#!/bin/bash
# ======================================================
#   HOKAGE LEGEND MONITOR: v25 (Fixed Alignment)
# ======================================================

# --- KONFIGURASI WARNA & BACKGROUND ---
NC='\033[0m'
BOLD='\033[1m'
WHITE='\033[1;37m'

# Warna Garis / Text
COLOR_BORDER='\033[38;5;93m'    # Ungu Neon
COLOR_HEAD_BOX='\033[38;5;51m'  # Cyan
COLOR_VAL='\033[38;5;159m'      # Text Value
YELLOW='\033[33m'; GREEN='\033[32m'; RED='\033[31m'; PURPLE='\033[35m'; BLUE='\033[36m'

# --- [SETTING WARNA 3 HEADER] ---
BG_MAIN='\033[48;5;88m'  # Merah Marun
BG_SUB='\033[48;5;53m'   # Ungu Gelap
BG_LIST='\033[48;5;17m'  # Biru Gelap
# --------------------------------------------------

ICON_USER='👤'; ICON_KEY='🔑'; ICON_WIFI='📡'; ICON_QUOTA='📊'
ICON_EXP='⏳'; ICON_ON='🟢'; ICON_OFF='🔴'; ICON_UDP='🟣'; ICON_WS='🟡'
ICON_FLASH='⚡'; ICON_SERVER='🖥️'; ICON_GLOBE='🌐'; ICON_LIC='®️'

# URL Data GitHub
DATA_IP_URL="https://raw.githubusercontent.com/hokagelegend9999/ijin/refs/heads/main/alpha"

# Lokasi Log Auth
if [ -f /var/log/auth.log ]; then LOG_AUTH="/var/log/auth.log"; else LOG_AUTH="/var/log/secure"; fi

clear

# --- FUNGSI PRINT HEADER UTAMA (HEADER 1) ---
function print_header {
  echo -e "${COLOR_BORDER}╭──────────────────────────────────────────────────────╮${NC}"
  printf "${COLOR_BORDER}│${BG_MAIN}${BOLD}${WHITE}%-54s${NC}${COLOR_BORDER}│${NC}\n" "       HOKAGE LEGEND: LIVE TRAFFIC MONITOR v22        "
  echo -e "${COLOR_BORDER}╰──────────────────────────────────────────────────────╯${NC}"
}

# --- BAGIAN SCANNING ---
function scan_resources() {
    echo -e "${YELLOW}Sedang memindai Socket TCP & Trafik UDP (1 Detik)...${NC}"
    
    TMP_UDP="/tmp/scan_udp.txt"
    LIST_UDP="/tmp/list_udp.txt"
    LIST_TCP="/tmp/list_tcp.txt"
    
    timeout 2 tcpdump -nn -i any udp and not port 53 and not src net 127.0.0.0/8 2>/dev/null > "$TMP_UDP"
    grep " > " "$TMP_UDP" | awk '{print $3}' | cut -d. -f1-4 | sort | uniq | grep -vE "0.0.0.0|127.0.0.1|8.8.8.8|1.1.1.1|142.25|172.21|172.25|74.125|104.1" > "$LIST_UDP"
    MY_IP=$(hostname -I | awk '{print $1}')
    sed -i "/$MY_IP/d" "$LIST_UDP"

    netstat -tn 2>/dev/null | grep 'ESTABLISHED' | awk '{print $5}' | cut -d: -f1 | sort | uniq > "$LIST_TCP"

    if [[ -s "$LIST_UDP" ]]; then echo "1" > /tmp/global_udp_status.txt
    else echo "0" > /tmp/global_udp_status.txt; fi
    rm -f "$TMP_UDP"
}

function get_bytes_raw() {
    iptables -x -n -v -L OUTPUT 2>/dev/null | grep -E "^[[:space:]]*[0-9]+" | awk '{print $2, $NF}' > /tmp/iptables_dump.txt
}
function format_bytes() {
    local bytes=$1
    if [ $bytes -ge 1073741824 ]; then awk -v val=$bytes 'BEGIN {printf "%.2f GB", val/1073741824}'
    elif [ $bytes -ge 1048576 ]; then awk -v val=$bytes 'BEGIN {printf "%.2f MB", val/1048576}'
    elif [ $bytes -ge 1024 ]; then awk -v val=$bytes 'BEGIN {printf "%.2f KB", val/1024}'
    else echo "${bytes} B"; fi
}

# ================= EXECUTE =================

# 1. TAMPILKAN HEADER 1 (MAIN)
print_header
scan_resources

get_bytes_raw; mv /tmp/iptables_dump.txt /tmp/iptables_start.txt
sleep 0.5
get_bytes_raw; mv /tmp/iptables_dump.txt /tmp/iptables_end.txt
ANY_UDP_TRAFFIC=$(cat /tmp/global_udp_status.txt)

echo ""

# 2. TAMPILKAN HEADER 2 (DATABASE MEMBER)
echo -e "${COLOR_BORDER}╭──────────────────────────────────────────────────────╮${NC}"
printf "${COLOR_BORDER}│${BG_SUB}${BOLD}${WHITE}%-54s${NC}${COLOR_BORDER}│${NC}\n" "         DATABASE MEMBER (SSH/OVPN/WS)                "
echo -e "${COLOR_BORDER}╰──────────────────────────────────────────────────────╯${NC}"

# --- INFO VPS ---
MY_IP_VPS=$(curl -s --max-time 3 ipinfo.io/ip)
if [[ -z "$MY_IP_VPS" ]]; then MY_IP_VPS=$(hostname -I | awk '{print $1}'); fi

if [[ -f /etc/xray/domain ]]; then MY_DOMAIN=$(cat /etc/xray/domain)
elif [[ -f /etc/v2ray/domain ]]; then MY_DOMAIN=$(cat /etc/v2ray/domain)
elif [[ -f /root/domain ]]; then MY_DOMAIN=$(cat /root/domain)
else MY_DOMAIN="Domain Not Found"; fi

curl -s --max-time 3 "$DATA_IP_URL" > /tmp/data_ip_github.txt
DATA_MATCH=$(grep -w "$MY_IP_VPS" /tmp/data_ip_github.txt)

if [[ -n "$DATA_MATCH" ]]; then
    CLEAN_DATA=$(echo "$DATA_MATCH" | sed 's/### //g')
    GH_USER=$(echo "$CLEAN_DATA" | awk '{print $1}')
    GH_EXP=$(echo "$CLEAN_DATA" | awk '{print $2}')
    
    if date -d "$GH_EXP" >/dev/null 2>&1; then
        EXP_SEC=$(date -d "$GH_EXP" +%s); TODAY_SEC=$(date +%s); DIFF_SEC=$((EXP_SEC - TODAY_SEC))
        if [[ $DIFF_SEC -gt 0 ]]; then SISA_HARI=$((DIFF_SEC / 86400)); TXT_HARI="${SISA_HARI} Days"; COLOR_HARI="${GREEN}"
        else TXT_HARI="Expired"; COLOR_HARI="${RED}"; fi
    else TXT_HARI="Date Error"; COLOR_HARI="${RED}"; fi
    
    # [FIX] RAPATKAN KURUNG HARI UNTUK VPS
    VPS_TIME="(${TXT_HARI})"

    echo -e "${COLOR_HEAD_BOX}╔══════════════════════════════════════════════════════╗${NC}"
    printf "${COLOR_HEAD_BOX}║${NC} ${ICON_SERVER} ${BOLD}%-10s  : ${YELLOW}%-35s${NC} ${COLOR_HEAD_BOX} ║${NC}\n" "VPS IP" "$MY_IP_VPS"
    printf "${COLOR_HEAD_BOX}║${NC} ${ICON_GLOBE} ${BOLD}%-10s : ${BLUE}%-35s${NC} ${COLOR_HEAD_BOX} ║${NC}\n" "Domain" "$MY_DOMAIN"
    echo -e "${COLOR_HEAD_BOX}╠══════════════════════════════════════════════════════╣${NC}"
    printf "${COLOR_HEAD_BOX}║${NC} ${ICON_LIC} ${BOLD}%-10s  : ${PURPLE}%-35s${NC} ${COLOR_HEAD_BOX} ║${NC}\n" "License" "$GH_USER"
    # [FIX] PRINT DENGAN VARIABLE YANG SUDAH DIGABUNG
    printf "${COLOR_HEAD_BOX}║${NC} ${ICON_EXP} ${BOLD}%-10s : ${GH_EXP} ${COLOR_HARI}%-12s${NC} ${GREEN}%-3s${NC} ${COLOR_HEAD_BOX}         ║${NC}\n" "Expired" "$VPS_TIME" "ON"
    echo -e "${COLOR_HEAD_BOX}╚══════════════════════════════════════════════════════╝${NC}"
else
    echo -e "${RED}╔══════════════════════════════════════════════════════╗${NC}"
    printf "${RED}║${NC} ${ICON_SERVER} ${BOLD}%-10s : ${YELLOW}%-35s${NC} ${RED}║${NC}\n" "VPS IP" "$MY_IP_VPS"
    printf "${RED}║${NC} ${RED}%-52s${NC} ${RED}║${NC}\n" "⚠️  IP VPS TIDAK TERDAFTAR DI DATABASE!"
    echo -e "${RED}╚══════════════════════════════════════════════════════╝${NC}"
fi
echo ""

# 3. TAMPILKAN HEADER 3 (DAFTAR USER ONLINE) SEBELUM LOOP
echo -e "${COLOR_BORDER}╭──────────────────────────────────────────────────────╮${NC}"
printf "${COLOR_BORDER}│${BG_LIST}${BOLD}${WHITE}%-54s${NC}${COLOR_BORDER}│${NC}\n" "               DAFTAR USER ONLINE                     "
echo -e "${COLOR_BORDER}╰──────────────────────────────────────────────────────╯${NC}"

# --- LIST MEMBER (LOOPING) ---
grep -E "^([^:]+):[^:]+:[0-9]{4,}:" /etc/passwd | awk -F: '$3>=1000 && $1!="nobody" {print $1}' | while read -r USERNAME; do
    
    DB_DATA=$(grep -w "^#ssh# $USERNAME" /etc/ssh/.ssh.db 2>/dev/null)
    PASSWORD=$(echo "$DB_DATA" | awk '{print $3}'); [ -z "$PASSWORD" ] && PASSWORD="???"
    
    EXP_STR=$(chage -l "$USERNAME" | grep "Account expires" | cut -d: -f2 | sed 's/^ //g')
    if [[ "$EXP_STR" == "never" ]]; then SISA_HARI="∞"; EXP_DISPLAY="Unlimited"; C_EXP="${GREEN}"
    else
        EXP_DISPLAY=$(date -d "$EXP_STR" "+%d %b %Y"); DIFF=$(( $(date -d "$EXP_STR" +%s) - $(date +%s) ));
        if [[ $DIFF -lt 0 ]]; then SISA_HARI="Expired"; C_EXP="${RED}"; else SISA_HARI="$((DIFF / 86400)) Hari"; C_EXP="${GREEN}"; fi
    fi

    UID_USER=$(id -u "$USERNAME")
    BYTES_START=$(grep -w "$UID_USER" /tmp/iptables_start.txt | awk '{print $1}' | head -n 1); [ -z "$BYTES_START" ] && BYTES_START=0
    BYTES_END=$(grep -w "$UID_USER" /tmp/iptables_end.txt | awk '{print $1}' | head -n 1); [ -z "$BYTES_END" ] && BYTES_END=0
    DIFF_BYTES=$((BYTES_END - BYTES_START))
    
    LAST_IP=$(last -n 1 -w "$USERNAME" 2>/dev/null | head -n 1 | awk '{print $3}')
    if [[ -z "$LAST_IP" || "$LAST_IP" == "0.0.0.0" ]]; then
          LAST_IP=$(grep "Accepted password for $USERNAME" "$LOG_AUTH" 2>/dev/null | tail -n 1 | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}')
    fi

    MATCH_TCP=$(grep -F "$LAST_IP" /tmp/list_tcp.txt 2>/dev/null)
    MATCH_UDP=$(grep -F "$LAST_IP" /tmp/list_udp.txt 2>/dev/null)

    if [ "$DIFF_BYTES" -gt 0 ]; then STAT_COLOR="${GREEN}"; STAT_TEXT="SSL / DATA ONLINE ${ICON_ON}"
    elif [[ -n "$MATCH_TCP" && "$LAST_IP" != "0.0.0.0" && ${#LAST_IP} -ge 7 ]]; then STAT_COLOR="${YELLOW}"; STAT_TEXT="SSHWS / SOCKET ON ${ICON_WS}"
    elif pgrep -u "$USERNAME" sshd > /dev/null || pgrep -u "$USERNAME" dropbear > /dev/null; then STAT_COLOR="${GREEN}"; STAT_TEXT="SSH PROCESS ONLINE ${ICON_ON}"
    elif [[ -n "$MATCH_UDP" && "$LAST_IP" != "0.0.0.0" && ${#LAST_IP} -ge 7 ]]; then STAT_COLOR="${PURPLE}"; STAT_TEXT="ZiVPN / UDP ONLINE ${ICON_UDP}"
    elif [ "$ANY_UDP_TRAFFIC" -eq 1 ]; then STAT_COLOR="${PURPLE}"; STAT_TEXT="UDP / ZiVPN MODE ❓ ${ICON_UDP}"
    else STAT_COLOR="${RED}"; STAT_TEXT="OFFLINE ${ICON_OFF}"; fi

    USAGE_DISPLAY=$(format_bytes "$BYTES_END")

    # [FIX] RAPATKAN KURUNG HARI UNTUK USER
    # Gabungkan kurung dan variabel menjadi satu string
    USER_TIME="($SISA_HARI)"

    echo -e "${COLOR_BORDER}┌──────────────────────────────────────────────────────┐${NC}"
    printf "${COLOR_BORDER}│${NC} ${ICON_USER} User      : ${BOLD}${COLOR_VAL}%-38s${NC} ${COLOR_BORDER}│${NC}\n" "$USERNAME"
    printf "${COLOR_BORDER}│${NC} ${ICON_KEY} Pass      : ${YELLOW}%-38s${NC} ${COLOR_BORDER}│${NC}\n" "$PASSWORD"
    
    # [FIX] PRINTF DENGAN PADDING DI LUAR VARIABEL GABUNGAN
    # %-23s artinya sediakan 23 karakter untuk string USER_TIME (misal "(1 Hari)")
    # Sisanya akan diisi spasi di sebelah KANAN kurung tutup.
    printf "${COLOR_BORDER}│${NC} ${ICON_EXP} Expired   : %-15s ${C_EXP}%-23s${NC} ${COLOR_BORDER}│${NC}\n" "$EXP_DISPLAY" "$USER_TIME"
    
    echo -e "${COLOR_BORDER}├──────────────────────────────────────────────────────┤${NC}"
    printf "${COLOR_BORDER}│${NC} ${ICON_QUOTA} Usage     : ${BOLD}%-38s${NC} ${COLOR_BORDER}│${NC}\n" "$USAGE_DISPLAY"
    printf "${COLOR_BORDER}│${NC} ${ICON_WIFI} Status    : ${STAT_COLOR}%-42s${NC} ${COLOR_BORDER}│${NC}\n" "$STAT_TEXT"
    echo -e "${COLOR_BORDER}└──────────────────────────────────────────────────────┘${NC}"
    echo ""
done

rm -f /tmp/list_udp.txt /tmp/list_tcp.txt /tmp/iptables_start.txt /tmp/iptables_end.txt /tmp/iptables_dump.txt /tmp/global_udp_status.txt /tmp/data_ip_github.txt