luIP-marzban

Limit users in each proxy configuration

Introduction

Mechanism

The luIP-marzban project was created and developed based on node.js and uses the marzban api.

luip stores connected and authorized users in the sqlite database. Saving and updating users is done through websocket where traffic is intercepted by luIP-marzban and data including IPs are received from there.

Users are updated through websocket and with a schedule based on the FETCH_INTERVAL_LOGS_WS variable located in .env

Every x minutes, it is checked based on the CHECK_INACTIVE_USERS_DURATION variable: if the last update of a connected IP was y minutes, based on the CHECK_INACTIVE_USERS_DURATION variable, the user's IP will be removed from the connected list. And this possibility is provided so that space remains empty and other clients are allowed to connect

IPs are blocked via iptables, then incoming traffic on said IP is blocked for the duration specified in the BAN_TIME variable.

Blocked IPs automatically in blocked_ips.csv file are stored, then every x minutes based on the value of the CHECK_IPS_FOR_UNBAN_USERS variable, the ipunban.sh file is executed and checks: if the stored IPs have been jailed for y minutes or more, they will be released from jail

Features

Automatic log
Connect to Telegram bot
API
Specific determination of users
Import/Export Backup
IP target
Marzban node support

Installation

If you don't have node.js installed on your server, install it with nvm

Install Node.js

  curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.38.0/install.sh | bash
  source ~/.bashrc
  nvm install --lts

Install other requirements

  sudo apt-get install -y iptables
  sudo apt-get install gawk
  sudo apt-get install csvtool
  npm install pm2 -g

Install luIP-marzban

  git clone https://github.com/mmdzov/luIP-marzban.git
  cd luIP-marzban
  cp .env.example .env
  npm install

luIP-marzban/.env file

  # Open the project folder, then execute the follow command
  nano .env

Address configuration

Parameter	Description
`ADDRESS`	Your domain or sub domain. e.g: example.com or sub.example.com
`PORT_ADDRESS`	Your domain port. e.g: 443
`SSL`	Did you get domain SSL? e.g: true or false

Marzban configuration

Parameter	Description
`P_USER`	Enter the username of Marzban panel e.g: admin
`P_PASS`	Enter the password of Marzban panel e.g: admin

App configuration

Parameter	Description
`MAX_ALLOW_USERS`	The maximum number of users that can connect to a proxy. e.g: 1
`BAN_TIME`	The length of time an IP is in jail based on minutes. e.g: 5

Advance configuration

Parameter	Description
`FETCH_INTERVAL_LOGS_WS`	Based on this, websocket logs are checked every x seconds to track traffic. e.g: 1
`CHECK_INACTIVE_USERS_DURATION`	It is checked every x minutes, users whose last update was x minutes ago or more are disabled. e.g: 5
`CHECK_IPS_FOR_UNBAN_USERS`	Every x minutes it checks all ips, if they are in prison for more than the time specified in `BAN_TIME`, they will be unbanned. e.g: 1
`SSH_PORT`	Enter your ssh port in this section. 22 is set by default

Telegram bot configuration

Parameter	Description
`TG_ENABLE`	If you want to use Telegram bot for logs, set this value to `true`
`TG_TOKEN`	The bot token you received from @botfather
`TG_ADMIN`	Your user ID that you received from @userinfobot

users.json

You can set specific users in the users.json file

Priority is always with this file

In the example below, email1 is the proxy name and 2 represents the maximum number of users that can be connected.

luIP-marzban/users.json

  [
    ["email1", 2],
    ["email2", 10]
  ]

Permission to use ipban.sh && ipunban.sh

In order for the file to work, permission must be obtained to use it

  # Open the project folder, then execute the follow command
  chmod +x ./ipban.sh
  chmod +x ./ipunban.sh
  chmod +x ./restore_banned_ips.sh

Run the project

After configuring the project, run it

  # Open the project folder, then execute the follow command
  npm start

Stop luIP with kill process

You can run the command below, but whenever you want, you can go to the project path [ cd /luIP-marzban ] and type npm start, luIP will run again.

pm2 kill
pm2 flush # Deletes the log

Checking blocked IPs

iptables -L -n

Unblock all IPs

First, empty blocked_ips.csv, then run the following command

iptables -F

Uninstall

pm2 kill
sudo rm -rf /luIP-marzban

API Reference

We get to know the following environment variables that are located in the .env file by default.

When you use the api, the data will be stored in a file called `users.csv`, and this file has a higher priority in reading than `MAX_ALLOW_USERS` and `users.json`, just as `users.json` has a higher priority than `MAX_ALLOW_USERS`.

Parameter	Description
`API_ENABLE`	If you want to use api, set the value of this variable equal to `true`
`API_SECRET`	Short secret for access_token. The encryption type of access_tokens is AES, and only the expiration date of the token is included in the access_token. secret is a password to encrypt and decrypt access_token with AES encryption type.
`API_PATH`	Displays api path by default /api
`API_LOGIN`	Enter a desired username and password in the username:password format so that you can be identified to receive the token
`API_EXPIRE_TOKEN_AT`	Each access_token you receive has an expiration date. You can set it here
`API_PORT`	Choose a port for your api address. Also make sure it is not occupied. By default 4000

Your default api address: https://example.com:4000/api

Get access_token

  POST /api/token

Parameter	Type	Description
`username`	`string`	Required. Your `API_LOGIN` username
`password`	`string`	Required. Your `API_LOGIN` password

Note: In all the following apis, send the value of api_key: YOUR_ACCESS_TOKEN as header. (Fill YOUR_ACCESS_TOKEN with the value you received from /api/token)

Add user

  POST /api/add

Parameter	Type	Description
`email`	`string`	Required. The name of your target config. For example test
`limit`	`number`	Required. What is the maximum limit?

Update user

  POST /api/update

Parameter	Type	Description
`email`	`string`	Required. The name of your target config. For example test
`limit`	`number`	Required. What is the maximum limit?

Delete user

  GET /api/delete/<email>

Parameter	Type	Description
`email`	`string`	Required. The name of your target config. For example test

Clear luIP database

  GET /api/clear

FAQ

If there are changes in marzban-node, should I restart luIP?

Yes, to apply the changes, it is necessary to restart luIP through the following command

# first Open the project dir with follow command
cd /luIP-marzban

# then run follow command
pm2 kill
npm start

Donate

If you like it and it works for you, you can donate to support, develop and improve luIP-marzban. We wish the best for you

Tron: TLqwdoHRdV44QryvWsvaKn53MyN5wbRqZ6
Ton: 0x6AB03eF392da65cc0ce2A3688949Fe756eD156c0

Name		Name	Last commit message	Last commit date
Latest commit History 122 Commits
api		api
db		db
telegram		telegram
.env.example		.env.example
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
app.js		app.js
config.js		config.js
def.js		def.js
ecosystem.config.js		ecosystem.config.js
interface.js		interface.js
ipban.sh		ipban.sh
ipunban.sh		ipunban.sh
package-lock.json		package-lock.json
package.json		package.json
restore_banned_ips.sh		restore_banned_ips.sh
types.js		types.js
utils.js		utils.js

License

m0x61h0x64i/luIP-marzban

Folders and files

Latest commit

History

Repository files navigation