host
    restart: unless-stopped
--- a/go.mod
+++ b/go.mod
@@ -1,100 +1,101 @@
 module x-ui

-go 1.22.3
+go 1.24.1

 require (
-	github.com/gin-contrib/gzip v1.0.1
-	github.com/gin-contrib/sessions v1.0.1
+	github.com/gin-contrib/gzip v1.2.2
+	github.com/gin-contrib/sessions v1.0.2
 	github.com/gin-gonic/gin v1.10.0
-	github.com/goccy/go-json v0.10.3
-	github.com/mymmrac/telego v0.29.2
-	github.com/nicksnyder/go-i18n/v2 v2.4.0
+	github.com/goccy/go-json v0.10.5
+	github.com/mymmrac/telego v0.32.0
+	github.com/nicksnyder/go-i18n/v2 v2.5.1
 	github.com/op/go-logging v0.0.0-20160315200505-970db520ece7
-	github.com/pelletier/go-toml/v2 v2.2.2
+	github.com/pelletier/go-toml/v2 v2.2.3
 	github.com/robfig/cron/v3 v3.0.1
-	github.com/shirou/gopsutil/v3 v3.24.4
-	github.com/valyala/fasthttp v1.53.0
-	github.com/xtls/xray-core v1.8.12
+	github.com/shirou/gopsutil/v4 v4.25.2
+	github.com/valyala/fasthttp v1.59.0
+	github.com/xtls/xray-core v1.250306.0
 	go.uber.org/atomic v1.11.0
-	golang.org/x/text v0.15.0
-	google.golang.org/grpc v1.64.0
-	gorm.io/driver/sqlite v1.5.5
-	gorm.io/gorm v1.25.10
+	golang.org/x/text v0.23.0
+	google.golang.org/grpc v1.71.0
+	gorm.io/driver/sqlite v1.5.7
+	gorm.io/gorm v1.25.12
 )

 require (
-	github.com/andybalholm/brotli v1.1.0 // indirect
-	github.com/bytedance/sonic v1.11.6 // indirect
-	github.com/bytedance/sonic/loader v0.1.1 // indirect
-	github.com/cloudflare/circl v1.3.8 // indirect
-	github.com/cloudwego/base64x v0.1.4 // indirect
-	github.com/cloudwego/iasm v0.2.0 // indirect
-	github.com/dgryski/go-metro v0.0.0-20211217172704-adc40b04c140 // indirect
-	github.com/fasthttp/router v1.5.0 // indirect
-	github.com/francoispqt/gojay v1.2.13 // indirect
-	github.com/gabriel-vasile/mimetype v1.4.3 // indirect
-	github.com/gin-contrib/sse v0.1.0 // indirect
+	github.com/andybalholm/brotli v1.1.1 // indirect
+	github.com/bytedance/sonic v1.13.1 // indirect
+	github.com/bytedance/sonic/loader v0.2.4 // indirect
+	github.com/cloudflare/circl v1.6.0 // indirect
+	github.com/cloudwego/base64x v0.1.5 // indirect
+	github.com/dgryski/go-metro v0.0.0-20250106013310-edb8663e5e33 // indirect
+	github.com/ebitengine/purego v0.8.2 // indirect
+	github.com/fasthttp/router v1.5.4 // indirect
+	github.com/gabriel-vasile/mimetype v1.4.8 // indirect
+	github.com/gin-contrib/sse v1.0.0 // indirect
 	github.com/go-ole/go-ole v1.3.0 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
-	github.com/go-playground/validator/v10 v10.20.0 // indirect
-	github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
-	github.com/google/btree v1.1.2 // indirect
-	github.com/google/pprof v0.0.0-20240227163752-401108e1b7e7 // indirect
+	github.com/go-playground/validator/v10 v10.25.0 // indirect
+	github.com/go-task/slim-sprig/v3 v3.0.0 // indirect
+	github.com/google/btree v1.1.3 // indirect
+	github.com/google/pprof v0.0.0-20250302191652-9094ed2288e7 // indirect
 	github.com/gorilla/context v1.1.2 // indirect
 	github.com/gorilla/securecookie v1.1.2 // indirect
-	github.com/gorilla/sessions v1.2.2 // indirect
-	github.com/gorilla/websocket v1.5.1 // indirect
+	github.com/gorilla/sessions v1.4.0 // indirect
+	github.com/gorilla/websocket v1.5.3 // indirect
 	github.com/grbit/go-json v0.11.0 // indirect
 	github.com/jinzhu/inflection v1.0.0 // indirect
 	github.com/jinzhu/now v1.1.5 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/klauspost/compress v1.17.7 // indirect
-	github.com/klauspost/cpuid/v2 v2.2.7 // indirect
+	github.com/klauspost/compress v1.18.0 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.10 // indirect
+	github.com/kr/text v0.2.0 // indirect
 	github.com/leodido/go-urn v1.4.0 // indirect
-	github.com/lufia/plan9stats v0.0.0-20231016141302-07b5767bb0ed // indirect
+	github.com/lufia/plan9stats v0.0.0-20250303091104-876f3ea5145d // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
-	github.com/mattn/go-sqlite3 v1.14.22 // indirect
+	github.com/mattn/go-sqlite3 v1.14.24 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
-	github.com/onsi/ginkgo/v2 v2.16.0 // indirect
-	github.com/pires/go-proxyproto v0.7.0 // indirect
-	github.com/power-devops/perfstat v0.0.0-20221212215047-62379fc7944b // indirect
-	github.com/quic-go/quic-go v0.44.0 // indirect
-	github.com/refraction-networking/utls v1.6.6 // indirect
+	github.com/onsi/ginkgo/v2 v2.23.0 // indirect
+	github.com/pires/go-proxyproto v0.8.0 // indirect
+	github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 // indirect
+	github.com/quic-go/qpack v0.5.1 // indirect
+	github.com/quic-go/quic-go v0.50.0 // indirect
+	github.com/refraction-networking/utls v1.6.7 // indirect
 	github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 // indirect
-	github.com/rogpeppe/go-internal v1.11.0 // indirect
-	github.com/sagernet/sing v0.3.8 // indirect
-	github.com/sagernet/sing-shadowsocks v0.2.6 // indirect
-	github.com/savsgio/gotils v0.0.0-20240303185622-093b76447511 // indirect
-	github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb // indirect
-	github.com/shoenig/go-m1cpu v0.1.6 // indirect
-	github.com/tklauser/go-sysconf v0.3.12 // indirect
-	github.com/tklauser/numcpus v0.6.1 // indirect
+	github.com/rogpeppe/go-internal v1.14.1 // indirect
+	github.com/sagernet/sing v0.6.3 // indirect
+	github.com/sagernet/sing-shadowsocks v0.2.7 // indirect
+	github.com/savsgio/gotils v0.0.0-20240704082632-aef3928b8a38 // indirect
+	github.com/seiflotfy/cuckoofilter v0.0.0-20240715131351-a2f2c23f1771 // indirect
+	github.com/tklauser/go-sysconf v0.3.15 // indirect
+	github.com/tklauser/numcpus v0.10.0 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/ugorji/go/codec v1.2.12 // indirect
 	github.com/v2fly/ss-bloomring v0.0.0-20210312155135-28617310f63e // indirect
 	github.com/valyala/bytebufferpool v1.0.0 // indirect
 	github.com/valyala/fastjson v1.6.4 // indirect
-	github.com/vishvananda/netlink v1.2.1-beta.2.0.20230316163032-ced5aaba43e3 // indirect
-	github.com/vishvananda/netns v0.0.4 // indirect
-	github.com/xtls/reality v0.0.0-20240429224917-ecc4401070cc // indirect
+	github.com/vishvananda/netlink v1.3.0 // indirect
+	github.com/vishvananda/netns v0.0.5 // indirect
+	github.com/xtls/reality v0.0.0-20240909153216-e26ae2305463 // indirect
 	github.com/yusufpapurcu/wmi v1.2.4 // indirect
-	go.uber.org/mock v0.4.0 // indirect
+	go.uber.org/mock v0.5.0 // indirect
 	go4.org/netipx v0.0.0-20231129151722-fdeea329fbba // indirect
-	golang.org/x/arch v0.8.0 // indirect
-	golang.org/x/crypto v0.23.0 // indirect
-	golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 // indirect
-	golang.org/x/mod v0.17.0 // indirect
-	golang.org/x/net v0.25.0 // indirect
-	golang.org/x/sys v0.20.0 // indirect
-	golang.org/x/time v0.5.0 // indirect
-	golang.org/x/tools v0.21.0 // indirect
+	golang.org/x/arch v0.15.0 // indirect
+	golang.org/x/crypto v0.36.0 // indirect
+	golang.org/x/exp v0.0.0-20250305212735-054e65f0b394 // indirect
+	golang.org/x/mod v0.24.0 // indirect
+	golang.org/x/net v0.37.0 // indirect
+	golang.org/x/sync v0.12.0 // indirect
+	golang.org/x/sys v0.31.0 // indirect
+	golang.org/x/time v0.11.0 // indirect
+	golang.org/x/tools v0.31.0 // indirect
 	golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 // indirect
 	golang.zx2c4.com/wireguard v0.0.0-20231211153847-12269c276173 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20240415180920-8c6c420018be // indirect
-	google.golang.org/protobuf v1.34.1 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20250303144028-a0af3efb3deb // indirect
+	google.golang.org/protobuf v1.36.5 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	gvisor.dev/gvisor v0.0.0-20231202080848-1f7806d17489 // indirect
-	lukechampine.com/blake3 v1.3.0 // indirect
+	gvisor.dev/gvisor v0.0.0-20240320123526-dc6abceb7ff0 // indirect
+	lukechampine.com/blake3 v1.4.0 // indirect
 )
--- a/go.sum
+++ b/go.sum
@@ -1,65 +1,46 @@
-cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
-cloud.google.com/go v0.31.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
-cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
-cloud.google.com/go v0.37.0/go.mod h1:TS1dMSSfndXH133OKGwekG838Om/cQT0BUHV3HcBgoo=
-dmitri.shuralyov.com/app/changes v0.0.0-20180602232624-0a106ad413e3/go.mod h1:Yl+fi1br7+Rr3LqpNJf1/uxUdtRUV+Tnj0o93V2B9MU=
-dmitri.shuralyov.com/html/belt v0.0.0-20180602232347-f7d459c86be0/go.mod h1:JLBrvjyP0v+ecvNYvCpyZgu5/xkfAUhi6wJj28eUfSU=
-dmitri.shuralyov.com/service/change v0.0.0-20181023043359-a85b471d5412/go.mod h1:a1inKt/atXimZ4Mv927x+r7UpyzRUf4emIoiiSC2TN4=
-dmitri.shuralyov.com/state v0.0.0-20180228185332-28bcc343414c/go.mod h1:0PRwlb0D6DFvNNtx+9ybjezNCa8XF0xaYcETyp6rHWU=
-git.apache.org/thrift.git v0.0.0-20180902110319-2566ecd5d999/go.mod h1:fPE2ZNJGynbRyZ4dJvy6G277gSllfV2HJqblrnkyeyg=
-github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
-github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8=
-github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
+github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0=
+github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho=
 github.com/OmarTariq612/goech v0.0.0-20240405204721-8e2e1dafd3a0 h1:Wo41lDOevRJSGpevP+8Pk5bANX7fJacO2w04aqLiC5I=
 github.com/OmarTariq612/goech v0.0.0-20240405204721-8e2e1dafd3a0/go.mod h1:FVGavL/QEBQDcBpr3fAojoK17xX5k9bicBphrOpP7uM=
-github.com/andybalholm/brotli v1.1.0 h1:eLKJA0d02Lf0mVpIDgYnqXcUn0GqVmEFny3VuID1U3M=
-github.com/andybalholm/brotli v1.1.0/go.mod h1:sms7XGricyQI9K10gOSf56VKKWS4oLer58Q+mhRPtnY=
-github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c=
-github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
-github.com/bradfitz/go-smtpd v0.0.0-20170404230938-deb6d6237625/go.mod h1:HYsPBTaaSFSlLx/70C2HPIMNZpVV8+vt/A+FMnYP11g=
-github.com/buger/jsonparser v0.0.0-20181115193947-bf1c66bbce23/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s=
-github.com/bytedance/sonic v1.11.6 h1:oUp34TzMlL+OY1OUWxHqsdkgC/Zfc85zGqw9siXjrc0=
-github.com/bytedance/sonic v1.11.6/go.mod h1:LysEHSvpvDySVdC2f87zGWf6CIKJcAvqab1ZaiQtds4=
-github.com/bytedance/sonic/loader v0.1.1 h1:c+e5Pt1k/cy5wMveRDyk2X4B9hF4g7an8N3zCYjJFNM=
+github.com/andybalholm/brotli v1.1.1 h1:PR2pgnyFznKEugtsUo0xLdDop5SKXd5Qf5ysW+7XdTA=
+github.com/andybalholm/brotli v1.1.1/go.mod h1:05ib4cKhjx3OQYUY22hTVd34Bc8upXjOLL2rKwwZBoA=
+github.com/bytedance/sonic v1.13.1 h1:Jyd5CIvdFnkOWuKXr+wm4Nyk2h0yAFsr8ucJgEasO3g=
+github.com/bytedance/sonic v1.13.1/go.mod h1:o68xyaF9u2gvVBuGHPlUVCy+ZfmNNO5ETf1+KgkJhz4=
 github.com/bytedance/sonic/loader v0.1.1/go.mod h1:ncP89zfokxS5LZrJxl5z0UJcsk4M4yY2JpfqGeCtNLU=
-github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
-github.com/cloudflare/circl v1.3.8 h1:j+V8jJt09PoeMFIu2uh5JUyEaIHTXVOHslFoLNAKqwI=
-github.com/cloudflare/circl v1.3.8/go.mod h1:PDRU+oXvdD7KCtgKxW95M5Z8BpSCJXQORiZFnBQS5QU=
-github.com/cloudwego/base64x v0.1.4 h1:jwCgWpFanWmN8xoIUHa2rtzmkd5J2plF/dnLS6Xd/0Y=
-github.com/cloudwego/base64x v0.1.4/go.mod h1:0zlkT4Wn5C6NdauXdJRhSKRlJvmclQ1hhJgA0rcu/8w=
-github.com/cloudwego/iasm v0.2.0 h1:1KNIy1I1H9hNNFEEH3DVnI4UujN+1zjpuk6gwHLTssg=
+github.com/bytedance/sonic/loader v0.2.4 h1:ZWCw4stuXUsn1/+zQDqeE7JKP+QO47tz7QCNan80NzY=
+github.com/bytedance/sonic/loader v0.2.4/go.mod h1:N8A3vUdtUebEY2/VQC0MyhYeKUFosQU6FxH2JmUe6VI=
+github.com/cloudflare/circl v1.6.0 h1:cr5JKic4HI+LkINy2lg3W2jF8sHCVTBncJr5gIIq7qk=
+github.com/cloudflare/circl v1.6.0/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs=
+github.com/cloudwego/base64x v0.1.5 h1:XPciSp1xaq2VCSt6lF0phncD4koWyULpl5bUxbfCyP4=
+github.com/cloudwego/base64x v0.1.5/go.mod h1:0zlkT4Wn5C6NdauXdJRhSKRlJvmclQ1hhJgA0rcu/8w=
 github.com/cloudwego/iasm v0.2.0/go.mod h1:8rXZaNYT2n95jn+zTI1sDr+IgcD2GVs0nlbbQPiEFhY=
-github.com/coreos/go-systemd v0.0.0-20181012123002-c6f51f82210d/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
+github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/dgryski/go-metro v0.0.0-20200812162917-85c65e2d0165/go.mod h1:c9O8+fpSOX1DM8cPNSkX/qsBWdkD4yd2dpciOWQjpBw=
-github.com/dgryski/go-metro v0.0.0-20211217172704-adc40b04c140 h1:y7y0Oa6UawqTFPCDw9JG6pdKt4F9pAhHv0B7FMGaGD0=
-github.com/dgryski/go-metro v0.0.0-20211217172704-adc40b04c140/go.mod h1:c9O8+fpSOX1DM8cPNSkX/qsBWdkD4yd2dpciOWQjpBw=
-github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
-github.com/fasthttp/router v1.5.0 h1:3Qbbo27HAPzwbpRzgiV5V9+2faPkPt3eNuRaDV6LYDA=
-github.com/fasthttp/router v1.5.0/go.mod h1:FddcKNXFZg1imHcy+uKB0oo/o6yE9zD3wNguqlhWDak=
-github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc=
-github.com/francoispqt/gojay v1.2.13 h1:d2m3sFjloqoIUQU3TsHBgj6qg/BVGlTBeHDUmyJnXKk=
-github.com/francoispqt/gojay v1.2.13/go.mod h1:ehT5mTG4ua4581f1++1WLG0vPdaA9HaiDsoyrBGkyDY=
-github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
-github.com/gabriel-vasile/mimetype v1.4.3 h1:in2uUcidCuFcDKtdcBxlR0rJ1+fsokWf+uqxgUFjbI0=
-github.com/gabriel-vasile/mimetype v1.4.3/go.mod h1:d8uq/6HKRL6CGdk+aubisF/M5GcPfT7nKyLpA0lbSSk=
-github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
+github.com/dgryski/go-metro v0.0.0-20250106013310-edb8663e5e33 h1:ucRHb6/lvW/+mTEIGbvhcYU3S8+uSNkuMjx/qZFfhtM=
+github.com/dgryski/go-metro v0.0.0-20250106013310-edb8663e5e33/go.mod h1:c9O8+fpSOX1DM8cPNSkX/qsBWdkD4yd2dpciOWQjpBw=
+github.com/ebitengine/purego v0.8.2 h1:jPPGWs2sZ1UgOSgD2bClL0MJIqu58nOmIcBuXr62z1I=
+github.com/ebitengine/purego v0.8.2/go.mod h1:iIjxzd6CiRiOG0UyXP+V1+jWqUXVjPKLAI0mRfJZTmQ=
+github.com/fasthttp/router v1.5.4 h1:oxdThbBwQgsDIYZ3wR1IavsNl6ZS9WdjKukeMikOnC8=
+github.com/fasthttp/router v1.5.4/go.mod h1:3/hysWq6cky7dTfzaaEPZGdptwjwx0qzTgFCKEWRjgc=
+github.com/gabriel-vasile/mimetype v1.4.8 h1:FfZ3gj38NjllZIeJAmMhr+qKL8Wu+nOoI3GqacKw1NM=
+github.com/gabriel-vasile/mimetype v1.4.8/go.mod h1:ByKUIKGjh1ODkGM1asKUbQZOLGrPjydw3hYPU2YU9t8=
 github.com/ghodss/yaml v1.0.1-0.20220118164431-d8423dcdf344 h1:Arcl6UOIS/kgO2nW3A65HN+7CMjSDP/gofXL4CZt1V4=
 github.com/ghodss/yaml v1.0.1-0.20220118164431-d8423dcdf344/go.mod h1:GIjDIg/heH5DOkXY3YJ/wNhfHsQHoXGjl8G8amsYQ1I=
-github.com/gin-contrib/gzip v1.0.1 h1:HQ8ENHODeLY7a4g1Au/46Z92bdGFl74OhxcZble9WJE=
-github.com/gin-contrib/gzip v1.0.1/go.mod h1:njt428fdUNRvjuJf16tZMYZ2Yl+WQB53X5wmhDwXvC4=
-github.com/gin-contrib/sessions v1.0.1 h1:3hsJyNs7v7N8OtelFmYXFrulAf6zSR7nW/putcPEHxI=
-github.com/gin-contrib/sessions v1.0.1/go.mod h1:ouxSFM24/OgIud5MJYQJLpy6AwxQ5EYO9yLhbtObGkM=
-github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE=
-github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI=
+github.com/gin-contrib/gzip v1.2.2 h1:iUU/EYCM8ENfkjmZaVrxbjF/ZC267Iqv5S0MMCMEliI=
+github.com/gin-contrib/gzip v1.2.2/go.mod h1:C1a5cacjlDsS20cKnHlZRCPUu57D3qH6B2pV0rl+Y/s=
+github.com/gin-contrib/sessions v1.0.2 h1:UaIjUvTH1cMeOdj3in6dl+Xb6It8RiKRF9Z1anbUyCA=
+github.com/gin-contrib/sessions v1.0.2/go.mod h1:KxKxWqWP5LJVDCInulOl4WbLzK2KSPlLesfZ66wRvMs=
+github.com/gin-contrib/sse v1.0.0 h1:y3bT1mUWUxDpW4JLQg/HnTqV4rozuW4tC9eFKTxYI9E=
+github.com/gin-contrib/sse v1.0.0/go.mod h1:zNuFdwarAygJBht0NTKiSi3jRf6RbqeILZ9Sp6Slhe0=
 github.com/gin-gonic/gin v1.10.0 h1:nTuyha1TYqgedzytsKYqna+DfLos46nTv2ygFy86HFU=
 github.com/gin-gonic/gin v1.10.0/go.mod h1:4PMNQiOhvDRa013RKVbsiNwoyezlm2rm0uX/T7kzp5Y=
-github.com/gliderlabs/ssh v0.1.1/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
-github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q=
-github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ=
-github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
+github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
+github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
+github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
+github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
 github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
 github.com/go-ole/go-ole v1.3.0 h1:Dt6ye7+vXGIKZ7Xtk4s6/xVdGDQynvom7xCFEdWr6uE=
 github.com/go-ole/go-ole v1.3.0/go.mod h1:5LS6F96DhAwUc7C+1HLexzMXY1xGRSryjyPPKW6zv78=
@@ -69,183 +50,114 @@ github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/o
 github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
 github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
 github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
-github.com/go-playground/validator/v10 v10.20.0 h1:K9ISHbSaI0lyB2eWMPJo+kOS/FBExVwjEviJTixqxL8=
-github.com/go-playground/validator/v10 v10.20.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM=
-github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI=
-github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls=
-github.com/goccy/go-json v0.10.3 h1:KZ5WoDbxAIgm2HNbYckL0se1fHD6rz5j4ywS6ebzDqA=
-github.com/goccy/go-json v0.10.3/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M=
-github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
-github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
-github.com/golang/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:tluoj9z5200jBnyusfRPU2LqT6J+DAorxEvtC7LHB+E=
-github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
-github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
+github.com/go-playground/validator/v10 v10.25.0 h1:5Dh7cjvzR7BRZadnsVOzPhWsrwUr0nmsZJxEAnFLNO8=
+github.com/go-playground/validator/v10 v10.25.0/go.mod h1:GGzBIJMuE98Ic/kJsBXbz1x/7cByt++cQ+YOuDM5wus=
+github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI=
+github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8=
+github.com/goccy/go-json v0.10.5 h1:Fq85nIqj+gXn/S5ahsiTlK3TmC85qgirsdTP/+DeaC4=
+github.com/goccy/go-json v0.10.5/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M=
 github.com/golang/mock v1.7.0-rc.1 h1:YojYx61/OLFsiv6Rw1Z96LpldJIy31o+UHmwAUMJ6/U=
 github.com/golang/mock v1.7.0-rc.1/go.mod h1:s42URUywIqd+OcERslBJvOjepvNymP31m3q8d/GkuRs=
-github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
 github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
-github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
-github.com/google/btree v1.1.2 h1:xf4v41cLI2Z6FxbKm+8Bu+m8ifhj15JuZ9sa0jZCMUU=
-github.com/google/btree v1.1.2/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4=
-github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
-github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
-github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ=
-github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
+github.com/google/btree v1.1.3 h1:CVpQJjYgC4VbzxeGVHfvZrv1ctoYCAI8vbl07Fcxlyg=
+github.com/google/btree v1.1.3/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4=
+github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
+github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
 github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
-github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
-github.com/google/pprof v0.0.0-20240227163752-401108e1b7e7 h1:y3N7Bm7Y9/CtpiVkw/ZWj6lSlDF3F74SfKwfTCer72Q=
-github.com/google/pprof v0.0.0-20240227163752-401108e1b7e7/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik=
-github.com/googleapis/gax-go v2.0.0+incompatible/go.mod h1:SFVmujtThgffbyetf+mdk2eWhX2bMyUtNHzFKcPA9HY=
-github.com/googleapis/gax-go/v2 v2.0.3/go.mod h1:LLvjysVCY1JZeum8Z6l8qUty8fiNwE08qbEPm1M08qg=
-github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
+github.com/google/pprof v0.0.0-20250302191652-9094ed2288e7 h1:+J3r2e8+RsmN3vKfo75g0YSY61ms37qzPglu4p0sGro=
+github.com/google/pprof v0.0.0-20250302191652-9094ed2288e7/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/gorilla/context v1.1.2 h1:WRkNAv2uoa03QNIc1A6u4O7DAGMUVoopZhkiXWA2V1o=
 github.com/gorilla/context v1.1.2/go.mod h1:KDPwT9i/MeWHiLl90fuTgrt4/wPcv75vFAZLaOOcbxM=
 github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA=
 github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
-github.com/gorilla/sessions v1.2.2 h1:lqzMYz6bOfvn2WriPUjNByzeXIlVzURcPmgMczkmTjY=
-github.com/gorilla/sessions v1.2.2/go.mod h1:ePLdVu+jbEgHH+KWw8I1z2wqd0BAdAQh/8LRvBeoNcQ=
-github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY=
-github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY=
+github.com/gorilla/sessions v1.4.0 h1:kpIYOp/oi6MG/p5PgxApU8srsSw9tuFbt46Lt7auzqQ=
+github.com/gorilla/sessions v1.4.0/go.mod h1:FLWm50oby91+hl7p/wRxDth9bWSuk0qVL2emc7lT5ik=
+github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg=
+github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
 github.com/grbit/go-json v0.11.0 h1:bAbyMdYrYl/OjYsSqLH99N2DyQ291mHy726Mx+sYrnc=
 github.com/grbit/go-json v0.11.0/go.mod h1:IYpHsdybQ386+6g3VE6AXQ3uTGa5mquBme5/ZWmtzek=
-github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA=
-github.com/grpc-ecosystem/grpc-gateway v1.5.0/go.mod h1:RSKVYQBd5MCa4OVpNdGskqpgL2+G+NZTnrVHpWWfpdw=
-github.com/jellevandenhooff/dkim v0.0.0-20150330215556-f50fe3d243e1/go.mod h1:E0B/fFc00Y+Rasa88328GlI/XbtyysCtTHZS8h7IrBU=
 github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E=
 github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
 github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ=
 github.com/jinzhu/now v1.1.5/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
-github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
-github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
-github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
-github.com/klauspost/compress v1.17.7 h1:ehO88t2UGzQK66LMdE8tibEd1ErmzZjNEqWkjLAKQQg=
-github.com/klauspost/compress v1.17.7/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw=
+github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo=
+github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ=
 github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
-github.com/klauspost/cpuid/v2 v2.2.7 h1:ZWSB3igEs+d0qvnxR/ZBzXVmxkgt8DdzP6m9pfuVLDM=
-github.com/klauspost/cpuid/v2 v2.2.7/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws=
+github.com/klauspost/cpuid/v2 v2.2.10 h1:tBs3QSyvjDyFTq3uoc/9xFpCuOsJQFNPiAhYdw2skhE=
+github.com/klauspost/cpuid/v2 v2.2.10/go.mod h1:hqwkgyIinND0mEev00jJYCxPNVRVXFQeu1XKlok6oO0=
 github.com/knz/go-libedit v1.10.1/go.mod h1:MZTVkCWyz0oBc7JOWP3wNAzd002ZbM/5hgShxwh4x8M=
-github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
 github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
-github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
-github.com/kr/pty v1.1.3/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
-github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
-github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
+github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ=
 github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI=
-github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0/go.mod h1:zJYVVT2jmtg6P3p1VtQj7WsuWi/y4VnjVBn7F8KPB3I=
-github.com/lufia/plan9stats v0.0.0-20231016141302-07b5767bb0ed h1:036IscGBfJsFIgJQzlui7nK1Ncm0tp2ktmPj8xO4N/0=
-github.com/lufia/plan9stats v0.0.0-20231016141302-07b5767bb0ed/go.mod h1:ilwx/Dta8jXAgpFYFvSWEMwxmbWXyiUHkd5FwyKhb5k=
-github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI=
-github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
+github.com/lufia/plan9stats v0.0.0-20250303091104-876f3ea5145d h1:fjMbDVUGsMQiVZnSQsmouYJvMdwsGiDipOZoN66v844=
+github.com/lufia/plan9stats v0.0.0-20250303091104-876f3ea5145d/go.mod h1:autxFIvghDt3jPTLoqZ9OZ7s9qTGNAWmYCjVFWPX/zg=
 github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
 github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
-github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU=
-github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
-github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
-github.com/microcosm-cc/bluemonday v1.0.1/go.mod h1:hsXNsILzKxV+sX77C5b8FSuKF00vh2OMYv+xgHpAMF4=
-github.com/miekg/dns v1.1.59 h1:C9EXc/UToRwKLhK5wKU/I4QVsBUc8kE6MkHBkeypWZs=
-github.com/miekg/dns v1.1.59/go.mod h1:nZpewl5p6IvctfgrckopVx2OlSEHPRO/U4SYkRklrEk=
+github.com/mattn/go-sqlite3 v1.14.24 h1:tpSp2G2KyMnnQu99ngJ47EIkWVmliIizyZBfPrBWDRM=
+github.com/mattn/go-sqlite3 v1.14.24/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
+github.com/miekg/dns v1.1.63 h1:8M5aAw6OMZfFXTT7K5V0Eu5YiiL8l7nUAkyN6C9YwaY=
+github.com/miekg/dns v1.1.63/go.mod h1:6NGHfjhpmr5lt3XPLuyfDJi5AXbNIPM9PY6H6sF1Nfs=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
-github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
 github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
 github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
-github.com/mymmrac/telego v0.29.2 h1:5+fQ/b8d8Ld6ihCJ0OLe1CwUdT3t1sIUl3RaSaSvRJs=
-github.com/mymmrac/telego v0.29.2/go.mod h1:BsKr+GF9BHqaVaLBwsZeDnfuJcJx2olWuDEtKm4zHMc=
-github.com/neelance/astrewrite v0.0.0-20160511093645-99348263ae86/go.mod h1:kHJEU3ofeGjhHklVoIGuVj85JJwZ6kWPaJwCIxgnFmo=
-github.com/neelance/sourcemap v0.0.0-20151028013722-8c68805598ab/go.mod h1:Qr6/a/Q4r9LP1IltGz7tA7iOK1WonHEYhu1HRBA7ZiM=
-github.com/nicksnyder/go-i18n/v2 v2.4.0 h1:3IcvPOAvnCKwNm0TB0dLDTuawWEj+ax/RERNC+diLMM=
-github.com/nicksnyder/go-i18n/v2 v2.4.0/go.mod h1:nxYSZE9M0bf3Y70gPQjN9ha7XNHX7gMc814+6wVyEI4=
-github.com/onsi/ginkgo/v2 v2.16.0 h1:7q1w9frJDzninhXxjZd+Y/x54XNjG/UlRLIYPZafsPM=
-github.com/onsi/ginkgo/v2 v2.16.0/go.mod h1:llBI3WDLL9Z6taip6f33H76YcWtJv+7R3HigUjbIBOs=
-github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8=
-github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ=
+github.com/mymmrac/telego v0.32.0 h1:4X8C1l3k+opkk86r95+eQE8DxiS2LYlR61L/G7yreDY=
+github.com/mymmrac/telego v0.32.0/go.mod h1:qS6NaRhJgcuEEBEMVCV79S2xCAuHq9O+ixwfLuRW31M=
+github.com/nicksnyder/go-i18n/v2 v2.5.1 h1:IxtPxYsR9Gp60cGXjfuR/llTqV8aYMsC472zD0D1vHk=
+github.com/nicksnyder/go-i18n/v2 v2.5.1/go.mod h1:DrhgsSDZxoAfvVrBVLXoxZn/pN5TXqaDbq7ju94viiQ=
+github.com/onsi/ginkgo/v2 v2.23.0 h1:FA1xjp8ieYDzlgS5ABTpdUDB7wtngggONc8a7ku2NqQ=
+github.com/onsi/ginkgo/v2 v2.23.0/go.mod h1:zXTP6xIp3U8aVuXN8ENK9IXRaTjFnpVB9mGmaSRvxnM=
+github.com/onsi/gomega v1.36.2 h1:koNYke6TVk6ZmnyHrCXba/T/MoLBXFjeC1PtvYgw0A8=
+github.com/onsi/gomega v1.36.2/go.mod h1:DdwyADRjrc825LhMEkD76cHR5+pUnjhUN8GlHlRPHzY=
 github.com/op/go-logging v0.0.0-20160315200505-970db520ece7 h1:lDH9UUVJtmYCjyT0CI4q8xvlXPxeZ0gYCVvWbmPlp88=
 github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk=
-github.com/openzipkin/zipkin-go v0.1.1/go.mod h1:NtoC/o8u3JlF1lSlyPNswIbeQH9bJTmOf0Erfk+hxe8=
 github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8=
 github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c=
-github.com/pelletier/go-toml/v2 v2.2.2 h1:aYUidT7k73Pcl9nb2gScu7NSrKCSHIDE89b3+6Wq+LM=
-github.com/pelletier/go-toml/v2 v2.2.2/go.mod h1:1t835xjRzz80PqgE6HHgN2JOsmgYu/h4qDAS4n929Rs=
-github.com/pires/go-proxyproto v0.7.0 h1:IukmRewDQFWC7kfnb66CSomk2q/seBuilHBYFwyq0Hs=
-github.com/pires/go-proxyproto v0.7.0/go.mod h1:Vz/1JPY/OACxWGQNIRY2BeyDmpoaWmEP40O9LbuiFR4=
-github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pelletier/go-toml/v2 v2.2.3 h1:YmeHyLY8mFWbdkNWwpr+qIL2bEqT0o95WSdkNHvL12M=
+github.com/pelletier/go-toml/v2 v2.2.3/go.mod h1:MfCQTFTvCcUyyvvwm1+G6H/jORL20Xlb6rzQu9GuUkc=
+github.com/pires/go-proxyproto v0.8.0 h1:5unRmEAPbHXHuLjDg01CxJWf91cw3lKHc/0xzKpXEe0=
+github.com/pires/go-proxyproto v0.8.0/go.mod h1:iknsfgnH8EkjrMeMyvfKByp9TiBZCKZM0jx2xmKqnVY=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE=
-github.com/power-devops/perfstat v0.0.0-20221212215047-62379fc7944b h1:0LFwY6Q3gMACTjAbMZBjXAqTOzOwFaj2Ld6cjeQ7Rig=
-github.com/power-devops/perfstat v0.0.0-20221212215047-62379fc7944b/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE=
-github.com/prometheus/client_golang v0.8.0/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
-github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
-github.com/prometheus/common v0.0.0-20180801064454-c7de2306084e/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
-github.com/prometheus/procfs v0.0.0-20180725123919-05ee40e3a273/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
-github.com/quic-go/quic-go v0.44.0 h1:So5wOr7jyO4vzL2sd8/pD9Kesciv91zSk8BoFngItQ0=
-github.com/quic-go/quic-go v0.44.0/go.mod h1:z4cx/9Ny9UtGITIPzmPTXh1ULfOyWh4qGQlpnPcWmek=
-github.com/refraction-networking/utls v1.6.6 h1:igFsYBUJPYM8Rno9xUuDoM5GQrVEqY4llzEXOkL43Ig=
-github.com/refraction-networking/utls v1.6.6/go.mod h1:BC3O4vQzye5hqpmDTWUqi4P5DDhzJfkV1tdqtawQIH0=
+github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 h1:o4JXh1EVt9k/+g42oCprj/FisM4qX9L3sZB3upGN2ZU=
+github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE=
+github.com/quic-go/qpack v0.5.1 h1:giqksBPnT/HDtZ6VhtFKgoLOWmlyo9Ei6u9PqzIMbhI=
+github.com/quic-go/qpack v0.5.1/go.mod h1:+PC4XFrEskIVkcLzpEkbLqq1uCoxPhQuvK5rH1ZgaEg=
+github.com/quic-go/quic-go v0.50.0 h1:3H/ld1pa3CYhkcc20TPIyG1bNsdhn9qZBGN3b9/UyUo=
+github.com/quic-go/quic-go v0.50.0/go.mod h1:Vim6OmUvlYdwBhXP9ZVrtGmCMWa3wEqhq3NgYrI8b4E=
+github.com/refraction-networking/utls v1.6.7 h1:zVJ7sP1dJx/WtVuITug3qYUq034cDq9B2MR1K67ULZM=
+github.com/refraction-networking/utls v1.6.7/go.mod h1:BC3O4vQzye5hqpmDTWUqi4P5DDhzJfkV1tdqtawQIH0=
 github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg=
 github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3/go.mod h1:HgjTstvQsPGkxUsCd2KWxErBblirPizecHcpD3ffK+s=
 github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs=
 github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro=
-github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M=
-github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA=
-github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
-github.com/sagernet/sing v0.3.8 h1:gm4JKalPhydMYX2zFOTnnd4TXtM/16WFRqSjMepYQQk=
-github.com/sagernet/sing v0.3.8/go.mod h1:+60H3Cm91RnL9dpVGWDPHt0zTQImO9Vfqt9a4rSambI=
-github.com/sagernet/sing-shadowsocks v0.2.6 h1:xr7ylAS/q1cQYS8oxKKajhuQcchd5VJJ4K4UZrrpp0s=
-github.com/sagernet/sing-shadowsocks v0.2.6/go.mod h1:j2YZBIpWIuElPFL/5sJAj470bcn/3QQ5lxZUNKLDNAM=
-github.com/savsgio/gotils v0.0.0-20240303185622-093b76447511 h1:KanIMPX0QdEdB4R3CiimCAbxFrhB3j7h0/OvpYGVQa8=
-github.com/savsgio/gotils v0.0.0-20240303185622-093b76447511/go.mod h1:sM7Mt7uEoCeFSCBM+qBrqvEo+/9vdmj19wzp3yzUhmg=
-github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb h1:XfLJSPIOUX+osiMraVgIrMR27uMXnRJWGm1+GL8/63U=
-github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb/go.mod h1:bR6DqgcAl1zTcOX8/pE2Qkj9XO00eCNqmKb7lXP8EAg=
-github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
-github.com/shirou/gopsutil/v3 v3.24.4 h1:dEHgzZXt4LMNm+oYELpzl9YCqV65Yr/6SfrvgRBtXeU=
-github.com/shirou/gopsutil/v3 v3.24.4/go.mod h1:lTd2mdiOspcqLgAnr9/nGi71NkeMpWKdmhuxm9GusH8=
-github.com/shoenig/go-m1cpu v0.1.6 h1:nxdKQNcEB6vzgA2E2bvzKIYRuNj7XNJ4S/aRSwKzFtM=
-github.com/shoenig/go-m1cpu v0.1.6/go.mod h1:1JJMcUBvfNwpq05QDQVAnx3gUHr9IYF7GNg9SUEw2VQ=
-github.com/shoenig/test v0.6.4 h1:kVTaSd7WLz5WZ2IaoM0RSzRsUD+m8wRR+5qvntpn4LU=
-github.com/shoenig/test v0.6.4/go.mod h1:byHiCGXqrVaflBLAMq/srcZIHynQPQgeyvkvXnjqq0k=
-github.com/shurcooL/component v0.0.0-20170202220835-f88ec8f54cc4/go.mod h1:XhFIlyj5a1fBNx5aJTbKoIq0mNaPvOagO+HjB3EtxrY=
-github.com/shurcooL/events v0.0.0-20181021180414-410e4ca65f48/go.mod h1:5u70Mqkb5O5cxEA8nxTsgrgLehJeAw6Oc4Ab1c/P1HM=
-github.com/shurcooL/github_flavored_markdown v0.0.0-20181002035957-2122de532470/go.mod h1:2dOwnU2uBioM+SGy2aZoq1f/Sd1l9OkAeAUvjSyvgU0=
-github.com/shurcooL/go v0.0.0-20180423040247-9e1955d9fb6e/go.mod h1:TDJrrUr11Vxrven61rcy3hJMUqaf/CLWYhHNPmT14Lk=
-github.com/shurcooL/go-goon v0.0.0-20170922171312-37c2f522c041/go.mod h1:N5mDOmsrJOB+vfqUK+7DmDyjhSLIIBnXo9lvZJj3MWQ=
-github.com/shurcooL/gofontwoff v0.0.0-20180329035133-29b52fc0a18d/go.mod h1:05UtEgK5zq39gLST6uB0cf3NEHjETfB4Fgr3Gx5R9Vw=
-github.com/shurcooL/gopherjslib v0.0.0-20160914041154-feb6d3990c2c/go.mod h1:8d3azKNyqcHP1GaQE/c6dDgjkgSx2BZ4IoEi4F1reUI=
-github.com/shurcooL/highlight_diff v0.0.0-20170515013008-09bb4053de1b/go.mod h1:ZpfEhSmds4ytuByIcDnOLkTHGUI6KNqRNPDLHDk+mUU=
-github.com/shurcooL/highlight_go v0.0.0-20181028180052-98c3abbbae20/go.mod h1:UDKB5a1T23gOMUJrI+uSuH0VRDStOiUVSjBTRDVBVag=
-github.com/shurcooL/home v0.0.0-20181020052607-80b7ffcb30f9/go.mod h1:+rgNQw2P9ARFAs37qieuu7ohDNQ3gds9msbT2yn85sg=
-github.com/shurcooL/htmlg v0.0.0-20170918183704-d01228ac9e50/go.mod h1:zPn1wHpTIePGnXSHpsVPWEktKXHr6+SS6x/IKRb7cpw=
-github.com/shurcooL/httperror v0.0.0-20170206035902-86b7830d14cc/go.mod h1:aYMfkZ6DWSJPJ6c4Wwz3QtW22G7mf/PEgaB9k/ik5+Y=
-github.com/shurcooL/httpfs v0.0.0-20171119174359-809beceb2371/go.mod h1:ZY1cvUeJuFPAdZ/B6v7RHavJWZn2YPVFQ1OSXhCGOkg=
-github.com/shurcooL/httpgzip v0.0.0-20180522190206-b1c53ac65af9/go.mod h1:919LwcH0M7/W4fcZ0/jy0qGght1GIhqyS/EgWGH2j5Q=
-github.com/shurcooL/issues v0.0.0-20181008053335-6292fdc1e191/go.mod h1:e2qWDig5bLteJ4fwvDAc2NHzqFEthkqn7aOZAOpj+PQ=
-github.com/shurcooL/issuesapp v0.0.0-20180602232740-048589ce2241/go.mod h1:NPpHK2TI7iSaM0buivtFUc9offApnI0Alt/K8hcHy0I=
-github.com/shurcooL/notifications v0.0.0-20181007000457-627ab5aea122/go.mod h1:b5uSkrEVM1jQUspwbixRBhaIjIzL2xazXp6kntxYle0=
-github.com/shurcooL/octicon v0.0.0-20181028054416-fa4f57f9efb2/go.mod h1:eWdoE5JD4R5UVWDucdOPg1g2fqQRq78IQa9zlOV1vpQ=
-github.com/shurcooL/reactions v0.0.0-20181006231557-f2e0b4ca5b82/go.mod h1:TCR1lToEk4d2s07G3XGfz2QrgHXg4RJBvjrOozvoWfk=
-github.com/shurcooL/sanitized_anchor_name v0.0.0-20170918181015-86672fcb3f95/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
-github.com/shurcooL/users v0.0.0-20180125191416-49c67e49c537/go.mod h1:QJTqeLYEDaXHZDBsXlPCDqdhQuJkuw4NOtaxYe3xii4=
-github.com/shurcooL/webdavfs v0.0.0-20170829043945-18c3829fa133/go.mod h1:hKmq5kWdCj2z2KEozexVbfEZIWiTjhE0+UjmZgPqehw=
-github.com/sourcegraph/annotate v0.0.0-20160123013949-f4cad6c6324d/go.mod h1:UdhH50NIW0fCiwBSr0co2m7BnFLdv4fQTgdqdJTHFeE=
-github.com/sourcegraph/syntaxhighlight v0.0.0-20170531221838-bd320f5d308e/go.mod h1:HuIsMU8RRBOtsCgI77wP899iHVBQpCmg4ErYMZB+2IA=
+github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ=
+github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc=
+github.com/sagernet/sing v0.6.3 h1:J1spMc6LMlqUvRjWjvNMAcbvACDneqxB9zxfLuS0UTE=
+github.com/sagernet/sing v0.6.3/go.mod h1:ARkL0gM13/Iv5VCZmci/NuoOlePoIsW0m7BWfln/Hak=
+github.com/sagernet/sing-shadowsocks v0.2.7 h1:zaopR1tbHEw5Nk6FAkM05wCslV6ahVegEZaKMv9ipx8=
+github.com/sagernet/sing-shadowsocks v0.2.7/go.mod h1:0rIKJZBR65Qi0zwdKezt4s57y/Tl1ofkaq6NlkzVuyE=
+github.com/savsgio/gotils v0.0.0-20240704082632-aef3928b8a38 h1:D0vL7YNisV2yqE55+q0lFuGse6U8lxlg7fYTctlT5Gc=
+github.com/savsgio/gotils v0.0.0-20240704082632-aef3928b8a38/go.mod h1:sM7Mt7uEoCeFSCBM+qBrqvEo+/9vdmj19wzp3yzUhmg=
+github.com/seiflotfy/cuckoofilter v0.0.0-20240715131351-a2f2c23f1771 h1:emzAzMZ1L9iaKCTxdy3Em8Wv4ChIAGnfiz18Cda70g4=
+github.com/seiflotfy/cuckoofilter v0.0.0-20240715131351-a2f2c23f1771/go.mod h1:bR6DqgcAl1zTcOX8/pE2Qkj9XO00eCNqmKb7lXP8EAg=
+github.com/shirou/gopsutil/v4 v4.25.2 h1:NMscG3l2CqtWFS86kj3vP7soOczqrQYIEhO/pMvvQkk=
+github.com/shirou/gopsutil/v4 v4.25.2/go.mod h1:34gBYJzyqCDT11b6bMHP0XCvWeU3J61XRT7a2EmCRTA=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
 github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
-github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
@@ -253,13 +165,12 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
-github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
-github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
-github.com/tarm/serial v0.0.0-20180830185346-98f6abe2eb07/go.mod h1:kDXzergiv9cbyO7IOYJZWg1U88JhDg3PB6klq9Hg2pA=
-github.com/tklauser/go-sysconf v0.3.12 h1:0QaGUFOdQaIVdPgfITYzaTegZvdCjmYO52cSFAEVmqU=
-github.com/tklauser/go-sysconf v0.3.12/go.mod h1:Ho14jnntGE1fpdOqQEEaiKRpvIavV0hSfmBq8nJbHYI=
-github.com/tklauser/numcpus v0.6.1 h1:ng9scYS7az0Bk4OZLvrNXNSAO2Pxr1XXRAPyjhIx+Fk=
-github.com/tklauser/numcpus v0.6.1/go.mod h1:1XfjsgE2zo8GVw7POkMbHENHzVg3GzmoZ9fESEdAacY=
+github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
+github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/tklauser/go-sysconf v0.3.15 h1:VE89k0criAymJ/Os65CSn1IXaol+1wrsFHEB8Ol49K4=
+github.com/tklauser/go-sysconf v0.3.15/go.mod h1:Dmjwr6tYFIseJw7a3dRLJfsHAMXZ3nEnL/aZY+0IuI4=
+github.com/tklauser/numcpus v0.10.0 h1:18njr6LDBk1zuna922MgdjQuJFjrdppsZG60sHGfjso=
+github.com/tklauser/numcpus v0.10.0/go.mod h1:BiTKazU708GQTYF4mB+cmlpT2Is1gLk7XVuEeem8LsQ=
 github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI=
 github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08=
 github.com/ugorji/go/codec v1.2.12 h1:9LC83zGrHhuUA9l16C9AHXAqEV/2wBQ4nkvumAE65EE=
@@ -268,152 +179,92 @@ github.com/v2fly/ss-bloomring v0.0.0-20210312155135-28617310f63e h1:5QefA066A1tF
 github.com/v2fly/ss-bloomring v0.0.0-20210312155135-28617310f63e/go.mod h1:5t19P9LBIrNamL6AcMQOncg/r10y3Pc01AbHeMhwlpU=
 github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
 github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
-github.com/valyala/fasthttp v1.53.0 h1:lW/+SUkOxCx2vlIu0iaImv4JLrVRnbbkpCoaawvA4zc=
-github.com/valyala/fasthttp v1.53.0/go.mod h1:6dt4/8olwq9QARP/TDuPmWyWcl4byhpvTJ4AAtcz+QM=
+github.com/valyala/fasthttp v1.59.0 h1:Qu0qYHfXvPk1mSLNqcFtEk6DpxgA26hy6bmydotDpRI=
+github.com/valyala/fasthttp v1.59.0/go.mod h1:GTxNb9Bc6r2a9D0TWNSPwDz78UxnTGBViY3xZNEqyYU=
 github.com/valyala/fastjson v1.6.4 h1:uAUNq9Z6ymTgGhcm0UynUAB6tlbakBrz6CQFax3BXVQ=
 github.com/valyala/fastjson v1.6.4/go.mod h1:CLCAqky6SMuOcxStkYQvblddUtoRxhYMGLrsQns1aXY=
-github.com/viant/assertly v0.4.8/go.mod h1:aGifi++jvCrUaklKEKT0BU95igDNaqkvz+49uaYMPRU=
-github.com/viant/toolbox v0.24.0/go.mod h1:OxMCG57V0PXuIP2HNQrtJf2CjqdmbrOx5EkMILuUhzM=
-github.com/vishvananda/netlink v1.2.1-beta.2.0.20230316163032-ced5aaba43e3 h1:tkMT5pTye+1NlKIXETU78NXw0fyjnaNHmJyyLyzw8+U=
-github.com/vishvananda/netlink v1.2.1-beta.2.0.20230316163032-ced5aaba43e3/go.mod h1:cAAsePK2e15YDAMJNyOpGYEWNe4sIghTY7gpz4cX/Ik=
-github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0=
-github.com/vishvananda/netns v0.0.4 h1:Oeaw1EM2JMxD51g9uhtC0D7erkIjgmj8+JZc26m1YX8=
+github.com/vishvananda/netlink v1.3.0 h1:X7l42GfcV4S6E4vHTsw48qbrV+9PVojNfIhZcwQdrZk=
+github.com/vishvananda/netlink v1.3.0/go.mod h1:i6NetklAujEcC6fK0JPjT8qSwWyO0HLn4UKG+hGqeJs=
 github.com/vishvananda/netns v0.0.4/go.mod h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZlaprSwhNNJM=
-github.com/xtls/reality v0.0.0-20240429224917-ecc4401070cc h1:0Nj8T1n7F7+v4vRVroaJIvY6R0vNABLfPH+lzPHRJvI=
-github.com/xtls/reality v0.0.0-20240429224917-ecc4401070cc/go.mod h1:dm4y/1QwzjGaK17ofi0Vs6NpKAHegZky8qk6J2JJZAE=
-github.com/xtls/xray-core v1.8.12 h1:FSEwQxq9VoMDVIu18Iq0sSnASMQ0naWeWEyZwd4jRNY=
-github.com/xtls/xray-core v1.8.12/go.mod h1:h4A21+wcMIFDAqHzSKTXMZQr3lto6WOTUWodamVi/kM=
+github.com/vishvananda/netns v0.0.5 h1:DfiHV+j8bA32MFM7bfEunvT8IAqQ/NzSJHtcmW5zdEY=
+github.com/vishvananda/netns v0.0.5/go.mod h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZlaprSwhNNJM=
+github.com/xtls/reality v0.0.0-20240909153216-e26ae2305463 h1:g1Cj7d+my6k/HHxLAyxPwyX8i7FGRr6ulBDMkBzg2BM=
+github.com/xtls/reality v0.0.0-20240909153216-e26ae2305463/go.mod h1:BjIOLmkEEtAgloAiVUcYj0Mt+YU00JARZw8AEU0IwAg=
+github.com/xtls/xray-core v1.250306.0 h1:XZyZvSgcpAoVEGnFnxNdoHbSF7Kp77A/0TPk4lhv6rM=
+github.com/xtls/xray-core v1.250306.0/go.mod h1:clXnUOnX6CKWBGgJY4ePYhb/EtTdSrUC7vPfT6m5p4c=
+github.com/xyproto/randomstring v1.0.5 h1:YtlWPoRdgMu3NZtP45drfy1GKoojuR7hmRcnhZqKjWU=
+github.com/xyproto/randomstring v1.0.5/go.mod h1:rgmS5DeNXLivK7YprL0pY+lTuhNQW3iGxZ18UQApw/E=
 github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo0=
 github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0=
-go.opencensus.io v0.18.0/go.mod h1:vKdFvxhtzZ9onBp9VKHK8z/sRpBMnKAsufL7wlDrCOA=
+go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA=
+go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A=
+go.opentelemetry.io/otel v1.34.0 h1:zRLXxLCgL1WyKsPVrgbSdMN4c0FMkDAskSTQP+0hdUY=
+go.opentelemetry.io/otel v1.34.0/go.mod h1:OWFPOQ+h4G8xpyjgqo4SxJYdDQ/qmRH+wivy7zzx9oI=
+go.opentelemetry.io/otel/metric v1.34.0 h1:+eTR3U0MyfWjRDhmFMxe2SsW64QrZ84AOhvqS7Y+PoQ=
+go.opentelemetry.io/otel/metric v1.34.0/go.mod h1:CEDrp0fy2D0MvkXE+dPV7cMi8tWZwX3dmaIhwPOaqHE=
+go.opentelemetry.io/otel/sdk v1.34.0 h1:95zS4k/2GOy069d321O8jWgYsW3MzVV+KuSPKp7Wr1A=
+go.opentelemetry.io/otel/sdk v1.34.0/go.mod h1:0e/pNiaMAqaykJGKbi+tSjWfNNHMTxoC9qANsCzbyxU=
+go.opentelemetry.io/otel/sdk/metric v1.34.0 h1:5CeK9ujjbFVL5c1PhLuStg1wxA7vQv7ce1EK0Gyvahk=
+go.opentelemetry.io/otel/sdk/metric v1.34.0/go.mod h1:jQ/r8Ze28zRKoNRdkjCZxfs6YvBTG1+YIqyFVFYec5w=
+go.opentelemetry.io/otel/trace v1.34.0 h1:+ouXS2V8Rd4hp4580a8q23bg0azF2nI8cqLYnC8mh/k=
+go.opentelemetry.io/otel/trace v1.34.0/go.mod h1:Svm7lSjQD7kG7KJ/MUHPVXSDGz2OX4h0M2jHBhmSfRE=
 go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE=
 go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
-go.uber.org/mock v0.4.0 h1:VcM4ZOtdbR4f6VXfiOpwpVJDL6lCReaZ6mw31wqh7KU=
-go.uber.org/mock v0.4.0/go.mod h1:a6FSlNadKUHUa9IP5Vyt1zh4fC7uAwxMutEAscFbkZc=
-go4.org v0.0.0-20180809161055-417644f6feb5/go.mod h1:MkTOUMDaeVYJUOUsaDXIhWPZYa1yOyC1qaOBpL57BhE=
+go.uber.org/mock v0.5.0 h1:KAMbZvZPyBPWgD14IrIQ38QCyjwpvVVV6K/bHl1IwQU=
+go.uber.org/mock v0.5.0/go.mod h1:ge71pBPLYDk7QIi1LupWxdAykm7KIEFchiOqd6z7qMM=
 go4.org/netipx v0.0.0-20231129151722-fdeea329fbba h1:0b9z3AuHCjxk0x/opv64kcgZLBseWJUpBw5I82+2U4M=
 go4.org/netipx v0.0.0-20231129151722-fdeea329fbba/go.mod h1:PLyyIXexvUFg3Owu6p/WfdlivPbZJsZdgWZlrGope/Y=
-golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
-golang.org/x/arch v0.8.0 h1:3wRIsP3pM4yUptoR96otTUOXI367OS0+c9eeRi9doIc=
-golang.org/x/arch v0.8.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys=
-golang.org/x/build v0.0.0-20190111050920-041ab4dc3f9d/go.mod h1:OWs+y06UdEOHN4y+MfF/py+xQ/tYqIWW03b70/CG9Rw=
-golang.org/x/crypto v0.0.0-20181030102418-4d3f4d9ffa16/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
-golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20190313024323-a1f597ede03a/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.23.0 h1:dIJU/v2J8Mdglj/8rJ6UUOM3Zc9zLZxVZwwxMooUSAI=
-golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
-golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
-golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 h1:vr/HnozRka3pE4EsMEg1lgkXJkTFJCVUX+S/ZT6wYzM=
-golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842/go.mod h1:XtvwrStGgqGPLc4cjQfWqZHG1YFdYs6swckp8vpsjnc=
-golang.org/x/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
-golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
-golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
-golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA=
-golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
-golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20181029044818-c44066c5c816/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20181106065722-10aee1819953/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190313220215-9f648a60d977/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac=
-golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
-golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
-golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
-golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
-golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
-golang.org/x/perf v0.0.0-20180704124530-6e6d33e29852/go.mod h1:JLpeXjPJfIyPr5TlbXLkXWLhP8nz10XfvxElABhCtcw=
-golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=
-golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20181029174526-d69651ed3497/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190316082340-a2f829d7f35f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/arch v0.15.0 h1:QtOrQd0bTUnhNVNndMpLHNWrDmYzZ2KDqSrEymqInZw=
+golang.org/x/arch v0.15.0/go.mod h1:JmwW7aLIoRUKgaTzhkiEFxvcEiQGyOg9BMonBJUS7EE=
+golang.org/x/crypto v0.36.0 h1:AnAEvhDddvBdpY+uR+MyHmuZzzNqXSe/GvuDeob5L34=
+golang.org/x/crypto v0.36.0/go.mod h1:Y4J0ReaxCR1IMaabaSMugxJES1EpwhBHhv2bDHklZvc=
+golang.org/x/exp v0.0.0-20250305212735-054e65f0b394 h1:nDVHiLt8aIbd/VzvPWN6kSOPE7+F/fNFDSXLVYkE/Iw=
+golang.org/x/exp v0.0.0-20250305212735-054e65f0b394/go.mod h1:sIifuuw/Yco/y6yb6+bDNfyeQ/MdPUy/hKEMYQV17cM=
+golang.org/x/mod v0.24.0 h1:ZfthKaKaT4NrhGVZHO1/WDTwGES4De8KtWO0SIbNJMU=
+golang.org/x/mod v0.24.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww=
+golang.org/x/net v0.37.0 h1:1zLorHbz+LYj7MQlSf1+2tPIIgibq2eL5xkrGk6f+2c=
+golang.org/x/net v0.37.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8=
+golang.org/x/sync v0.12.0 h1:MHc5BpPuC30uJk597Ri8TV3CNZcTLu6B6z4lJy+g6Jw=
+golang.org/x/sync v0.12.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
 golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200217220822-9197077df867/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201204225414-ed752295db88/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20220804214406-8e32c043e418/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y=
-golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk=
-golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
-golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
-golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
-golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20181030000716-a0a13e073c7b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
-golang.org/x/tools v0.21.0 h1:qc0xYgIbsSDt9EyWz05J5wfa7LOVW0YTLOXrqdLAWIw=
-golang.org/x/tools v0.21.0/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
-golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik=
+golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
+golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY=
+golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4=
+golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0=
+golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
+golang.org/x/tools v0.31.0 h1:0EedkvKDbh+qistFTd0Bcwe/YLh4vHwWEkiI0toFIBU=
+golang.org/x/tools v0.31.0/go.mod h1:naFTU+Cev749tSJRXJlna0T3WxKvb1kWEx15xA4SdmQ=
 golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 h1:B82qJJgjvYKsXS9jeunTOisW56dUokqW/FOteYJJ/yg=
 golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2/go.mod h1:deeaetjYA+DHMHg+sMSMI58GrEteJUUzzw7en6TJQcI=
 golang.zx2c4.com/wireguard v0.0.0-20231211153847-12269c276173 h1:/jFs0duh4rdb8uIfPMv78iAJGcPKDeqAFnaLBropIC4=
 golang.zx2c4.com/wireguard v0.0.0-20231211153847-12269c276173/go.mod h1:tkCQ4FQXmpAgYVh++1cq16/dH4QJtmvpRv19DWGAHSA=
-google.golang.org/api v0.0.0-20180910000450-7ca32eb868bf/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0=
-google.golang.org/api v0.0.0-20181030000543-1d582fd0359e/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0=
-google.golang.org/api v0.1.0/go.mod h1:UGEZY7KEX120AnNLIHFMKIo4obdJhkp2tPbaPlQx13Y=
-google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
-google.golang.org/appengine v1.2.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
-google.golang.org/appengine v1.3.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
-google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
-google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
-google.golang.org/genproto v0.0.0-20180831171423-11092d34479b/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
-google.golang.org/genproto v0.0.0-20181029155118-b69ba1387ce2/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
-google.golang.org/genproto v0.0.0-20181202183823-bd91e49a0898/go.mod h1:7Ep/1NZk928CDR8SjdVbjWNpdIf6nzjE3BTgJDr2Atg=
-google.golang.org/genproto v0.0.0-20190306203927-b5d61aea6440/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20240415180920-8c6c420018be h1:LG9vZxsWGOmUKieR8wPAUR3u3MpnYFQZROPIMaXh7/A=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20240415180920-8c6c420018be/go.mod h1:WtryC6hu0hhx87FDGxWCDptyssuo68sk10vYjF+T9fY=
-google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw=
-google.golang.org/grpc v1.16.0/go.mod h1:0JHn/cJsOMiMfNA9+DeHDlAU7KAAB5GDlYFpa9MZMio=
-google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs=
-google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
-google.golang.org/grpc v1.64.0 h1:KH3VH9y/MgNQg1dE7b3XfVK0GsPSIzJwdF617gUSbvY=
-google.golang.org/grpc v1.64.0/go.mod h1:oxjF8E3FBnjp+/gVFYdWacaLDx9na1aqy9oovLpxQYg=
-google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg=
-google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20250303144028-a0af3efb3deb h1:TLPQVbx1GJ8VKZxz52VAxl1EBgKXXbTiU9Fc5fZeLn4=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20250303144028-a0af3efb3deb/go.mod h1:LuRYeWDFV6WOn90g357N17oMCaxpgCnbi/44qJvDn2I=
+google.golang.org/grpc v1.71.0 h1:kF77BGdPTQ4/JZWMlb9VpJ5pa25aqvVqogsxNHHdeBg=
+google.golang.org/grpc v1.71.0/go.mod h1:H0GRtasmQOh9LkFoCPDu3ZrwUtD1YGE+b2vYBYd/8Ec=
+google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM=
+google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
-gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
-gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gorm.io/driver/sqlite v1.5.5 h1:7MDMtUZhV065SilG62E0MquljeArQZNfJnjd9i9gx3E=
-gorm.io/driver/sqlite v1.5.5/go.mod h1:6NgQ7sQWAIFsPrJJl1lSNSu2TABh0ZZ/zm5fosATavE=
-gorm.io/gorm v1.25.10 h1:dQpO+33KalOA+aFYGlK+EfxcI5MbO7EP2yYygwh9h+s=
-gorm.io/gorm v1.25.10/go.mod h1:hbnx/Oo0ChWMn1BIhpy1oYozzpM15i4YPuHDmfYtwg8=
-grpc.go4.org v0.0.0-20170609214715-11d0a25b4919/go.mod h1:77eQGdRu53HpSqPFJFmuJdjuHRquDANNeA4x7B8WQ9o=
-gvisor.dev/gvisor v0.0.0-20231202080848-1f7806d17489 h1:ze1vwAdliUAr68RQ5NtufWaXaOg8WUO2OACzEV+TNdE=
-gvisor.dev/gvisor v0.0.0-20231202080848-1f7806d17489/go.mod h1:10sU+Uh5KKNv1+2x2A0Gvzt8FjD3ASIhorV3YsauXhk=
-honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
-honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
-honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
-lukechampine.com/blake3 v1.3.0 h1:sJ3XhFINmHSrYCgl958hscfIa3bw8x4DqMP3u1YvoYE=
-lukechampine.com/blake3 v1.3.0/go.mod h1:0OFRp7fBtAylGVCO40o87sbupkyIGgbpv1+M1k1LM6k=
+gorm.io/driver/sqlite v1.5.7 h1:8NvsrhP0ifM7LX9G4zPB97NwovUakUxc+2V2uuf3Z1I=
+gorm.io/driver/sqlite v1.5.7/go.mod h1:U+J8craQU6Fzkcvu8oLeAQmi50TkwPEhHDEjQZXDah4=
+gorm.io/gorm v1.25.12 h1:I0u8i2hWQItBq1WfE0o2+WuL9+8L21K9e2HHSTE/0f8=
+gorm.io/gorm v1.25.12/go.mod h1:xh7N7RHfYlNc5EmcI/El95gXusucDrQnHXe0+CgWcLQ=
+gvisor.dev/gvisor v0.0.0-20240320123526-dc6abceb7ff0 h1:P+U/06iIKPQ3DLcg+zBfSCia1luZ2msPZrJ8jYDFPs0=
+gvisor.dev/gvisor v0.0.0-20240320123526-dc6abceb7ff0/go.mod h1:NQHVAzMwvZ+Qe3ElSiHmq9RUm1MdNHpUZ52fiEqvn+0=
+lukechampine.com/blake3 v1.4.0 h1:xDbKOZCVbnZsfzM6mHSYcGRHZ3YrLDzqz8XnV4uaD5w=
+lukechampine.com/blake3 v1.4.0/go.mod h1:MQJNQCTnR+kwOP/JEZSxj3MaQjp80FOFSNMMHXcSeX0=
 nullprogram.com/x/optparse v1.0.0/go.mod h1:KdyPE+Igbe0jQUrVfMqDMeJQIJZEuyV7pjYmp6pbG50=
-rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
-sourcegraph.com/sourcegraph/go-diff v0.5.0/go.mod h1:kuch7UrkMzY0X+p9CRK03kfuPQ2zzQcaEFbx8wA8rck=
-sourcegraph.com/sqs/pbtypes v0.0.0-20180604144634-d3ebe8f20ae4/go.mod h1:ketZ/q3QxT9HOBeFhu6RdvsftgpsbFHBF5Cas6cDKZ0=
--- a/install.sh
+++ b/install.sh
@@ -2,6 +2,7 @@

 red='\033[0;31m'
 green='\033[0;32m'
+blue='\033[0;34m'
 yellow='\033[0;33m'
 plain='\033[0m'

@@ -39,63 +40,79 @@ arch() {
 echo "arch: $(arch)"

 os_version=""
-os_version=$(grep -i version_id /etc/os-release | cut -d \" -f2 | cut -d . -f1)
+os_version=$(grep "^VERSION_ID" /etc/os-release | cut -d '=' -f2 | tr -d '"' | tr -d '.')

 if [[ "${release}" == "arch" ]]; then
    echo "Your OS is Arch Linux"
 elif [[ "${release}" == "parch" ]]; then
-    echo "Your OS is Parch linux"
+    echo "Your OS is Parch Linux"
 elif [[ "${release}" == "manjaro" ]]; then
    echo "Your OS is Manjaro"
 elif [[ "${release}" == "armbian" ]]; then
    echo "Your OS is Armbian"
+elif [[ "${release}" == "alpine" ]]; then
+    echo "Your OS is Alpine Linux"
 elif [[ "${release}" == "opensuse-tumbleweed" ]]; then
    echo "Your OS is OpenSUSE Tumbleweed"
+elif [[ "${release}" == "openEuler" ]]; then
+    if [[ ${os_version} -lt 2203 ]]; then
+        echo -e "${red} Please use OpenEuler 22.03 or higher ${plain}\n" && exit 1
+    fi
 elif [[ "${release}" == "centos" ]]; then
    if [[ ${os_version} -lt 8 ]]; then
        echo -e "${red} Please use CentOS 8 or higher ${plain}\n" && exit 1
    fi
 elif [[ "${release}" == "ubuntu" ]]; then
-    if [[ ${os_version} -lt 20 ]]; then
+    if [[ ${os_version} -lt 2004 ]]; then
        echo -e "${red} Please use Ubuntu 20 or higher version!${plain}\n" && exit 1
    fi
 elif [[ "${release}" == "fedora" ]]; then
    if [[ ${os_version} -lt 36 ]]; then
        echo -e "${red} Please use Fedora 36 or higher version!${plain}\n" && exit 1
    fi
+elif [[ "${release}" == "amzn" ]]; then
+    if [[ ${os_version} != "2023" ]]; then
+        echo -e "${red} Please use Amazon Linux 2023!${plain}\n" && exit 1
+    fi
 elif [[ "${release}" == "debian" ]]; then
    if [[ ${os_version} -lt 11 ]]; then
        echo -e "${red} Please use Debian 11 or higher ${plain}\n" && exit 1
    fi
 elif [[ "${release}" == "almalinux" ]]; then
-    if [[ ${os_version} -lt 9 ]]; then
-        echo -e "${red} Please use AlmaLinux 9 or higher ${plain}\n" && exit 1
+    if [[ ${os_version} -lt 80 ]]; then
+        echo -e "${red} Please use AlmaLinux 8.0 or higher ${plain}\n" && exit 1
    fi
 elif [[ "${release}" == "rocky" ]]; then
-    if [[ ${os_version} -lt 9 ]]; then
-        echo -e "${red} Please use Rocky Linux 9 or higher ${plain}\n" && exit 1
+    if [[ ${os_version} -lt 8 ]]; then
+        echo -e "${red} Please use Rocky Linux 8 or higher ${plain}\n" && exit 1
    fi
-elif [[ "${release}" == "oracle" ]]; then
+elif [[ "${release}" == "ol" ]]; then
    if [[ ${os_version} -lt 8 ]]; then
        echo -e "${red} Please use Oracle Linux 8 or higher ${plain}\n" && exit 1
    fi
+elif [[ "${release}" == "virtuozzo" ]]; then
+    if [[ ${os_version} -lt 8 ]]; then
+        echo -e "${red} Please use Virtuozzo Linux 8 or higher ${plain}\n" && exit 1
+    fi
 else
    echo -e "${red}Your operating system is not supported by this script.${plain}\n"
    echo "Please ensure you are using one of the following supported operating systems:"
    echo "- Ubuntu 20.04+"
    echo "- Debian 11+"
    echo "- CentOS 8+"
+    echo "- OpenEuler 22.03+"
    echo "- Fedora 36+"
    echo "- Arch Linux"
    echo "- Parch Linux"
    echo "- Manjaro"
    echo "- Armbian"
-    echo "- AlmaLinux 9+"
-    echo "- Rocky Linux 9+"
+    echo "- AlmaLinux 8.0+"
+    echo "- Rocky Linux 8+"
    echo "- Oracle Linux 8+"
    echo "- OpenSUSE Tumbleweed"
+    echo "- Amazon Linux 2023"
+    echo "- Virtuozzo Linux 8+"
    exit 1
-
 fi

 install_base() {
@@ -103,10 +120,10 @@ install_base() {
    ubuntu | debian | armbian)
        apt-get update && apt-get install -y -q wget curl tar tzdata
        ;;
-    centos | almalinux | rocky | oracle)
+    centos | almalinux | rocky | ol)
        yum -y update && yum install -y -q wget curl tar tzdata
        ;;
-    fedora)
+    fedora | amzn | virtuozzo)
        dnf -y update && dnf install -y -q wget curl tar tzdata
        ;;
    arch | manjaro | parch)
@@ -121,38 +138,69 @@ install_base() {
    esac
 }

-# This function will be called when user installed x-ui out of security
+gen_random_string() {
+    local length="$1"
+    local random_string=$(LC_ALL=C tr -dc 'a-zA-Z0-9' </dev/urandom | fold -w "$length" | head -n 1)
+    echo "$random_string"
+}
+
 config_after_install() {
-    echo -e "${yellow}Install/update finished! For security it's recommended to modify panel settings ${plain}"
-    read -p "Do you want to continue with the modification [y/n]?": config_confirm
-    if [[ "${config_confirm}" == "y" || "${config_confirm}" == "Y" ]]; then
-        read -p "Please set up your username:" config_account
-        echo -e "${yellow}Your username will be:${config_account}${plain}"
-        read -p "Please set up your password:" config_password
-        echo -e "${yellow}Your password will be:${config_password}${plain}"
-        read -p "Please set up the panel port:" config_port
-        echo -e "${yellow}Your panel port is:${config_port}${plain}"
-        echo -e "${yellow}Initializing, please wait...${plain}"
-        /usr/local/x-ui/x-ui setting -username ${config_account} -password ${config_password}
-        echo -e "${yellow}Account name and password set successfully!${plain}"
-        /usr/local/x-ui/x-ui setting -port ${config_port}
-        echo -e "${yellow}Panel port set successfully!${plain}"
-    else
-        echo -e "${red}cancel...${plain}"
-        if [[ ! -f "/etc/x-ui/x-ui.db" ]]; then
-            local usernameTemp=$(head -c 6 /dev/urandom | base64)
-            local passwordTemp=$(head -c 6 /dev/urandom | base64)
-            /usr/local/x-ui/x-ui setting -username ${usernameTemp} -password ${passwordTemp}
-            echo -e "this is a fresh installation,will generate random login info for security concerns:"
+    local existing_username=$(/usr/local/x-ui/x-ui setting -show true | grep -Eo 'username: .+' | awk '{print $2}')
+    local existing_password=$(/usr/local/x-ui/x-ui setting -show true | grep -Eo 'password: .+' | awk '{print $2}')
+    local existing_webBasePath=$(/usr/local/x-ui/x-ui setting -show true | grep -Eo 'webBasePath: .+' | awk '{print $2}')
+    local existing_port=$(/usr/local/x-ui/x-ui setting -show true | grep -Eo 'port: .+' | awk '{print $2}')
+    local server_ip=$(curl -s https://api.ipify.org)
+
+    if [[ ${#existing_webBasePath} -lt 4 ]]; then
+        if [[ "$existing_username" == "admin" && "$existing_password" == "admin" ]]; then
+            local config_webBasePath=$(gen_random_string 15)
+            local config_username=$(gen_random_string 10)
+            local config_password=$(gen_random_string 10)
+
+            read -p "Would you like to customize the Panel Port settings? (If not, a random port will be applied) [y/n]: " config_confirm
+            if [[ "${config_confirm}" == "y" || "${config_confirm}" == "Y" ]]; then
+                read -p "Please set up the panel port: " config_port
+                echo -e "${yellow}Your Panel Port is: ${config_port}${plain}"
+            else
+                local config_port=$(shuf -i 1024-62000 -n 1)
+                echo -e "${yellow}Generated random port: ${config_port}${plain}"
+            fi
+
+            /usr/local/x-ui/x-ui setting -username "${config_username}" -password "${config_password}" -port "${config_port}" -webBasePath "${config_webBasePath}"
+            echo -e "This is a fresh installation, generating random login info for security concerns:"
            echo -e "###############################################"
-            echo -e "${green}username:${usernameTemp}${plain}"
-            echo -e "${green}password:${passwordTemp}${plain}"
+            echo -e "${green}Username: ${config_username}${plain}"
+            echo -e "${green}Password: ${config_password}${plain}"
+            echo -e "${green}Port: ${config_port}${plain}"
+            echo -e "${green}WebBasePath: ${config_webBasePath}${plain}"
+            echo -e "${green}Access URL: http://${server_ip}:${config_port}/${config_webBasePath}${plain}"
            echo -e "###############################################"
-            echo -e "${red}if you forgot your login info,you can type x-ui and then type 8 to check after installation${plain}"
+            echo -e "${yellow}If you forgot your login info, you can type 'x-ui settings' to check${plain}"
        else
-            echo -e "${red} this is your upgrade,will keep old settings,if you forgot your login info,you can type x-ui and then type 8 to check${plain}"
+            local config_webBasePath=$(gen_random_string 15)
+            echo -e "${yellow}WebBasePath is missing or too short. Generating a new one...${plain}"
+            /usr/local/x-ui/x-ui setting -webBasePath "${config_webBasePath}"
+            echo -e "${green}New WebBasePath: ${config_webBasePath}${plain}"
+            echo -e "${green}Access URL: http://${server_ip}:${existing_port}/${config_webBasePath}${plain}"
+        fi
+    else
+        if [[ "$existing_username" == "admin" && "$existing_password" == "admin" ]]; then
+            local config_username=$(gen_random_string 10)
+            local config_password=$(gen_random_string 10)
+
+            echo -e "${yellow}Default credentials detected. Security update required...${plain}"
+            /usr/local/x-ui/x-ui setting -username "${config_username}" -password "${config_password}"
+            echo -e "Generated new random login credentials:"
+            echo -e "###############################################"
+            echo -e "${green}Username: ${config_username}${plain}"
+            echo -e "${green}Password: ${config_password}${plain}"
+            echo -e "###############################################"
+            echo -e "${yellow}If you forgot your login info, you can type 'x-ui settings' to check${plain}"
+        else
+            echo -e "${green}Username, Password, and WebBasePath are properly set. Exiting...${plain}"
        fi
    fi
+
    /usr/local/x-ui/x-ui migrate
 }

@@ -160,24 +208,32 @@ install_x-ui() {
    cd /usr/local/

    if [ $# == 0 ]; then
-        last_version=$(curl -Ls "https://api.github.com/repos/MHSanaei/3x-ui/releases/latest" | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/')
-        if [[ ! -n "$last_version" ]]; then
-            echo -e "${red}Failed to fetch x-ui version, it maybe due to Github API restrictions, please try it later${plain}"
+        tag_version=$(curl -Ls "https://api.github.com/repos/MHSanaei/3x-ui/releases/latest" | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/')
+        if [[ ! -n "$tag_version" ]]; then
+            echo -e "${red}Failed to fetch x-ui version, it may be due to GitHub API restrictions, please try it later${plain}"
            exit 1
        fi
-        echo -e "Got x-ui latest version: ${last_version}, beginning the installation..."
-        wget -N --no-check-certificate -O /usr/local/x-ui-linux-$(arch).tar.gz https://github.com/MHSanaei/3x-ui/releases/download/${last_version}/x-ui-linux-$(arch).tar.gz
+        echo -e "Got x-ui latest version: ${tag_version}, beginning the installation..."
+        wget -N -O /usr/local/x-ui-linux-$(arch).tar.gz https://github.com/MHSanaei/3x-ui/releases/download/${tag_version}/x-ui-linux-$(arch).tar.gz
        if [[ $? -ne 0 ]]; then
-            echo -e "${red}Downloading x-ui failed, please be sure that your server can access Github ${plain}"
+            echo -e "${red}Downloading x-ui failed, please be sure that your server can access GitHub ${plain}"
            exit 1
        fi
    else
-        last_version=$1
-        url="https://github.com/MHSanaei/3x-ui/releases/download/${last_version}/x-ui-linux-$(arch).tar.gz"
+        tag_version=$1
+        tag_version_numeric=${tag_version#v}
+        min_version="2.3.5"
+
+        if [[ "$(printf '%s\n' "$min_version" "$tag_version_numeric" | sort -V | head -n1)" != "$min_version" ]]; then
+            echo -e "${red}Please use a newer version (at least v2.3.5). Exiting installation.${plain}"
+            exit 1
+        fi
+
+        url="https://github.com/MHSanaei/3x-ui/releases/download/${tag_version}/x-ui-linux-$(arch).tar.gz"
        echo -e "Beginning to install x-ui $1"
-        wget -N --no-check-certificate -O /usr/local/x-ui-linux-$(arch).tar.gz ${url}
+        wget -N -O /usr/local/x-ui-linux-$(arch).tar.gz ${url}
        if [[ $? -ne 0 ]]; then
-            echo -e "${red}Download x-ui $1 failed,please check the version exists ${plain}"
+            echo -e "${red}Download x-ui $1 failed, please check if the version exists ${plain}"
            exit 1
        fi
    fi
@@ -200,7 +256,7 @@ install_x-ui() {

    chmod +x x-ui bin/xray-linux-$(arch)
    cp -f x-ui.service /etc/systemd/system/
-    wget --no-check-certificate -O /usr/bin/x-ui https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.sh
+    wget -O /usr/bin/x-ui https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.sh
    chmod +x /usr/local/x-ui/x-ui.sh
    chmod +x /usr/bin/x-ui
    config_after_install
@@ -208,23 +264,26 @@ install_x-ui() {
    systemctl daemon-reload
    systemctl enable x-ui
    systemctl start x-ui
-    echo -e "${green}x-ui ${last_version}${plain} installation finished, it is running now..."
+    echo -e "${green}x-ui ${tag_version}${plain} installation finished, it is running now..."
    echo -e ""
-    echo -e "x-ui control menu usages: "
-    echo -e "----------------------------------------------"
-    echo -e "x-ui              - Enter     Admin menu"
-    echo -e "x-ui start        - Start     x-ui"
-    echo -e "x-ui stop         - Stop      x-ui"
-    echo -e "x-ui restart      - Restart   x-ui"
-    echo -e "x-ui status       - Show      x-ui status"
-    echo -e "x-ui enable       - Enable    x-ui on system startup"
-    echo -e "x-ui disable      - Disable   x-ui on system startup"
-    echo -e "x-ui log          - Check     x-ui logs"
-    echo -e "x-ui banlog       - Check Fail2ban ban logs"
-    echo -e "x-ui update       - Update    x-ui"
-    echo -e "x-ui install      - Install   x-ui"
-    echo -e "x-ui uninstall    - Uninstall x-ui"
-    echo -e "----------------------------------------------"
+    echo -e "┌───────────────────────────────────────────────────────┐
+│  ${blue}x-ui control menu usages (subcommands):${plain}              │
+│                                                       │
+│  ${blue}x-ui${plain}              - Admin Management Script          │
+│  ${blue}x-ui start${plain}        - Start                            │
+│  ${blue}x-ui stop${plain}         - Stop                             │
+│  ${blue}x-ui restart${plain}      - Restart                          │
+│  ${blue}x-ui status${plain}       - Current Status                   │
+│  ${blue}x-ui settings${plain}     - Current Settings                 │
+│  ${blue}x-ui enable${plain}       - Enable Autostart on OS Startup   │
+│  ${blue}x-ui disable${plain}      - Disable Autostart on OS Startup  │
+│  ${blue}x-ui log${plain}          - Check logs                       │
+│  ${blue}x-ui banlog${plain}       - Check Fail2ban ban logs          │
+│  ${blue}x-ui update${plain}       - Update                           │
+│  ${blue}x-ui legacy${plain}       - legacy version                   │
+│  ${blue}x-ui install${plain}      - Install                          │
+│  ${blue}x-ui uninstall${plain}    - Uninstall                        │
+└───────────────────────────────────────────────────────┘"
 }

 echo -e "${green}Running...${plain}"
--- a/main.go
+++ b/main.go
@@ -21,7 +21,7 @@ import (
 )

 func runWebServer() {
-	log.Printf("%v %v", config.GetName(), config.GetVersion())
+	log.Printf("Starting %v %v", config.GetName(), config.GetVersion())

 	switch config.GetLogLevel() {
 	case config.Debug:
@@ -35,31 +35,29 @@ func runWebServer() {
 	case config.Error:
 		logger.InitLogger(logging.ERROR)
 	default:
-		log.Fatal("unknown log level:", config.GetLogLevel())
+		log.Fatalf("Unknown log level: %v", config.GetLogLevel())
 	}

 	err := database.InitDB(config.GetDBPath())
 	if err != nil {
-		log.Fatal(err)
+		log.Fatalf("Error initializing database: %v", err)
 	}

 	var server *web.Server
-
 	server = web.NewServer()
 	global.SetWebServer(server)
 	err = server.Start()
 	if err != nil {
-		log.Println(err)
+		log.Fatalf("Error starting web server: %v", err)
 		return
 	}

 	var subServer *sub.Server
 	subServer = sub.NewServer()
 	global.SetSubServer(subServer)
-
 	err = subServer.Start()
 	if err != nil {
-		log.Println(err)
+		log.Fatalf("Error starting sub server: %v", err)
 		return
 	}

@@ -71,34 +69,39 @@ func runWebServer() {

 		switch sig {
 		case syscall.SIGHUP:
+			logger.Info("Received SIGHUP signal. Restarting servers...")
+
 			err := server.Stop()
 			if err != nil {
-				logger.Warning("stop server err:", err)
+				logger.Debug("Error stopping web server:", err)
 			}
 			err = subServer.Stop()
 			if err != nil {
-				logger.Warning("stop server err:", err)
+				logger.Debug("Error stopping sub server:", err)
 			}

 			server = web.NewServer()
 			global.SetWebServer(server)
 			err = server.Start()
 			if err != nil {
-				log.Println(err)
+				log.Fatalf("Error restarting web server: %v", err)
 				return
 			}
+			log.Println("Web server restarted successfully.")

 			subServer = sub.NewServer()
 			global.SetSubServer(subServer)
-
 			err = subServer.Start()
 			if err != nil {
-				log.Println(err)
+				log.Fatalf("Error restarting sub server: %v", err)
 				return
 			}
+			log.Println("Sub server restarted successfully.")
+
 		default:
 			server.Stop()
 			subServer.Stop()
+			log.Println("Shutting down servers.")
 			return
 		}
 	}
@@ -107,16 +110,16 @@ func runWebServer() {
 func resetSetting() {
 	err := database.InitDB(config.GetDBPath())
 	if err != nil {
-		fmt.Println(err)
+		fmt.Println("Failed to initialize database:", err)
 		return
 	}

 	settingService := service.SettingService{}
 	err = settingService.ResetSettings()
 	if err != nil {
-		fmt.Println("reset setting failed:", err)
+		fmt.Println("Failed to reset settings:", err)
 	} else {
-		fmt.Println("reset setting success")
+		fmt.Println("Settings successfully reset.")
 	}
 }

@@ -125,40 +128,63 @@ func showSetting(show bool) {
 		settingService := service.SettingService{}
 		port, err := settingService.GetPort()
 		if err != nil {
-			fmt.Println("get current port failed,error info:", err)
+			fmt.Println("get current port failed, error info:", err)
 		}
+
+		webBasePath, err := settingService.GetBasePath()
+		if err != nil {
+			fmt.Println("get webBasePath failed, error info:", err)
+		}
+
+		certFile, err := settingService.GetCertFile()
+		if err != nil {
+			fmt.Println("get cert file failed, error info:", err)
+		}
+		keyFile, err := settingService.GetKeyFile()
+		if err != nil {
+			fmt.Println("get key file failed, error info:", err)
+		}
+
 		userService := service.UserService{}
 		userModel, err := userService.GetFirstUser()
 		if err != nil {
-			fmt.Println("get current user info failed,error info:", err)
+			fmt.Println("get current user info failed, error info:", err)
 		}
+
 		username := userModel.Username
 		userpasswd := userModel.Password
-		if (username == "") || (userpasswd == "") {
+		if username == "" || userpasswd == "" {
 			fmt.Println("current username or password is empty")
 		}
+
 		fmt.Println("current panel settings as follows:")
+		if certFile == "" || keyFile == "" {
+			fmt.Println("Warning: Panel is not secure with SSL")
+		} else {
+			fmt.Println("Panel is secure with SSL")
+		}
 		fmt.Println("username:", username)
-		fmt.Println("userpasswd:", userpasswd)
+		fmt.Println("password:", userpasswd)
 		fmt.Println("port:", port)
+		fmt.Println("webBasePath:", webBasePath)
 	}
 }

 func updateTgbotEnableSts(status bool) {
 	settingService := service.SettingService{}
-	currentTgSts, err := settingService.GetTgbotenabled()
+	currentTgSts, err := settingService.GetTgbotEnabled()
 	if err != nil {
 		fmt.Println(err)
 		return
 	}
 	logger.Infof("current enabletgbot status[%v],need update to status[%v]", currentTgSts, status)
 	if currentTgSts != status {
-		err := settingService.SetTgbotenabled(status)
+		err := settingService.SetTgbotEnabled(status)
 		if err != nil {
 			fmt.Println(err)
 			return
 		} else {
-			logger.Infof("SetTgbotenabled[%v] success", status)
+			logger.Infof("SetTgbotEnabled[%v] success", status)
 		}
 	}
 }
@@ -166,7 +192,7 @@ func updateTgbotEnableSts(status bool) {
 func updateTgbotSetting(tgBotToken string, tgBotChatid string, tgBotRuntime string) {
 	err := database.InitDB(config.GetDBPath())
 	if err != nil {
-		fmt.Println(err)
+		fmt.Println("Error initializing database:", err)
 		return
 	}

@@ -175,59 +201,133 @@ func updateTgbotSetting(tgBotToken string, tgBotChatid string, tgBotRuntime stri
 	if tgBotToken != "" {
 		err := settingService.SetTgBotToken(tgBotToken)
 		if err != nil {
-			fmt.Println(err)
+			fmt.Printf("Error setting Telegram bot token: %v\n", err)
 			return
-		} else {
-			logger.Info("updateTgbotSetting tgBotToken success")
 		}
+		logger.Info("Successfully updated Telegram bot token.")
 	}

 	if tgBotRuntime != "" {
 		err := settingService.SetTgbotRuntime(tgBotRuntime)
 		if err != nil {
-			fmt.Println(err)
+			fmt.Printf("Error setting Telegram bot runtime: %v\n", err)
 			return
-		} else {
-			logger.Infof("updateTgbotSetting tgBotRuntime[%s] success", tgBotRuntime)
 		}
+		logger.Infof("Successfully updated Telegram bot runtime to [%s].", tgBotRuntime)
 	}

 	if tgBotChatid != "" {
 		err := settingService.SetTgBotChatId(tgBotChatid)
 		if err != nil {
-			fmt.Println(err)
+			fmt.Printf("Error setting Telegram bot chat ID: %v\n", err)
 			return
+		}
+		logger.Info("Successfully updated Telegram bot chat ID.")
+	}
+}
+
+func updateSetting(port int, username string, password string, webBasePath string, listenIP string) {
+	err := database.InitDB(config.GetDBPath())
+	if err != nil {
+		fmt.Println("Database initialization failed:", err)
+		return
+	}
+
+	settingService := service.SettingService{}
+	userService := service.UserService{}
+
+	if port > 0 {
+		err := settingService.SetPort(port)
+		if err != nil {
+			fmt.Println("Failed to set port:", err)
 		} else {
-			logger.Info("updateTgbotSetting tgBotChatid success")
+			fmt.Printf("Port set successfully: %v\n", port)
+		}
+	}
+
+	if username != "" || password != "" {
+		err := userService.UpdateFirstUser(username, password)
+		if err != nil {
+			fmt.Println("Failed to update username and password:", err)
+		} else {
+			fmt.Println("Username and password updated successfully")
+		}
+	}
+
+	if webBasePath != "" {
+		err := settingService.SetBasePath(webBasePath)
+		if err != nil {
+			fmt.Println("Failed to set base URI path:", err)
+		} else {
+			fmt.Println("Base URI path set successfully")
+		}
+	}
+
+	if listenIP != "" {
+		err := settingService.SetListen(listenIP)
+		if err != nil {
+			fmt.Println("Failed to set listen IP:", err)
+		} else {
+			fmt.Printf("listen %v set successfully", listenIP)
 		}
 	}
 }

-func updateSetting(port int, username string, password string) {
+func updateCert(publicKey string, privateKey string) {
 	err := database.InitDB(config.GetDBPath())
 	if err != nil {
 		fmt.Println(err)
 		return
 	}

-	settingService := service.SettingService{}
+	if (privateKey != "" && publicKey != "") || (privateKey == "" && publicKey == "") {
+		settingService := service.SettingService{}
+		err = settingService.SetCertFile(publicKey)
+		if err != nil {
+			fmt.Println("set certificate public key failed:", err)
+		} else {
+			fmt.Println("set certificate public key success")
+		}

-	if port > 0 {
-		err := settingService.SetPort(port)
+		err = settingService.SetKeyFile(privateKey)
 		if err != nil {
-			fmt.Println("set port failed:", err)
+			fmt.Println("set certificate private key failed:", err)
 		} else {
-			fmt.Printf("set port %v success", port)
+			fmt.Println("set certificate private key success")
 		}
+	} else {
+		fmt.Println("both public and private key should be entered.")
 	}
-	if username != "" || password != "" {
-		userService := service.UserService{}
-		err := userService.UpdateFirstUser(username, password)
+}
+
+func GetCertificate(getCert bool) {
+	if getCert {
+		settingService := service.SettingService{}
+		certFile, err := settingService.GetCertFile()
 		if err != nil {
-			fmt.Println("set username and password failed:", err)
-		} else {
-			fmt.Println("set username and password success")
+			fmt.Println("get cert file failed, error info:", err)
 		}
+		keyFile, err := settingService.GetKeyFile()
+		if err != nil {
+			fmt.Println("get key file failed, error info:", err)
+		}
+
+		fmt.Println("cert:", certFile)
+		fmt.Println("key:", keyFile)
+	}
+}
+
+func GetListenIP(getListen bool) {
+	if getListen {
+
+		settingService := service.SettingService{}
+		ListenIP, err := settingService.GetListen()
+		if err != nil {
+			log.Printf("Failed to retrieve listen IP: %v", err)
+			return
+		}
+
+		fmt.Println("listenIP:", ListenIP)
 	}
 }

@@ -288,23 +388,35 @@ func main() {
 	var port int
 	var username string
 	var password string
+	var webBasePath string
+	var listenIP string
+	var getListen bool
+	var webCertFile string
+	var webKeyFile string
 	var tgbottoken string
 	var tgbotchatid string
 	var enabletgbot bool
 	var tgbotRuntime string
 	var reset bool
 	var show bool
+	var getCert bool
 	var remove_secret bool
-	settingCmd.BoolVar(&reset, "reset", false, "reset all settings")
-	settingCmd.BoolVar(&show, "show", false, "show current settings")
-	settingCmd.BoolVar(&remove_secret, "remove_secret", false, "remove secret")
-	settingCmd.IntVar(&port, "port", 0, "set panel port")
-	settingCmd.StringVar(&username, "username", "", "set login username")
-	settingCmd.StringVar(&password, "password", "", "set login password")
-	settingCmd.StringVar(&tgbottoken, "tgbottoken", "", "set telegram bot token")
-	settingCmd.StringVar(&tgbotRuntime, "tgbotRuntime", "", "set telegram bot cron time")
-	settingCmd.StringVar(&tgbotchatid, "tgbotchatid", "", "set telegram bot chat id")
-	settingCmd.BoolVar(&enabletgbot, "enabletgbot", false, "enable telegram bot notify")
+	settingCmd.BoolVar(&reset, "reset", false, "Reset all settings")
+	settingCmd.BoolVar(&show, "show", false, "Display current settings")
+	settingCmd.BoolVar(&remove_secret, "remove_secret", false, "Remove secret key")
+	settingCmd.IntVar(&port, "port", 0, "Set panel port number")
+	settingCmd.StringVar(&username, "username", "", "Set login username")
+	settingCmd.StringVar(&password, "password", "", "Set login password")
+	settingCmd.StringVar(&webBasePath, "webBasePath", "", "Set base path for Panel")
+	settingCmd.StringVar(&listenIP, "listenIP", "", "set panel listenIP IP")
+	settingCmd.BoolVar(&getListen, "getListen", false, "Display current panel listenIP IP")
+	settingCmd.BoolVar(&getCert, "getCert", false, "Display current certificate settings")
+	settingCmd.StringVar(&webCertFile, "webCert", "", "Set path to public key file for panel")
+	settingCmd.StringVar(&webKeyFile, "webCertKey", "", "Set path to private key file for panel")
+	settingCmd.StringVar(&tgbottoken, "tgbottoken", "", "Set token for Telegram bot")
+	settingCmd.StringVar(&tgbotRuntime, "tgbotRuntime", "", "Set cron time for Telegram bot notifications")
+	settingCmd.StringVar(&tgbotchatid, "tgbotchatid", "", "Set chat ID for Telegram bot notifications")
+	settingCmd.BoolVar(&enabletgbot, "enabletgbot", false, "Enable notifications via Telegram bot")

 	oldUsage := flag.Usage
 	flag.Usage = func() {
@@ -341,11 +453,17 @@ func main() {
 		if reset {
 			resetSetting()
 		} else {
-			updateSetting(port, username, password)
+			updateSetting(port, username, password, webBasePath, listenIP)
 		}
 		if show {
 			showSetting(show)
 		}
+		if getListen {
+			GetListenIP(getListen)
+		}
+		if getCert {
+			GetCertificate(getCert)
+		}
 		if (tgbottoken != "") || (tgbotchatid != "") || (tgbotRuntime != "") {
 			updateTgbotSetting(tgbottoken, tgbotchatid, tgbotRuntime)
 		}
@@ -355,6 +473,17 @@ func main() {
 		if enabletgbot {
 			updateTgbotEnableSts(enabletgbot)
 		}
+	case "cert":
+		err := settingCmd.Parse(os.Args[2:])
+		if err != nil {
+			fmt.Println(err)
+			return
+		}
+		if reset {
+			updateCert("", "")
+		} else {
+			updateCert(webCertFile, webKeyFile)
+		}
 	default:
 		fmt.Println("Invalid subcommands")
 		fmt.Println()
--- a/media/01-overview-dark.png
+++ b/media/01-overview-dark.png
--- a/media/01-overview-light.png
+++ b/media/01-overview-light.png
--- a/media/02-inbounds-dark.png
+++ b/media/02-inbounds-dark.png
--- a/media/02-inbounds-light.png
+++ b/media/02-inbounds-light.png
--- a/media/03-add-inbound-dark.png
+++ b/media/03-add-inbound-dark.png
--- a/media/03-add-inbound-light.png
+++ b/media/03-add-inbound-light.png
--- a/media/04-add-client-dark.png
+++ b/media/04-add-client-dark.png
--- a/media/04-add-client-light.png
+++ b/media/04-add-client-light.png
--- a/media/05-settings-dark.png
+++ b/media/05-settings-dark.png
--- a/media/05-settings-light.png
+++ b/media/05-settings-light.png
--- a/media/06-configs-dark.png
+++ b/media/06-configs-dark.png
--- a/media/06-configs-light.png
+++ b/media/06-configs-light.png
--- a/media/07-bot-dark.png
+++ b/media/07-bot-dark.png
--- a/media/07-bot-light.png
+++ b/media/07-bot-light.png
--- a/media/1.png
+++ b/media/1.png
--- a/media/2.png
+++ b/media/2.png
--- a/media/3.png
+++ b/media/3.png
--- a/media/3x-ui-dark.png
+++ b/media/3x-ui-dark.png
--- a/media/3x-ui-light.png
+++ b/media/3x-ui-light.png
--- a/media/4.png
+++ b/media/4.png
--- a/media/5.png
+++ b/media/5.png
--- a/media/6.png
+++ b/media/6.png
--- a/media/7.png
+++ b/media/7.png
--- a/media/buymeacoffe.png
+++ b/media/buymeacoffe.png
--- a/sub/default.json
+++ b/sub/default.json
@@ -23,6 +23,7 @@
        "destOverride": [
          "http",
          "tls",
+          "quic",
          "fakedns"
        ],
        "enabled": true
@@ -46,7 +47,9 @@
      "tag": "direct",
      "protocol": "freedom",
      "settings": {
-        "domainStrategy": "UseIP"
+        "domainStrategy": "AsIs",
+        "redirect": "",
+        "noises": []
      }
    },
    {
--- a/sub/sub.go
+++ b/sub/sub.go
@@ -92,6 +92,11 @@ func (s *Server) initRouter() (*gin.Engine, error) {
 		SubJsonFragment = ""
 	}

+	SubJsonNoises, err := s.settingService.GetSubJsonNoises()
+	if err != nil {
+		SubJsonNoises = ""
+	}
+
 	SubJsonMux, err := s.settingService.GetSubJsonMux()
 	if err != nil {
 		SubJsonMux = ""
@@ -106,7 +111,7 @@ func (s *Server) initRouter() (*gin.Engine, error) {

 	s.sub = NewSUBController(
 		g, LinksPath, JsonPath, Encrypt, ShowInfo, RemarkModel, SubUpdates,
-		SubJsonFragment, SubJsonMux, SubJsonRules)
+		SubJsonFragment, SubJsonNoises, SubJsonMux, SubJsonRules)

 	return engine, nil
 }
@@ -163,13 +168,13 @@ func (s *Server) Start() (err error) {
 			}
 			listener = network.NewAutoHttpsListener(listener)
 			listener = tls.NewListener(listener, c)
-			logger.Info("sub server run https on", listener.Addr())
+			logger.Info("Sub server running HTTPS on", listener.Addr())
 		} else {
-			logger.Error("error in loading certificates: ", err)
-			logger.Info("sub server run http on", listener.Addr())
+			logger.Error("Error loading certificates:", err)
+			logger.Info("Sub server running HTTP on", listener.Addr())
 		}
 	} else {
-		logger.Info("sub server run http on", listener.Addr())
+		logger.Info("Sub server running HTTP on", listener.Addr())
 	}
 	s.listener = listener

--- a/sub/subController.go
+++ b/sub/subController.go
@@ -3,6 +3,7 @@ package sub
 import (
 	"encoding/base64"
 	"net"
+	"strings"

 	"github.com/gin-gonic/gin"
 )
@@ -26,6 +27,7 @@ func NewSUBController(
 	rModel string,
 	update string,
 	jsonFragment string,
+	jsonNoise string,
 	jsonMux string,
 	jsonRules string,
 ) *SUBController {
@@ -37,7 +39,7 @@ func NewSUBController(
 		updateInterval: update,

 		subService:     sub,
-		subJsonService: NewSubJsonService(jsonFragment, jsonMux, jsonRules, sub),
+		subJsonService: NewSubJsonService(jsonFragment, jsonNoise, jsonMux, jsonRules, sub),
 	}
 	a.initRouter(g)
 	return a
@@ -54,7 +56,20 @@ func (a *SUBController) initRouter(g *gin.RouterGroup) {

 func (a *SUBController) subs(c *gin.Context) {
 	subId := c.Param("subid")
-	host, _, _ := net.SplitHostPort(c.Request.Host)
+	var host string
+	if h, err := getHostFromXFH(c.GetHeader("X-Forwarded-Host")); err == nil {
+		host = h
+	}
+	if host == "" {
+		host = c.GetHeader("X-Real-IP")
+	}
+	if host == "" {
+		var err error
+		host, _, err = net.SplitHostPort(c.Request.Host)
+		if err != nil {
+			host = c.Request.Host
+		}
+	}
 	subs, header, err := a.subService.GetSubs(subId, host)
 	if err != nil || len(subs) == 0 {
 		c.String(400, "Error!")
@@ -79,7 +94,20 @@ func (a *SUBController) subs(c *gin.Context) {

 func (a *SUBController) subJsons(c *gin.Context) {
 	subId := c.Param("subid")
-	host, _, _ := net.SplitHostPort(c.Request.Host)
+	var host string
+	if h, err := getHostFromXFH(c.GetHeader("X-Forwarded-Host")); err == nil {
+		host = h
+	}
+	if host == "" {
+		host = c.GetHeader("X-Real-IP")
+	}
+	if host == "" {
+		var err error
+		host, _, err = net.SplitHostPort(c.Request.Host)
+		if err != nil {
+			host = c.Request.Host
+		}
+	}
 	jsonSub, header, err := a.subJsonService.GetJson(subId, host)
 	if err != nil || len(jsonSub) == 0 {
 		c.String(400, "Error!")
@@ -93,3 +121,14 @@ func (a *SUBController) subJsons(c *gin.Context) {
 		c.String(200, jsonSub)
 	}
 }
+
+func getHostFromXFH(s string) (string, error) {
+	if strings.Contains(s, ":") {
+		realHost, _, err := net.SplitHostPort(s)
+		if err != nil {
+			return "", err
+		}
+		return realHost, nil
+	}
+	return s, nil
+}
--- a/sub/subJsonService.go
+++ b/sub/subJsonService.go
@@ -21,13 +21,14 @@ type SubJsonService struct {
 	configJson       map[string]interface{}
 	defaultOutbounds []json_util.RawMessage
 	fragment         string
+	noises           string
 	mux              string

 	inboundService service.InboundService
 	SubService     *SubService
 }

-func NewSubJsonService(fragment string, mux string, rules string, subService *SubService) *SubJsonService {
+func NewSubJsonService(fragment string, noises string, mux string, rules string, subService *SubService) *SubJsonService {
 	var configJson map[string]interface{}
 	var defaultOutbounds []json_util.RawMessage
 	json.Unmarshal([]byte(defaultJson), &configJson)
@@ -52,10 +53,15 @@ func NewSubJsonService(fragment string, mux string, rules string, subService *Su
 		defaultOutbounds = append(defaultOutbounds, json_util.RawMessage(fragment))
 	}

+	if noises != "" {
+		defaultOutbounds = append(defaultOutbounds, json_util.RawMessage(noises))
+	}
+
 	return &SubJsonService{
 		configJson:       configJson,
 		defaultOutbounds: defaultOutbounds,
 		fragment:         fragment,
+		noises:           noises,
 		mux:              mux,
 		SubService:       subService,
 	}
@@ -211,7 +217,7 @@ func (s *SubJsonService) streamData(stream string) map[string]interface{} {
 	delete(streamSettings, "sockopt")

 	if s.fragment != "" {
-		streamSettings["sockopt"] = json_util.RawMessage(`{"dialerProxy": "fragment", "tcpKeepAliveIdle": 100, "tcpMptcp": true, "tcpNoDelay": true}`)
+		streamSettings["sockopt"] = json_util.RawMessage(`{"dialerProxy": "fragment", "tcpKeepAliveIdle": 100, "tcpMptcp": true, "penetrate": true}`)
 	}

 	// remove proxy protocol
@@ -224,7 +230,6 @@ func (s *SubJsonService) streamData(stream string) map[string]interface{} {
 	case "httpupgrade":
 		streamSettings["httpupgradeSettings"] = s.removeAcceptProxy(streamSettings["httpupgradeSettings"])
 	}
-
 	return streamSettings
 }

@@ -283,6 +288,9 @@ func (s *SubJsonService) genVnext(inbound *model.Inbound, streamSettings json_ut

 	usersData[0].ID = client.ID
 	usersData[0].Level = 8
+	if inbound.Protocol == model.VMESS {
+		usersData[0].Security = client.Security
+	}
 	if inbound.Protocol == model.VLESS {
 		usersData[0].Flow = client.Flow
 		usersData[0].Encryption = "none"
@@ -372,6 +380,7 @@ type UserVnext struct {
 	Encryption string `json:"encryption,omitempty"`
 	Flow       string `json:"flow,omitempty"`
 	ID         string `json:"id"`
+	Security   string `json:"security,omitempty"`
 	Level      int    `json:"level"`
 }

--- a/sub/subService.go
+++ b/sub/subService.go
@@ -168,7 +168,7 @@ func (s *SubService) getLink(inbound *model.Inbound, email string) string {
 }

 func (s *SubService) genVmessLink(inbound *model.Inbound, email string) string {
-	if inbound.Protocol != model.VMess {
+	if inbound.Protocol != model.VMESS {
 		return ""
 	}
 	obj := map[string]interface{}{
@@ -202,24 +202,12 @@ func (s *SubService) genVmessLink(inbound *model.Inbound, email string) string {
 	case "ws":
 		ws, _ := stream["wsSettings"].(map[string]interface{})
 		obj["path"] = ws["path"].(string)
-		obj["host"] = ws["host"].(string)
-		if headers, ok := ws["headers"].(map[string]interface{}); ok {
-			hostFromHeaders := searchHost(headers)
-			if hostFromHeaders != "" {
-				obj["host"] = hostFromHeaders
-			}
+		if host, ok := ws["host"].(string); ok && len(host) > 0 {
+			obj["host"] = host
+		} else {
+			headers, _ := ws["headers"].(map[string]interface{})
+			obj["host"] = searchHost(headers)
 		}
-	case "http":
-		obj["net"] = "h2"
-		http, _ := stream["httpSettings"].(map[string]interface{})
-		obj["path"], _ = http["path"].(string)
-		obj["host"] = searchHost(http)
-	case "quic":
-		quic, _ := stream["quicSettings"].(map[string]interface{})
-		header := quic["header"].(map[string]interface{})
-		obj["type"], _ = header["type"].(string)
-		obj["host"], _ = quic["security"].(string)
-		obj["path"], _ = quic["key"].(string)
 	case "grpc":
 		grpc, _ := stream["grpcSettings"].(map[string]interface{})
 		obj["path"] = grpc["serviceName"].(string)
@@ -230,13 +218,22 @@ func (s *SubService) genVmessLink(inbound *model.Inbound, email string) string {
 	case "httpupgrade":
 		httpupgrade, _ := stream["httpupgradeSettings"].(map[string]interface{})
 		obj["path"] = httpupgrade["path"].(string)
-		obj["host"] = httpupgrade["host"].(string)
-		if headers, ok := httpupgrade["headers"].(map[string]interface{}); ok {
-			hostFromHeaders := searchHost(headers)
-			if hostFromHeaders != "" {
-				obj["host"] = hostFromHeaders
-			}
+		if host, ok := httpupgrade["host"].(string); ok && len(host) > 0 {
+			obj["host"] = host
+		} else {
+			headers, _ := httpupgrade["headers"].(map[string]interface{})
+			obj["host"] = searchHost(headers)
 		}
+	case "xhttp":
+		xhttp, _ := stream["xhttpSettings"].(map[string]interface{})
+		obj["path"] = xhttp["path"].(string)
+		if host, ok := xhttp["host"].(string); ok && len(host) > 0 {
+			obj["host"] = host
+		} else {
+			headers, _ := xhttp["headers"].(map[string]interface{})
+			obj["host"] = searchHost(headers)
+		}
+		obj["mode"] = xhttp["mode"].(string)
 	}
 	security, _ := stream["security"].(string)
 	obj["tls"] = security
@@ -274,6 +271,7 @@ func (s *SubService) genVmessLink(inbound *model.Inbound, email string) string {
 		}
 	}
 	obj["id"] = clients[clientIndex].ID
+	obj["scy"] = clients[clientIndex].Security

 	externalProxies, _ := stream["externalProxy"].([]interface{})

@@ -352,24 +350,12 @@ func (s *SubService) genVlessLink(inbound *model.Inbound, email string) string {
 	case "ws":
 		ws, _ := stream["wsSettings"].(map[string]interface{})
 		params["path"] = ws["path"].(string)
-		params["host"] = ws["host"].(string)
-		headers, _ := ws["headers"].(map[string]interface{})
-		if headers != nil {
-			hostFromHeaders := searchHost(headers)
-			if hostFromHeaders != "" {
-				params["host"] = hostFromHeaders
-			}
+		if host, ok := ws["host"].(string); ok && len(host) > 0 {
+			params["host"] = host
+		} else {
+			headers, _ := ws["headers"].(map[string]interface{})
+			params["host"] = searchHost(headers)
 		}
-	case "http":
-		http, _ := stream["httpSettings"].(map[string]interface{})
-		params["path"] = http["path"].(string)
-		params["host"] = searchHost(http)
-	case "quic":
-		quic, _ := stream["quicSettings"].(map[string]interface{})
-		params["quicSecurity"] = quic["security"].(string)
-		params["key"] = quic["key"].(string)
-		header := quic["header"].(map[string]interface{})
-		params["headerType"] = header["type"].(string)
 	case "grpc":
 		grpc, _ := stream["grpcSettings"].(map[string]interface{})
 		params["serviceName"] = grpc["serviceName"].(string)
@@ -380,14 +366,22 @@ func (s *SubService) genVlessLink(inbound *model.Inbound, email string) string {
 	case "httpupgrade":
 		httpupgrade, _ := stream["httpupgradeSettings"].(map[string]interface{})
 		params["path"] = httpupgrade["path"].(string)
-		params["host"] = httpupgrade["host"].(string)
-		headers, _ := httpupgrade["headers"].(map[string]interface{})
-		if headers != nil {
-			hostFromHeaders := searchHost(headers)
-			if hostFromHeaders != "" {
-				params["host"] = hostFromHeaders
-			}
+		if host, ok := httpupgrade["host"].(string); ok && len(host) > 0 {
+			params["host"] = host
+		} else {
+			headers, _ := httpupgrade["headers"].(map[string]interface{})
+			params["host"] = searchHost(headers)
 		}
+	case "xhttp":
+		xhttp, _ := stream["xhttpSettings"].(map[string]interface{})
+		params["path"] = xhttp["path"].(string)
+		if host, ok := xhttp["host"].(string); ok && len(host) > 0 {
+			params["host"] = host
+		} else {
+			headers, _ := xhttp["headers"].(map[string]interface{})
+			params["host"] = searchHost(headers)
+		}
+		params["mode"] = xhttp["mode"].(string)
 	}
 	security, _ := stream["security"].(string)
 	if security == "tls" {
@@ -451,38 +445,7 @@ func (s *SubService) genVlessLink(inbound *model.Inbound, email string) string {
 		}
 	}

-	if security == "xtls" {
-		params["security"] = "xtls"
-		xtlsSetting, _ := stream["xtlsSettings"].(map[string]interface{})
-		alpns, _ := xtlsSetting["alpn"].([]interface{})
-		var alpn []string
-		for _, a := range alpns {
-			alpn = append(alpn, a.(string))
-		}
-		if len(alpn) > 0 {
-			params["alpn"] = strings.Join(alpn, ",")
-		}
-		if sniValue, ok := searchKey(xtlsSetting, "serverName"); ok {
-			params["sni"], _ = sniValue.(string)
-		}
-		xtlsSettings, _ := searchKey(xtlsSetting, "settings")
-		if xtlsSetting != nil {
-			if fpValue, ok := searchKey(xtlsSettings, "fingerprint"); ok {
-				params["fp"], _ = fpValue.(string)
-			}
-			if insecure, ok := searchKey(xtlsSettings, "allowInsecure"); ok {
-				if insecure.(bool) {
-					params["allowInsecure"] = "1"
-				}
-			}
-		}
-
-		if streamNetwork == "tcp" && len(clients[clientIndex].Flow) > 0 {
-			params["flow"] = clients[clientIndex].Flow
-		}
-	}
-
-	if security != "tls" && security != "reality" && security != "xtls" {
+	if security != "tls" && security != "reality" {
 		params["security"] = "none"
 	}

@@ -581,24 +544,12 @@ func (s *SubService) genTrojanLink(inbound *model.Inbound, email string) string
 	case "ws":
 		ws, _ := stream["wsSettings"].(map[string]interface{})
 		params["path"] = ws["path"].(string)
-		params["host"] = ws["host"].(string)
-		headers, _ := ws["headers"].(map[string]interface{})
-		if headers != nil {
-			hostFromHeaders := searchHost(headers)
-			if hostFromHeaders != "" {
-				params["host"] = hostFromHeaders
-			}
+		if host, ok := ws["host"].(string); ok && len(host) > 0 {
+			params["host"] = host
+		} else {
+			headers, _ := ws["headers"].(map[string]interface{})
+			params["host"] = searchHost(headers)
 		}
-	case "http":
-		http, _ := stream["httpSettings"].(map[string]interface{})
-		params["path"] = http["path"].(string)
-		params["host"] = searchHost(http)
-	case "quic":
-		quic, _ := stream["quicSettings"].(map[string]interface{})
-		params["quicSecurity"] = quic["security"].(string)
-		params["key"] = quic["key"].(string)
-		header := quic["header"].(map[string]interface{})
-		params["headerType"] = header["type"].(string)
 	case "grpc":
 		grpc, _ := stream["grpcSettings"].(map[string]interface{})
 		params["serviceName"] = grpc["serviceName"].(string)
@@ -609,14 +560,22 @@ func (s *SubService) genTrojanLink(inbound *model.Inbound, email string) string
 	case "httpupgrade":
 		httpupgrade, _ := stream["httpupgradeSettings"].(map[string]interface{})
 		params["path"] = httpupgrade["path"].(string)
-		params["host"] = httpupgrade["host"].(string)
-		headers, _ := httpupgrade["headers"].(map[string]interface{})
-		if headers != nil {
-			hostFromHeaders := searchHost(headers)
-			if hostFromHeaders != "" {
-				params["host"] = hostFromHeaders
-			}
+		if host, ok := httpupgrade["host"].(string); ok && len(host) > 0 {
+			params["host"] = host
+		} else {
+			headers, _ := httpupgrade["headers"].(map[string]interface{})
+			params["host"] = searchHost(headers)
 		}
+	case "xhttp":
+		xhttp, _ := stream["xhttpSettings"].(map[string]interface{})
+		params["path"] = xhttp["path"].(string)
+		if host, ok := xhttp["host"].(string); ok && len(host) > 0 {
+			params["host"] = host
+		} else {
+			headers, _ := xhttp["headers"].(map[string]interface{})
+			params["host"] = searchHost(headers)
+		}
+		params["mode"] = xhttp["mode"].(string)
 	}
 	security, _ := stream["security"].(string)
 	if security == "tls" {
@@ -676,39 +635,7 @@ func (s *SubService) genTrojanLink(inbound *model.Inbound, email string) string
 		}
 	}

-	if security == "xtls" {
-		params["security"] = "xtls"
-		xtlsSetting, _ := stream["xtlsSettings"].(map[string]interface{})
-		alpns, _ := xtlsSetting["alpn"].([]interface{})
-		var alpn []string
-		for _, a := range alpns {
-			alpn = append(alpn, a.(string))
-		}
-		if len(alpn) > 0 {
-			params["alpn"] = strings.Join(alpn, ",")
-		}
-		if sniValue, ok := searchKey(xtlsSetting, "serverName"); ok {
-			params["sni"], _ = sniValue.(string)
-		}
-
-		xtlsSettings, _ := searchKey(xtlsSetting, "settings")
-		if xtlsSetting != nil {
-			if fpValue, ok := searchKey(xtlsSettings, "fingerprint"); ok {
-				params["fp"], _ = fpValue.(string)
-			}
-			if insecure, ok := searchKey(xtlsSettings, "allowInsecure"); ok {
-				if insecure.(bool) {
-					params["allowInsecure"] = "1"
-				}
-			}
-		}
-
-		if streamNetwork == "tcp" && len(clients[clientIndex].Flow) > 0 {
-			params["flow"] = clients[clientIndex].Flow
-		}
-	}
-
-	if security != "tls" && security != "reality" && security != "xtls" {
+	if security != "tls" && security != "reality" {
 		params["security"] = "none"
 	}

@@ -811,24 +738,12 @@ func (s *SubService) genShadowsocksLink(inbound *model.Inbound, email string) st
 	case "ws":
 		ws, _ := stream["wsSettings"].(map[string]interface{})
 		params["path"] = ws["path"].(string)
-		params["host"] = ws["host"].(string)
-		headers, _ := ws["headers"].(map[string]interface{})
-		if headers != nil {
-			hostFromHeaders := searchHost(headers)
-			if hostFromHeaders != "" {
-				params["host"] = hostFromHeaders
-			}
+		if host, ok := ws["host"].(string); ok && len(host) > 0 {
+			params["host"] = host
+		} else {
+			headers, _ := ws["headers"].(map[string]interface{})
+			params["host"] = searchHost(headers)
 		}
-	case "http":
-		http, _ := stream["httpSettings"].(map[string]interface{})
-		params["path"] = http["path"].(string)
-		params["host"] = searchHost(http)
-	case "quic":
-		quic, _ := stream["quicSettings"].(map[string]interface{})
-		params["quicSecurity"] = quic["security"].(string)
-		params["key"] = quic["key"].(string)
-		header := quic["header"].(map[string]interface{})
-		params["headerType"] = header["type"].(string)
 	case "grpc":
 		grpc, _ := stream["grpcSettings"].(map[string]interface{})
 		params["serviceName"] = grpc["serviceName"].(string)
@@ -839,14 +754,22 @@ func (s *SubService) genShadowsocksLink(inbound *model.Inbound, email string) st
 	case "httpupgrade":
 		httpupgrade, _ := stream["httpupgradeSettings"].(map[string]interface{})
 		params["path"] = httpupgrade["path"].(string)
-		params["host"] = httpupgrade["host"].(string)
-		headers, _ := httpupgrade["headers"].(map[string]interface{})
-		if headers != nil {
-			hostFromHeaders := searchHost(headers)
-			if hostFromHeaders != "" {
-				params["host"] = hostFromHeaders
-			}
+		if host, ok := httpupgrade["host"].(string); ok && len(host) > 0 {
+			params["host"] = host
+		} else {
+			headers, _ := httpupgrade["headers"].(map[string]interface{})
+			params["host"] = searchHost(headers)
 		}
+	case "xhttp":
+		xhttp, _ := stream["xhttpSettings"].(map[string]interface{})
+		params["path"] = xhttp["path"].(string)
+		if host, ok := xhttp["host"].(string); ok && len(host) > 0 {
+			params["host"] = host
+		} else {
+			headers, _ := xhttp["headers"].(map[string]interface{})
+			params["host"] = searchHost(headers)
+		}
+		params["mode"] = xhttp["mode"].(string)
 	}

 	security, _ := stream["security"].(string)
@@ -985,9 +908,36 @@ func (s *SubService) genRemark(inbound *model.Inbound, email string, extra strin
 			now := time.Now().Unix()
 			switch exp := stats.ExpiryTime / 1000; {
 			case exp > 0:
-				remark = append(remark, fmt.Sprintf("%d%s⏳", (exp-now)/86400, "Days"))
+				remainingSeconds := exp - now
+				days := remainingSeconds / 86400
+				hours := (remainingSeconds % 86400) / 3600
+				minutes := (remainingSeconds % 3600) / 60
+				if days > 0 {
+					if hours > 0 {
+						remark = append(remark, fmt.Sprintf("%dD,%dH⏳", days, hours))
+					} else {
+						remark = append(remark, fmt.Sprintf("%dD⏳", days))
+					}
+				} else if hours > 0 {
+					remark = append(remark, fmt.Sprintf("%dH⏳", hours))
+				} else {
+					remark = append(remark, fmt.Sprintf("%dM⏳", minutes))
+				}
 			case exp < 0:
-				remark = append(remark, fmt.Sprintf("%d%s⏳", exp/-86400, "Days"))
+				days := exp / -86400
+				hours := (exp % -86400) / 3600
+				minutes := (exp % -3600) / 60
+				if days > 0 {
+					if hours > 0 {
+						remark = append(remark, fmt.Sprintf("%dD,%dH⏳", days, hours))
+					} else {
+						remark = append(remark, fmt.Sprintf("%dD⏳", days))
+					}
+				} else if hours > 0 {
+					remark = append(remark, fmt.Sprintf("%dH⏳", hours))
+				} else {
+					remark = append(remark, fmt.Sprintf("%dM⏳", minutes))
+				}
 			}
 		}
 	}
--- a/util/common/format.go
+++ b/util/common/format.go
@@ -4,18 +4,14 @@ import (
 	"fmt"
 )

-func FormatTraffic(trafficBytes int64) (size string) {
-	if trafficBytes < 1024 {
-		return fmt.Sprintf("%.2fB", float64(trafficBytes)/float64(1))
-	} else if trafficBytes < (1024 * 1024) {
-		return fmt.Sprintf("%.2fKB", float64(trafficBytes)/float64(1024))
-	} else if trafficBytes < (1024 * 1024 * 1024) {
-		return fmt.Sprintf("%.2fMB", float64(trafficBytes)/float64(1024*1024))
-	} else if trafficBytes < (1024 * 1024 * 1024 * 1024) {
-		return fmt.Sprintf("%.2fGB", float64(trafficBytes)/float64(1024*1024*1024))
-	} else if trafficBytes < (1024 * 1024 * 1024 * 1024 * 1024) {
-		return fmt.Sprintf("%.2fTB", float64(trafficBytes)/float64(1024*1024*1024*1024))
-	} else {
-		return fmt.Sprintf("%.2fEB", float64(trafficBytes)/float64(1024*1024*1024*1024*1024))
+func FormatTraffic(trafficBytes int64) string {
+	units := []string{"B", "KB", "MB", "GB", "TB", "PB"}
+	unitIndex := 0
+	size := float64(trafficBytes)
+
+	for size >= 1024 && unitIndex < len(units)-1 {
+		size /= 1024
+		unitIndex++
 	}
+	return fmt.Sprintf("%.2f%s", size, units[unitIndex])
 }
--- a/util/sys/psutil.go
+++ b/util/sys/psutil.go
@@ -4,5 +4,5 @@ import (
 	_ "unsafe"
 )

-//go:linkname HostProc github.com/shirou/gopsutil/v3/internal/common.HostProc
+//go:linkname HostProc github.com/shirou/gopsutil/v4/internal/common.HostProc
 func HostProc(combineWith ...string) string
--- a/util/sys/sys_darwin.go
+++ b/util/sys/sys_darwin.go
@@ -4,7 +4,7 @@
 package sys

 import (
-	"github.com/shirou/gopsutil/v3/net"
+	"github.com/shirou/gopsutil/v4/net"
 )

 func GetTCPCount() (int, error) {
--- a/util/sys/sys_windows.go
+++ b/util/sys/sys_windows.go
@@ -6,7 +6,7 @@ package sys
 import (
 	"errors"

-	"github.com/shirou/gopsutil/v3/net"
+	"github.com/shirou/gopsutil/v4/net"
 )

 func GetConnectionCount(proto string) (int, error) {
--- a/web/assets/axios/axios.min.js
+++ b/web/assets/axios/axios.min.js
--- a/web/assets/base64/base64.min.js
+++ b/web/assets/base64/base64.min.js
@@ -1 +0,0 @@
-(function(global,factory){typeof exports==="object"&&typeof module!=="undefined"?module.exports=factory(global):typeof define==="function"&&define.amd?define(factory):factory(global)})(typeof self!=="undefined"?self:typeof window!=="undefined"?window:typeof global!=="undefined"?global:this,function(global){"use strict";var _Base64=global.Base64;var version="2.5.0";var buffer;if(typeof module!=="undefined"&&module.exports){try{buffer=eval("require('buffer').Buffer")}catch(err){buffer=undefined}}var b64chars="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";var b64tab=function(bin){var t={};for(var i=0,l=bin.length;i<l;i++)t[bin.charAt(i)]=i;return t}(b64chars);var fromCharCode=String.fromCharCode;var cb_utob=function(c){if(c.length<2){var cc=c.charCodeAt(0);return cc<128?c:cc<2048?fromCharCode(192|cc>>>6)+fromCharCode(128|cc&63):fromCharCode(224|cc>>>12&15)+fromCharCode(128|cc>>>6&63)+fromCharCode(128|cc&63)}else{var cc=65536+(c.charCodeAt(0)-55296)*1024+(c.charCodeAt(1)-56320);return fromCharCode(240|cc>>>18&7)+fromCharCode(128|cc>>>12&63)+fromCharCode(128|cc>>>6&63)+fromCharCode(128|cc&63)}};var re_utob=/[\uD800-\uDBFF][\uDC00-\uDFFFF]|[^\x00-\x7F]/g;var utob=function(u){return u.replace(re_utob,cb_utob)};var cb_encode=function(ccc){var padlen=[0,2,1][ccc.length%3],ord=ccc.charCodeAt(0)<<16|(ccc.length>1?ccc.charCodeAt(1):0)<<8|(ccc.length>2?ccc.charCodeAt(2):0),chars=[b64chars.charAt(ord>>>18),b64chars.charAt(ord>>>12&63),padlen>=2?"=":b64chars.charAt(ord>>>6&63),padlen>=1?"=":b64chars.charAt(ord&63)];return chars.join("")};var btoa=global.btoa?function(b){return global.btoa(b)}:function(b){return b.replace(/[\s\S]{1,3}/g,cb_encode)};var _encode=buffer?buffer.from&&Uint8Array&&buffer.from!==Uint8Array.from?function(u){return(u.constructor===buffer.constructor?u:buffer.from(u)).toString("base64")}:function(u){return(u.constructor===buffer.constructor?u:new buffer(u)).toString("base64")}:function(u){return btoa(utob(u))};var encode=function(u,urisafe){return!urisafe?_encode(String(u)):_encode(String(u)).replace(/[+\/]/g,function(m0){return m0=="+"?"-":"_"}).replace(/=/g,"")};var encodeURI=function(u){return encode(u,true)};var re_btou=new RegExp(["[À-ß][-¿]","[à-ï][-¿]{2}","[ð-÷][-¿]{3}"].join("|"),"g");var cb_btou=function(cccc){switch(cccc.length){case 4:var cp=(7&cccc.charCodeAt(0))<<18|(63&cccc.charCodeAt(1))<<12|(63&cccc.charCodeAt(2))<<6|63&cccc.charCodeAt(3),offset=cp-65536;return fromCharCode((offset>>>10)+55296)+fromCharCode((offset&1023)+56320);case 3:return fromCharCode((15&cccc.charCodeAt(0))<<12|(63&cccc.charCodeAt(1))<<6|63&cccc.charCodeAt(2));default:return fromCharCode((31&cccc.charCodeAt(0))<<6|63&cccc.charCodeAt(1))}};var btou=function(b){return b.replace(re_btou,cb_btou)};var cb_decode=function(cccc){var len=cccc.length,padlen=len%4,n=(len>0?b64tab[cccc.charAt(0)]<<18:0)|(len>1?b64tab[cccc.charAt(1)]<<12:0)|(len>2?b64tab[cccc.charAt(2)]<<6:0)|(len>3?b64tab[cccc.charAt(3)]:0),chars=[fromCharCode(n>>>16),fromCharCode(n>>>8&255),fromCharCode(n&255)];chars.length-=[0,0,2,1][padlen];return chars.join("")};var _atob=global.atob?function(a){return global.atob(a)}:function(a){return a.replace(/\S{1,4}/g,cb_decode)};var atob=function(a){return _atob(String(a).replace(/[^A-Za-z0-9\+\/]/g,""))};var _decode=buffer?buffer.from&&Uint8Array&&buffer.from!==Uint8Array.from?function(a){return(a.constructor===buffer.constructor?a:buffer.from(a,"base64")).toString()}:function(a){return(a.constructor===buffer.constructor?a:new buffer(a,"base64")).toString()}:function(a){return btou(_atob(a))};var decode=function(a){return _decode(String(a).replace(/[-_]/g,function(m0){return m0=="-"?"+":"/"}).replace(/[^A-Za-z0-9\+\/]/g,""))};var noConflict=function(){var Base64=global.Base64;global.Base64=_Base64;return Base64};global.Base64={VERSION:version,atob:atob,btoa:btoa,fromBase64:decode,toBase64:encode,utob:utob,encode:encode,encodeURI:encodeURI,btou:btou,decode:decode,noConflict:noConflict,__buffer__:buffer};if(typeof Object.defineProperty==="function"){var noEnum=function(v){return{value:v,enumerable:false,writable:true,configurable:true}};global.Base64.extendString=function(){Object.defineProperty(String.prototype,"fromBase64",noEnum(function(){return decode(this)}));Object.defineProperty(String.prototype,"toBase64",noEnum(function(urisafe){return encode(this,urisafe)}));Object.defineProperty(String.prototype,"toBase64URI",noEnum(function(){return encode(this,true)}))}}if(global["Meteor"]){Base64=global.Base64}if(typeof module!=="undefined"&&module.exports){module.exports.Base64=global.Base64}else if(typeof define==="function"&&define.amd){define([],function(){return global.Base64})}return{Base64:global.Base64}});
--- a/web/assets/clipboard/clipboard.min.js
+++ b/web/assets/clipboard/clipboard.min.js
--- a/web/assets/codemirror/hint/javascript-hint.js
+++ b/web/assets/codemirror/hint/javascript-hint.js
@@ -63,7 +63,7 @@
    return scriptHint(editor, javascriptKeywords,
                      function (e, cur) {return e.getTokenAt(cur);},
                      options);
-  };
+  }
  CodeMirror.registerHelper("hint", "javascript", javascriptHint);

  function getCoffeeScriptToken(editor, cur) {
--- a/web/assets/codemirror/javascript.js
+++ b/web/assets/codemirror/javascript.js
@@ -362,7 +362,7 @@ CodeMirror.defineMode("javascript", function(config, parserConfig) {
      if (type == wanted) return cont();
      else if (wanted == ";" || type == "}" || type == ")" || type == "]") return pass();
      else return cont(exp);
-    };
+    }
    return exp;
  }

--- a/web/assets/codemirror/lint/lint.css
+++ b/web/assets/codemirror/lint/lint.css
@@ -6,7 +6,7 @@
 .CodeMirror-lint-tooltip {
  background-color: #ffd;
  border: 1px solid black;
-  border-radius: 4px 4px 4px 4px;
+  border-radius: 4px;
  color: black;
  font-family: monospace;
  font-size: 10pt;
--- a/web/assets/css/custom.min.css
+++ b/web/assets/css/custom.min.css
--- a/web/assets/js/langs.js
+++ b/web/assets/js/langs.js
@@ -1,83 +0,0 @@
-const supportLangs = [
-    {
-        name: 'English',
-        value: 'en-US',
-        icon: '🇺🇸',
-    },
-    {
-        name: 'فارسی',
-        value: 'fa-IR',
-        icon: '🇮🇷',
-    },
-    {
-        name: '汉语',
-        value: 'zh-Hans',
-        icon: '🇨🇳',
-    },
-    {
-        name: 'Русский',
-        value: 'ru-RU',
-        icon: '🇷🇺',
-    },
-    {
-        name: 'Tiếng Việt',
-        value: 'vi-VN',
-        icon: '🇻🇳',
-    },
-    {
-        name: 'Español',
-        value: 'es-ES',
-        icon: '🇪🇸',
-    },
-    {
-        name: 'Indonesian',
-        value: 'id-ID',
-        icon: '🇮🇩',
-    },
-    {
-        name: 'Український',
-        value: 'uk-UA',
-        icon: '🇺🇦',
-    },
-];
-
-function getLang() {
-    let lang = getCookie('lang');
-
-    if (!lang) {
-        if (window.navigator) {
-            lang = window.navigator.language || window.navigator.userLanguage;
-
-            if (isSupportLang(lang)) {
-                setCookie('lang', lang, 150);
-            } else {
-                setCookie('lang', 'en-US', 150);
-                window.location.reload();
-            }
-        } else {
-            setCookie('lang', 'en-US', 150);
-            window.location.reload();
-        }
-    }
-
-    return lang;
-}
-
-function setLang(lang) {
-    if (!isSupportLang(lang)) {
-        lang = 'en-US';
-    }
-
-    setCookie('lang', lang, 150);
-    window.location.reload();
-}
-
-function isSupportLang(lang) {
-    for (l of supportLangs) {
-        if (l.value === lang) {
-            return true;
-        }
-    }
-
-    return false;
-}
--- a/web/assets/js/model/dbinbound.js
+++ b/web/assets/js/model/dbinbound.js
@@ -25,11 +25,11 @@ class DBInbound {
    }

    get totalGB() {
-        return toFixed(this.total / ONE_GB, 2);
+        return NumberFormatter.toFixed(this.total / SizeFormatter.ONE_GB, 2);
    }

    set totalGB(gb) {
-        this.total = toFixed(gb * ONE_GB, 0);
+        this.total = NumberFormatter.toFixed(gb * SizeFormatter.ONE_GB, 0);
    }

    get isVMess() {
@@ -140,9 +140,9 @@ class DBInbound {
                return false;
        }
    }
-    
-	genInboundLinks(remarkModel) {
+
+    genInboundLinks(remarkModel) {
        const inbound = this.toInbound();
-        return inbound.genInboundLinks(this.remark,remarkModel);
+        return inbound.genInboundLinks(this.remark, remarkModel);
    }
 }
--- a/web/assets/js/model/inbound.js
+++ b/web/assets/js/model/inbound.js
--- a/web/assets/js/model/outbound.js
+++ b/web/assets/js/model/outbound.js
--- a/web/assets/js/model/setting.js
+++ b/web/assets/js/model/setting.js
@@ -7,41 +7,45 @@ class AllSetting {
        this.webCertFile = "";
        this.webKeyFile = "";
        this.webBasePath = "/";
-        this.sessionMaxAge = "";
-        this.pageSize = 0;
-        this.expireDiff = "";
-        this.trafficDiff = "";
+        this.sessionMaxAge = 60;
+        this.pageSize = 50;
+        this.expireDiff = 0;
+        this.trafficDiff = 0;
        this.remarkModel = "-ieo";
        this.datepicker = "gregorian";
        this.tgBotEnable = false;
        this.tgBotToken = "";
        this.tgBotProxy = "";
+        this.tgBotAPIServer = "";
        this.tgBotChatId = "";
        this.tgRunTime = "@daily";
        this.tgBotBackup = false;
-        this.tgBotLoginNotify = false;
-        this.tgCpu = "";
+        this.tgBotLoginNotify = true;
+        this.tgCpu = 80;
        this.tgLang = "en-US";
        this.xrayTemplateConfig = "";
        this.secretEnable = false;
        this.subEnable = false;
        this.subListen = "";
-        this.subPort = "2096";
+        this.subPort = 2096;
        this.subPath = "/sub/";
        this.subJsonPath = "/json/";
        this.subDomain = "";
+        this.externalTrafficInformEnable = false;
+        this.externalTrafficInformURI = "";
        this.subCertFile = "";
        this.subKeyFile = "";
-        this.subUpdates = 0;
+        this.subUpdates = 12;
        this.subEncrypt = true;
-        this.subShowInfo = false;
+        this.subShowInfo = true;
        this.subURI = "";
        this.subJsonURI = "";
        this.subJsonFragment = "";
+        this.subJsonNoises = "";
        this.subJsonMux = "";
        this.subJsonRules = "";

-        this.timeLocation = "Asia/Tehran";
+        this.timeLocation = "Local";

        if (data == null) {
            return
--- a/web/assets/js/util/common.js
+++ b/web/assets/js/util/common.js
@@ -1,194 +0,0 @@
-const ONE_KB = 1024;
-const ONE_MB = ONE_KB * 1024;
-const ONE_GB = ONE_MB * 1024;
-const ONE_TB = ONE_GB * 1024;
-const ONE_PB = ONE_TB * 1024;
-
-function sizeFormat(size) {
-    if (size < 0) {
-        return "0 B";
-    } else if (size < ONE_KB) {
-        return size.toFixed(0) + " B";
-    } else if (size < ONE_MB) {
-        return (size / ONE_KB).toFixed(2) + " KB";
-    } else if (size < ONE_GB) {
-        return (size / ONE_MB).toFixed(2) + " MB";
-    } else if (size < ONE_TB) {
-        return (size / ONE_GB).toFixed(2) + " GB";
-    } else if (size < ONE_PB) {
-        return (size / ONE_TB).toFixed(2) + " TB";
-    } else {
-        return (size / ONE_PB).toFixed(2) + " PB";
-    }
-}
-
-function cpuSpeedFormat(speed) {
-    if (speed > 1000) {
-        const GHz = speed / 1000;
-        return GHz.toFixed(2) + " GHz";
-    } else {
-        return speed.toFixed(2) + " MHz";
-    }
-}
-
-function cpuCoreFormat(cores) {
-    if (cores === 1) {
-        return "1 Core";
-    } else {
-        return cores + " Cores";
-    }
-}
-
-function base64(str) {
-    return Base64.encode(str);
-}
-
-function safeBase64(str) {
-    return base64(str)
-        .replace(/\+/g, '-')
-        .replace(/=/g, '')
-        .replace(/\//g, '_');
-}
-
-function formatSecond(second) {
-    if (second < 60) {
-        return second.toFixed(0) + 's';
-    } else if (second < 3600) {
-        return (second / 60).toFixed(0) + 'm';
-    } else if (second < 3600 * 24) {
-        return (second / 3600).toFixed(0) + 'h';
-    } else {
-        day = Math.floor(second / 3600 / 24);
-        remain = ((second/3600) - (day*24)).toFixed(0);
-        return day + 'd' + (remain > 0 ? ' ' + remain + 'h' : '');
-    }
-}
-
-function addZero(num) {
-    if (num < 10) {
-        return "0" + num;
-    } else {
-        return num;
-    }
-}
-
-function toFixed(num, n) {
-    n = Math.pow(10, n);
-    return Math.floor(num * n) / n;
-}
-
-function debounce(fn, delay) {
-    var timeoutID = null;
-    return function () {
-        clearTimeout(timeoutID);
-        var args = arguments;
-        var that = this;
-        timeoutID = setTimeout(function () {
-            fn.apply(that, args);
-        }, delay);
-    };
-}
-
-function getCookie(cname) {
-    let name = cname + '=';
-    let ca = document.cookie.split(';');
-    for (let i = 0; i < ca.length; i++) {
-        let c = ca[i];
-        while (c.charAt(0) == ' ') {
-            c = c.substring(1);
-        }
-        if (c.indexOf(name) == 0) {
-            // decode cookie value only
-            return decodeURIComponent(c.substring(name.length, c.length));
-        }
-    }
-    return '';
-}
-
-
-function setCookie(cname, cvalue, exdays) {
-    const d = new Date();
-    d.setTime(d.getTime() + exdays * 24 * 60 * 60 * 1000);
-    let expires = 'expires=' + d.toUTCString();
-    // encode cookie value
-    document.cookie = cname + '=' + encodeURIComponent(cvalue) + ';' + expires + ';path=/';
-}
-
-function usageColor(data, threshold, total) {
-    switch (true) {
-        case data === null:
-            return "purple";
-        case total < 0:
-            return "green";
-        case total == 0:
-            return "purple";
-        case data < total - threshold:
-            return "green";
-        case data < total:
-            return "orange";
-        default:
-            return "red";
-    }
-}
-
-function clientUsageColor(clientStats, trafficDiff) {
-    switch (true) {
-        case !clientStats || clientStats.total == 0:
-            return "#7a316f"; // purple
-        case clientStats.up + clientStats.down < clientStats.total - trafficDiff:
-            return "#008771"; // Green
-        case clientStats.up + clientStats.down < clientStats.total:
-            return "#f37b24"; // Orange
-        default:
-            return "#cf3c3c"; // Red
-    }
-}
-
-function userExpiryColor(threshold, client, isDark = false) {
-    if (!client.enable) {
-        return isDark ? '#2c3950' : '#bcbcbc';
-    }
-    now = new Date().getTime(),
-    expiry = client.expiryTime;
-    switch (true) {
-        case expiry === null:
-            return "#7a316f"; // purple
-        case expiry < 0:
-            return "#008771"; // Green
-        case expiry == 0:
-            return "#7a316f"; // purple
-        case now < expiry - threshold:
-            return "#008771"; // Green
-        case now < expiry:
-            return "#f37b24"; // Orange
-        default:
-            return "#cf3c3c"; // Red
-    }
-}
-
-function doAllItemsExist(array1, array2) {
-    for (let i = 0; i < array1.length; i++) {
-        if (!array2.includes(array1[i])) {
-            return false;
-        }
-    }
-    return true;
-}
-
-function buildURL({ host, port, isTLS, base, path }) {
-    if (!host || host.length === 0) host = window.location.hostname;
-    if (!port || port.length === 0) port = window.location.port;
-
-    if (isTLS === undefined) isTLS = window.location.protocol === "https:";
-
-    const protocol = isTLS ? "https:" : "http:";
-
-    port = String(port);
-    if (port === "" || (isTLS && port === "443") || (!isTLS && port === "80")) {
-        port = "";
-    } else {
-        port = `:${port}`;
-    }
-
-    return `${protocol}//${host}${port}${base}${path}`;
-}
--- a/web/assets/js/util/date-util.js
+++ b/web/assets/js/util/date-util.js
@@ -108,14 +108,14 @@ Date.prototype.setMaxTime = function () {
 * Formatting date
 */
 Date.prototype.formatDate = function () {
-    return this.getFullYear() + "-" + addZero(this.getMonth() + 1) + "-" + addZero(this.getDate());
+    return this.getFullYear() + "-" + NumberFormatter.addZero(this.getMonth() + 1) + "-" + NumberFormatter.addZero(this.getDate());
 };

 /**
 * Format time
 */
 Date.prototype.formatTime = function () {
-    return addZero(this.getHours()) + ":" + addZero(this.getMinutes()) + ":" + addZero(this.getSeconds());
+    return NumberFormatter.addZero(this.getHours()) + ":" + NumberFormatter.addZero(this.getMinutes()) + ":" + NumberFormatter.addZero(this.getSeconds());
 };

 /**
@@ -128,7 +128,7 @@ Date.prototype.formatDateTime = function (split = ' ') {
 };

 class DateUtil {
-    // String string to date object
+    // String to date object
    static parseDate(str) {
        return new Date(str.replace(/-/g, '/'));
    }
@@ -143,4 +143,9 @@ class DateUtil {
        date.setMinTime();
        return date;
    }
+
+    static convertToJalalian(date) {
+        return date && moment.isMoment(date) ? date.format('jYYYY/jMM/jDD HH:mm:ss') : null;
+    }
+
 }
--- a/web/assets/js/util/index.js
+++ b/web/assets/js/util/index.js
@@ -0,0 +1,783 @@
+class Msg {
+    constructor(success = false, msg = "", obj = null) {
+        this.success = success;
+        this.msg = msg;
+        this.obj = obj;
+    }
+}
+
+class HttpUtil {
+    static _handleMsg(msg) {
+        if (!(msg instanceof Msg) || msg.msg === "") {
+            return;
+        }
+        const messageType = msg.success ? 'success' : 'error';
+        Vue.prototype.$message[messageType](msg.msg);
+    }
+
+    static _respToMsg(resp) {
+        if (!resp || !resp.data) {
+            return new Msg(false, 'No response data');
+        }
+        const { data } = resp;
+        if (data == null) {
+            return new Msg(true);
+        }
+        if (typeof data === 'object' && 'success' in data) {
+            return new Msg(data.success, data.msg, data.obj);
+        }
+        return typeof data === 'object' ? data : new Msg(false, 'unknown data:', data);
+    }
+
+    static async get(url, params, options = {}) {
+        try {
+            const resp = await axios.get(url, { params, ...options });
+            const msg = this._respToMsg(resp);
+            this._handleMsg(msg);
+            return msg;
+        } catch (error) {
+            console.error('GET request failed:', error);
+            const errorMsg = new Msg(false, error.response?.data?.message || error.message || 'Request failed');
+            this._handleMsg(errorMsg);
+            return errorMsg;
+        }
+    }
+
+    static async post(url, data, options = {}) {
+        try {
+            const resp = await axios.post(url, data, options);
+            const msg = this._respToMsg(resp);
+            this._handleMsg(msg);
+            return msg;
+        } catch (error) {
+            console.error('POST request failed:', error);
+            const errorMsg = new Msg(false, error.response?.data?.message || error.message || 'Request failed');
+            this._handleMsg(errorMsg);
+            return errorMsg;
+        }
+    }
+
+    static async postWithModal(url, data, modal) {
+        if (modal) {
+            modal.loading(true);
+        }
+        const msg = await this.post(url, data);
+        if (modal) {
+            modal.loading(false);
+            if (msg instanceof Msg && msg.success) {
+                modal.close();
+            }
+        }
+        return msg;
+    }
+}
+
+class PromiseUtil {
+    static async sleep(timeout) {
+        await new Promise(resolve => {
+            setTimeout(resolve, timeout)
+        });
+    }
+}
+
+class RandomUtil {
+    static getSeq({ type = "default", hasNumbers = true, hasLowercase = true, hasUppercase = true } = {}) {
+        let seq = '';
+        
+        switch (type) {
+            case "hex":
+                seq += "0123456789abcdef";
+                break;
+            default:
+                if (hasNumbers) seq += "0123456789";
+                if (hasLowercase) seq += "abcdefghijklmnopqrstuvwxyz";
+                if (hasUppercase) seq += "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
+                break;
+        }
+
+        return seq;
+    }
+
+    static randomInteger(min, max) {
+        const range = max - min + 1;
+        const randomBuffer = new Uint32Array(1);
+        window.crypto.getRandomValues(randomBuffer);
+        return Math.floor((randomBuffer[0] / (0xFFFFFFFF + 1)) * range) + min;
+    }
+
+    static randomSeq(count, options = {}) {
+        const seq = this.getSeq(options);
+        const seqLength = seq.length;
+        const randomValues = new Uint32Array(count);
+        window.crypto.getRandomValues(randomValues);
+        return Array.from(randomValues, v => seq[v % seqLength]).join('');
+    }
+
+    static randomShortIds() {
+        const lengths = [2, 4, 6, 8, 10, 12, 14, 16].sort(() => Math.random() - 0.5);
+
+        return lengths.map(len => this.randomSeq(len, { type: "hex" })).join(',');
+    }
+
+    static randomLowerAndNum(len) {
+        return this.randomSeq(len, { hasUppercase: false });
+    }
+
+    static randomUUID() {
+        if (window.location.protocol === "https:") {
+            return window.crypto.randomUUID();
+        } else {
+            return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'
+                .replace(/[xy]/g, function (c) {
+                    const randomValues = new Uint8Array(1);
+                    window.crypto.getRandomValues(randomValues);
+                    let randomValue = randomValues[0] % 16;
+                    let calculatedValue = (c === 'x') ? randomValue : (randomValue & 0x3 | 0x8);
+                    return calculatedValue.toString(16);
+                });
+        }
+    }
+
+    static randomShadowsocksPassword() {
+        const array = new Uint8Array(32);
+        window.crypto.getRandomValues(array);
+        return Base64.encode(String.fromCharCode(...array));
+    }
+}
+
+class ObjectUtil {
+    static getPropIgnoreCase(obj, prop) {
+        for (const name in obj) {
+            if (!obj.hasOwnProperty(name)) {
+                continue;
+            }
+            if (name.toLowerCase() === prop.toLowerCase()) {
+                return obj[name];
+            }
+        }
+        return undefined;
+    }
+
+    static deepSearch(obj, key) {
+        if (obj instanceof Array) {
+            for (let i = 0; i < obj.length; ++i) {
+                if (this.deepSearch(obj[i], key)) {
+                    return true;
+                }
+            }
+        } else if (obj instanceof Object) {
+            for (let name in obj) {
+                if (!obj.hasOwnProperty(name)) {
+                    continue;
+                }
+                if (this.deepSearch(obj[name], key)) {
+                    return true;
+                }
+            }
+        } else {
+            return this.isEmpty(obj) ? false : obj.toString().toLowerCase().indexOf(key.toLowerCase()) >= 0;
+        }
+        return false;
+    }
+
+    static isEmpty(obj) {
+        return obj === null || obj === undefined || obj === '';
+    }
+
+    static isArrEmpty(arr) {
+        return !this.isEmpty(arr) && arr.length === 0;
+    }
+
+    static copyArr(dest, src) {
+        dest.splice(0);
+        for (const item of src) {
+            dest.push(item);
+        }
+    }
+
+    static clone(obj) {
+        let newObj;
+        if (obj instanceof Array) {
+            newObj = [];
+            this.copyArr(newObj, obj);
+        } else if (obj instanceof Object) {
+            newObj = {};
+            for (const key of Object.keys(obj)) {
+                newObj[key] = obj[key];
+            }
+        } else {
+            newObj = obj;
+        }
+        return newObj;
+    }
+
+    static deepClone(obj) {
+        let newObj;
+        if (obj instanceof Array) {
+            newObj = [];
+            for (const item of obj) {
+                newObj.push(this.deepClone(item));
+            }
+        } else if (obj instanceof Object) {
+            newObj = {};
+            for (const key of Object.keys(obj)) {
+                newObj[key] = this.deepClone(obj[key]);
+            }
+        } else {
+            newObj = obj;
+        }
+        return newObj;
+    }
+
+    static cloneProps(dest, src, ...ignoreProps) {
+        if (dest == null || src == null) {
+            return;
+        }
+        const ignoreEmpty = this.isArrEmpty(ignoreProps);
+        for (const key of Object.keys(src)) {
+            if (!src.hasOwnProperty(key)) {
+                continue;
+            } else if (!dest.hasOwnProperty(key)) {
+                continue;
+            } else if (src[key] === undefined) {
+                continue;
+            }
+            if (ignoreEmpty) {
+                dest[key] = src[key];
+            } else {
+                let ignore = false;
+                for (let i = 0; i < ignoreProps.length; ++i) {
+                    if (key === ignoreProps[i]) {
+                        ignore = true;
+                        break;
+                    }
+                }
+                if (!ignore) {
+                    dest[key] = src[key];
+                }
+            }
+        }
+    }
+
+    static delProps(obj, ...props) {
+        for (const prop of props) {
+            if (prop in obj) {
+                delete obj[prop];
+            }
+        }
+    }
+
+    static execute(func, ...args) {
+        if (!this.isEmpty(func) && typeof func === 'function') {
+            func(...args);
+        }
+    }
+
+    static orDefault(obj, defaultValue) {
+        if (obj == null) {
+            return defaultValue;
+        }
+        return obj;
+    }
+
+    static equals(a, b) {
+        for (const key in a) {
+            if (!a.hasOwnProperty(key)) {
+                continue;
+            }
+            if (!b.hasOwnProperty(key)) {
+                return false;
+            } else if (a[key] !== b[key]) {
+                return false;
+            }
+        }
+        return true;
+    }
+}
+
+class Wireguard {
+    static gf(init) {
+        var r = new Float64Array(16);
+        if (init) {
+            for (var i = 0; i < init.length; ++i)
+                r[i] = init[i];
+        }
+        return r;
+    }
+
+    static pack(o, n) {
+        var b, m = this.gf(), t = this.gf();
+        for (var i = 0; i < 16; ++i)
+            t[i] = n[i];
+        this.carry(t);
+        this.carry(t);
+        this.carry(t);
+        for (var j = 0; j < 2; ++j) {
+            m[0] = t[0] - 0xffed;
+            for (var i = 1; i < 15; ++i) {
+                m[i] = t[i] - 0xffff - ((m[i - 1] >> 16) & 1);
+                m[i - 1] &= 0xffff;
+            }
+            m[15] = t[15] - 0x7fff - ((m[14] >> 16) & 1);
+            b = (m[15] >> 16) & 1;
+            m[14] &= 0xffff;
+            this.cswap(t, m, 1 - b);
+        }
+        for (var i = 0; i < 16; ++i) {
+            o[2 * i] = t[i] & 0xff;
+            o[2 * i + 1] = t[i] >> 8;
+        }
+    }
+
+    static carry(o) {
+        var c;
+        for (var i = 0; i < 16; ++i) {
+            o[(i + 1) % 16] += (i < 15 ? 1 : 38) * Math.floor(o[i] / 65536);
+            o[i] &= 0xffff;
+        }
+    }
+
+    static cswap(p, q, b) {
+        var t, c = ~(b - 1);
+        for (var i = 0; i < 16; ++i) {
+            t = c & (p[i] ^ q[i]);
+            p[i] ^= t;
+            q[i] ^= t;
+        }
+    }
+
+    static add(o, a, b) {
+        for (var i = 0; i < 16; ++i)
+            o[i] = (a[i] + b[i]) | 0;
+    }
+
+    static subtract(o, a, b) {
+        for (var i = 0; i < 16; ++i)
+            o[i] = (a[i] - b[i]) | 0;
+    }
+
+    static multmod(o, a, b) {
+        var t = new Float64Array(31);
+        for (var i = 0; i < 16; ++i) {
+            for (var j = 0; j < 16; ++j)
+                t[i + j] += a[i] * b[j];
+        }
+        for (var i = 0; i < 15; ++i)
+            t[i] += 38 * t[i + 16];
+        for (var i = 0; i < 16; ++i)
+            o[i] = t[i];
+        this.carry(o);
+        this.carry(o);
+    }
+
+    static invert(o, i) {
+        var c = this.gf();
+        for (var a = 0; a < 16; ++a)
+            c[a] = i[a];
+        for (var a = 253; a >= 0; --a) {
+            this.multmod(c, c, c);
+            if (a !== 2 && a !== 4)
+                this.multmod(c, c, i);
+        }
+        for (var a = 0; a < 16; ++a)
+            o[a] = c[a];
+    }
+
+    static clamp(z) {
+        z[31] = (z[31] & 127) | 64;
+        z[0] &= 248;
+    }
+
+    static generatePublicKey(privateKey) {
+        var r, z = new Uint8Array(32);
+        var a = this.gf([1]),
+            b = this.gf([9]),
+            c = this.gf(),
+            d = this.gf([1]),
+            e = this.gf(),
+            f = this.gf(),
+            _121665 = this.gf([0xdb41, 1]),
+            _9 = this.gf([9]);
+        for (var i = 0; i < 32; ++i)
+            z[i] = privateKey[i];
+        this.clamp(z);
+        for (var i = 254; i >= 0; --i) {
+            r = (z[i >>> 3] >>> (i & 7)) & 1;
+            this.cswap(a, b, r);
+            this.cswap(c, d, r);
+            this.add(e, a, c);
+            this.subtract(a, a, c);
+            this.add(c, b, d);
+            this.subtract(b, b, d);
+            this.multmod(d, e, e);
+            this.multmod(f, a, a);
+            this.multmod(a, c, a);
+            this.multmod(c, b, e);
+            this.add(e, a, c);
+            this.subtract(a, a, c);
+            this.multmod(b, a, a);
+            this.subtract(c, d, f);
+            this.multmod(a, c, _121665);
+            this.add(a, a, d);
+            this.multmod(c, c, a);
+            this.multmod(a, d, f);
+            this.multmod(d, b, _9);
+            this.multmod(b, e, e);
+            this.cswap(a, b, r);
+            this.cswap(c, d, r);
+        }
+        this.invert(c, c);
+        this.multmod(a, a, c);
+        this.pack(z, a);
+        return z;
+    }
+
+    static generatePresharedKey() {
+        var privateKey = new Uint8Array(32);
+        window.crypto.getRandomValues(privateKey);
+        return privateKey;
+    }
+
+    static generatePrivateKey() {
+        var privateKey = this.generatePresharedKey();
+        this.clamp(privateKey);
+        return privateKey;
+    }
+
+    static encodeBase64(dest, src) {
+        var input = Uint8Array.from([(src[0] >> 2) & 63, ((src[0] << 4) | (src[1] >> 4)) & 63, ((src[1] << 2) | (src[2] >> 6)) & 63, src[2] & 63]);
+        for (var i = 0; i < 4; ++i)
+            dest[i] = input[i] + 65 +
+                (((25 - input[i]) >> 8) & 6) -
+                (((51 - input[i]) >> 8) & 75) -
+                (((61 - input[i]) >> 8) & 15) +
+                (((62 - input[i]) >> 8) & 3);
+    }
+
+    static keyToBase64(key) {
+        var i, base64 = new Uint8Array(44);
+        for (i = 0; i < 32 / 3; ++i)
+            this.encodeBase64(base64.subarray(i * 4), key.subarray(i * 3));
+        this.encodeBase64(base64.subarray(i * 4), Uint8Array.from([key[i * 3 + 0], key[i * 3 + 1], 0]));
+        base64[43] = 61;
+        return String.fromCharCode.apply(null, base64);
+    }
+
+    static keyFromBase64(encoded) {
+        const binaryStr = atob(encoded);
+        const bytes = new Uint8Array(binaryStr.length);
+        for (let i = 0; i < binaryStr.length; i++) {
+            bytes[i] = binaryStr.charCodeAt(i);
+        }
+        return bytes;
+    }
+
+    static generateKeypair(secretKey = '') {
+        var privateKey = secretKey.length > 0 ? this.keyFromBase64(secretKey) : this.generatePrivateKey();
+        var publicKey = this.generatePublicKey(privateKey);
+        return {
+            publicKey: this.keyToBase64(publicKey),
+            privateKey: secretKey.length > 0 ? secretKey : this.keyToBase64(privateKey)
+        };
+    }
+}
+
+class ClipboardManager {
+    static copyText(content = "") {
+        // !! here old way of copying is used because not everyone can afford https connection
+        return new Promise((resolve) => {
+            try {
+                const textarea = window.document.createElement('textarea');
+    
+                textarea.style.fontSize = '12pt';
+                textarea.style.border = '0';
+                textarea.style.padding = '0';
+                textarea.style.margin = '0';
+                textarea.style.position = 'absolute';
+                textarea.style.left = '-9999px';
+                textarea.style.top = `${window.pageYOffset || document.documentElement.scrollTop}px`;
+                textarea.setAttribute('readonly', '');
+                textarea.value = content;
+    
+                window.document.body.appendChild(textarea);
+    
+                textarea.select();
+                window.document.execCommand("copy");
+    
+                window.document.body.removeChild(textarea);
+    
+                resolve(true)
+            } catch {
+                resolve(false)
+            }
+        })
+    }
+}
+
+class Base64 {
+    static encode(content = "", safe = false) {
+        if (safe) {
+            return Base64.encode(content)
+                .replace(/\+/g, '-')
+                .replace(/=/g, '')
+                .replace(/\//g, '_')
+        }
+
+        return window.btoa(
+            String.fromCharCode(...new TextEncoder().encode(content))
+        )
+    }
+
+    static decode(content = "") {
+        return new TextDecoder()
+            .decode(
+                Uint8Array.from(window.atob(content), c => c.charCodeAt(0))
+            )
+    }
+}
+
+class SizeFormatter {
+    static ONE_KB = 1024;
+    static ONE_MB = this.ONE_KB * 1024;
+    static ONE_GB = this.ONE_MB * 1024;
+    static ONE_TB = this.ONE_GB * 1024;
+    static ONE_PB = this.ONE_TB * 1024;
+
+    static sizeFormat(size) {
+        if (size <= 0) return "0 B";
+        if (size < this.ONE_KB) return size.toFixed(0) + " B";
+        if (size < this.ONE_MB) return (size / this.ONE_KB).toFixed(2) + " KB";
+        if (size < this.ONE_GB) return (size / this.ONE_MB).toFixed(2) + " MB";
+        if (size < this.ONE_TB) return (size / this.ONE_GB).toFixed(2) + " GB";
+        if (size < this.ONE_PB) return (size / this.ONE_TB).toFixed(2) + " TB";
+        return (size / this.ONE_PB).toFixed(2) + " PB";
+    }
+}
+
+class CPUFormatter {
+    static cpuSpeedFormat(speed) {
+        return speed > 1000 ? (speed / 1000).toFixed(2) + " GHz" : speed.toFixed(2) + " MHz";
+    }
+    
+    static cpuCoreFormat(cores) {
+        return cores === 1 ? "1 Core" : cores + " Cores";
+    }
+}
+
+class TimeFormatter {
+    static formatSecond(second) {
+        if (second < 60) return second.toFixed(0) + 's';
+        if (second < 3600) return (second / 60).toFixed(0) + 'm';
+        if (second < 3600 * 24) return (second / 3600).toFixed(0) + 'h';
+        let day = Math.floor(second / 3600 / 24);
+        let remain = ((second / 3600) - (day * 24)).toFixed(0);
+        return day + 'd' + (remain > 0 ? ' ' + remain + 'h' : '');
+    }
+}
+
+class NumberFormatter {
+    static addZero(num) {
+        return num < 10 ? "0" + num : num;
+    }
+    
+    static toFixed(num, n) {
+        n = Math.pow(10, n);
+        return Math.floor(num * n) / n;
+    }
+}
+
+class Utils {
+    static debounce(fn, delay) {
+        let timeoutID = null;
+        return function () {
+            clearTimeout(timeoutID);
+            let args = arguments;
+            let that = this;
+            timeoutID = setTimeout(() => fn.apply(that, args), delay);
+        };
+    }
+}
+
+class CookieManager {
+    static getCookie(cname) {
+        let name = cname + '=';
+        let ca = document.cookie.split(';');
+        for (let c of ca) {
+            c = c.trim();
+            if (c.indexOf(name) === 0) {
+                return decodeURIComponent(c.substring(name.length, c.length));
+            }
+        }
+        return '';
+    }
+    
+    static setCookie(cname, cvalue, exdays) {
+        const d = new Date();
+        d.setTime(d.getTime() + exdays * 24 * 60 * 60 * 1000);
+        let expires = 'expires=' + d.toUTCString();
+        document.cookie = cname + '=' + encodeURIComponent(cvalue) + ';' + expires + ';path=/';
+    }
+}
+
+class ColorUtils {
+    static usageColor(data, threshold, total) {
+        switch (true) {
+            case data === null: return "purple";
+            case total < 0: return "green";
+            case total == 0: return "purple";
+            case data < total - threshold: return "green";
+            case data < total: return "orange";
+            default: return "red";
+        }
+    }
+    
+    static clientUsageColor(clientStats, trafficDiff) {
+        switch (true) {
+            case !clientStats || clientStats.total == 0: return "#7a316f";
+            case clientStats.up + clientStats.down < clientStats.total - trafficDiff: return "#008771";
+            case clientStats.up + clientStats.down < clientStats.total: return "#f37b24";
+            default: return "#cf3c3c";
+        }
+    }
+    
+    static userExpiryColor(threshold, client, isDark = false) {
+        if (!client.enable) return isDark ? '#2c3950' : '#bcbcbc';
+        let now = new Date().getTime(), expiry = client.expiryTime;
+        switch (true) {
+            case expiry === null: return "#7a316f";
+            case expiry < 0: return "#008771";
+            case expiry == 0: return "#7a316f";
+            case now < expiry - threshold: return "#008771";
+            case now < expiry: return "#f37b24";
+            default: return "#cf3c3c";
+        }
+    }
+}
+
+class ArrayUtils {
+    static doAllItemsExist(array1, array2) {
+        return array1.every(item => array2.includes(item));
+    }
+}
+
+class URLBuilder {
+    static buildURL({ host, port, isTLS, base, path }) {
+        if (!host || host.length === 0) host = window.location.hostname;
+        if (!port || port.length === 0) port = window.location.port;
+        if (isTLS === undefined) isTLS = window.location.protocol === "https:";
+        
+        const protocol = isTLS ? "https:" : "http:";
+        port = String(port);
+        if (port === "" || (isTLS && port === "443") || (!isTLS && port === "80")) {
+            port = "";
+        } else {
+            port = `:${port}`;
+        }
+        
+        return `${protocol}//${host}${port}${base}${path}`;
+    }
+}
+
+class LanguageManager {
+    static supportedLanguages = [
+        {
+            name: "English",
+            value: "en-US",
+            icon: "🇺🇸",
+        },
+        {
+            name: "فارسی",
+            value: "fa-IR",
+            icon: "🇮🇷",
+        },
+        {
+            name: "简体中文",
+            value: "zh-CN",
+            icon: "🇨🇳",
+        },
+        {
+            name: "繁體中文",
+            value: "zh-TW",
+            icon: "🇹🇼",
+        },
+        {
+            name: "日本語",
+            value: "ja-JP",
+            icon: "🇯🇵",
+        },
+        {
+            name: "Русский",
+            value: "ru-RU",
+            icon: "🇷🇺",
+        },
+        {
+            name: "Tiếng Việt",
+            value: "vi-VN",
+            icon: "🇻🇳",
+        },
+        {
+            name: "Español",
+            value: "es-ES",
+            icon: "🇪🇸",
+        },
+        {
+            name: "Indonesian",
+            value: "id-ID",
+            icon: "🇮🇩",
+        },
+        {
+            name: "Український",
+            value: "uk-UA",
+            icon: "🇺🇦",
+        },
+        {
+            name: "Türkçe",
+            value: "tr-TR",
+            icon: "🇹🇷",
+        },
+        {
+            name: "Português",
+            value: "pt-BR",
+            icon: "🇧🇷",
+        }
+    ]
+
+    static getLanguage() {
+        let lang = CookieManager.getCookie("lang");
+    
+        if (!lang) {
+            if (window.navigator) {
+                lang = window.navigator.language || window.navigator.userLanguage;
+    
+                if (LanguageManager.isSupportLanguage(lang)) {
+                    CookieManager.setCookie("lang", lang, 150);
+                } else {
+                    CookieManager.setCookie("lang", "en-US", 150);
+                    window.location.reload();
+                }
+            } else {
+                CookieManager.setCookie("lang", "en-US", 150);
+                window.location.reload();
+            }
+        }
+    
+        return lang;
+    }
+    
+    static setLanguage(language) {
+        if (!LanguageManager.isSupportLanguage(language)) {
+            language = "en-US";
+        }
+    
+        CookieManager.setCookie("lang", language, 150);
+        window.location.reload();
+    }
+    
+    static isSupportLanguage(language) {
+        const languageFilter = LanguageManager.supportedLanguages.filter((lang) => {
+            return lang.value === language
+        })
+    
+        return languageFilter.length > 0;
+    }    
+}
--- a/web/assets/js/util/utils.js
+++ b/web/assets/js/util/utils.js
@@ -1,484 +0,0 @@
-class Msg {
-    constructor(success, msg, obj) {
-        this.success = false;
-        this.msg = "";
-        this.obj = null;
-
-        if (success != null) {
-            this.success = success;
-        }
-        if (msg != null) {
-            this.msg = msg;
-        }
-        if (obj != null) {
-            this.obj = obj;
-        }
-    }
-}
-
-class HttpUtil {
-    static _handleMsg(msg) {
-        if (!(msg instanceof Msg)) {
-            return;
-        }
-        if (msg.msg === "") {
-            return;
-        }
-        if (msg.success) {
-            Vue.prototype.$message.success(msg.msg);
-        } else {
-            Vue.prototype.$message.error(msg.msg);
-        }
-    }
-
-    static _respToMsg(resp) {
-        const data = resp.data;
-        if (data == null) {
-            return new Msg(true);
-        } else if (typeof data === 'object') {
-            if (data.hasOwnProperty('success')) {
-                return new Msg(data.success, data.msg, data.obj);
-            } else {
-                return data;
-            }
-        } else {
-            return new Msg(false, 'unknown data:', data);
-        }
-    }
-
-    static async get(url, data, options) {
-        let msg;
-        try {
-            const resp = await axios.get(url, data, options);
-            msg = this._respToMsg(resp);
-        } catch (e) {
-            msg = new Msg(false, e.toString());
-        }
-        this._handleMsg(msg);
-        return msg;
-    }
-
-    static async post(url, data, options) {
-        let msg;
-        try {
-            const resp = await axios.post(url, data, options);
-            msg = this._respToMsg(resp);
-        } catch (e) {
-            msg = new Msg(false, e.toString());
-        }
-        this._handleMsg(msg);
-        return msg;
-    }
-
-    static async postWithModal(url, data, modal) {
-        if (modal) {
-            modal.loading(true);
-        }
-        const msg = await this.post(url, data);
-        if (modal) {
-            modal.loading(false);
-            if (msg instanceof Msg && msg.success) {
-                modal.close();
-            }
-        }
-        return msg;
-    }
-}
-
-class PromiseUtil {
-    static async sleep(timeout) {
-        await new Promise(resolve => {
-            setTimeout(resolve, timeout)
-        });
-    }
-}
-
-const seq = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'.split('');
-
-class RandomUtil {
-    static randomIntRange(min, max) {
-        return Math.floor(Math.random() * (max - min) + min);
-    }
-
-    static randomInt(n) {
-        return this.randomIntRange(0, n);
-    }
-
-    static randomSeq(count) {
-        let str = '';
-        for (let i = 0; i < count; ++i) {
-            str += seq[this.randomInt(62)];
-        }
-        return str;
-    }
-
-    static randomShortId() {
-        let str = '';
-        for (let i = 0; i < 8; ++i) {
-            str += seq[this.randomInt(16)];
-        }
-        return str;
-    }
-
-    static randomLowerAndNum(len) {
-        let str = '';
-        for (let i = 0; i < len; ++i) {
-            str += seq[this.randomInt(36)];
-        }
-        return str;
-    }
-
-    static randomUUID() {
-        const template = 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx';
-        return template.replace(/[xy]/g, function (c) {
-            const randomValues = new Uint8Array(1);
-            crypto.getRandomValues(randomValues);
-            let randomValue = randomValues[0] % 16;
-            let calculatedValue = (c === 'x') ? randomValue : (randomValue & 0x3 | 0x8);
-            return calculatedValue.toString(16);
-        });
-    }
-
-    static randomShadowsocksPassword() {
-        let array = new Uint8Array(32);
-        window.crypto.getRandomValues(array);
-        return btoa(String.fromCharCode.apply(null, array));
-    }
-}
-
-class ObjectUtil {
-    static getPropIgnoreCase(obj, prop) {
-        for (const name in obj) {
-            if (!obj.hasOwnProperty(name)) {
-                continue;
-            }
-            if (name.toLowerCase() === prop.toLowerCase()) {
-                return obj[name];
-            }
-        }
-        return undefined;
-    }
-
-    static deepSearch(obj, key) {
-        if (obj instanceof Array) {
-            for (let i = 0; i < obj.length; ++i) {
-                if (this.deepSearch(obj[i], key)) {
-                    return true;
-                }
-            }
-        } else if (obj instanceof Object) {
-            for (let name in obj) {
-                if (!obj.hasOwnProperty(name)) {
-                    continue;
-                }
-                if (this.deepSearch(obj[name], key)) {
-                    return true;
-                }
-            }
-        } else {
-            return this.isEmpty(obj) ? false : obj.toString().toLowerCase().indexOf(key.toLowerCase()) >= 0;
-        }
-        return false;
-    }
-
-    static isEmpty(obj) {
-        return obj === null || obj === undefined || obj === '';
-    }
-
-    static isArrEmpty(arr) {
-        return !this.isEmpty(arr) && arr.length === 0;
-    }
-
-    static copyArr(dest, src) {
-        dest.splice(0);
-        for (const item of src) {
-            dest.push(item);
-        }
-    }
-
-    static clone(obj) {
-        let newObj;
-        if (obj instanceof Array) {
-            newObj = [];
-            this.copyArr(newObj, obj);
-        } else if (obj instanceof Object) {
-            newObj = {};
-            for (const key of Object.keys(obj)) {
-                newObj[key] = obj[key];
-            }
-        } else {
-            newObj = obj;
-        }
-        return newObj;
-    }
-
-    static deepClone(obj) {
-        let newObj;
-        if (obj instanceof Array) {
-            newObj = [];
-            for (const item of obj) {
-                newObj.push(this.deepClone(item));
-            }
-        } else if (obj instanceof Object) {
-            newObj = {};
-            for (const key of Object.keys(obj)) {
-                newObj[key] = this.deepClone(obj[key]);
-            }
-        } else {
-            newObj = obj;
-        }
-        return newObj;
-    }
-
-    static cloneProps(dest, src, ...ignoreProps) {
-        if (dest == null || src == null) {
-            return;
-        }
-        const ignoreEmpty = this.isArrEmpty(ignoreProps);
-        for (const key of Object.keys(src)) {
-            if (!src.hasOwnProperty(key)) {
-                continue;
-            } else if (!dest.hasOwnProperty(key)) {
-                continue;
-            } else if (src[key] === undefined) {
-                continue;
-            }
-            if (ignoreEmpty) {
-                dest[key] = src[key];
-            } else {
-                let ignore = false;
-                for (let i = 0; i < ignoreProps.length; ++i) {
-                    if (key === ignoreProps[i]) {
-                        ignore = true;
-                        break;
-                    }
-                }
-                if (!ignore) {
-                    dest[key] = src[key];
-                }
-            }
-        }
-    }
-
-    static delProps(obj, ...props) {
-        for (const prop of props) {
-            if (prop in obj) {
-                delete obj[prop];
-            }
-        }
-    }
-
-    static execute(func, ...args) {
-        if (!this.isEmpty(func) && typeof func === 'function') {
-            func(...args);
-        }
-    }
-
-    static orDefault(obj, defaultValue) {
-        if (obj == null) {
-            return defaultValue;
-        }
-        return obj;
-    }
-
-    static equals(a, b) {
-        for (const key in a) {
-            if (!a.hasOwnProperty(key)) {
-                continue;
-            }
-            if (!b.hasOwnProperty(key)) {
-                return false;
-            } else if (a[key] !== b[key]) {
-                return false;
-            }
-        }
-        return true;
-    }
-}
-
-class Wireguard {
-	static gf(init) {
-		var r = new Float64Array(16);
-		if (init) {
-			for (var i = 0; i < init.length; ++i)
-				r[i] = init[i];
-		}
-		return r;
-	}
-
-	static pack(o, n) {
-		var b, m = this.gf(), t = this.gf();
-		for (var i = 0; i < 16; ++i)
-			t[i] = n[i];
-		this.carry(t);
-		this.carry(t);
-		this.carry(t);
-		for (var j = 0; j < 2; ++j) {
-			m[0] = t[0] - 0xffed;
-			for (var i = 1; i < 15; ++i) {
-				m[i] = t[i] - 0xffff - ((m[i - 1] >> 16) & 1);
-				m[i - 1] &= 0xffff;
-			}
-			m[15] = t[15] - 0x7fff - ((m[14] >> 16) & 1);
-			b = (m[15] >> 16) & 1;
-			m[14] &= 0xffff;
-			this.cswap(t, m, 1 - b);
-		}
-		for (var i = 0; i < 16; ++i) {
-			o[2 * i] = t[i] & 0xff;
-			o[2 * i + 1] = t[i] >> 8;
-		}
-	}
-
-	static carry(o) {
-		var c;
-		for (var i = 0; i < 16; ++i) {
-			o[(i + 1) % 16] += (i < 15 ? 1 : 38) * Math.floor(o[i] / 65536);
-			o[i] &= 0xffff;
-		}
-	}
-
-	static cswap(p, q, b) {
-		var t, c = ~(b - 1);
-		for (var i = 0; i < 16; ++i) {
-			t = c & (p[i] ^ q[i]);
-			p[i] ^= t;
-			q[i] ^= t;
-		}
-	}
-
-	static add(o, a, b) {
-		for (var i = 0; i < 16; ++i)
-			o[i] = (a[i] + b[i]) | 0;
-	}
-
-	static subtract(o, a, b) {
-		for (var i = 0; i < 16; ++i)
-			o[i] = (a[i] - b[i]) | 0;
-	}
-
-	static multmod(o, a, b) {
-		var t = new Float64Array(31);
-		for (var i = 0; i < 16; ++i) {
-			for (var j = 0; j < 16; ++j)
-				t[i + j] += a[i] * b[j];
-		}
-		for (var i = 0; i < 15; ++i)
-			t[i] += 38 * t[i + 16];
-		for (var i = 0; i < 16; ++i)
-			o[i] = t[i];
-		this.carry(o);
-		this.carry(o);
-	}
-
-	static invert(o, i) {
-		var c = this.gf();
-		for (var a = 0; a < 16; ++a)
-			c[a] = i[a];
-		for (var a = 253; a >= 0; --a) {
-			this.multmod(c, c, c);
-			if (a !== 2 && a !== 4)
-                this.multmod(c, c, i);
-		}
-		for (var a = 0; a < 16; ++a)
-			o[a] = c[a];
-	}
-
-	static clamp(z) {
-		z[31] = (z[31] & 127) | 64;
-		z[0] &= 248;
-	}
-
-	static generatePublicKey(privateKey) {
-		var r, z = new Uint8Array(32);
-		var a = this.gf([1]),
-			b = this.gf([9]),
-			c = this.gf(),
-			d = this.gf([1]),
-			e = this.gf(),
-			f = this.gf(),
-			_121665 = this.gf([0xdb41, 1]),
-			_9 = this.gf([9]);
-		for (var i = 0; i < 32; ++i)
-			z[i] = privateKey[i];
-		this.clamp(z);
-		for (var i = 254; i >= 0; --i) {
-			r = (z[i >>> 3] >>> (i & 7)) & 1;
-			this.cswap(a, b, r);
-			this.cswap(c, d, r);
-			this.add(e, a, c);
-			this.subtract(a, a, c);
-			this.add(c, b, d);
-			this.subtract(b, b, d);
-			this.multmod(d, e, e);
-			this.multmod(f, a, a);
-			this.multmod(a, c, a);
-			this.multmod(c, b, e);
-			this.add(e, a, c);
-			this.subtract(a, a, c);
-			this.multmod(b, a, a);
-			this.subtract(c, d, f);
-			this.multmod(a, c, _121665);
-			this.add(a, a, d);
-			this.multmod(c, c, a);
-			this.multmod(a, d, f);
-			this.multmod(d, b, _9);
-			this.multmod(b, e, e);
-			this.cswap(a, b, r);
-			this.cswap(c, d, r);
-		}
-		this.invert(c, c);
-		this.multmod(a, a, c);
-		this.pack(z, a);
-		return z;
-	}
-
-	static generatePresharedKey() {
-		var privateKey = new Uint8Array(32);
-		window.crypto.getRandomValues(privateKey);
-		return privateKey;
-	}
-
-	static generatePrivateKey() {
-		var privateKey = this.generatePresharedKey();
-		this.clamp(privateKey);
-		return privateKey;
-	}
-
-	static encodeBase64(dest, src) {
-		var input = Uint8Array.from([(src[0] >> 2) & 63, ((src[0] << 4) | (src[1] >> 4)) & 63, ((src[1] << 2) | (src[2] >> 6)) & 63, src[2] & 63]);
-		for (var i = 0; i < 4; ++i)
-			dest[i] = input[i] + 65 +
-			(((25 - input[i]) >> 8) & 6) -
-			(((51 - input[i]) >> 8) & 75) -
-			(((61 - input[i]) >> 8) & 15) +
-			(((62 - input[i]) >> 8) & 3);
-	}
-
-	static keyToBase64(key) {
-		var i, base64 = new Uint8Array(44);
-		for (i = 0; i < 32 / 3; ++i)
-            this.encodeBase64(base64.subarray(i * 4), key.subarray(i * 3));
-        this.encodeBase64(base64.subarray(i * 4), Uint8Array.from([key[i * 3 + 0], key[i * 3 + 1], 0]));
-		base64[43] = 61;
-		return String.fromCharCode.apply(null, base64);
-	}
-
-    static keyFromBase64(encoded) {
-        const binaryStr = atob(encoded);
-        const bytes = new Uint8Array(binaryStr.length);
-        for (let i = 0; i < binaryStr.length; i++) {
-            bytes[i] = binaryStr.charCodeAt(i);
-        }
-        return bytes;
-    }
-
-	static generateKeypair(secretKey='') {
-        var privateKey = secretKey.length>0 ? this.keyFromBase64(secretKey) : this.generatePrivateKey();
-        var publicKey = this.generatePublicKey(privateKey);
-        return {
-            publicKey: this.keyToBase64(publicKey),
-            privateKey: secretKey.length>0 ? secretKey : this.keyToBase64(privateKey)
-        };
-    }
-}
--- a/web/assets/moment/moment.min.js
+++ b/web/assets/moment/moment.min.js
--- a/web/controller/api.go
+++ b/web/controller/api.go
@@ -33,6 +33,7 @@ func (a *APIController) initRouter(g *gin.RouterGroup) {
 		{"GET", "/list", a.inboundController.getInbounds},
 		{"GET", "/get/:id", a.inboundController.getInbound},
 		{"GET", "/getClientTraffics/:email", a.inboundController.getClientTraffics},
+		{"GET", "/getClientTrafficsById/:id", a.inboundController.getClientTrafficsById},
 		{"POST", "/add", a.inboundController.addInbound},
 		{"POST", "/del/:id", a.inboundController.delInbound},
 		{"POST", "/update/:id", a.inboundController.updateInbound},
--- a/web/controller/inbound.go
+++ b/web/controller/inbound.go
@@ -77,6 +77,16 @@ func (a *InboundController) getClientTraffics(c *gin.Context) {
 	jsonObj(c, clientTraffics, nil)
 }

+func (a *InboundController) getClientTrafficsById(c *gin.Context) {
+	id := c.Param("id")
+	clientTraffics, err := a.inboundService.GetClientTrafficByID(id)
+	if err != nil {
+		jsonMsg(c, "Error getting traffics", err)
+		return
+	}
+	jsonObj(c, clientTraffics, nil)
+}
+
 func (a *InboundController) addInbound(c *gin.Context) {
 	inbound := &model.Inbound{}
 	err := c.ShouldBind(inbound)
@@ -232,14 +242,12 @@ func (a *InboundController) resetClientTraffic(c *gin.Context) {
 	}
 	email := c.Param("email")

-	needRestart := true
-
-	needRestart, err = a.inboundService.ResetClientTraffic(id, email)
+	needRestart, err := a.inboundService.ResetClientTraffic(id, email)
 	if err != nil {
 		jsonMsg(c, "Something went wrong!", err)
 		return
 	}
-	jsonMsg(c, "traffic reseted", nil)
+	jsonMsg(c, "Traffic has been reset", nil)
 	if needRestart {
 		a.xrayService.SetToNeedRestart()
 	}
@@ -253,7 +261,7 @@ func (a *InboundController) resetAllTraffics(c *gin.Context) {
 	} else {
 		a.xrayService.SetToNeedRestart()
 	}
-	jsonMsg(c, "All traffics reseted", nil)
+	jsonMsg(c, "all traffic has been reset", nil)
 }

 func (a *InboundController) resetAllClientTraffics(c *gin.Context) {
@@ -270,7 +278,7 @@ func (a *InboundController) resetAllClientTraffics(c *gin.Context) {
 	} else {
 		a.xrayService.SetToNeedRestart()
 	}
-	jsonMsg(c, "All traffics of client reseted", nil)
+	jsonMsg(c, "All traffic from the client has been reset.", nil)
 }

 func (a *InboundController) importInbound(c *gin.Context) {
@@ -313,9 +321,9 @@ func (a *InboundController) delDepletedClients(c *gin.Context) {
 		jsonMsg(c, "Something went wrong!", err)
 		return
 	}
-	jsonMsg(c, "All delpeted clients are deleted", nil)
+	jsonMsg(c, "All depleted clients are deleted", nil)
 }

 func (a *InboundController) onlines(c *gin.Context) {
-	jsonObj(c, a.inboundService.GetOnlineClinets(), nil)
+	jsonObj(c, a.inboundService.GetOnlineClients(), nil)
 }
--- a/web/controller/index.go
+++ b/web/controller/index.go
@@ -2,12 +2,14 @@ package controller

 import (
 	"net/http"
+	"text/template"
 	"time"

 	"x-ui/logger"
 	"x-ui/web/service"
 	"x-ui/web/session"

+	"github.com/gin-contrib/sessions"
 	"github.com/gin-gonic/gin"
 )

@@ -48,8 +50,8 @@ func (a *IndexController) index(c *gin.Context) {

 func (a *IndexController) login(c *gin.Context) {
 	var form LoginForm
-	err := c.ShouldBind(&form)
-	if err != nil {
+
+	if err := c.ShouldBind(&form); err != nil {
 		pureJsonMsg(c, http.StatusOK, false, I18nWeb(c, "pages.login.toasts.invalidFormData"))
 		return
 	}
@@ -64,39 +66,45 @@ func (a *IndexController) login(c *gin.Context) {

 	user := a.userService.CheckUser(form.Username, form.Password, form.LoginSecret)
 	timeStr := time.Now().Format("2006-01-02 15:04:05")
+	safeUser := template.HTMLEscapeString(form.Username)
+	safePass := template.HTMLEscapeString(form.Password)
+	safeSecret := template.HTMLEscapeString(form.LoginSecret)
+
 	if user == nil {
-		logger.Warningf("wrong username or password: \"%s\" \"%s\"", form.Username, form.Password)
-		a.tgbot.UserLoginNotify(form.Username, getRemoteIp(c), timeStr, 0)
+		logger.Warningf("wrong username: \"%s\", password: \"%s\", secret: \"%s\", IP: \"%s\"", safeUser, safePass, safeSecret, getRemoteIp(c))
+		a.tgbot.UserLoginNotify(safeUser, safePass, getRemoteIp(c), timeStr, 0)
 		pureJsonMsg(c, http.StatusOK, false, I18nWeb(c, "pages.login.toasts.wrongUsernameOrPassword"))
 		return
-	} else {
-		logger.Infof("%s login success, Ip Address: %s\n", form.Username, getRemoteIp(c))
-		a.tgbot.UserLoginNotify(form.Username, getRemoteIp(c), timeStr, 1)
 	}

+	logger.Infof("%s logged in successfully, Ip Address: %s\n", safeUser, getRemoteIp(c))
+	a.tgbot.UserLoginNotify(safeUser, ``, getRemoteIp(c), timeStr, 1)
+
 	sessionMaxAge, err := a.settingService.GetSessionMaxAge()
 	if err != nil {
-		logger.Warningf("Unable to get session's max age from DB")
+		logger.Warning("Unable to get session's max age from DB")
 	}

-	if sessionMaxAge > 0 {
-		err = session.SetMaxAge(c, sessionMaxAge*60)
-		if err != nil {
-			logger.Warningf("Unable to set session's max age")
-		}
+	session.SetMaxAge(c, sessionMaxAge*60)
+	session.SetLoginUser(c, user)
+	if err := sessions.Default(c).Save(); err != nil {
+		logger.Warning("Unable to save session: ", err)
+		return
 	}

-	err = session.SetLoginUser(c, user)
-	logger.Info("user", user.Id, "login success")
-	jsonMsg(c, I18nWeb(c, "pages.login.toasts.successLogin"), err)
+	logger.Infof("%s logged in successfully", safeUser)
+	jsonMsg(c, I18nWeb(c, "pages.login.toasts.successLogin"), nil)
 }

 func (a *IndexController) logout(c *gin.Context) {
 	user := session.GetLoginUser(c)
 	if user != nil {
-		logger.Info("user", user.Id, "logout")
+		logger.Infof("%s logged out successfully", user.Username)
 	}
 	session.ClearSession(c)
+	if err := sessions.Default(c).Save(); err != nil {
+		logger.Warning("Unable to save session after clearing:", err)
+	}
 	c.Redirect(http.StatusTemporaryRedirect, c.GetString("base_path"))
 }

--- a/web/controller/server.go
+++ b/web/controller/server.go
@@ -105,7 +105,7 @@ func (a *ServerController) stopXrayService(c *gin.Context) {
 		jsonMsg(c, "", err)
 		return
 	}
-	jsonMsg(c, "Xray stoped", err)
+	jsonMsg(c, "Xray stopped", err)
 }

 func (a *ServerController) restartXrayService(c *gin.Context) {
--- a/web/controller/util.go
+++ b/web/controller/util.go
@@ -13,15 +13,18 @@ import (
 )

 func getRemoteIp(c *gin.Context) string {
-	value := c.GetHeader("X-Forwarded-For")
+	value := c.GetHeader("X-Real-IP")
+	if value != "" {
+		return value
+	}
+	value = c.GetHeader("X-Forwarded-For")
 	if value != "" {
 		ips := strings.Split(value, ",")
 		return ips[0]
-	} else {
-		addr := c.Request.RemoteAddr
-		ip, _, _ := net.SplitHostPort(addr)
-		return ip
 	}
+	addr := c.Request.RemoteAddr
+	ip, _, _ := net.SplitHostPort(addr)
+	return ip
 }

 func jsonMsg(c *gin.Context, msg string, err error) {
@@ -39,12 +42,12 @@ func jsonMsgObj(c *gin.Context, msg string, obj interface{}, err error) {
 	if err == nil {
 		m.Success = true
 		if msg != "" {
-			m.Msg = msg + I18nWeb(c, "success")
+			m.Msg = msg + " " + I18nWeb(c, "success")
 		}
 	} else {
 		m.Success = false
-		m.Msg = msg + I18nWeb(c, "fail") + ": " + err.Error()
-		logger.Warning(msg+I18nWeb(c, "fail")+": ", err)
+		m.Msg = msg + " " + I18nWeb(c, "fail") + ": " + err.Error()
+		logger.Warning(msg+" "+I18nWeb(c, "fail")+": ", err)
 	}
 	c.JSON(http.StatusOK, m)
 }
@@ -61,7 +64,18 @@ func html(c *gin.Context, name string, title string, data gin.H) {
 		data = gin.H{}
 	}
 	data["title"] = title
-	data["host"], _, _ = net.SplitHostPort(c.Request.Host)
+	host := c.GetHeader("X-Forwarded-Host")
+	if host == "" {
+		host = c.GetHeader("X-Real-IP")
+	}
+	if host == "" {
+		var err error
+		host, _, err = net.SplitHostPort(c.Request.Host)
+		if err != nil {
+			host = c.Request.Host
+		}
+	}
+	data["host"] = host
 	data["request_uri"] = c.Request.RequestURI
 	data["base_path"] = c.GetString("base_path")
 	c.HTML(http.StatusOK, name, getContext(data))
--- a/web/controller/xray_setting.go
+++ b/web/controller/xray_setting.go
@@ -12,6 +12,7 @@ type XraySettingController struct {
 	InboundService     service.InboundService
 	OutboundService    service.OutboundService
 	XrayService        service.XrayService
+	WarpService        service.WarpService
 }

 func NewXraySettingController(g *gin.RouterGroup) *XraySettingController {
@@ -72,16 +73,18 @@ func (a *XraySettingController) warp(c *gin.Context) {
 	var err error
 	switch action {
 	case "data":
-		resp, err = a.XraySettingService.GetWarp()
+		resp, err = a.WarpService.GetWarpData()
+	case "del":
+		err = a.WarpService.DelWarpData()
 	case "config":
-		resp, err = a.XraySettingService.GetWarpConfig()
+		resp, err = a.WarpService.GetWarpConfig()
 	case "reg":
 		skey := c.PostForm("privateKey")
 		pkey := c.PostForm("publicKey")
-		resp, err = a.XraySettingService.RegWarp(skey, pkey)
+		resp, err = a.WarpService.RegWarp(skey, pkey)
 	case "license":
 		license := c.PostForm("license")
-		resp, err = a.XraySettingService.SetWarpLicence(license)
+		resp, err = a.WarpService.SetWarpLicense(license)
 	}

 	jsonObj(c, resp, err)
--- a/web/entity/entity.go
+++ b/web/entity/entity.go
@@ -16,45 +16,49 @@ type Msg struct {
 }

 type AllSetting struct {
-	WebListen        string `json:"webListen" form:"webListen"`
-	WebDomain        string `json:"webDomain" form:"webDomain"`
-	WebPort          int    `json:"webPort" form:"webPort"`
-	WebCertFile      string `json:"webCertFile" form:"webCertFile"`
-	WebKeyFile       string `json:"webKeyFile" form:"webKeyFile"`
-	WebBasePath      string `json:"webBasePath" form:"webBasePath"`
-	SessionMaxAge    int    `json:"sessionMaxAge" form:"sessionMaxAge"`
-	PageSize         int    `json:"pageSize" form:"pageSize"`
-	ExpireDiff       int    `json:"expireDiff" form:"expireDiff"`
-	TrafficDiff      int    `json:"trafficDiff" form:"trafficDiff"`
-	RemarkModel      string `json:"remarkModel" form:"remarkModel"`
-	TgBotEnable      bool   `json:"tgBotEnable" form:"tgBotEnable"`
-	TgBotToken       string `json:"tgBotToken" form:"tgBotToken"`
-	TgBotProxy       string `json:"tgBotProxy" form:"tgBotProxy"`
-	TgBotChatId      string `json:"tgBotChatId" form:"tgBotChatId"`
-	TgRunTime        string `json:"tgRunTime" form:"tgRunTime"`
-	TgBotBackup      bool   `json:"tgBotBackup" form:"tgBotBackup"`
-	TgBotLoginNotify bool   `json:"tgBotLoginNotify" form:"tgBotLoginNotify"`
-	TgCpu            int    `json:"tgCpu" form:"tgCpu"`
-	TgLang           string `json:"tgLang" form:"tgLang"`
-	TimeLocation     string `json:"timeLocation" form:"timeLocation"`
-	SecretEnable     bool   `json:"secretEnable" form:"secretEnable"`
-	SubEnable        bool   `json:"subEnable" form:"subEnable"`
-	SubListen        string `json:"subListen" form:"subListen"`
-	SubPort          int    `json:"subPort" form:"subPort"`
-	SubPath          string `json:"subPath" form:"subPath"`
-	SubDomain        string `json:"subDomain" form:"subDomain"`
-	SubCertFile      string `json:"subCertFile" form:"subCertFile"`
-	SubKeyFile       string `json:"subKeyFile" form:"subKeyFile"`
-	SubUpdates       int    `json:"subUpdates" form:"subUpdates"`
-	SubEncrypt       bool   `json:"subEncrypt" form:"subEncrypt"`
-	SubShowInfo      bool   `json:"subShowInfo" form:"subShowInfo"`
-	SubURI           string `json:"subURI" form:"subURI"`
-	SubJsonPath      string `json:"subJsonPath" form:"subJsonPath"`
-	SubJsonURI       string `json:"subJsonURI" form:"subJsonURI"`
-	SubJsonFragment  string `json:"subJsonFragment" form:"subJsonFragment"`
-	SubJsonMux       string `json:"subJsonMux" form:"subJsonMux"`
-	SubJsonRules     string `json:"subJsonRules" form:"subJsonRules"`
-	Datepicker       string `json:"datepicker" form:"datepicker"`
+	WebListen                   string `json:"webListen" form:"webListen"`
+	WebDomain                   string `json:"webDomain" form:"webDomain"`
+	WebPort                     int    `json:"webPort" form:"webPort"`
+	WebCertFile                 string `json:"webCertFile" form:"webCertFile"`
+	WebKeyFile                  string `json:"webKeyFile" form:"webKeyFile"`
+	WebBasePath                 string `json:"webBasePath" form:"webBasePath"`
+	SessionMaxAge               int    `json:"sessionMaxAge" form:"sessionMaxAge"`
+	PageSize                    int    `json:"pageSize" form:"pageSize"`
+	ExpireDiff                  int    `json:"expireDiff" form:"expireDiff"`
+	TrafficDiff                 int    `json:"trafficDiff" form:"trafficDiff"`
+	RemarkModel                 string `json:"remarkModel" form:"remarkModel"`
+	TgBotEnable                 bool   `json:"tgBotEnable" form:"tgBotEnable"`
+	TgBotToken                  string `json:"tgBotToken" form:"tgBotToken"`
+	TgBotProxy                  string `json:"tgBotProxy" form:"tgBotProxy"`
+	TgBotAPIServer              string `json:"tgBotAPIServer" form:"tgBotAPIServer"`
+	TgBotChatId                 string `json:"tgBotChatId" form:"tgBotChatId"`
+	TgRunTime                   string `json:"tgRunTime" form:"tgRunTime"`
+	TgBotBackup                 bool   `json:"tgBotBackup" form:"tgBotBackup"`
+	TgBotLoginNotify            bool   `json:"tgBotLoginNotify" form:"tgBotLoginNotify"`
+	TgCpu                       int    `json:"tgCpu" form:"tgCpu"`
+	TgLang                      string `json:"tgLang" form:"tgLang"`
+	TimeLocation                string `json:"timeLocation" form:"timeLocation"`
+	SecretEnable                bool   `json:"secretEnable" form:"secretEnable"`
+	SubEnable                   bool   `json:"subEnable" form:"subEnable"`
+	SubListen                   string `json:"subListen" form:"subListen"`
+	SubPort                     int    `json:"subPort" form:"subPort"`
+	SubPath                     string `json:"subPath" form:"subPath"`
+	SubDomain                   string `json:"subDomain" form:"subDomain"`
+	SubCertFile                 string `json:"subCertFile" form:"subCertFile"`
+	SubKeyFile                  string `json:"subKeyFile" form:"subKeyFile"`
+	SubUpdates                  int    `json:"subUpdates" form:"subUpdates"`
+	ExternalTrafficInformEnable bool   `json:"externalTrafficInformEnable" form:"externalTrafficInformEnable"`
+	ExternalTrafficInformURI    string `json:"externalTrafficInformURI" form:"externalTrafficInformURI"`
+	SubEncrypt                  bool   `json:"subEncrypt" form:"subEncrypt"`
+	SubShowInfo                 bool   `json:"subShowInfo" form:"subShowInfo"`
+	SubURI                      string `json:"subURI" form:"subURI"`
+	SubJsonPath                 string `json:"subJsonPath" form:"subJsonPath"`
+	SubJsonURI                  string `json:"subJsonURI" form:"subJsonURI"`
+	SubJsonFragment             string `json:"subJsonFragment" form:"subJsonFragment"`
+	SubJsonNoises               string `json:"subJsonNoises" form:"subJsonNoises"`
+	SubJsonMux                  string `json:"subJsonMux" form:"subJsonMux"`
+	SubJsonRules                string `json:"subJsonRules" form:"subJsonRules"`
+	Datepicker                  string `json:"datepicker" form:"datepicker"`
 }

 func (s *AllSetting) CheckValid() error {
--- a/web/html/common/js.html
+++ b/web/html/common/js.html
@@ -5,10 +5,8 @@
 <script src="{{ .base_path }}assets/axios/axios.min.js?{{ .cur_ver }}"></script>
 <script src="{{ .base_path }}assets/qs/qs.min.js"></script>
 <script src="{{ .base_path }}assets/js/axios-init.js?{{ .cur_ver }}"></script>
-<script src="{{ .base_path }}assets/js/util/common.js?{{ .cur_ver }}"></script>
 <script src="{{ .base_path }}assets/js/util/date-util.js?{{ .cur_ver }}"></script>
-<script src="{{ .base_path }}assets/js/util/utils.js?{{ .cur_ver }}"></script>
-<script src="{{ .base_path }}assets/js/langs.js"></script>
+<script src="{{ .base_path }}assets/js/util/index.js?{{ .cur_ver }}"></script>
 <script>
    const basePath = '{{ .base_path }}';
    axios.defaults.baseURL = basePath;
--- a/web/html/common/qrcode_modal.html
+++ b/web/html/common/qrcode_modal.html
@@ -10,7 +10,7 @@
        <a-tag color="purple" class="qr-tag"><span>{{ i18n "pages.settings.subSettings"}}</span></a-tag>
        <tr-qr-bg class="qr-bg-sub">
          <tr-qr-bg-inner class="qr-bg-sub-inner">
-            <canvas @click="copyToClipboard('qrCode-sub',genSubLink(qrModal.client.subId))" id="qrCode-sub" class="qr-cv"></canvas>
+            <canvas @click="copy(genSubLink(qrModal.client.subId))" id="qrCode-sub" class="qr-cv"></canvas>
          </tr-qr-bg-inner>
        </tr-qr-bg>
      </tr-qr-box>
@@ -18,7 +18,7 @@
        <a-tag color="purple" class="qr-tag"><span>{{ i18n "pages.settings.subSettings"}} Json</span></a-tag>
        <tr-qr-bg class="qr-bg-sub">
          <tr-qr-bg-inner class="qr-bg-sub-inner">
-            <canvas @click="copyToClipboard('qrCode-subJson',genSubJsonLink(qrModal.client.subId))" id="qrCode-subJson" class="qr-cv"></canvas>
+            <canvas @click="copy(genSubJsonLink(qrModal.client.subId))" id="qrCode-subJson" class="qr-cv"></canvas>
          </tr-qr-bg-inner>
        </tr-qr-bg>
      </tr-qr-box>
@@ -27,7 +27,7 @@
      <tr-qr-box class="qr-box">
        <a-tag color="green" class="qr-tag"><span>[[ row.remark ]]</span></a-tag>
        <tr-qr-bg class="qr-bg">
-          <canvas @click="copyToClipboard('qrCode-'+index, row.link)" :id="'qrCode-'+index" class="qr-cv"></canvas>
+          <canvas @click="copy(row.link)" :id="'qrCode-'+index" class="qr-cv"></canvas>
        </tr-qr-bg>
      </tr-qr-box>
    </template>
@@ -41,7 +41,6 @@
    dbInbound: new DBInbound(),
    client: null,
    qrcodes: [],
-    clipboard: null,
    visible: false,
    subId: '',
    show: function(title = '', dbInbound, client) {
@@ -79,18 +78,16 @@
      qrModal: qrModal,
    },
    methods: {
-      copyToClipboard(elmentId, content) {
-        this.qrModal.clipboard = new ClipboardJS('#' + elmentId, {
-          text: () => content,
-        });
-        this.qrModal.clipboard.on('success', () => {
-          app.$message.success('{{ i18n "copied" }}')
-          this.qrModal.clipboard.destroy();
-        });
+      copy(content) {
+        ClipboardManager
+          .copyText(content)
+          .then(() => {
+            app.$message.success('{{ i18n "copied" }}')
+          })
      },
-      setQrCode(elmentId, content) {
+      setQrCode(elementId, content) {
        new QRious({
-          element: document.querySelector('#' + elmentId),
+          element: document.querySelector('#' + elementId),
          size: 400,
          value: content,
          background: 'white',
--- a/web/html/common/text_modal.html
+++ b/web/html/common/text_modal.html
@@ -7,7 +7,7 @@
            :href="'data:application/text;charset=utf-8,' + encodeURIComponent(txtModal.content)"
            :download="txtModal.fileName">[[ txtModal.fileName ]]
        </a-button>
-            <a-button type="primary" id="copy-btn">{{ i18n "copy" }}</a-button>
+        <a-button type="primary" @click="txtModal.copy(txtModal.content)">{{ i18n "copy" }}</a-button>
    </template>
    <a-input style="overflow-y: auto;" type="textarea" v-model="txtModal.content"
        :autosize="{ minRows: 10, maxRows: 20}"></a-input>
@@ -20,24 +20,20 @@
        content: '',
        fileName: '',
        qrcode: null,
-        clipboard: null,
        visible: false,
        show: function (title = '', content = '', fileName = '') {
            this.title = title;
            this.content = content;
            this.fileName = fileName;
            this.visible = true;
-            textModalApp.$nextTick(() => {
-                if (this.clipboard === null) {
-                    this.clipboard = new ClipboardJS('#copy-btn', {
-                        text: () => this.content,
-                    });
-                    this.clipboard.on('success', () => {
-                        app.$message.success('{{ i18n "copied" }}')
-                        this.close();
-                    });
-                }
-            });
+        },
+        copy: function (content = '') {
+            ClipboardManager
+                .copyText(content)
+                .then(() => {
+                    app.$message.success('{{ i18n "copied" }}')
+                    this.close();
+                })
        },
        close: function () {
            this.visible = false;
--- a/web/html/login.html
+++ b/web/html/login.html
@@ -416,22 +416,22 @@
              <a-col span="24">
                <a-form>
                  <a-form-item>
-                    <a-input autocomplete="username" v-model.trim="user.username" placeholder='{{ i18n "username" }}'
+                    <a-input autocomplete="username" name="username" v-model.trim="user.username" placeholder='{{ i18n "username" }}'
                             @keydown.enter.native="login" autofocus>
                      <a-icon slot="prefix" type="user" style="font-size: 16px;"></a-icon>
                    </a-input>
                  </a-form-item>
                  <a-form-item>
-                    <password-input autocomplete="current-password" icon="lock" v-model.trim="user.password"
+                    <a-password-input autocomplete="password" name="password" icon="lock" v-model.trim="user.password"
                                    placeholder='{{ i18n "password" }}'
                                    @keydown.enter.native="login">
-                    </password-input>
+                    </a-password-input>
                  </a-form-item>
                  <a-form-item v-if="secretEnable">
-                    <password-input autocomplete="secret" icon="key" v-model.trim="user.loginSecret"
+                    <a-password-input autocomplete="secret" name="secret" icon="key" v-model.trim="user.loginSecret"
                                    placeholder='{{ i18n "secretToken" }}'
                                    @keydown.enter.native="login">
-                    </password-input>
+                    </a-password-input>
                  </a-form-item>
                  <a-form-item>
                    <a-row justify="center" class="centered">
@@ -449,9 +449,9 @@
                    <a-row justify="center" class="centered">
                      <a-col :span="24">
                        <a-select ref="selectLang" v-model="lang"
-                                  @change="setLang(lang)" style="width: 150px;"
+                                  @change="LanguageManager.setLanguage(lang)" style="width: 200px;"
                                  :dropdown-class-name="themeSwitcher.currentTheme">
-                          <a-select-option :value="l.value" label="English" v-for="l in supportLangs">
+                          <a-select-option :value="l.value" label="English" v-for="l in LanguageManager.supportedLanguages">
                            <span role="img" aria-label="l.name" v-text="l.icon"></span>
                            &nbsp;&nbsp;<span v-text="l.name"></span>
                          </a-select-option>
@@ -461,7 +461,7 @@
                  </a-form-item>
                  <a-form-item>
                    <a-row justify="center" class="centered">
-                      <theme-switch-login></theme-switch-login>
+                      <a-theme-switch-login></a-theme-switch-login>
                    </a-row>
                  </a-form-item>
                </a-form>
@@ -493,7 +493,7 @@
      lang: ""
    },
    async created() {
-      this.lang = getLang();
+      this.lang = LanguageManager.getLanguage();
      this.secretEnable = await this.getSecretStatus();
    },
    methods: {
--- a/web/html/xui/client_bulk_modal.html
+++ b/web/html/xui/client_bulk_modal.html
@@ -14,19 +14,24 @@
            </a-select>
        </a-form-item>
        <a-form-item label='{{ i18n "pages.client.first" }}' v-if="clientsBulkModal.emailMethod>1">
-            <a-input-number v-model="clientsBulkModal.firstNum" :min="1"></a-input-number>
+            <a-input-number v-model.number="clientsBulkModal.firstNum" :min="1"></a-input-number>
        </a-form-item>
        <a-form-item label='{{ i18n "pages.client.last" }}' v-if="clientsBulkModal.emailMethod>1">
-            <a-input-number v-model="clientsBulkModal.lastNum" :min="clientsBulkModal.firstNum"></a-input-number>
+            <a-input-number v-model.number="clientsBulkModal.lastNum" :min="clientsBulkModal.firstNum"></a-input-number>
        </a-form-item>
        <a-form-item label='{{ i18n "pages.client.prefix" }}' v-if="clientsBulkModal.emailMethod>0">
-            <a-input v-model="clientsBulkModal.emailPrefix"></a-input>
+            <a-input v-model.trim="clientsBulkModal.emailPrefix"></a-input>
        </a-form-item>
        <a-form-item label='{{ i18n "pages.client.postfix" }}' v-if="clientsBulkModal.emailMethod>2">
-            <a-input v-model="clientsBulkModal.emailPostfix"></a-input>
+            <a-input v-model.trim="clientsBulkModal.emailPostfix"></a-input>
        </a-form-item>
        <a-form-item label='{{ i18n "pages.client.clientCount" }}' v-if="clientsBulkModal.emailMethod < 2">
-            <a-input-number v-model="clientsBulkModal.quantity" :min="1" :max="100"></a-input-number>
+            <a-input-number v-model.number="clientsBulkModal.quantity" :min="1" :max="100"></a-input-number>
+        </a-form-item>
+        <a-form-item label='{{ i18n "security" }}' v-if="inbound.protocol === Protocols.VMESS">
+            <a-select v-model="clientsBulkModal.security" :dropdown-class-name="themeSwitcher.currentTheme">
+                <a-select-option v-for="key in USERS_SECURITY" :value="key">[[ key ]]</a-select-option>
+            </a-select>
        </a-form-item>
        <a-form-item label='Flow' v-if="clientsBulkModal.inbound.canEnableTlsFlow()">
            <a-select v-model="clientsBulkModal.flow" :dropdown-class-name="themeSwitcher.currentTheme">
@@ -34,12 +39,6 @@
                <a-select-option v-for="key in TLS_FLOW_CONTROL" :value="key">[[ key ]]</a-select-option>
            </a-select>
        </a-form-item>
-        <a-form-item label='Flow' v-if="clientsBulkModal.inbound.xtls">
-            <a-select v-model="clientsBulkModal.flow" :dropdown-class-name="themeSwitcher.currentTheme">
-                <a-select-option value="" selected>{{ i18n "none" }}</a-select-option>
-                <a-select-option v-for="key in XTLS_FLOW_CONTROL" :value="key">[[ key ]]</a-select-option>
-            </a-select>
-        </a-form-item>
        <a-form-item v-if="app.subSettings.enable">
            <template slot="label">
                <a-tooltip>
@@ -62,7 +61,7 @@
                    <a-icon type="question-circle"></a-icon>
                </a-tooltip>
            </template>
-            <a-input-number style="width: 50%" v-model="clientsBulkModal.tgId" min="0"></a-input-number>
+            <a-input-number style="width: 50%" v-model.number="clientsBulkModal.tgId" min="0"></a-input-number>
        </a-form-item>
        <a-form-item v-if="app.ipLimitEnable">
            <template slot="label">
@@ -74,7 +73,7 @@
                    <a-icon type="question-circle"></a-icon>
                </a-tooltip>
            </template>
-            <a-input-number v-model="clientsBulkModal.limitIp" min="0"></a-input-number>
+            <a-input-number v-model.number="clientsBulkModal.limitIp" min="0"></a-input-number>
        </a-form-item>
        <a-form-item>
            <template slot="label">
@@ -86,7 +85,7 @@
                    <a-icon type="question-circle"></a-icon>
                </a-tooltip>
            </template>
-            <a-input-number v-model="clientsBulkModal.totalGB" :min="0"></a-input-number>
+            <a-input-number v-model.number="clientsBulkModal.totalGB" :min="0"></a-input-number>
        </a-form-item>
        <a-form-item label='{{ i18n "pages.client.delayedStart" }}'>
            <a-switch v-model="clientsBulkModal.delayedStart" @click="clientsBulkModal.expiryTime=0"></a-switch>
@@ -107,16 +106,17 @@
            <a-date-picker v-if="datepicker == 'gregorian'" :show-time="{ format: 'HH:mm:ss' }"
                format="YYYY-MM-DD HH:mm:ss" :dropdown-class-name="themeSwitcher.currentTheme"
                v-model="clientsBulkModal.expiryTime"></a-date-picker>
-            <persian-datepicker v-else placeholder='{{ i18n "pages.settings.datepickerPlaceholder" }}'
-                value="clientsBulkModal.expiryTime" v-model="clientsBulkModal.expiryTime"></persian-datepicker>
+            <a-persian-datepicker v-else placeholder='{{ i18n "pages.settings.datepickerPlaceholder" }}'
+                value="clientsBulkModal.expiryTime" v-model="clientsBulkModal.expiryTime">
+            </a-persian-datepicker>
        </a-form-item>
        <a-form-item v-if="clientsBulkModal.expiryTime != 0">
            <template slot="label">
-                <span>{{ i18n "pages.client.renew" }}</span>
                <a-tooltip>
                    <template slot="title">
                        <span>{{ i18n "pages.client.renewDesc" }}</span>
                    </template>
+                    {{ i18n "pages.client.renew" }}
                    <a-icon type="question-circle"></a-icon>
                </a-tooltip>
            </template>
@@ -145,6 +145,7 @@
        emailPostfix: "",
        subId: "",
        tgId: '',
+        security: "auto",
        flow: "",
        delayedStart: false,
        reset: 0,
@@ -167,15 +168,13 @@
                newClient.email += useNum ? prefix + i.toString() + postfix : prefix + postfix;
                if (clientsBulkModal.subId.length > 0) newClient.subId = clientsBulkModal.subId;
                newClient.tgId = clientsBulkModal.tgId;
+                newClient.security = clientsBulkModal.security;
                newClient.limitIp = clientsBulkModal.limitIp;
                newClient._totalGB = clientsBulkModal.totalGB;
                newClient._expiryTime = clientsBulkModal.expiryTime;
                if (clientsBulkModal.inbound.canEnableTlsFlow()) {
                    newClient.flow = clientsBulkModal.flow;
                }
-                if (clientsBulkModal.inbound.xtls) {
-                    newClient.flow = clientsBulkModal.flow;
-                }
                newClient.reset = clientsBulkModal.reset;
                clients.push(newClient);
            }
@@ -202,6 +201,7 @@
            this.emailPostfix = "";
            this.subId = "";
            this.tgId = '';
+            this.security = "auto";
            this.flow = "";
            this.dbInbound = new DBInbound(dbInbound);
            this.inbound = dbInbound.toInbound();
@@ -210,7 +210,7 @@
        },
        newClient(protocol) {
            switch (protocol) {
-                case Protocols.VMESS: return new Inbound.VmessSettings.Vmess();
+                case Protocols.VMESS: return new Inbound.VmessSettings.VMESS();
                case Protocols.VLESS: return new Inbound.VLESSSettings.VLESS();
                case Protocols.TROJAN: return new Inbound.TrojanSettings.Trojan();
                case Protocols.SHADOWSOCKS: return new Inbound.ShadowsocksSettings.Shadowsocks(clientsBulkModal.inbound.settings.shadowsockses[0].method);
--- a/web/html/xui/client_modal.html
+++ b/web/html/xui/client_modal.html
@@ -61,7 +61,7 @@
        },
        addClient(protocol, clients) {
            switch (protocol) {
-                case Protocols.VMESS: return clients.push(new Inbound.VmessSettings.Vmess());
+                case Protocols.VMESS: return clients.push(new Inbound.VmessSettings.VMESS());
                case Protocols.VLESS: return clients.push(new Inbound.VLESSSettings.VLESS());
                case Protocols.TROJAN: return clients.push(new Inbound.TrojanSettings.Trojan());
                case Protocols.SHADOWSOCKS: return clients.push(new Inbound.ShadowsocksSettings.Shadowsocks(clients[0].method));
--- a/web/html/xui/common_sider.html
+++ b/web/html/xui/common_sider.html
@@ -34,7 +34,7 @@

 {{define "commonSider"}}
 <a-layout-sider :theme="themeSwitcher.currentTheme" id="sider" collapsible breakpoint="md">
-  <theme-switch></theme-switch>
+  <a-theme-switch></a-theme-switch>
  <a-menu :theme="themeSwitcher.currentTheme" mode="inline" :selected-keys="['{{ .request_uri }}']" @click="({key}) => key.startsWith('http') ? window.open(key) : location.href = key">
    {{template "menuItems" .}}
  </a-menu>
@@ -43,7 +43,7 @@
  <div class="drawer-handle" @click="siderDrawer.change()" slot="handle">
    <a-icon :type="siderDrawer.visible ? 'close' : 'menu-fold'"></a-icon>
  </div>
-  <theme-switch></theme-switch>
+  <a-theme-switch></a-theme-switch>
  <a-menu :theme="themeSwitcher.currentTheme" mode="inline" :selected-keys="['{{ .request_uri }}']" @click="({key}) => key.startsWith('http') ? window.open(key) : location.href = key">
    {{template "menuItems" .}}
  </a-menu>
--- a/web/html/xui/component/password.html
+++ b/web/html/xui/component/password.html
@@ -1,24 +1,46 @@
 {{define "component/passwordInput"}}
 <template>
-    <a-input :value="value" :type="showPassword ? 'text' : 'password'"
-            :placeholder="placeholder"
-            @input="$emit('input', $event.target.value)">
-        <template v-if="icon" #prefix>
-            <a-icon :type="icon" style="font-size: 16px;" />
-        </template>
-        <template #addonAfter>
-            <a-icon :type="showPassword ? 'eye-invisible' : 'eye'"
-                    @click="toggleShowPassword"
-                    style="font-size: 16px;" />
-        </template>
-    </a-input>
+  <a-input :value="value" :type="showPassword ? 'text' : 'password'" :placeholder="placeholder"
+    :autocomplete="autocomplete" :name="name" @input="$emit('input', $event.target.value)">
+    <template v-if="icon" #prefix>
+      <a-icon :type="icon" style="font-size: 16px;" />
+    </template>
+    <template #addonAfter>
+      <a-icon :type="showPassword ? 'eye-invisible' : 'eye'" @click="toggleShowPassword" style="font-size: 16px;" />
+    </template>
+  </a-input>
 </template>
 {{end}}

 {{define "component/password"}}
 <script>
-  Vue.component('password-input', {
-    props: ["title", "value", "placeholder", "icon"],
+  Vue.component('a-password-input', {
+    props: {
+      'title': {
+        type: String,
+        required: false,
+      },
+      'value': {
+        type: String,
+        required: false,
+      },
+      'placeholder': {
+        type: String,
+        required: false,
+      },
+      'autocomplete': {
+        type: String,
+        required: false,
+      },
+      'name': {
+        type: String,
+        required: false,
+      },
+      'icon': {
+        type: undefined,
+        required: false
+      }
+    },
    template: `{{template "component/passwordInput"}}`,
    data() {
      return {
--- a/web/html/xui/component/persianDatepicker.html
+++ b/web/html/xui/component/persianDatepicker.html
@@ -2,10 +2,10 @@
 <template>
    <div>
        <a-input :value="value" type="text" v-model="date" data-jdp class="persian-datepicker"
-                 @input="$emit('input', convertToGregorian($event.target.value)); jalaliDatepicker.hide();"
-                 :placeholder="placeholder">
+            @input="$emit('input', convertToGregorian($event.target.value)); jalaliDatepicker.hide();"
+            :placeholder="placeholder">
            <template #addonAfter>
-                <a-icon type="calendar" style="font-size: 14px; opacity: 0.5;"/>
+                <a-icon type="calendar" style="font-size: 14px; opacity: 0.5;" />
            </template>
        </a-input>
    </div>
@@ -13,15 +13,27 @@
 {{end}}

 {{define "component/persianDatepicker"}}
-<link rel="stylesheet" href="{{ .base_path }}assets/persian-datepicker/persian-datepicker.min.css?{{ .cur_ver }}"/>
+<link rel="stylesheet" href="{{ .base_path }}assets/persian-datepicker/persian-datepicker.min.css?{{ .cur_ver }}" />
 <script src="{{ .base_path }}assets/moment/moment-jalali.min.js?{{ .cur_ver }}"></script>
 <script src="{{ .base_path }}assets/persian-datepicker/persian-datepicker.min.js?{{ .cur_ver }}"></script>
 <script>
-
    const persianDatepicker = {};

-    Vue.component('persian-datepicker', {
-        props: ['placeholder', 'format', 'value'],
+    Vue.component('a-persian-datepicker', {
+        props: {
+            'format': {
+                type: undefined,
+                required: false,
+            },
+            'value': {
+                type: String,
+                required: false,
+            },
+            'placeholder': {
+                type: String,
+                required: false,
+            },
+        },
        template: `{{template "component/persianDatepickerTemplate"}}`,
        data() {
            return {
@@ -57,4 +69,4 @@
        }
    });
 </script>
-{{end}}
+{{end}}
--- a/web/html/xui/component/setting.html
+++ b/web/html/xui/component/setting.html
@@ -1,26 +1,18 @@
 {{define "component/settingListItem"}}
-<a-list-item style="padding: 20px">
-    <a-row v-if="type === 'textarea'">
-        <a-col>
-            <a-list-item-meta :title="title" :description="desc"/>
-            <a-textarea class="ant-setting-textarea" :value="value" @input="$emit('input', $event.target.value)" :auto-size="{ minRows: 10 }"></a-textarea>
-            <!--a-textarea :value="value" @input="$emit('input', $event.target.value)" :auto-size="{ minRows: 10, maxRows: 30 }"></a-textarea-->
-        </a-col>
-    </a-row>
-    <a-row v-else>
+<a-list-item :style="{ padding: padding }">
+    <a-row>
        <a-col :lg="24" :xl="12">
-            <a-list-item-meta :title="title" :description="desc"/>
+            <a-list-item-meta>
+                <template #title>
+                    <slot name="title"></slot>
+                </template>
+                <template #description>
+                    <slot name="description"></slot>
+                </template>
+            </a-list-item-meta>
        </a-col>
        <a-col :lg="24" :xl="12">
-            <template v-if="type === 'text'">
-                <a-input :value="value" @input="$emit('input', $event.target.value)" :placeholder="placeholder"></a-input>
-            </template>
-            <template v-else-if="type === 'number'">
-                <a-input-number :value="value" :step="step" @change="value => $emit('input', value)" :min="min" :max="max" style="width: 100%;"></a-input-number>
-            </template>
-            <template v-else-if="type === 'switch'">
-                <a-switch :checked="value" @change="value => $emit('input', value)"></a-switch>
-            </template>
+            <slot name="control"></slot>
        </a-col>
    </a-row>
 </a-list-item>
@@ -28,9 +20,38 @@

 {{define "component/setting"}}
 <script>
-    Vue.component('setting-list-item', {
-        props: ["type", "title", "desc", "value", "min", "max" , "step", "placeholder"],
-        template: `{{template "component/settingListItem"}}`,
-    });
+    Vue.component('a-setting-list-item', {
+        props: {
+            'title': {
+                type: String,
+                required: true,
+            },
+            'description': {
+                type: String,
+                required: false,
+            },
+            'paddings': {
+                type: String,
+                required: false,
+                defaultValue: "default",
+                validator: function (value) {
+                    return ['small', 'default'].includes(value)
+                }
+            }
+        },
+        template: `{{ template "component/settingListItem" }}`,
+        computed: {
+            padding() {
+                switch (this.paddings) {
+                    case "small":
+                        return "10px 20px !important"
+                        break;
+                    case "default":
+                        return "20px !important"
+                        break;
+                }
+            }
+        }
+    })
 </script>
 {{end}}
--- a/web/html/xui/component/sortableTable.html
+++ b/web/html/xui/component/sortableTable.html
@@ -1,9 +1,5 @@
 {{define "component/sortableTableTrigger"}}
-<a-icon type="drag"
-  class="sortable-icon"
-  style="cursor: move;"
-  @mouseup="mouseUpHandler"
-  @mousedown="mouseDownHandler"
+<a-icon type="drag" class="sortable-icon" style="cursor: move;" @mouseup="mouseUpHandler" @mousedown="mouseDownHandler"
  @click="clickHandler" />
 {{end}}

@@ -28,7 +24,16 @@
        newElementIndex: null,
      };
    },
-    props: ['data-source', 'customRow'],
+    props: {
+      'data-source': {
+        type: undefined,
+        required: false,
+      },
+      'customRow': {
+        type: undefined,
+        required: false,
+      }
+    },
    inheritAttrs: false,
    provide() {
      const sortable = {}
@@ -44,7 +49,7 @@
        sortable,
      }
    },
-    render: function(createElement) {
+    render: function (createElement) {
      return createElement('a-table', {
        class: {
          'ant-table-is-sorting': this.isDragging(),
@@ -59,7 +64,7 @@
          drop: (e) => this.dropHandler(e),
        },
        scopedSlots: this.$scopedSlots,
-      }, this.$slots.default, )
+      }, this.$slots.default,)
    },
    created() {
      this.$memoSort = {};
@@ -163,9 +168,14 @@
      }
    }
  });
-  Vue.component('table-sort-trigger', {
+  Vue.component('a-table-sort-trigger', {
    template: `{{template "component/sortableTableTrigger"}}`,
-    props: ['item-index'],
+    props: {
+      'item-index': {
+        type: undefined,
+        required: false
+      }
+    },
    inject: ['sortable'],
    methods: {
      mouseDownHandler(e) {
@@ -190,27 +200,33 @@
      display: none;
    }
  }
+
  .ant-table-is-sorting .draggable-row td {
    background-color: #ffffff !important;
  }
+
  .dark .ant-table-is-sorting .draggable-row td {
    background-color: var(--dark-color-surface-100) !important;
  }
+
  .ant-table-is-sorting .dragging td {
    background-color: rgb(232 244 242) !important;
    color: rgba(0, 0, 0, 0.3);
  }
+
  .dark .ant-table-is-sorting .dragging td {
    background-color: var(--dark-color-table-hover) !important;
    color: rgba(255, 255, 255, 0.3);
  }
+
  .ant-table-is-sorting .dragging {
    opacity: 1;
    box-shadow: 1px -2px 2px #008771;
    transition: all 0.2s;
  }
+
  .ant-table-is-sorting .dragging .ant-table-row-index {
    opacity: 0.3;
  }
 </style>
-{{end}}
+{{end}}
--- a/web/html/xui/component/themeSwitch.html
+++ b/web/html/xui/component/themeSwitch.html
@@ -6,9 +6,13 @@
        <a-icon type="bulb" :theme="themeSwitcher.isDarkTheme ? 'filled' : 'outlined'"></a-icon>
        <span>Theme</span>
      </span>
-      <a-menu-item id="change-theme" class="ant-menu-theme-switch" @mousedown="themeSwitcher.animationsOff()"> Dark <a-switch style="margin-left: 2px;" size="small" :default-checked="themeSwitcher.isDarkTheme" @change="themeSwitcher.toggleTheme()"></a-switch>
+      <a-menu-item id="change-theme" class="ant-menu-theme-switch" @mousedown="themeSwitcher.animationsOff()"> Dark
+        <a-switch style="margin-left: 2px;" size="small" :default-checked="themeSwitcher.isDarkTheme"
+          @change="themeSwitcher.toggleTheme()"></a-switch>
      </a-menu-item>
-      <a-menu-item id="change-theme-ultra" v-if="themeSwitcher.isDarkTheme" class="ant-menu-theme-switch" @mousedown="themeSwitcher.animationsOffUltra()"> Ultra <a-checkbox style="margin-left: 2px;" :checked="themeSwitcher.isUltra" @click="themeSwitcher.toggleUltra()"></a-checkbox>
+      <a-menu-item id="change-theme-ultra" v-if="themeSwitcher.isDarkTheme" class="ant-menu-theme-switch"
+        @mousedown="themeSwitcher.animationsOffUltra()"> Ultra <a-checkbox style="margin-left: 2px;"
+          :checked="themeSwitcher.isUltra" @click="themeSwitcher.toggleUltra()"></a-checkbox>
      </a-menu-item>
    </a-sub-menu>
  </a-menu>
@@ -17,12 +21,15 @@

 {{define "component/themeSwitchTemplateLogin"}}
 <template>
-  <a-menu @mousedown="themeSwitcher.animationsOff()" id="change-theme" :theme="themeSwitcher.currentTheme" mode="inline" selected-keys="">
+  <a-menu @mousedown="themeSwitcher.animationsOff()" id="change-theme" :theme="themeSwitcher.currentTheme" mode="inline"
+    selected-keys="">
    <a-menu-item mode="inline" class="ant-menu-theme-switch">
      <a-icon type="bulb" :theme="themeSwitcher.isDarkTheme ? 'filled' : 'outlined'"></a-icon>
-      <a-switch size="small" :default-checked="themeSwitcher.isDarkTheme" @change="themeSwitcher.toggleTheme()"></a-switch>
+      <a-switch size="small" :default-checked="themeSwitcher.isDarkTheme"
+        @change="themeSwitcher.toggleTheme()"></a-switch>
      <template v-if="themeSwitcher.isDarkTheme">
-        <a-checkbox style="margin-left: 1rem; vertical-align: middle;" :checked="themeSwitcher.isUltra" @click="themeSwitcher.toggleUltra()">Ultra</a-checkbox>
+        <a-checkbox style="margin-left: 1rem; vertical-align: middle;" :checked="themeSwitcher.isUltra"
+          @click="themeSwitcher.toggleUltra()">Ultra</a-checkbox>
      </template>
    </a-menu-item>
  </a-menu>
@@ -83,8 +90,7 @@
    };
  }
  const themeSwitcher = createThemeSwitcher();
-  Vue.component('theme-switch', {
-    props: [],
+  Vue.component('a-theme-switch', {
    template: `{{template "component/themeSwitchTemplate"}}`,
    data: () => ({
      themeSwitcher
@@ -96,8 +102,7 @@
      document.getElementById('message').className = themeSwitcher.currentTheme;
    }
  });
-  Vue.component('theme-switch-login', {
-    props: [],
+  Vue.component('a-theme-switch-login', {
    template: `{{template "component/themeSwitchTemplateLogin"}}`,
    data: () => ({
      themeSwitcher
@@ -110,4 +115,4 @@
    }
  });
 </script>
-{{end}}
+{{end}}
--- a/web/html/xui/dns_modal.html
+++ b/web/html/xui/dns_modal.html
@@ -1,5 +1,7 @@
 {{define "dnsModal"}}
-<a-modal id="dns-modal" v-model="dnsModal.visible" :title="dnsModal.title" @ok="dnsModal.ok" :closable="true" :mask-closable="false" :ok-text="dnsModal.okText" cancel-text='{{ i18n "close" }}' :class="themeSwitcher.currentTheme">
+<a-modal id="dns-modal" v-model="dnsModal.visible" :title="dnsModal.title" @ok="dnsModal.ok" :closable="true"
+  :mask-closable="false" :ok-text="dnsModal.okText" cancel-text='{{ i18n "close" }}'
+  :class="themeSwitcher.currentTheme">
  <a-form :colon="false" :label-col="{ md: {span:8} }" :wrapper-col="{ md: {span:14} }">
    <a-form-item label='{{ i18n "pages.xray.outbound.address" }}'>
      <a-input v-model.trim="dnsModal.dnsServer.address"></a-input>
@@ -8,18 +10,29 @@
      <a-button icon="plus" size="small" type="primary" @click="dnsModal.dnsServer.domains.push('')"></a-button>
      <template v-for="(domain, index) in dnsModal.dnsServer.domains">
        <a-input v-model.trim="dnsModal.dnsServer.domains[index]">
-          <a-button icon="minus" size="small" slot="addonAfter" @click="dnsModal.dnsServer.domains.splice(index,1)"></a-button>
+          <a-button icon="minus" size="small" slot="addonAfter"
+            @click="dnsModal.dnsServer.domains.splice(index,1)"></a-button>
        </a-input>
      </template>
    </a-form-item>
    <a-form-item label='{{ i18n "pages.xray.dns.strategy" }}' v-if="isAdvanced">
-      <a-select v-model="dnsModal.dnsServer.queryStrategy" style="width: 100%" :dropdown-class-name="themeSwitcher.currentTheme">
+      <a-select v-model="dnsModal.dnsServer.queryStrategy" style="width: 100%"
+        :dropdown-class-name="themeSwitcher.currentTheme">
        <a-select-option :value="l" :label="l" v-for="l in ['UseIP', 'UseIPv4', 'UseIPv6']"> [[ l ]] </a-select-option>
      </a-select>
    </a-form-item>
    <a-form-item label='Skip Fallback' v-if="isAdvanced">
      <a-switch v-model="dnsModal.dnsServer.skipFallback"></a-switch>
    </a-form-item>
+    <a-form-item label='{{ i18n "pages.xray.dns.expectIPs"}}'>
+      <a-button icon="plus" size="small" type="primary" @click="dnsModal.dnsServer.expectIPs.push('')"></a-button>
+      <template v-for="(domain, index) in dnsModal.dnsServer.expectIPs">
+        <a-input v-model.trim="dnsModal.dnsServer.expectIPs[index]">
+          <a-button icon="minus" size="small" slot="addonAfter"
+            @click="dnsModal.dnsServer.expectIPs.splice(index,1)"></a-button>
+        </a-input>
+      </template>
+    </a-form-item>
  </a-form>
 </a-modal>
 <script>
@@ -32,20 +45,24 @@
    dnsServer: {
      address: "localhost",
      domains: [],
+      expectIPs: [],
      queryStrategy: 'UseIP',
      skipFallback: true,
    },
    ok() {
      domains = dnsModal.dnsServer.domains.filter(d => d.length > 0);
+      expectIPs = dnsModal.dnsServer.expectIPs.filter(ip => ip.length > 0);
      dnsModal.dnsServer.domains = domains;
-      newDnsServer = domains.length > 0 ? dnsModal.dnsServer : dnsModal.dnsServer.address;
+      dnsModal.dnsServer.expectIPs = expectIPs;
+      newDnsServer = (domains.length > 0 || expectIPs.length > 0) ? dnsModal.dnsServer : dnsModal.dnsServer.address;
      ObjectUtil.execute(dnsModal.confirm, newDnsServer);
    },
+
    show({
      title = '',
      okText = '{{ i18n "confirm" }}',
      dnsServer,
-      confirm = (dnsServer) => {},
+      confirm = (dnsServer) => { },
      isEdit = false
    }) {
      this.title = title;
@@ -59,6 +76,7 @@
          this.dnsServer = {
            address: dnsServer ?? "",
            domains: [],
+            expectIPs: [],
            queryStrategy: 'UseIP',
            skipFallback: true,
          }
@@ -67,6 +85,7 @@
        this.dnsServer = {
          address: "localhost",
          domains: [],
+          expectIPs: [],
          queryStrategy: 'UseIP',
          skipFallback: true,
        }
@@ -85,8 +104,8 @@
    },
    computed: {
      isAdvanced: {
-        get: function() {
-          return dnsModal.dnsServer.domains.length > 0
+        get: function () {
+          return dnsModal.dnsServer.domains.length > 0;
        }
      }
    }
--- a/web/html/xui/fakedns_modal.html
+++ b/web/html/xui/fakedns_modal.html
@@ -7,7 +7,7 @@
            <a-input v-model.trim="fakednsModal.fakeDns.ipPool"></a-input>
        </a-form-item>
        <a-form-item label='{{ i18n "pages.xray.fakedns.poolSize" }}'>
-          <a-input-number style="width: 100%;" type="number" min="1" v-model.trim="fakednsModal.fakeDns.poolSize"></a-input-number>
+          <a-input-number v-model.number="fakednsModal.fakeDns.poolSize" :min="1"></a-input-number>
        </a-form-item>
    </a-form>
 </a-modal>
--- a/web/html/xui/form/allocate.html
+++ b/web/html/xui/form/allocate.html
@@ -0,0 +1,15 @@
+{{define "form/allocate"}}
+<a-form :colon="false" :label-col="{ md: {span:8} }" :wrapper-col="{ md: {span:14} }">
+    <a-form-item label='Strategy'>
+      <a-select v-model="inbound.allocate.strategy" :dropdown-class-name="themeSwitcher.currentTheme">
+        <a-select-option v-for="s in ['always','random']" :value="s">[[ s ]]</a-select-option>
+      </a-select>
+    </a-form-item>
+    <a-form-item label='Refresh'>
+      <a-input-number v-model.number="inbound.allocate.refresh" min="0"></a-input-number>
+    </a-form-item>
+    <a-form-item label='Concurrency'>
+      <a-input-number v-model.number="inbound.allocate.concurrency" min="0"></a-input-number>
+    </a-form-item>
+</a-form>
+{{end}}
--- a/web/html/xui/form/client.html
+++ b/web/html/xui/form/client.html
@@ -39,6 +39,11 @@
        </template>
        <a-input v-model.trim="client.id"></a-input>
    </a-form-item>
+    <a-form-item v-if="inbound.protocol === Protocols.VMESS" label='{{ i18n "security" }}'>
+        <a-select v-model="client.security" :dropdown-class-name="themeSwitcher.currentTheme">
+            <a-select-option v-for="key in USERS_SECURITY" :value="key">[[ key ]]</a-select-option>
+        </a-select>
+    </a-form-item>
    <a-form-item v-if="client.email && app.subSettings.enable">
        <template slot="label">
            <a-tooltip>
@@ -57,11 +62,14 @@
                <template slot="title">
                    <span>{{ i18n "pages.inbounds.telegramDesc" }}</span>
                </template>
-                Telegram ID
+                Telegram ChatID
                <a-icon type="question-circle"></a-icon>
            </a-tooltip>
        </template>
-        <a-input-number style="width: 50%" v-model="client.tgId" min="0"></a-input-number>
+        <a-input-number style="width: 50%" v-model.number="client.tgId" min="0"></a-input-number>
+    </a-form-item>
+    <a-form-item v-if="client.email" label='{{ i18n "comment" }}'>
+        <a-input v-model.trim="client.comment"></a-input>
    </a-form-item>
    <a-form-item v-if="app.ipLimitEnable">
        <template slot="label">
@@ -73,9 +81,9 @@
                <a-icon type="question-circle"></a-icon>
            </a-tooltip>
        </template>
-        <a-input-number v-model="client.limitIp" min="0"></a-input-number>
+        <a-input-number v-model.number="client.limitIp" min="0"></a-input-number>
    </a-form-item>
-    <a-form-item v-if="client.limitIp > 0 && client.email && isEdit">
+    <a-form-item v-if="app.ipLimitEnable && client.limitIp > 0 && client.email && isEdit">
        <template slot="label">
            <a-tooltip>
                <template slot="title">
@@ -99,12 +107,6 @@
            </a-textarea>
        </a-form>
    </a-form-item>
-    <a-form-item v-if="inbound.xtls" label='Flow'>
-        <a-select v-model="client.flow" :dropdown-class-name="themeSwitcher.currentTheme">
-            <a-select-option value="" selected>{{ i18n "none" }}</a-select-option>
-            <a-select-option v-for="key in XTLS_FLOW_CONTROL" :value="key">[[ key ]]</a-select-option>
-        </a-select>
-    </a-form-item>
    <a-form-item v-if="inbound.canEnableTlsFlow()" label='Flow'>
        <a-select v-model="client.flow" :dropdown-class-name="themeSwitcher.currentTheme">
            <a-select-option value="" selected>{{ i18n "none" }}</a-select-option>
@@ -121,13 +123,13 @@
                <a-icon type="question-circle"></a-icon>
            </a-tooltip>
        </template>
-        <a-input-number v-model="client._totalGB" :min="0"></a-input-number>
+        <a-input-number v-model.number="client._totalGB" :min="0"></a-input-number>
    </a-form-item>
    <a-form-item v-if="isEdit && clientStats" label='{{ i18n "usage" }}'>
-        <a-tag :color="clientUsageColor(clientStats, app.trafficDiff)">
-            [[ sizeFormat(clientStats.up) ]] /
-            [[ sizeFormat(clientStats.down) ]]
-            ([[ sizeFormat(clientStats.up + clientStats.down) ]])
+        <a-tag :color="ColorUtils.clientUsageColor(clientStats, app.trafficDiff)">
+            [[ SizeFormatter.sizeFormat(clientStats.up) ]] /
+            [[ SizeFormatter.sizeFormat(clientStats.down) ]]
+            ([[ SizeFormatter.sizeFormat(clientStats.up + clientStats.down) ]])
        </a-tag>
        <a-tooltip>
            <template slot="title">{{ i18n "pages.inbounds.resetTraffic" }}</template>
@@ -152,8 +154,8 @@
        </template>
        <a-date-picker v-if="datepicker == 'gregorian'" :show-time="{ format: 'HH:mm:ss' }" format="YYYY-MM-DD HH:mm:ss"
            :dropdown-class-name="themeSwitcher.currentTheme" v-model="client._expiryTime"></a-date-picker>
-        <persian-datepicker v-else placeholder='{{ i18n "pages.settings.datepickerPlaceholder" }}'
-                            value="client._expiryTime" v-model="client._expiryTime"></persian-datepicker>
+        <a-persian-datepicker v-else placeholder='{{ i18n "pages.settings.datepickerPlaceholder" }}'
+                            value="client._expiryTime" v-model="client._expiryTime"></a-persian-datepicker>
        <a-tag color="red" v-if="isEdit && isExpiry">Expired</a-tag>
    </a-form-item>
    <a-form-item v-if="client.expiryTime != 0">
--- a/web/html/xui/form/inbound.html
+++ b/web/html/xui/form/inbound.html
@@ -41,7 +41,7 @@
                <a-icon type="question-circle"></a-icon>
            </a-tooltip>
        </template>
-        <a-input-number v-model="dbInbound.totalGB" :min="0"></a-input-number>
+        <a-input-number v-model.number="dbInbound.totalGB" :min="0"></a-input-number>
    </a-form-item>

    <a-form-item>
@@ -54,12 +54,13 @@
                <a-icon type="question-circle"></a-icon>
            </a-tooltip>
        </template>
-            <a-date-picker style="width: 100%;" v-if="datepicker == 'gregorian'" :show-time="{ format: 'HH:mm:ss' }" format="YYYY-MM-DD HH:mm:ss"
-                :dropdown-class-name="themeSwitcher.currentTheme"
-                v-model="dbInbound._expiryTime"></a-date-picker>
-            <persian-datepicker v-else placeholder='{{ i18n "pages.settings.datepickerPlaceholder" }}'
-                            value="dbInbound._expiryTime" v-model="dbInbound._expiryTime"></persian-datepicker>
-        </a-form-item>
+        <a-date-picker style="width: 100%;" v-if="datepicker == 'gregorian'" :show-time="{ format: 'HH:mm:ss' }"
+            format="YYYY-MM-DD HH:mm:ss" :dropdown-class-name="themeSwitcher.currentTheme"
+            v-model="dbInbound._expiryTime"></a-date-picker>
+        <a-persian-datepicker v-else placeholder='{{ i18n "pages.settings.datepickerPlaceholder" }}'
+            value="dbInbound._expiryTime" v-model="dbInbound._expiryTime">
+        </a-persian-datepicker>
+    </a-form-item>
 </a-form>

 <!-- vmess settings -->
@@ -114,7 +115,19 @@
 </template>

 <!-- sniffing -->
-<template>
-    {{template "form/sniffing"}}
-</template>
+<a-collapse>
+    <a-collapse-panel header='Sniffing'>
+        {{template "form/sniffing"}}
+    </a-collapse-panel>
+</a-collapse>
+
+<!-- allocate -->
+<!-- Temporarily disabled until we accepts range for port allocation
+<a-collapse>
+    <a-collapse-panel header='Allocate'>
+        {{template "form/allocate"}}
+    </a-collapse-panel>
+</a-collapse>
+-->
+
 {{end}}
--- a/web/html/xui/form/outbound.html
+++ b/web/html/xui/form/outbound.html
@@ -22,8 +22,13 @@
            <a-select-option v-for="s in OutboundDomainStrategies" :value="s">[[ s ]]</a-select-option>
          </a-select>
        </a-form-item>
+        <a-form-item label='Redirect'>
+          <a-input v-model="outbound.settings.redirect"></a-input>
+        </a-form-item>
        <a-form-item label='Fragment'>
-          <a-switch :checked="Object.keys(outbound.settings.fragment).length >0" @change="checked => outbound.settings.fragment = checked ? new Outbound.FreedomSettings.Fragment() : {}"></a-switch>
+          <a-switch :checked="Object.keys(outbound.settings.fragment).length >0"
+            @change="checked => outbound.settings.fragment = checked ? new Outbound.FreedomSettings.Fragment() : {}">
+          </a-switch>
        </a-form-item>
        <template v-if="Object.keys(outbound.settings.fragment).length >0">
          <a-form-item label='Packets'>
@@ -38,6 +43,40 @@
            <a-input v-model.trim="outbound.settings.fragment.interval"></a-input>
          </a-form-item>
        </template>
+
+        <!-- Switch for Noises -->
+        <a-form-item label='Noises'>
+          <a-switch :checked="outbound.settings.noises.length > 0"
+            @change="checked => outbound.settings.noises = checked ? [new Outbound.FreedomSettings.Noise()] : []">
+          </a-switch>
+        </a-form-item>
+
+        <!-- Add Noise Button -->
+        <template v-if="outbound.settings.noises.length > 0">
+          <a-form-item label="Noises">
+            <a-button icon="plus" type="primary" size="small" @click="outbound.settings.addNoise()"></a-button>
+          </a-form-item>
+        
+        <!-- Noise Configurations -->
+          <a-form v-for="(noise, index) in outbound.settings.noises" :key="index" :colon="false" :label-col="{ md: {span:8} }"
+            :wrapper-col="{ md: {span:14} }">
+            <a-divider style="margin:0;"> Noise [[ index + 1 ]]
+              <a-icon v-if="outbound.settings.noises.length > 1" type="delete" @click="() => outbound.settings.delNoise(index)"
+                style="color: rgb(255, 77, 79); cursor: pointer;"></a-icon>
+            </a-divider>
+            <a-form-item label='Type'>
+              <a-select v-model="noise.type" :dropdown-class-name="themeSwitcher.currentTheme">
+                <a-select-option v-for="s in ['rand','base64','str', 'hex']" :value="s">[[ s ]]</a-select-option>
+              </a-select>
+            </a-form-item>
+            <a-form-item label='Packet'>
+              <a-input v-model.trim="noise.packet"></a-input>
+            </a-form-item>
+            <a-form-item label='Delay'>
+              <a-input v-model.trim="noise.delay"></a-input>
+            </a-form-item>
+          </a-form>
+        </template>
      </template>

      <!-- blackhole settings -->
@@ -56,6 +95,14 @@
            <a-select-option v-for="s in ['udp','tcp']" :value="s">[[ s ]]</a-select-option>
          </a-select>
        </a-form-item>
+        <a-form-item label='non-IP queries'>
+          <a-select v-model="outbound.settings.nonIPQuery" :dropdown-class-name="themeSwitcher.currentTheme">
+            <a-select-option v-for="s in ['drop','skip']" :value="s">[[ s ]]</a-select-option>
+          </a-select>
+        </a-form-item>
+        <a-form-item v-if="outbound.settings.nonIPQuery === 'skip'" label='Block Types' >
+          <a-input v-model.number="outbound.settings.blockTypes"></a-input>
+        </a-form-item>
      </template>

      <!-- wireguard settings -->
@@ -74,32 +121,34 @@
        </a-form-item>
        <a-form-item>
          <template slot="label">
-            <a-tooltip>
-              <template slot="title">
-                <span>{{ i18n "reset" }}</span>
-              </template>
-              {{ i18n "pages.xray.wireguard.secretKey" }}
-              <a-icon type="sync" @click="[outbound.settings.pubKey, outbound.settings.secretKey] = Object.values(Wireguard.generateKeypair())"></a-icon>
-            </a-tooltip>
+              <a-tooltip>
+                  <template slot="title">
+                      <span>{{ i18n "reset" }}</span>
+                  </template>
+                  {{ i18n "pages.xray.wireguard.secretKey" }}
+                  <a-icon type="sync"
+                      @click="[outbound.settings.pubKey, outbound.settings.secretKey] = Object.values(Wireguard.generateKeypair())">
+                  </a-icon>
+              </a-tooltip>
          </template>
          <a-input v-model.trim="outbound.settings.secretKey"></a-input>
-        </a-form-item>
-        <a-form-item label='{{ i18n "pages.xray.wireguard.publicKey" }}'>
+      </a-form-item>
+      <a-form-item label='{{ i18n "pages.xray.wireguard.publicKey" }}'>
          <a-input disabled v-model="outbound.settings.pubKey"></a-input>
-        </a-form-item>
+      </a-form-item>
        <a-form-item label='{{ i18n "pages.xray.wireguard.domainStrategy" }}'>
          <a-select v-model="outbound.settings.domainStrategy" :dropdown-class-name="themeSwitcher.currentTheme">
            <a-select-option v-for="wds in ['', ...WireguardDomainStrategy]" :value="wds">[[ wds ]]</a-select-option>
          </a-select>
        </a-form-item>
        <a-form-item label='MTU'>
-          <a-input-number v-model.number="outbound.settings.mtu"></a-input-number>
+          <a-input-number v-model.number="outbound.settings.mtu" min="0"></a-input-number>
        </a-form-item>
        <a-form-item label='Workers'>
-          <a-input-number min="0" v-model.number="outbound.settings.workers"></a-input-number>
+          <a-input-number v-model.number="outbound.settings.workers" min="0"></a-input-number>
        </a-form-item>
-        <a-form-item label='Kernel Mode'>
-          <a-switch v-model="outbound.settings.kernelMode"></a-switch>
+        <a-form-item label='No Kernel Tun'>
+          <a-switch v-model="outbound.settings.noKernelTun"></a-switch>
        </a-form-item>
        <a-form-item>
          <template slot="label">
@@ -159,6 +208,15 @@
          <a-input v-model.trim="outbound.settings.id"></a-input>
        </a-form-item>

+        <!-- vmess settings -->
+        <template v-if="outbound.protocol === Protocols.VMess">
+          <a-form-item label='Security'>
+            <a-select v-model="outbound.settings.security" :dropdown-class-name="themeSwitcher.currentTheme">
+              <a-select-option v-for="key in USERS_SECURITY" :value="key">[[ key ]]</a-select-option>
+            </a-select>
+          </a-form-item>
+        </template>
+
        <!-- vless settings -->
        <template v-if="outbound.canEnableTlsFlow()">
          <a-form-item label='Flow'>
@@ -199,6 +257,9 @@
          <a-form-item label='UDP over TCP'>
            <a-switch v-model="outbound.settings.uot"></a-switch>
          </a-form-item>
+          <a-form-item label='UoTVersion'>
+            <a-input-number v-model.number="outbound.settings.UoTVersion" :min="1" :max="2"></a-input-number>
+          </a-form-item>
        </template>
      </template>

@@ -206,13 +267,12 @@
      <template v-if="outbound.canEnableStream()">
        <a-form-item label='{{ i18n "transmission" }}'>
          <a-select v-model="outbound.stream.network" @change="streamNetworkChange" :dropdown-class-name="themeSwitcher.currentTheme">
-            <a-select-option value="tcp">TCP</a-select-option>
+            <a-select-option value="tcp">TCP (RAW)</a-select-option>
            <a-select-option value="kcp">mKCP</a-select-option>
            <a-select-option value="ws">WebSocket</a-select-option>
-            <a-select-option value="http">H2</a-select-option>
-            <a-select-option value="quic">QUIC</a-select-option>
            <a-select-option value="grpc">gRPC</a-select-option>
            <a-select-option value="httpupgrade">HTTPUpgrade</a-select-option>
+            <a-select-option value="xhttp">XHTTP</a-select-option>
          </a-select>
        </a-form-item>
        <template v-if="outbound.stream.network === 'tcp'">
@@ -246,25 +306,25 @@
            <a-input v-model="outbound.stream.kcp.seed"></a-input>
          </a-form-item>
          <a-form-item label='MTU'>
-            <a-input-number v-model.number="outbound.stream.kcp.mtu"></a-input-number>
+            <a-input-number v-model.number="outbound.stream.kcp.mtu" min="0"></a-input-number>
          </a-form-item>
          <a-form-item label='TTI (ms)'>
-            <a-input-number v-model.number="outbound.stream.kcp.tti"></a-input-number>
+            <a-input-number v-model.number="outbound.stream.kcp.tti" min="0"></a-input-number>
          </a-form-item>
          <a-form-item label='Uplink (MB/s)'>
-            <a-input-number v-model.number="outbound.stream.kcp.upCap"></a-input-number>
+            <a-input-number v-model.number="outbound.stream.kcp.upCap" min="0"></a-input-number>
          </a-form-item>
          <a-form-item label='Downlink (MB/s)'>
-            <a-input-number v-model.number="outbound.stream.kcp.downCap"></a-input-number>
+            <a-input-number v-model.number="outbound.stream.kcp.downCap" min="0"></a-input-number>
          </a-form-item>
          <a-form-item label='Congestion'>
            <a-switch v-model="outbound.stream.kcp.congestion"></a-switch>
          </a-form-item>
          <a-form-item label='Read Buffer (MB)'>
-            <a-input-number v-model.number="outbound.stream.kcp.readBuffer"></a-input-number>
+            <a-input-number v-model.number="outbound.stream.kcp.readBuffer" min="0"></a-input-number>
          </a-form-item>
          <a-form-item label='Write Buffer (MB)'>
-            <a-input-number v-model.number="outbound.stream.kcp.writeBuffer"></a-input-number>
+            <a-input-number v-model.number="outbound.stream.kcp.writeBuffer" min="0"></a-input-number>
          </a-form-item>
        </template>

@@ -276,42 +336,11 @@
          <a-form-item label='{{ i18n "path" }}'>
            <a-input v-model.trim="outbound.stream.ws.path"></a-input>
          </a-form-item>
-        </template>
-
-        <!-- http -->
-        <template v-if="outbound.stream.network === 'http'">
-          <a-form-item label='{{ i18n "host" }}'>
-            <a-input v-model.trim="outbound.stream.http.host"></a-input>
-          </a-form-item>
-          <a-form-item label='{{ i18n "path" }}'>
-            <a-input v-model.trim="outbound.stream.http.path"></a-input>
+          <a-form-item label='Heartbeat Period'>
+            <a-input-number v-model.number="outbound.stream.ws.heartbeatPeriod" :min="0"></a-input-number>
          </a-form-item>
        </template>
-
-        <!-- quic -->
-        <template v-if="outbound.stream.network === 'quic'">
-          <a-form-item label='{{ i18n "pages.inbounds.stream.quic.encryption" }}'>
-            <a-select v-model="outbound.stream.quic.security" :dropdown-class-name="themeSwitcher.currentTheme">
-              <a-select-option value="none">None</a-select-option>
-              <a-select-option value="aes-128-gcm">AES-128-GCM</a-select-option>
-              <a-select-option value="chacha20-poly1305">CHACHA20-POLY1305</a-select-option>
-            </a-select>
-          </a-form-item>
-          <a-form-item label='{{ i18n "password" }}'>
-            <a-input v-model.trim="outbound.stream.quic.key"></a-input>
-          </a-form-item>
-          <a-form-item label='{{ i18n "camouflage" }}'>
-            <a-select v-model="outbound.stream.quic.type" :dropdown-class-name="themeSwitcher.currentTheme">
-              <a-select-option value="none">None</a-select-option>
-              <a-select-option value="srtp">SRTP</a-select-option>
-              <a-select-option value="utp">uTP</a-select-option>
-              <a-select-option value="wechat-video">WeChat</a-select-option>
-              <a-select-option value="dtls">DTLS 1.2</a-select-option>
-              <a-select-option value="wireguard">WireGuard</a-select-option>
-            </a-select>
-          </a-form-item>
-        </template>
-
+        
        <!-- grpc -->
        <template v-if="outbound.stream.network === 'grpc'">
          <a-form-item label='Service Name'>
@@ -334,6 +363,45 @@
            <a-input v-model.trim="outbound.stream.httpupgrade.path"></a-input>
          </a-form-item>
        </template>
+
+        <!-- xhttp -->
+        <template v-if="outbound.stream.network === 'xhttp'">
+          <a-form-item label='{{ i18n "host" }}'>
+            <a-input v-model="outbound.stream.xhttp.host"></a-input>
+          </a-form-item>
+          <a-form-item label='{{ i18n "path" }}'>
+            <a-input v-model.trim="outbound.stream.xhttp.path"></a-input>
+          </a-form-item>
+          <a-form-item label='Mode'>
+            <a-select v-model="outbound.stream.xhttp.mode" :dropdown-class-name="themeSwitcher.currentTheme">
+              <a-select-option v-for="key in MODE_OPTION" :value="key">[[ key ]]</a-select-option>
+            </a-select>
+          </a-form-item>
+          <a-form-item label="No gRPC Header" v-if="outbound.stream.xhttp.mode === 'stream-up' || outbound.stream.xhttp.mode === 'stream-one'">
+            <a-switch v-model="outbound.stream.xhttp.noGRPCHeader"></a-switch>
+          </a-form-item>
+          <a-form-item label="Min Upload Interval (Ms)" v-if="outbound.stream.xhttp.mode === 'packet-up'">
+            <a-input v-model.trim="outbound.stream.xhttp.scMinPostsIntervalMs"></a-input>
+          </a-form-item>
+          <a-form-item label="Max Concurrency" v-if="!outbound.stream.xhttp.xmux.maxConnections">
+            <a-input v-model="outbound.stream.xhttp.xmux.maxConcurrency"></a-input>
+          </a-form-item>
+          <a-form-item label="Max Connections" v-if="!outbound.stream.xhttp.xmux.maxConcurrency">
+            <a-input v-model="outbound.stream.xhttp.xmux.maxConnections"></a-input>
+          </a-form-item>
+          <a-form-item label="Max Reuse Times">
+            <a-input v-model="outbound.stream.xhttp.xmux.cMaxReuseTimes"></a-input>
+          </a-form-item>
+          <a-form-item label="Max Request Times">
+            <a-input v-model="outbound.stream.xhttp.xmux.hMaxRequestTimes"></a-input>
+          </a-form-item>
+          <a-form-item label="Max Reusable Secs">
+            <a-input v-model="outbound.stream.xhttp.xmux.hMaxReusableSecs"></a-input>
+          </a-form-item>
+          <a-form-item label='Keep Alive Period'>
+            <a-input-number v-model.number="outbound.stream.xhttp.xmux.hKeepAlivePeriod"></a-input-number>
+          </a-form-item>
+        </template>
      </template>

      <!-- tls settings -->
@@ -397,17 +465,22 @@
            <a-select-option v-for="tag in ['', ...outModal.tags]" :value="tag">[[ tag ]]</a-select-option>
          </a-select>
        </a-form-item>
+        <a-form-item label='Address Port Strategy'>
+          <a-select v-model="outbound.stream.sockopt.addressPortStrategy" :dropdown-class-name="themeSwitcher.currentTheme">
+            <a-select-option v-for="key in Address_Port_Strategy" :value="key">[[ key ]]</a-select-option>
+          </a-select>
+        </a-form-item>
+        <a-form-item label="Keep Alive Interval">
+          <a-input-number v-model.number="outbound.stream.sockopt.tcpKeepAliveInterval" :min="0"></a-input-number>
+        </a-form-item>
        <a-form-item label="TCP Fast Open">
          <a-switch v-model="outbound.stream.sockopt.tcpFastOpen"></a-switch>
        </a-form-item>
-        <a-form-item label="Keep Alive Interval">
-          <a-input-number v-model="outbound.stream.sockopt.tcpKeepAliveInterval" :min="0"></a-input-number>
-        </a-form-item>
        <a-form-item label="Multipath TCP">
          <a-switch v-model.trim="outbound.stream.sockopt.tcpMptcp"></a-switch>
-      </a-form-item>
-        <a-form-item label="TCP No-Delay">
-          <a-switch v-model="outbound.stream.sockopt.tcpNoDelay"></a-switch>
+        </a-form-item>
+        <a-form-item label="Penetrate">
+          <a-switch v-model="outbound.stream.sockopt.penetrate"></a-switch>
        </a-form-item>
      </template>

@@ -418,10 +491,10 @@
        </a-form-item>
        <template v-if="outbound.mux.enabled">
          <a-form-item label="Concurrency">
-            <a-input-number v-model="outbound.mux.concurrency" :min="-1" :max="1024"></a-input-number>
+            <a-input-number v-model.number="outbound.mux.concurrency" :min="-1" :max="1024"></a-input-number>
          </a-form-item>
          <a-form-item label="xudp Concurrency">
-            <a-input-number v-model="outbound.mux.xudpConcurrency" :min="-1" :max="1024"></a-input-number>
+            <a-input-number v-model.number="outbound.mux.xudpConcurrency" :min="-1" :max="1024"></a-input-number>
          </a-form-item>
          <a-form-item label="xudp UDP 443">
            <a-select v-model="outbound.mux.xudpProxyUDP443" :dropdown-class-name="themeSwitcher.currentTheme">
--- a/web/html/xui/form/protocol/dokodemo.html
+++ b/web/html/xui/form/protocol/dokodemo.html
@@ -16,8 +16,5 @@
    <a-form-item label='Follow Redirect'>
        <a-switch v-model="inbound.settings.followRedirect"></a-switch>
    </a-form-item>
-    <a-form-item label='Timeout'>
-        <a-input-number v-model.number="inbound.settings.timeout" :min="0"></a-input-number>
-    </a-form-item>
 </a-form>
 {{end}}
--- a/web/html/xui/form/protocol/http.html
+++ b/web/html/xui/form/protocol/http.html
@@ -19,5 +19,8 @@
      </template>
    </a-input>
  </a-input-group>
+  <a-form-item label="Allow Transparent">
+    <a-switch v-model="inbound.settings.allowTransparent" />
+  </a-form-item>
 </a-form>
 {{end}}
--- a/web/html/xui/form/protocol/shadowsocks.html
+++ b/web/html/xui/form/protocol/shadowsocks.html
@@ -43,5 +43,8 @@
            <a-select-option value="udp">UDP</a-select-option>
        </a-select>
    </a-form-item>
+    <a-form-item label='ivCheck'>
+        <a-switch v-model="inbound.settings.ivCheck"></a-switch>
+    </a-form-item>
 </a-form>
 {{end}}
--- a/Show More
+++ b/Show More
@@ -1 +1 @@
 .3.3
 .5.5
				`@@ -1 +0,0 @@`
				(function(global,factory){typeof exports==="object"&&typeof module!=="undefined"?module.exports=factory(global):typeof define==="function"&&define.amd?define(factory):factory(global)})(typeof self!=="undefined"?self:typeof window!=="undefined"?window:typeof global!=="undefined"?global:this,function(global){"use strict";var _Base64=global.Base64;var version="2.5.0";var buffer;if(typeof module!=="undefined"&&module.exports){try{buffer=eval("require('buffer').Buffer")}catch(err){buffer=undefined}}var b64chars="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";var b64tab=function(bin){var t={};for(var i=0,l=bin.length;i<l;i++)t[bin.charAt(i)]=i;return t}(b64chars);var fromCharCode=String.fromCharCode;var cb_utob=function(c){if(c.length<2){var cc=c.charCodeAt(0);return cc<128?c:cc<2048?fromCharCode(192\|cc>>>6)+fromCharCode(128\|cc&63):fromCharCode(224\|cc>>>12&15)+fromCharCode(128\|cc>>>6&63)+fromCharCode(128\|cc&63)}else{var cc=65536+(c.charCodeAt(0)-55296)*1024+(c.charCodeAt(1)-56320);return fromCharCode(240\|cc>>>18&7)+fromCharCode(128\|cc>>>12&63)+fromCharCode(128\|cc>>>6&63)+fromCharCode(128\|cc&63)}};var re_utob=/[\uD800-\uDBFF][\uDC00-\uDFFFF]\|[^\x00-\x7F]/g;var utob=function(u){return u.replace(re_utob,cb_utob)};var cb_encode=function(ccc){var padlen=[0,2,1][ccc.length%3],ord=ccc.charCodeAt(0)<<16\|(ccc.length>1?ccc.charCodeAt(1):0)<<8\|(ccc.length>2?ccc.charCodeAt(2):0),chars=[b64chars.charAt(ord>>>18),b64chars.charAt(ord>>>12&63),padlen>=2?"=":b64chars.charAt(ord>>>6&63),padlen>=1?"=":b64chars.charAt(ord&63)];return chars.join("")};var btoa=global.btoa?function(b){return global.btoa(b)}:function(b){return b.replace(/[\s\S]{1,3}/g,cb_encode)};var _encode=buffer?buffer.from&&Uint8Array&&buffer.from!==Uint8Array.from?function(u){return(u.constructor===buffer.constructor?u:buffer.from(u)).toString("base64")}:function(u){return(u.constructor===buffer.constructor?u:new buffer(u)).toString("base64")}:function(u){return btoa(utob(u))};var encode=function(u,urisafe){return!urisafe?_encode(String(u)):_encode(String(u)).replace(/[+\/]/g,function(m0){return m0=="+"?"-":"_"}).replace(/=/g,"")};var encodeURI=function(u){return encode(u,true)};var re_btou=new RegExp(["[À-ß][-¿]","[à-ï][-¿]{2}","[ð-÷][-¿]{3}"].join("\|"),"g");var cb_btou=function(cccc){switch(cccc.length){case 4:var cp=(7&cccc.charCodeAt(0))<<18\|(63&cccc.charCodeAt(1))<<12\|(63&cccc.charCodeAt(2))<<6\|63&cccc.charCodeAt(3),offset=cp-65536;return fromCharCode((offset>>>10)+55296)+fromCharCode((offset&1023)+56320);case 3:return fromCharCode((15&cccc.charCodeAt(0))<<12\|(63&cccc.charCodeAt(1))<<6\|63&cccc.charCodeAt(2));default:return fromCharCode((31&cccc.charCodeAt(0))<<6\|63&cccc.charCodeAt(1))}};var btou=function(b){return b.replace(re_btou,cb_btou)};var cb_decode=function(cccc){var len=cccc.length,padlen=len%4,n=(len>0?b64tab[cccc.charAt(0)]<<18:0)\|(len>1?b64tab[cccc.charAt(1)]<<12:0)\|(len>2?b64tab[cccc.charAt(2)]<<6:0)\|(len>3?b64tab[cccc.charAt(3)]:0),chars=[fromCharCode(n>>>16),fromCharCode(n>>>8&255),fromCharCode(n&255)];chars.length-=[0,0,2,1][padlen];return chars.join("")};var _atob=global.atob?function(a){return global.atob(a)}:function(a){return a.replace(/\S{1,4}/g,cb_decode)};var atob=function(a){return _atob(String(a).replace(/[^A-Za-z0-9\+\/]/g,""))};var _decode=buffer?buffer.from&&Uint8Array&&buffer.from!==Uint8Array.from?function(a){return(a.constructor===buffer.constructor?a:buffer.from(a,"base64")).toString()}:function(a){return(a.constructor===buffer.constructor?a:new buffer(a,"base64")).toString()}:function(a){return btou(_atob(a))};var decode=function(a){return _decode(String(a).replace(/[-_]/g,function(m0){return m0=="-"?"+":"/"}).replace(/[^A-Za-z0-9\+\/]/g,""))};var noConflict=function(){var Base64=global.Base64;global.Base64=_Base64;return Base64};global.Base64={VERSION:version,atob:atob,btoa:btoa,fromBase64:decode,toBase64:encode,utob:utob,encode:encode,encodeURI:encodeURI,btou:btou,decode:decode,noConflict:noConflict,__buffer__:buffer};if(typeof Object.defineProperty==="function"){var noEnum=function(v){return{value:v,enumerable:false,writable:true,configurable:true}};global.Base64.extendString=function(){Object.defineProperty(String.prototype,"fromBase64",noEnum(function(){return decode(this)}));Object.defineProperty(String.prototype,"toBase64",noEnum(function(urisafe){return encode(this,urisafe)}));Object.defineProperty(String.prototype,"toBase64URI",noEnum(function(){return encode(this,true)}))}}if(global["Meteor"]){Base64=global.Base64}if(typeof module!=="undefined"&&module.exports){module.exports.Base64=global.Base64}else if(typeof define==="function"&&define.amd){define([],function(){return global.Base64})}return{Base64:global.Base64}});