#!/bin/bash
clear

function mess() {
    KEY=$(grep -E "^#bot# " "/etc/bot/.notif.db" | cut -d ' ' -f 2)
    CHATID=$(grep -E "^#bot# " "/etc/bot/.notif.db" | cut -d ' ' -f 3)
    TIME="10"
    URL="https://api.telegram.org/bot$KEY/sendMessage"
    TEXT="
<code>───────────────────</code>
  <b>❄️️ Notif Limit Adress ❄️️</b>
<code>───────────────────</code>
<code>Username  : ${username[$i]} </code>
<code>Protocol  : Ssh-ovpn </code>
<code>IP Limit  : $limitip IP </code>
<code>IP Login  : ${jumlah[$i]} IP </code>
<code>───────────────────</code>
<code>Log Adress :</code> 

<i>${sship2}</i>

<code>───────────────────</code>
<i>~ Auto_Locked Account 10m.. </i>
"
    curl -s --max-time $TIME -d "chat_id=$CHATID&disable_web_page_preview=1&text=$TEXT&parse_mode=html" $URL >/dev/null
}

MAX=$limitip
if [ -e "/var/log/auth.log" ]; then
    OS=1
    LOG="/var/log/auth.log"
fi
if [ -e "/var/log/secure" ]; then
    OS=2
    LOG="/var/log/secure"
fi

if [[ -n "$1" ]]; then
    MAX=$limitip
fi

cat /etc/passwd | grep "/home/" | cut -d":" -f1 > /root/user.txt
username1=( $(cat "/root/user.txt") )
i=0
for user in "${username1[@]}"
do
    username[$i]=$(echo $user | sed 's/'\''//g')
    jumlah[$i]=0
    pid[$i]=""
    i=$((i + 1))
done

cat $LOG | grep -i dropbear | grep -i "Password auth succeeded" > /tmp/log-db.txt
proc=( $(ps aux | grep -i dropbear | awk '{print $2}') )
for PID in "${proc[@]}"
do
    cat /tmp/log-db.txt | grep "dropbear\[$PID\]" > /tmp/login-db-pid.txt
    NUM=$(cat /tmp/login-db-pid.txt | wc -l)
    USER=$(cat /tmp/login-db-pid.txt | awk '{print $10}' | sed 's/'\''//g')
    IP=$(cat /tmp/login-db-pid.txt | awk '{print $12}')
    if [ $NUM -eq 1 ]; then
        TIME=$(date +'%H:%M:%S')
        echo "$USER $TIME : $IP" >> /tmp/ssh
        i=0
        for user1 in "${username[@]}"
        do
            if [ "$USER" == "$user1" ]; then
                jumlah[$i]=$(( ${jumlah[$i]} + 1 ))
                pid[$i]="${pid[$i]} $PID"
            fi
            i=$((i + 1))
        done
    fi
done

cat $LOG | grep -i sshd | grep -i "Accepted password for" > /tmp/log-db.txt
data=( $(ps aux | grep "\[priv\]" | sort -k 72 | awk '{print $2}') )
for PID in "${data[@]}"
do
    cat /tmp/log-db.txt | grep "sshd\[$PID\]" > /tmp/login-db-pid.txt
    NUM=$(cat /tmp/login-db-pid.txt | wc -l)
    USER=$(cat /tmp/login-db-pid.txt | awk '{print $9}')
    IP=$(cat /tmp/login-db-pid.txt | awk '{print $11}')
    if [ $NUM -eq 1 ]; then
        TIME=$(date +'%H:%M:%S')
        echo "$USER $TIME : $IP" >> /tmp/ssh
        i=0
        for user1 in "${username[@]}"
        do
            if [ "$USER" == "$user1" ]; then
                jumlah[$i]=$(( ${jumlah[$i]} + 1 ))
                pid[$i]="${pid[$i]} $PID"
            fi
            i=$((i + 1))
        done
    fi
done

j=0
for i in "${!username[@]}"
do
    limitip=$(cat /etc/biji/limit/ssh/ip/${username[$i]})
    if [ ${jumlah[$i]} -gt $limitip ]; then
        sship2=$(cat /tmp/ssh | grep -w "${username[$i]}" | cut -d ' ' -f 2-8 | nl -s '. ' )
        date=$(date +"%Y-%m-%d %X")
        echo "$date - ${username[$i]} - ${jumlah[$i]}"
        echo "$date - ${username[$i]} - ${jumlah[$i]}" >> /root/log-limit.txt
        mess
        kill ${pid[$i]}
        usermod -L ${username[$i]}
        echo "usermod -U ${username[$i]}" | at now + 10 minutes
        pid[$i]=""
        j=$((j + 1))
    fi
done

if [ "$j" -gt 0 ]; then
    if [ "$OS" -eq 1 ]; then
        service ssh restart > /dev/null 2>&1
    elif [ "$OS" -eq 2 ]; then
        service sshd restart > /dev/null 2>&1
    fi
    service dropbear restart > /dev/null 2>&1
fi