!feat(vless): IP restriction

Beta, only works for vless for now and it's not perfect needs a lot of testing.

proxy/vless/inbound/inbound.go

@@ -178,7 +178,7 @@ func (*Handler) Network() []net.Network {
 }
 
 // Process implements proxy.Inbound.Process().
-func (h *Handler) Process(ctx context.Context, network net.Network, connection stat.Connection, dispatcher routing.Dispatcher) error {
+func (h *Handler) Process(ctx context.Context, network net.Network, connection stat.Connection, dispatcher routing.Dispatcher, usrIpRstrct *map[session.ID]*stat.UserIpRestriction, connIp *stat.UserIpRestriction) error {
 	sid := session.ExportIDToError(ctx)
 
 	iConn := connection
@@ -447,6 +447,27 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
 		// Flow: requestAddons.Flow,
 	}
 
+	if (request.User.IpLimit > 0) {
+		addr := connection.RemoteAddr().(*net.TCPAddr)
+		user := account.ID.String()
+
+		uniqueIps := make(map[string]bool)
+		// Iterate through the connections and find unique used IP addresses withing last 30 seconds.
+		for _, conn := range *usrIpRstrct {
+			if conn.User == user && !conn.IpAddress.Equal(addr.IP) && ((time.Now().Unix() - conn.Time) < 30) {
+				uniqueIps[conn.IpAddress.String()] = true
+			}
+		}
+
+		if (len(uniqueIps) >= int(request.User.IpLimit)) {
+			return newError("User ", user, " has exceeded their allowed IPs.").AtWarning()
+		}
+
+		connIp.IpAddress = addr.IP
+		connIp.User = user
+		connIp.Time = time.Now().Unix()
+	}
+
 	var netConn net.Conn
 	var rawConn syscall.RawConn
 	var input *bytes.Reader