#!/bin/bash # --- ЦВЕТОВАЯ ПАЛИТРА --- RED='\033[0;31m'; GREEN='\033[0;32m'; CYAN='\033[0;36m'; YELLOW='\033[1;33m' MAGENTA='\033[0;35m'; BLUE='\033[0;34m'; PURPLE='\033[0;35m'; BOLD='\033[1m'; NC='\033[0m' header() { clear echo -e "${CYAN}┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓${NC}" echo -e "${CYAN}┃${NC} ${BOLD}${MAGENTA} 🚀 ULTIMATE TUNNEL MANAGER 2026 ${NC} ${CYAN}┃${NC}" echo -e "${CYAN}┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛${NC}" } pause() { echo -e "\n${YELLOW}Нажмите [Enter], чтобы продолжить...${NC}"; read -r; } show_nat_rules() { echo -e "${CYAN}--- Список активных правил переадресации ---${NC}" local rules=$(iptables -t nat -L PREROUTING -n --line-numbers | grep "DNAT") if [ -z "$rules" ]; then echo -e "${RED}Правил не найдено.${NC}" else echo "$rules" | while read -r line; do num=$(echo "$line" | awk '{print $1}') port=$(echo "$line" | grep -oP 'dpt:\K\d+') target=$(echo "$line" | grep -oP 'to:\K[\d\.]+(:\d+)?') echo -e "[${YELLOW}$num${NC}] Вход: ${GREEN}$port${NC} (tcp) -> Назначение: ${CYAN}$target${NC}" done fi } manage_traffic() { while true; do header echo -e " ${BOLD}${YELLOW}[ ⚙️ УПРАВЛЕНИЕ ТРАФИКОМ (NAT) ]${NC}" echo -e " 1) 🔍 ПОСМОТРЕТЬ действующие правила" echo -e " 2) 🔗 ДОБАВИТЬ правило (L3 Relay)" echo -e " 3) 🗑 УДАЛИТЬ одно правило" echo -e " 4) 🧨 СБРОСИТЬ все настройки" echo -e " 0) ⬅️ Назад в меню" echo -e "${BLUE}------------------------------------------------------${NC}" echo -ne " Ваш выбор: " read -r t_choice case $t_choice in 1) header; show_nat_rules; pause ;; 2) echo -e "\n${CYAN}--- Создание проброса ---${NC}" read -p "IP адрес цели: " target_ip read -p "Порты (через запятую): " ports IFS=',' read -ra ADDR <<< "$ports" for port in "${ADDR[@]}"; do iptables -t nat -A PREROUTING -p tcp --dport "$port" -j DNAT --to-destination "$target_ip:$port" iptables -A FORWARD -p tcp -d "$target_ip" --dport "$port" -j ACCEPT done iptables -t nat -A POSTROUTING -j MASQUERADE echo -e "${GREEN}✅ Проброс на $target_ip настроен!${NC}"; sleep 2 ;; 3) header; show_nat_rules if iptables -t nat -L PREROUTING -n | grep -q "DNAT"; then echo -ne "\nНомер правила для удаления (0 отмена): " read -r r_num if [[ "$r_num" =~ ^[0-9]+$ ]] && [ "$r_num" -ne 0 ]; then iptables -t nat -D PREROUTING "$r_num" echo -e "${GREEN}✅ Правило #$r_num удалено.${NC}" fi fi; sleep 1 ;; 4) iptables -t nat -F; echo -e "${GREEN}✅ Таблица NAT полностью очищена.${NC}"; sleep 1 ;; 0) break ;; esac done } show_status() { header echo -e "${PURPLE}📊 ТЕКУЩИЙ СТАТУС СЕРВИСОВ:${NC}" echo -e "${BLUE}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}" for s in "docker:🐳 Docker" "warp-svc:☁️ WARP" "x-ui:📊 3X-UI" "fail2ban:🛡️ Fail2Ban" "telemt:📡 TeleMT"; do id=${s%%:*}; name=${s#*:} if systemctl is-active --quiet "$id" 2>/dev/null || pgrep -x "$id" >/dev/null; then echo -e " $name: ${GREEN}● RUNNING${NC}" else echo -e " $name: ${RED}○ STOPPED${NC}" fi done echo -e "${BLUE}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}" pause } while true; do header echo -e " ${BOLD}${YELLOW}[ 🛠 УСТАНОВКА ]${NC}" echo -e " 1) 💎 Docker + MTProto + Whatsapp 2) 📊 3X-UI Панель" echo -e " 3) ☁️ Cloudflare WARP 4) 🛡 Защита Fail2Ban" echo -e " 5) 📡 Установить TeleMT (MTProto)" echo -e "" echo -e " ${BOLD}${GREEN}[ 🌐 ТУННЕЛИ ]${NC}" echo -e " 6) ⚙️ УПРАВЛЕНИЕ ТРАФИКОМ (NAT) 8) 🚀 BBR Оптимизация" echo -e "" echo -e " ${BOLD}${BLUE}[ 🔍 ИНФО ]${NC}" echo -e " 7) 📋 Статус системы 9) 📑 Логи сервисов" echo -e " 10) 🌍 Проверка IP (Real+WARP) 11) 📚 ИНСТРУКЦИЯ" echo -e "" echo -ne " ${BOLD}${CYAN}Ваш выбор (0-Выход): ${NC}" read -r choice case $choice in 1) apt-get update && apt-get install -y docker.io; pause ;; 2) bash <(curl -Ls https://raw.githubusercontent.com/maci93/3x-ui/master/install.sh); pause ;; 3) header echo -e "${CYAN}Установка Cloudflare WARP...${NC}" apt-get update && apt-get install -y curl gnupg lsb-release curl -fsSL https://pkg.cloudflareclient.com/pubkey.gpg | gpg --yes --dearmor --output /usr/share/keyrings/cloudflare-warp-archive-keyring.gpg echo "deb [signed-by=/usr/share/keyrings/cloudflare-warp-archive-keyring.gpg] https://pkg.cloudflareclient.com/ $(lsb_release -cs) main" | tee /etc/apt/sources.list.d/cloudflare-client.list apt update && apt install cloudflare-warp -y systemctl enable --now warp-svc sleep 5 /usr/bin/warp-cli --accept-tos registration new 2>/dev/null /usr/bin/warp-cli --accept-tos mode proxy /usr/bin/warp-cli --accept-tos proxy port 40000 /usr/bin/warp-cli --accept-tos connect echo -e "${GREEN}✅ WARP настроен!${NC}" pause ;; 4) apt-get install -y fail2ban; pause ;; 5) header echo -e "${CYAN}Установка TeleMT...${NC}" mkdir -p /opt/telemt && cd /opt/telemt wget -q https://github.com/telemt/telemt/releases/latest/download/telemt-linux-amd64 -O telemt chmod +x telemt cat << 'EOC' > config.toml [general] use_middle_proxy = false [general.modes] classic = false secure = false tls = true [server] port = 1615 [server.api] enabled = true [censorship] tls_domain = "github.com" [access.users] hello = "927995e5abefd4f5524c43149600b9fd" EOC cat << 'EOS' > /etc/systemd/system/telemt.service [Unit] Description=TeleMT MTProto Proxy After=network.target [Service] Type=simple WorkingDirectory=/opt/telemt ExecStart=/opt/telemt/telemt -c /opt/telemt/config.toml Restart=always [Install] WantedBy=multi-user.target EOS systemctl daemon-reload systemctl enable --now telemt echo -e "${GREEN}✅ TeleMT установлен на порту 1615!${NC}" cd /opt/my_scripts pause ;; 6) manage_traffic ;; 7) show_status ;; 8) sysctl -w net.ipv4.ip_forward=1; sysctl -w net.ipv4.tcp_congestion_control=bbr; echo "BBR OK"; pause ;; 9) header; journalctl -n 40 --no-pager; pause ;; 10) header; echo -e "🏠 Server: $(curl -s --max-time 2 ifconfig.me)\n☁️ WARP: $(curl -s --socks5 127.0.0.1:40000 --max-time 2 ifconfig.me || echo 'OFFLINE')"; pause ;; 11) header; echo -e "TeleMT порт: 1615\nСекрет: 927995e5abefd4f5524c43149600b9fd"; pause ;; 0) exit 0 ;; esac done