Files
3x-ui/internal/web/translation/en-US.json
T
Sanaei 709b332d17 feat(hosts): managed Hosts for per-host subscription link overrides (#5409)
* test(sub): characterize current link output (externalProxy + single-link baselines)

Phase 0 of the Hosts feature. Locks current subscription-link output for the
externalProxy paths (vless/vmess/trojan/ss exact, reality/hysteria by Contains)
so the upcoming ShareEndpoint refactor can be proven behavior-preserving. These
must stay green and unedited through every later phase.

* refactor(sub): unify external-proxy link building behind ShareEndpoint (TDD, snapshot-locked)

Phase 1 of the Hosts feature. Collapse the duplicated externalProxy link
builders (param-form for vless/trojan/ss, object-form for vmess) onto a single
ShareEndpoint abstraction so Phase 4 can add Host-driven links with ~zero new
branching.

Design: an externalProxy-derived endpoint carries the original entry map and
applies it through the UNCHANGED applyExternalProxyTLS{Params,Obj} helpers, so
output is provably byte-identical. buildExternalProxyURLLinks /
buildVmessExternalProxyLinks become thin adapters; the genVless/Trojan/SS/Vmess
call sites are untouched. genHysteriaLink is deliberately left on its own path
(hex pinSHA256, not pcs). The no-externalProxy default tails are unchanged.

TDD: N1-N4 (externalProxyToEndpoint, inboundDefaultEndpoint, buildEndpointLinks,
buildEndpointVmessLinks) written failing-first against stubs, then implemented.

Mutation sanity (performed + reverted): dropping the ep-carry in
externalProxyToEndpoint makes the Phase-0 C1/C2 characterization snapshots go
red (TLS overrides vanish), proving the snapshots guard the emitted output.

Gate: go test ./internal/sub/... and go test ./... green with ZERO edits to the
Phase-0 snapshots; go build ./... green on linux and windows; go vet clean.

* feat(model): Host entity + automigrate + openapi codegen (TDD)

Phase 2 of the Hosts feature. Adds the Host GORM model: an override endpoint
attached to an inbound (address/port + TLS/transport/clash overrides + sub
scoping), superseding the legacy externalProxy array functionally while leaving
it intact.

- model.Host with snake_case column tags, json serializer for slices, text for
  free-JSON (mux/sockopt/xhttp), validate tags (remark 1-40, port 0-65535,
  security + mihomoIpVersion enums); TableName "hosts". NodeGuids column is added
  now but unused (host->node scoping deferred to v2).
- Registered in BOTH initModels() (db.go) and migrationModels() (migrate_data.go);
  the latter is required for cross-DB migration and is easy to miss. PG sequence
  resync iterates the initModels slice, so it is covered automatically.
- pruneOrphanedHosts() deletes hosts whose inbound_id has no inbound, called
  alongside pruneOrphanedClientInbounds().
- openapigen manifest: Host added to StructAllow with MuxParams/SockoptParams/
  XhttpExtraParams -> KindAny; regenerated frontend/src/generated/* + openapi.json.

TDD: TestHostTableName, TestHostValidation, TestHostAutoMigrateCreatesColumns
(+ _Postgres), TestPruneOrphanedHosts written failing-first against a wrong-name,
untagged, unregistered stub, then implemented.

Gate: go test ./... green on SQLite AND a real Postgres DSN (local container);
go build/vet/gofmt clean; npm run gen succeeds with the new Host type/schema/
example/zod; npm run typecheck + npm run test (542) green.

* feat(api): Host CRUD service + controller + routes (TDD)

Phase 3 of the Hosts feature.

- service/host.go (HostService, empty struct + database.GetDB() like
  ClientService): GetHosts, GetHostsByInbound, GetHost, AddHost (verifies the
  inbound exists — no hard FK), UpdateHost (inbound + sort order immutable here),
  DeleteHost, SetHostEnable, SetHostsEnable, DeleteHosts, ReorderHosts (single
  driver-safe transaction), GetAllTags.
- controller/host.go mirrors NodeController: routes under /panel/api/hosts
  (list/get/byInbound/tags + add/update/del/setEnable/reorder + bulk/setEnable,
  bulk/del), binds via middleware.BindAndValidate so the model validate tags are
  enforced, {success,msg,obj} envelopes.
- Wired the hosts group into api.go after nodes (inherits checkAPIAuth + CSRF).
- DelInbound now cascades: deleting an inbound deletes its hosts.
- Documented all 11 routes in api-docs endpoints.ts (referencing the generated
  Host schema) and regenerated openapi.json; extended TestAPIRoutesDocumented's
  controller->basePath switch for host.go. Backend en toast keys added.

TDD: service tests (Add/GetByInbound, RejectsUnknownInbound, Reorder, Set/Bulk
enable, DeleteHosts, DeleteInboundCascadesHosts, GetAllTags) written failing-
first against a nil-returning stub; controller test (AddListGetDelete envelope
round-trip + AuthInherited 401) added.

Gate: go test ./internal/web/... + go test ./... green; npm run gen + typecheck
+ lint + test (542) + build green.

* feat(sub): render subscription links from hosts; legacy fallback when none (TDD, mutation-checked)

Phase 4 of the Hosts feature. Inserts host resolution between inbound and link
across all three subscription formats.

Mechanism: hostEndpoints(inbound, format) loads the inbound's enabled hosts
(filtered by ExcludeFromSubTypes, ordered by sort_order then id) and projects
each onto the externalProxy entry shape the raw/json/clash renderers already
consume. So a host fans out one link/proxy reusing the exact existing rendering
(address/port/security/sni/fp/alpn/pins/ech) with zero new TLS code. Host header
and path overrides are applied additively in the raw builders (no-op for legacy
externalProxy, which never carries those keys — characterization snapshots stay
green). Clash ip-version (MihomoIpVersion) is set last on the proxy.

Integration points:
- getSubs (raw): per inbound, hostEndpoints AFTER projectThroughFallbackMaster;
  len>0 -> linkFromHosts (renders only the hosts), else legacy GetLink.
- GetJson/GetClash: inject the host endpoints into the inbound's externalProxy
  before the existing getConfig/getProxies loop.
- Precedence: hosts win over any legacy externalProxy (injection replaces it).

Backward compat: a zero-host inbound takes the legacy path -> byte-identical
output (all Phase-0 characterization snapshots unchanged).

TDD: 9 cycles (zero-hosts identical, N-links-ordered with host/path override,
disabled skipped, host-vs-externalProxy precedence, no-dedup, sort composes with
SubSortIndex, host-over-fallback, resolve-via-client-inbounds, ExcludeFromSubTypes
per format) written failing-first against unwired helpers, then wired green.

Mutation sanity (performed + reverted, documented here):
- zero-hosts fallback: flipping the len(hostEps)>0 guard to >=0 makes
  TestSub_ZeroHosts_IdenticalOutput go red (host path yields "" for no hosts).
- no-dedup: adding a remark-dedup in hostEndpoints makes TestSub_NHosts_NoDedup
  go red (two distinct hosts collapse to one link).

Gate: go test ./internal/sub/... + go test ./... green with ZERO edits to the
Phase-0 snapshots; go build green on linux and windows; go vet + gofmt clean.

* feat(migration): seed hosts from inbound externalProxy (TDD, idempotent, dual-driver)

Phase 5 of the Hosts feature. One-time migration so existing installs surface
their legacy externalProxy entries as first-class Host rows.

- seedHostsFromExternalProxy() is self-gated on a HistoryOfSeeders
  "HostsFromExternalProxy" row (run-once) and wired into runSeeders. For each
  inbound it parses StreamSettings, reads externalProxy[], and creates one Host
  per entry: forceTls->Security (unknown->same), dest->Address, port->Port,
  remark->Remark (generated when blank, capped at 40), sni/fingerprint/alpn/
  pinnedPeerCertSha256/echConfigList copied; SortOrder=index; InboundId set.
- Additive: externalProxy is left intact in StreamSettings (rollback-safe; the
  sub layer prefers hosts when present, §Phase 4).
- Postgres: GORM db.Create advances hosts_id_seq via the sequence, so no extra
  resync is needed beyond the existing startup resync.

TDD: field-mapping, idempotency (second run no-op), no-externalProxy->no-hosts,
externalProxy-kept-intact written failing-first against a stub; plus a
Postgres counterpart that skips without XUI_DB_DSN.

Gate: go test ./internal/web/service/... ./internal/database/... green on SQLite;
the *_Postgres tests green against a real Postgres container; go build green on
linux and windows; go vet + gofmt clean. (Running the whole database package
under XUI_DB_TYPE=postgres is not supported — the SQLite-path tests share the one
DSN — so only the t.Skip-gated *_Postgres tests run with the env set.)

* feat(ui): Hosts page + schema + query hooks + link preview helper (TDD on schema/helpers)

Phase 6 of the Hosts feature — the admin UI.

- schemas/api/host.ts: HostFormSchema (validation: remark 1-40, tags ^[A-Z0-9_:]+$
  ≤10×≤36, port 0-65535, security/mihomoIpVersion enums, alpn/fingerprint reused
  from the shared primitives) + a loose HostRecordSchema/HostListSchema for reads.
- lib/hosts/host-link.ts: hostToExternalProxyEntry — the frontend mirror of the
  backend hostToExternalProxyMap (security->forceTls, sni override rules, port
  inherit), for share-link previews.
- api/queries/useHostsQuery.ts + useHostMutations.ts (mirror the node hooks):
  list/get + add/update/del/setEnable/reorder/bulk; queryKeys.hosts.* added;
  mutations invalidate keys.hosts.root().
- pages/hosts/{HostsPage,HostList,HostFormModal}.tsx (+CSS) mirroring pages/nodes:
  list with remark · address:port · inbound · security · tags · enable Switch ·
  per-inbound move up/down (reorder) · bulk enable/disable/delete; form grouped
  into Basic / Advanced / Clash / Subscription-scope sections.
- Route '/hosts' + sidebar item (Global icon); menu.hosts + pages.hosts.* added to
  the en-US bundle (other locales fall back to English until translated).

TDD: HostFormSchema (10 cases) and hostToExternalProxyEntry (6 cases) written
failing-first, then implemented. UI verified by lint/typecheck/test/build.

Deferred (documented enhancement): the live in-form share-link preview (needs
inbound+client context) and a per-host host/path override in JSON/Clash output
(raw already overrides; JSON/Clash inherit the inbound's host/path).

Gate: cd frontend && npm run lint && npm run typecheck && npm run test (557) &&
npm run build all green; go build ./... + go test ./... still green.

* refactor(ui): remove the External Proxy form from the inbound stream settings

Hosts supersede the legacy externalProxy: the subscription renders from hosts
(hosts win when both exist) and the migration converts existing externalProxy
entries to hosts. externalProxy's only real consumers were the subscription
(now covered) and this form's preview — the backend per-client copy-link never
used it — so removing the editor has no functional regression.

- Drop ExternalProxyForm + toggleExternalProxy from InboundFormModal and delete
  the orphaned form component + its export; remove its block test + snapshot.
- KEEP the externalProxy schema field and backend parsing/link-generation: an
  existing inbound's externalProxy still round-trips through the form (not
  silently destroyed on edit) and still renders if a host was removed.

Gate: cd frontend && npm run typecheck + lint + test (556) + build green.

* fix(ui): use Alert `title` instead of deprecated `message` (antd 6)

Ant Design 6 deprecated <Alert message=> in favor of <Alert title=>; the panel
was mid-migration (21 Alerts already on title). Renamed the 7 remaining stragglers
across 5 files (SubLinksModal, InboundFormModal, sockopt, EmailTab, TelegramTab),
silencing the runtime deprecation warning. description= is unchanged.

Pre-existing warning, surfaced while testing Hosts — not introduced by it.

Gate: npm run typecheck + lint + test (556) + build green.

* style(ui): align Hosts page with Clients/Inbounds cards + reorder columns

- page-shell.css never listed .hosts-page, so the Hosts page got no content
  padding / transparent-layout / summary-card spacing. Add a .hosts-page shell
  block (background, dark/ultra vars, content-area + summary-card padding). This
  is the actual "card spacing" bug.
- HostList: match the Clients/Inbounds list card — hoverable + the toolbar moved
  into the card title as a .card-toolbar (Add when nothing selected; selected
  count + bulk enable/disable/delete on selection). Re-declare .card-toolbar in
  HostList.css since the shared rule lives in a lazily-loaded page stylesheet.
- Reorder table columns as requested: Actions, Enable, then Remark, Endpoint,
  Inbound, Security, Tags. Added scroll x for narrow screens.
- HostsPage: add a summary card (Total / Enabled / Disabled) like the other
  pages. New i18n keys: pages.hosts.selectedCount + pages.hosts.summary.*.

Gate: npm run typecheck + lint + test (556) + build green.

* style(ui): use Tabs instead of Collapse in the Add/Edit Host form

The Basic / Advanced / Clash / Subscription-scope sections are now tabs. Each
pane sets forceRender so all fields stay mounted — required because the form
uses preserve=false, so an unmounted tab's values would otherwise be dropped on
submit (and a required field on a hidden tab still blocks submit).

Gate: npm run typecheck + lint + test (556) + build green.

* style(ui): split Host form into Security + Advanced tabs; drop unused JSON fields

- Remove the Mux/Sockopt/XHTTP raw-JSON fields from the Host form: they were not
  wired into link generation and the inbound's structured editors are inbound-
  specific (not reusable). The DB columns + read schema + generated type stay, so
  they can get proper editors later. (HostFormSchema drops them; HostRecordSchema
  keeps them.)
- Reorganize tabs to Basic / Security / Advanced / Clash / Subscription scope:
  Security holds the TLS/cert fields (security, sni, sni-overrides, alpn,
  fingerprint, pins, verify-by-name, ech); Advanced now holds the transport
  overrides (host header, path).
- i18n: add pages.hosts.sections.security; drop the 3 unused field labels.

Gate: npm run typecheck + lint + test (556) + build green.

* style(ui): restore Mux/Sockopt/XHTTP fields in the Host Advanced tab

Put the three free-JSON override fields back, in the Advanced tab next to host
header / path (as JSON inputs — the inbound's structured editors aren't reusable
here). Re-added to HostFormSchema + defaults + the i18n labels.

Gate: npm run typecheck + lint + test (556) + build green.

* feat(hosts): add allowInsecure (rendered) + serverDescription/mihomoX25519/vlessRouteId fields

Closes most of the Remnawave-host gap analysis.

- model.Host: + allowInsecure, serverDescription (≤64), vlessRouteId (0-65535),
  mihomoX25519. Auto-migrated (SQLite + Postgres verified); openapi regenerated.
- allowInsecure is fully RENDERED into subscription output (TDD):
  - raw link: allowInsecure=1 (TLS/Reality, skipped for none) via the endpoint
    builder;
  - JSON/Clash: applyExternalProxyTLSToStream writes tlsSettings.settings.
    allowInsecure, and clash applySecurity now emits skip-cert-verify for the tls
    case (it previously only did so for Hysteria — a pre-existing gap, so inbound
    allowInsecure now renders for vless/trojan/ss clash too).
- Frontend: the four fields added to the Host form (allowInsecure → Security,
  serverDescription → Basic, vlessRouteId → Advanced, mihomoX25519 → Clash);
  serverDescription shown under the remark in the list. Schema + i18n updated.

serverDescription / vlessRouteId / mihomoX25519 are stored + editable; their
deeper rendering (and per-host mux/sockopt/xhttp into JSON/Clash, plus a per-host
xray JSON template) are tracked as follow-ups.

Gate: go test ./... green (SQLite + Postgres for the host schema/migration);
go build linux+windows; go vet + gofmt clean; npm run gen + typecheck + lint +
test (556) + build green; generated files in sync.

* feat(sub): render host sockopt + xhttp-extra params into JSON/Clash output (TDD)

A host's sockoptParams and xhttpExtraParams (free-JSON) now take effect:
applyHostStreamOverrides injects sockopt into the per-host stream (re-added since
the base stream strips it) and merges xhttpExtraParams into xhttpSettings, called
in both getConfig (JSON) and getProxies (Clash) right after the per-host TLS
apply. No-op for legacy externalProxy entries (keys absent) — characterization
snapshots unchanged.

mux rendering is outbound-level (overrides outbound.Mux) and needs a genVless/
genVnext/genServer signature change — deferred, along with the per-host xray
JSON template.

Gate: go test ./internal/sub/... + go test ./... green (snapshots unchanged);
go build + vet + gofmt clean.

* feat(sub): render host muxParams as a per-host JSON outbound mux override (TDD)

genVnext/genVless/genServer take a muxOverride: a host's muxParams (when valid
JSON) overrides the global mux on its JSON outbound; empty falls back to the
panel mux (behavior unchanged for non-host configs). Completes the host
mux/sockopt/xhttp trio. Test call sites updated for the new signature.

Gate: go test ./internal/sub/... + go test ./... green (snapshots unchanged);
go build + gofmt clean.

* style(ui): show Host security fields conditionally per security (like externalProxy)

* feat(sub): apply host SNI + fingerprint override for reality (TDD)

A reality host now overrides SNI and fingerprint while inheriting publicKey/
shortId from the inbound (reality keys can't be host-supplied). Previously the
reality link kept the inbound's serverName because the TLS appliers are gated to
security=="tls".

- raw: applyEndpointRealityParams sets sni/fp on the params for reality;
- JSON/Clash: applyHostStreamOverrides sets realitySettings.serverName +
  serverNames from the host SNI.

Gated to host endpoints via an isHost marker on the synthesized ep, so the legacy
externalProxy path stays byte-identical (characterization snapshots unchanged).
The marker is internal and never emitted.

Gate: go test ./internal/sub/... + go test ./... green; go build + vet + gofmt clean.

* fix(ui): start the Host inbound select unselected instead of showing 0

A new host left inboundId defaulting to 0, so the Select rendered "0". inboundId
is now optional in the form (undefined until chosen), so it shows its
placeholder ("Select an inbound"); the required rule still enforces a choice on
save. Port keeps 0 (means "inherit the inbound's port").

Gate: npm run typecheck + lint + build green.

* fix(ui): drop redundant :port suffix from the Host inbound select label

The inbound tag (e.g. in-59303-tcp) already carries the port, so the appended
":59303" was duplicated. Show just the remark/tag.

Gate: npm run typecheck + lint + build green.

* style(ui): apply the shared card hover shadows to the Hosts page

page-cards.css scoped its card styling + hover shadows to each page class but
not .hosts-page, so Hosts fell back to antd's default hoverable (a larger/blurry
shadow + pointer cursor). Add a .hosts-page block matching the other pages.

Gate: npm run build green.

* feat(hosts): move Tags to Basic tab, add Nodes field, accept VLESS route ranges

- Move the Tags field into the Host form's Basic tab and add a Nodes
  multi-select (visual-only assignment, backed by the existing node_guids
  column) so the Basic tab matches the reference layout.
- Replace the single-port vlessRouteId integer with a free-form vlessRoute
  string that accepts comma-separated ports/ranges (e.g. 53,443,1000-2000);
  format-validated on the frontend, stored verbatim on the backend.
- Regenerated frontend types/openapi from the changed model.

* feat(hosts): structured editors for Mux/Sockopt/XHTTP + new Final Mask

Replace the raw JSON textareas in the Host form's Advanced tab with the same
structured editors used elsewhere, under a nested tabbed layout (General / Mux /
Sockopt / XHTTP / Final Mask), mirroring the Sub-JSON settings tab:

- Mux: the Sub-JSON mux editor (enable + concurrency/xudpConcurrency/xudp443).
- Sockopt + XHTTP: reuse the outbound SockoptForm / XhttpForm, wrapped in an
  isolated form that serializes the edited subtree back to the host's JSON
  string (pruned so the override stays sparse).
- Final Mask: new host field (model + column + JSON-render wiring that merges
  the masks into the host's JSON-subscription stream), edited via the shared
  FinalMaskForm like the Sub-JSON Final Mask editor.

Each editor stays a controlled value/onChange component bound to its existing
host JSON string field; backend rendering of mux/sockopt/xhttp is unchanged.

* feat(hosts): drop XHTTP + Xray-JSON-template overrides; fix mobile form layout

Remove the host's XHTTP extra-params and Xray-JSON-template overrides entirely
(model fields + columns, JSON-subscription render paths incl. hostTemplateOutbound,
schema, form tab/field, i18n, openapi codegen, and their tests) — they did not
fit the host model. Mux, Sockopt and Final Mask stay as structured editors.

Mobile fixes for the Edit Host modal:
- responsive width (95vw on mobile, was a fixed 760px that overflowed the
  viewport and clipped the tabs/labels) + a scrollable body so the footer stays
  on screen;
- Mux fields use responsive Row/Col (stack on mobile) instead of a fixed-width
  label grid.

* fix(hosts): hide the spurious horizontal scrollbar in the Edit Host modal

Setting overflowY:auto on the modal body forced overflow-x to auto too (CSS
rule), so antd Row's negative gutter margins triggered a horizontal scrollbar.
Pin overflowX:hidden.

* feat(hosts): inbound-style responsive field layout + icon empty state

- Host form (main form + Mux/Sockopt/Final Mask editors) now use the inbound
  form's label layout: label beside the input on desktop (labelCol sm span 8 /
  wrapperCol sm span 14, right-aligned), stacked label-above-input on mobile.
  Rewrote HostMuxForm onto an internal antd Form so it follows the same layout
  instead of a manual grid.
- Empty hosts table now shows the host icon + the shared 'Nothing here yet'
  (noData) text, matching Nodes/Inbounds/Clients, replacing the bespoke
  'No hosts yet…' string.

* fix(hosts): avoid nested <form> in the Edit Host modal

The Mux/Sockopt/Final Mask editors each render their own antd Form inside the
host's main Form, producing an invalid nested <form> DOM node (hydration
warning). Render those inner forms with component={false} so they keep the form
instance/context but emit no <form> element.

* fix(hosts): make the Mux enable toggle work

The Switch's checked state came from Form.useWatch('mux'), but the mux object
field had no registered Form.Item while disabled, so setFieldValue never
notified the watcher and the toggle stayed off. Bind the Switch to a real
name='enabled' field (antd drives its checked state directly) and keep the
sub-fields registered via hidden={!enabled}, serialized to the flat mux JSON.

* refactor(hosts): reuse the outbound MuxForm instead of a bespoke Mux editor

The Mux fields duplicated the outbound MuxForm. Reuse it through the same
wrapper as Sockopt: generalize OutboundSubtreeJsonForm with defaultSubtree
(pre-fill on enable) and a serialize hook, and have HostMuxForm render MuxForm
at the ['mux'] path. The host keeps its inherit-when-off semantics by storing ''
unless mux.enabled. Also drops the now-unused enableSwitch path from the
wrapper (only the removed XHTTP editor used it).

* style(hosts): use default-width Port input like the inbound form

The host Port used width:100% (full width); the inbound's numeric inputs use
antd's default width. Drop the override so Port matches. The Mux number inputs
already use the default width via the reused MuxForm.

* refactor(sockopt): readable customSockopt editor as a shared component

The customSockopt rows were a single cramped Space.Compact line and duplicated
verbatim in the inbound and outbound sockopt forms. Extract a shared
CustomSockoptList that renders each entry as a titled group of labeled fields
(System / Level / Opt / Type / Value), matching the rest of the form, and use it
in both (and thus the host Sockopt editor).

* fix(finalmask): drop the empty Custom Tables tag on a new sudoku mask

The sudoku TCP-mask default seeded customTables: [''] (one empty string), which
rendered as a blank removable tag. Seed [] instead.

* fix(sockopt): make the outbound (and host) Sockopt client-only

Per the XTLS sockopt docs, tproxy / acceptProxyProtocol / V6Only /
trustedXForwardedFor only apply to an inbound (listening socket); they are
meaningless on an outbound/dialer. Drop them from the outbound SockoptForm
(which the host reuses). The Sockopt default object still seeds those keys, so
the host also strips them on serialize, keeping its override honest to the
server/client split. The inbound SockoptForm is left unchanged.

* fix(sockopt): make the inbound Sockopt server-only

Complete the server/client split: drop the outbound/dialer-only fields from the
inbound SockoptForm — dialerProxy, domainStrategy, interface, addressPortStrategy,
happyEyeballs, tcpMptcp (client-only since Go 1.24 auto-enables MPTCP on listen).
mark stays (xray applies SO_MARK on inbound sockets too). Update the form-blocks
snapshot to the server-side field set (intentional spec change).

* feat(hosts): populate Sockopt dialerProxy with the panel's outbound tags

The host Sockopt editor reused the outbound SockoptForm with outboundTags=[],
so the dialerProxy dropdown was empty. Feed it the panel's outbound tags via
the existing useOutboundTags hook (shares the cached xray-config query;
blackhole excluded), so a host can chain through a subscription outbound by tag.

* fix(hosts): empty-state styling on direct load + exclude balancers from dialerProxy

- .card-empty was only defined in lazily-loaded Clients/Inbounds/Nodes
  stylesheets, so a direct /hosts refresh rendered the empty table state
  unstyled (faint + uncentered) until another page was visited. Re-declare it
  in HostList.css so it's correct on first load.
- The Sockopt dialerProxy dropdown listed balancer tags (useOutboundTags merges
  them in for mtproto egress). dialerProxy chains a single outbound, so balancers
  aren't valid — switch to useOutboundTagGroups and use only the outbound group.

* fix(outbounds): icon + 'Nothing here yet' empty state; stop fading other pages

The Outbounds empty state was a faint '—', and OutboundsTab.css set the global
.card-empty to opacity:0.4 — which leaked onto whichever page's empty state was
shown after the Outbounds CSS had loaded (e.g. Hosts went faint after visiting
Outbounds). Render the icon + noData ('Nothing here yet') like the other lists,
and align .card-empty to the shared centered/secondary style (no opacity).

* fix(outbounds): custom empty state on the desktop table too

The desktop Outbounds Table had no locale.emptyText, so it showed antd's
default 'No data' box. Add the same ExportOutlined + noData empty state as the
card (mobile) view.

* style(sidebar): use ExportOutlined for the Outbounds nav item

The Outbounds sidebar item used UploadOutlined (an upload tray). Switch to
ExportOutlined, matching the outbound icon now used in the routing target and
the outbounds empty states.

* feat(hosts): icons on the form tabs (icon-only on mobile)

Wrap every Host form tab label (Basic/Security/Advanced/Clash/Subscription
scope and the nested General/Mux/Sockopt/Final Mask) with catTabLabel, so the
tabs show icon + text on desktop and just the icon (with a tooltip) on mobile,
matching the Settings/Xray tab bars.

* refactor(hosts): fold Exclude-from-formats into Advanced, drop the one-field tab

The Subscription scope tab held only excludeFromSubTypes after Tags moved to
Basic — a niche per-format scoping knob. Move it into the Advanced > General
sub-tab and remove the standalone tab (and its now-unused subScope label/icon).

* feat(sub): per-client remark template variables; drop the remark model & Show Usage Info

* fix(migration): cap seeded host remark at the model's 256-char limit, not 40
2026-06-17 12:06:55 +02:00

2016 lines
102 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{
"username": "Username",
"password": "Password",
"login": "Log In",
"confirm": "Confirm",
"cancel": "Cancel",
"close": "Close",
"save": "Save",
"logout": "Log Out",
"create": "Create",
"add": "Add",
"remove": "Remove",
"update": "Update",
"copy": "Copy",
"copied": "Copied",
"more": "more",
"download": "Download",
"remark": "Remark",
"enable": "Enabled",
"protocol": "Protocol",
"search": "Search",
"filter": "Filter",
"all": "All",
"from": "From",
"to": "To",
"done": "Done",
"loading": "Loading...",
"refresh": "Refresh",
"clear": "Clear",
"second": "Second",
"minute": "Minute",
"hour": "Hour",
"day": "Day",
"check": "Check",
"indefinite": "Indefinite",
"unlimited": "Unlimited",
"none": "None",
"qrCode": "QR Code",
"info": "More Information",
"edit": "Edit",
"delete": "Delete",
"reset": "Reset",
"noData": "Nothing here yet",
"copySuccess": "Copied successfully",
"sure": "Sure",
"encryption": "Encryption",
"useIPv4ForHost": "Use IPv4 for host",
"transmission": "Transmission",
"host": "Host",
"path": "Path",
"camouflage": "Obfuscation",
"status": "Status",
"enabled": "Enabled",
"disabled": "Disabled",
"depleted": "Ended",
"depletingSoon": "Depleting",
"offline": "Offline",
"online": "Online",
"domainName": "Domain Name",
"monitor": "Listen IP",
"certificate": "Digital Certificate",
"fail": "Failed",
"comment": "Comment",
"success": "Success",
"lastOnline": "Last Online",
"getVersion": "Get Version",
"install": "Install",
"clients": "Clients",
"usage": "Usage",
"twoFactorCode": "Code",
"remained": "Remaining",
"security": "Security",
"secAlertTitle": "Security Alert",
"secAlertSsl": "This connection is not secure. Please avoid entering sensitive information until TLS is activated for data protection.",
"secAlertConf": "Certain settings are vulnerable to attacks. It is recommended to reinforce security protocols to prevent potential breaches.",
"secAlertSSL": "Panel lacks secure connection. Please install TLS certificate for data protection.",
"secAlertPanelPort": "Panel default port is vulnerable. Please configure a random or specific port.",
"secAlertPanelURI": "Panel default URI path is insecure. Please configure a complex URI path.",
"secAlertSubURI": "Subscription default URI path is insecure. Please configure a complex URI path.",
"secAlertSubJsonURI": "Subscription JSON default URI path is insecure. Please configure a complex URI path.",
"emptyDnsDesc": "No added DNS servers.",
"emptyFakeDnsDesc": "No added Fake DNS servers.",
"emptyBalancersDesc": "No added balancers.",
"emptyReverseDesc": "No added reverse proxies.",
"somethingWentWrong": "Something went wrong",
"subscription": {
"title": "Subscription info",
"subId": "Subscription ID",
"email": "Email",
"status": "Status",
"downloaded": "Downloaded",
"uploaded": "Uploaded",
"expiry": "Expiry",
"totalQuota": "Total quota",
"individualLinks": "Individual links",
"active": "Active",
"inactive": "Inactive",
"unlimited": "Unlimited",
"noExpiry": "No expiry",
"copyAllConfigs": "Copy All Configs",
"copyAllConfigsCopied": "All configs copied"
},
"menu": {
"theme": "Theme",
"dark": "Dark",
"ultraDark": "Ultra Dark",
"dashboard": "Overview",
"inbounds": "Inbounds",
"clients": "Clients",
"groups": "Groups",
"nodes": "Nodes",
"hosts": "Hosts",
"settings": "Panel Settings",
"xray": "Xray Configs",
"apiDocs": "API Docs",
"logout": "Log Out",
"link": "Manage",
"donate": "Donate"
},
"pages": {
"login": {
"hello": "Hello",
"title": "Welcome",
"loginAgain": "Your session has expired, please log in again",
"toasts": {
"invalidFormData": "The input data format is invalid.",
"emptyUsername": "Username is required",
"emptyPassword": "Password is required",
"wrongUsernameOrPassword": "Invalid username or password or two-factor code.",
"successLogin": "You have successfully logged into your account."
}
},
"index": {
"title": "Overview",
"cpu": "CPU",
"logicalProcessors": "Logical Processors",
"frequency": "Frequency",
"swap": "Swap",
"storage": "Storage",
"memory": "RAM",
"threads": "Threads",
"xrayStatus": "Xray",
"stopXray": "Stop",
"restartXray": "Restart",
"xraySwitch": "Version",
"xrayUpdates": "Xray Updates",
"xraySwitchClick": "Choose the version you want to switch to.",
"xraySwitchClickDesk": "Choose carefully, as older versions may not be compatible with current configurations.",
"updatePanel": "Update Panel",
"panelUpdateDesc": "This will update 3X-UI itself to the latest release and restart the panel service.",
"currentPanelVersion": "Current panel version",
"latestPanelVersion": "Latest panel version",
"panelUpToDate": "Panel is up to date",
"upToDate": "Up to date",
"xrayStatusUnknown": "Unknown",
"xrayStatusRunning": "Running",
"xrayStatusStop": "Stopped",
"xrayStatusError": "Error",
"xrayErrorPopoverTitle": "An error occurred while running Xray",
"operationHours": "Uptime",
"systemHistoryTitle": "System History",
"historyTitleCpu": "CPU Usage",
"historyTitleMem": "Memory Usage",
"historyTitleNetwork": "Network Bandwidth",
"historyTitlePackets": "Network Packets",
"historyTitleDisk": "Disk I/O",
"historyTitleOnline": "Online Clients",
"historyTitleLoad": "System Load Average (1m / 5m / 15m)",
"historyTitleConnections": "Active Connections (TCP / UDP)",
"historyTitleDiskUsage": "Disk Space Usage",
"historyTabBandwidth": "Bandwidth",
"historyTabPackets": "Packets",
"historyTabDisk": "Disk I/O",
"historyTabOnline": "Online",
"historyTabLoad": "Load",
"historyTabConnections": "Connections",
"historyTabDiskUsage": "Disk Usage",
"charts": "Charts",
"xrayMetricsTitle": "Xray Metrics",
"xrayTitleHeap": "Allocated Heap Memory",
"xrayTitleSys": "Memory Reserved from OS",
"xrayTitleObjects": "Live Heap Objects",
"xrayTitleGcCount": "Completed GC Cycles",
"xrayTitleGcPause": "GC Pause Duration",
"xrayTitleObservatory": "Outbound Connection Health",
"xrayTabHeap": "Heap",
"xrayTabSys": "Sys",
"xrayTabObjects": "Objects",
"xrayTabGcCount": "GC Count",
"xrayTabGcPause": "GC Pause",
"xrayTabObservatory": "Observatory",
"xrayMetricsDisabled": "Xray metrics endpoint not configured",
"xrayMetricsHint": "Add a top-level metrics block to the xray config with tag metrics_out and listen 127.0.0.1:11111, then restart xray.",
"xrayObservatoryEmpty": "No observatory data yet",
"xrayObservatoryHint": "Add an observatory block to the xray config listing the outbound tags to probe, then restart xray.",
"xrayObservatoryTagPlaceholder": "Select outbound",
"xrayObservatoryAlive": "Alive",
"xrayObservatoryDead": "Down",
"xrayObservatoryLastSeen": "Last seen",
"xrayObservatoryLastTry": "Last try",
"trendLast2Min": "Last 2 minutes",
"systemLoad": "System Load",
"systemLoadDesc": "System load average for the past 1, 5, and 15 minutes",
"connectionCount": "Connection Stats",
"ipAddresses": "IP Addresses",
"toggleIpVisibility": "Toggle visibility of the IP",
"overallSpeed": "Overall Speed",
"upload": "Upload",
"download": "Download",
"totalData": "Total Data",
"sent": "Sent",
"received": "Received",
"documentation": "Documentation",
"xraySwitchVersionDialog": "Do you really want to change the Xray version?",
"xraySwitchVersionDialogDesc": "This will change the Xray version to #version#.",
"xraySwitchVersionPopover": "Xray updated successfully",
"panelUpdateDialog": "Do you really want to update the panel?",
"panelUpdateDialogDesc": "This will update 3X-UI to #version# and restart the panel service.",
"panelUpdateCheckPopover": "Panel update check failed",
"panelUpdateStartedPopover": "Panel update started",
"geofileUpdateDialog": "Do you really want to update the geofile?",
"geofileUpdateDialogDesc": "This will update the #filename# file.",
"geofilesUpdateDialogDesc": "This will update all geofiles.",
"geofilesUpdateAll": "Update all",
"geofileUpdatePopover": "Geofile updated successfully",
"geodataTitle": "Geodata Auto-Update",
"geodataHint": "Xray downloads these files on schedule and hot-reloads them without a restart. URLs must be HTTPS. Each file must already exist in the bin folder once before Xray can update it.",
"geodataCron": "Schedule (cron)",
"geodataOutbound": "Download through outbound (optional)",
"geodataFile": "File name",
"geodataAddFile": "Add file",
"geodataSaveRestart": "Save & Restart Xray",
"geodataConfirmTitle": "Save geodata settings?",
"geodataConfirmContent": "This updates the Xray config template and restarts Xray.",
"geodataInvalidUrl": "Each file needs an HTTPS URL.",
"geodataInvalidFile": "File names must be plain names like geosite_custom.dat (no paths).",
"geodataInvalidCron": "Cron must have 5 fields, e.g. 0 4 * * *",
"geodataEmpty": "No files configured. Reference files in routing rules as ext:geosite_custom.dat:category.",
"dontRefresh": "Installation is in progress, please do not refresh this page",
"logs": "Logs",
"config": "Config",
"backup": "Backup",
"backupTitle": "Backup & Restore",
"exportDatabase": "Back Up",
"exportDatabaseDesc": "Click to download a .db file containing a backup of your current database to your device.",
"importDatabase": "Restore",
"importDatabaseDesc": "Click to select and upload a .db file from your device to restore your database from a backup.",
"importDatabaseSuccess": "The database has been successfully imported.",
"importDatabaseError": "An error occurred while importing the database.",
"readDatabaseError": "An error occurred while reading the database.",
"getDatabaseError": "An error occurred while retrieving the database.",
"getConfigError": "An error occurred while retrieving the config file.",
"backupPostgresNote": "This panel runs on PostgreSQL. Back Up downloads a pg_dump archive (.dump) and Restore loads it back with pg_restore. The server needs the PostgreSQL client tools (pg_dump and pg_restore) installed.",
"exportDatabasePgDesc": "Click to download a PostgreSQL dump (.dump) of your current database to your device.",
"importDatabasePgDesc": "Click to select and upload a .dump file to restore your PostgreSQL database. This replaces all current data.",
"migrationDownload": "Download Migration",
"migrationDownloadDesc": "Click to download a portable .dump (SQL text) export of your SQLite database.",
"migrationDownloadPgDesc": "Click to download a .db SQLite database built from your PostgreSQL data, ready to run this panel on SQLite."
},
"inbounds": {
"title": "Inbounds",
"totalDownUp": "Total Sent/Received",
"totalUsage": "Total Usage",
"inboundCount": "Total Inbounds",
"operate": "Menu",
"enable": "Enabled",
"remark": "Remark",
"node": "Node",
"deployTo": "Deploy to",
"localPanel": "Local panel",
"fallbacks": {
"title": "Fallbacks",
"help": "When a connection on this inbound does not match any client, route it elsewhere. Pick a child inbound below to auto-fill the routing fields (SNI / ALPN / path / xver) from its transport, or leave the picker empty and set Dest directly (e.g. 8080 or 127.0.0.1:8080) to route to an external server such as Nginx. Each child inbound should listen on 127.0.0.1 with security=none.",
"empty": "No fallbacks yet",
"add": "Add fallback",
"pickInbound": "Pick an inbound",
"matchAny": "any",
"destPlaceholder": "auto (child listen:port)",
"rederive": "Re-fill from child",
"rederived": "Re-filled from child",
"editAdvanced": "Edit routing fields",
"hideAdvanced": "Hide advanced",
"quickAddAll": "Quick add all eligible",
"quickAdded": "Added {n} fallback(s)",
"quickAddedNone": "No new eligible inbounds to add",
"routesWhen": "Routes when",
"defaultCatchAll": "Default — catches anything else",
"needsTls": "Fallbacks become available once Security is set to TLS or Reality on the Security tab (VLESS/Trojan over RAW only)."
},
"protocol": "Protocol",
"port": "Port",
"portMap": "Port Mapping",
"traffic": "Traffic",
"speed": "Speed",
"details": "Details",
"transportConfig": "Transport",
"expireDate": "Duration",
"createdAt": "Created",
"updatedAt": "Updated",
"resetTraffic": "Reset Traffic",
"addInbound": "Add Inbound",
"generalActions": "General Actions",
"modifyInbound": "Modify Inbound",
"deleteInbound": "Delete Inbound",
"deleteInboundContent": "Are you sure you want to delete this inbound?",
"deleteConfirmTitle": "Delete inbound \"{remark}\"?",
"deleteConfirmContent": "This removes the inbound and all its clients. This cannot be undone.",
"resetConfirmTitle": "Reset traffic for \"{remark}\"?",
"resetConfirmContent": "Resets up/down counters to 0 for this inbound.",
"selectedCount": "{count} selected",
"selectAll": "Select all",
"bulkDeleteConfirmTitle": "Delete {count} inbounds?",
"bulkDeleteConfirmContent": "This removes the selected inbounds and all their clients. This cannot be undone.",
"cloneConfirmTitle": "Clone inbound \"{remark}\"?",
"cloneConfirmContent": "Creates a copy with a new port and an empty client list.",
"delAllClients": "Delete All Clients",
"delAllClientsConfirmTitle": "Delete all {count} clients from \"{remark}\"?",
"delAllClientsConfirmContent": "This removes every client from this inbound and drops their traffic records. The inbound itself is kept. This cannot be undone.",
"attachClients": "Attach Clients To…",
"addClientsToGroup": "Add Clients To Group…",
"attachClientsTitle": "Attach clients from \"{remark}\"",
"attachClientsDesc": "Attaches the same {count} clients (same UUID/password and shared traffic) to the selected inbound(s). They stay on this inbound too.",
"attachClientsTargets": "Target inbounds",
"attachClientsNoTargets": "No other compatible inbounds available to attach to.",
"attachClientsResult": "Attached {attached}, skipped {skipped}.",
"attachClientsResultMixed": "Attached {attached}, skipped {skipped}, errors {errors}.",
"attachClientsSelectLabel": "Clients to attach",
"attachClientsSearchPlaceholder": "Search email or comment",
"attachClientsStatusDisabled": "Disabled",
"attachClientsSelectedCount": "{selected} of {total} selected",
"attachExistingClients": "Attach Existing Clients…",
"attachExistingTitle": "Attach existing clients to \"{remark}\"",
"attachExistingDesc": "Attaches existing clients ({count} available) to this inbound — same UUID/password and shared traffic. Clients already on it are skipped.",
"attachExistingNoClients": "No clients exist yet. Create clients first, then attach them here.",
"attachExistingStatusAttached": "Already attached",
"detachClients": "Detach Clients",
"detachClientsTitle": "Detach clients of \"{remark}\"",
"detachClientsDesc": "Removes the selected client(s) from this inbound only. Client records themselves are kept (use Delete to remove fully). Source has {count} clients in total.",
"detachClientsResult": "Detached {detached}, skipped {skipped}.",
"detachClientsResultMixed": "Detached {detached}, skipped {skipped}, errors {errors}.",
"detachClientsSelectLabel": "Clients to detach",
"exportLinksTitle": "Export inbound links",
"exportSubsTitle": "Export subscription links",
"exportAllLinksTitle": "Export all inbound links",
"exportAllSubsTitle": "Export all subscription links",
"exportAllLinksFileName": "All-Inbounds",
"exportAllSubsFileName": "All-Inbounds-Subs",
"inboundJsonTitle": "Inbound JSON",
"deleteClient": "Delete Client",
"deleteClientContent": "Are you sure you want to delete this client?",
"resetTrafficContent": "Are you sure you want to reset traffic?",
"copyLink": "Copy URL",
"address": "Address",
"network": "Network",
"destinationPort": "Destination Port",
"targetAddress": "Target Address",
"monitorDesc": "Leave blank to listen on all IPs",
"meansNoLimit": "= Unlimited. (unit: GB)",
"totalFlow": "Total Flow",
"leaveBlankToNeverExpire": "Leave blank to never expire",
"noRecommendKeepDefault": "It is recommended to keep the default",
"certificatePath": "File Path",
"certificateContent": "File Content",
"publicKey": "Public Key",
"privatekey": "Private Key",
"clickOnQRcode": "Click on QR Code to Copy",
"client": "Client",
"export": "Export All URLs",
"clone": "Clone",
"cloneInbound": "Clone",
"cloneInboundContent": "All settings of this inbound, except Port, Listening IP, and Clients, will be applied to the clone.",
"cloneInboundOk": "Clone",
"resetAllTraffic": "Reset Traffic for All Inbounds",
"resetAllTrafficTitle": "Reset Traffic for All Inbounds",
"resetAllTrafficContent": "Are you sure you want to reset the traffic of all inbounds?",
"resetInboundClientTraffics": "Reset Clients' Traffic",
"resetInboundClientTrafficTitle": "Reset Clients' Traffic",
"resetInboundClientTrafficContent": "Are you sure you want to reset the traffic of this inbound's clients?",
"resetAllClientTraffics": "Reset All Clients' Traffic",
"resetAllClientTrafficTitle": "Reset All Clients' Traffic",
"resetAllClientTrafficContent": "Are you sure you want to reset the traffic of all clients?",
"delDepletedClients": "Delete Depleted Clients",
"delDepletedClientsTitle": "Delete Depleted Clients",
"delDepletedClientsContent": "Are you sure you want to delete all the depleted clients?",
"email": "Email",
"emailDesc": "Please provide a unique email address.",
"IPLimit": "IP Limit",
"IPLimitDesc": "Disables inbound if the count exceeds the set value. (0 = disable)",
"IPLimitlog": "IP Log",
"IPLimitlogDesc": "The IP history log. (to re-enable the inbound after disabling, clear the log)",
"IPLimitlogclear": "Clear the Log",
"setDefaultCert": "Set Cert from Panel",
"setDefaultCertEmpty": "No certificate is configured for the panel. Set one under Settings first.",
"streamTab": "Stream",
"securityTab": "Security",
"sniffingTab": "Sniffing",
"sniffingMetadataOnly": "Metadata only",
"sniffingRouteOnly": "Route only",
"sniffingIpsExcluded": "IPs excluded",
"sniffingDomainsExcluded": "Domains excluded",
"decryption": "Decryption",
"encryption": "Encryption",
"vlessAuthX25519": "X25519 auth",
"vlessAuthMlkem768": "ML-KEM-768 auth",
"vlessAuthCustom": "Custom",
"vlessAuthSelected": "Selected: {auth}",
"advanced": {
"title": "Inbound JSON sections",
"subtitle": "Full inbound JSON and focused editors for settings, sniffing, and streamSettings.",
"all": "All",
"allHelp": "Full inbound object with all fields in one editor.",
"settings": "Settings",
"settingsHelp": "Xray settings block wrapper:",
"sniffing": "Sniffing",
"sniffingHelp": "Xray sniffing block wrapper:",
"stream": "Stream",
"streamHelp": "Xray stream block wrapper:",
"jsonErrorPrefix": "Advanced JSON"
},
"telegramDesc": "Please provide Telegram Chat ID. (use '/id' command in the bot) or ({'@'}userinfobot)",
"subscriptionDesc": "To find your subscription URL, navigate to the 'Details'. Additionally, you can use the same name for several clients.",
"subSortIndex": "Sub order",
"same": "Same",
"inboundInfo": "Inbound Information",
"exportInbound": "Export Inbound",
"import": "Import",
"importInbound": "Import an Inbound",
"periodicTrafficResetTitle": "Traffic Reset",
"periodicTrafficResetDesc": "Automatically reset traffic counter at specified intervals",
"lastReset": "Last Reset",
"periodicTrafficReset": {
"never": "Never",
"daily": "Daily",
"weekly": "Weekly",
"monthly": "Monthly",
"hourly": "Hourly"
},
"toasts": {
"obtain": "Obtain",
"updateSuccess": "The update was successful.",
"logCleanSuccess": "The log has been cleared.",
"inboundsUpdateSuccess": "Inbounds have been successfully updated.",
"inboundUpdateSuccess": "Inbound has been successfully updated.",
"inboundCreateSuccess": "Inbound has been successfully created.",
"bulkDeleted": "{count} inbounds deleted",
"bulkDeletedMixed": "{ok} deleted, {failed} failed",
"inboundDeleteSuccess": "Inbound has been successfully deleted.",
"inboundClientAddSuccess": "Inbound client(s) have been added.",
"inboundClientDeleteSuccess": "Inbound client has been deleted.",
"inboundClientUpdateSuccess": "Inbound client has been updated.",
"savedNodeOfflineWillSync": "Saved locally. A backing node is offline or disabled — the change will sync once it reconnects.",
"delDepletedClientsSuccess": "All depleted clients have been deleted.",
"resetAllClientTrafficSuccess": "Traffic for all clients has been reset.",
"resetAllTrafficSuccess": "All traffic has been reset.",
"resetInboundClientTrafficSuccess": "Traffic has been reset.",
"resetInboundTrafficSuccess": "Inbound traffic has been reset.",
"trafficGetError": "Error getting traffic.",
"getNewX25519CertError": "Error while obtaining the X25519 certificate.",
"getNewmldsa65Error": "Error while obtaining mldsa65.",
"getNewVlessEncError": "Error while obtaining VlessEnc.",
"invalidClientField": "Client {client}: {field} — {reason}",
"invalidField": "{field} — {reason}",
"moreIssues": "{message} (+{count} more)"
},
"form": {
"moveUp": "Move up",
"moveDown": "Move down",
"addAll": "Add all",
"addAllFallbackTooltip": "Add a fallback row for every eligible inbound not yet wired up",
"peers": "Peers",
"addPeer": "Add peer",
"keepAlive": "Keep-alive",
"autoSystemRoutesTooltip": "Windows-only. CIDRs added to the system routing table automatically so matching traffic goes through TUN.",
"autoOutboundsInterface": "Auto outbounds interface",
"autoOutboundsInterfaceTooltip": "Physical interface for outbound traffic. Use 'auto' to detect; auto-enabled when Auto system routes is set.",
"rewriteAddress": "Rewrite address",
"rewritePort": "Rewrite port",
"allowedNetwork": "Allowed network",
"followRedirect": "Follow redirect",
"accounts": "Accounts",
"allowTransparent": "Allow transparent",
"encryptionMethod": "Encryption method",
"fakeTlsDomain": "FakeTLS domain (SNI)",
"mtprotoSecret": "Secret",
"mtgDomainFrontingIp": "Domain fronting IP",
"mtgDomainFrontingPort": "Domain fronting port",
"mtgDomainFrontingProxyProtocol": "Domain fronting PROXY protocol",
"mtgDomainFrontingHint": "Where mtg sends non-Telegram traffic — e.g. your NGINX fake site. Leave the IP empty to use the FakeTLS domain via DNS; default port is 443.",
"mtgProxyProtocolListener": "Accept PROXY protocol (listener)",
"mtgPreferIp": "IP preference",
"mtgDebug": "Debug logging",
"mtgRouteThroughXray": "Route through Xray",
"mtgRouteThroughXrayHint": "Send this proxy's Telegram traffic through Xray so it follows your routing rules. The mtg sidecar dials out via a loopback SOCKS bridge tagged with this inbound's tag; reference that tag in the Routing tab for advanced rules.",
"mtgRouteOutbound": "Outbound",
"mtgRouteOutboundHint": "Optional. Force Telegram traffic out through this outbound (or balancer). Leave empty to let your routing rules decide.",
"mtgRouteOutboundPlaceholder": "Use routing rules",
"visionTestseed": "Vision testseed",
"version": "Version",
"udpIdleTimeout": "UDP idle timeout (s)",
"masquerade": "Masquerade",
"type": "Type",
"upstreamUrl": "Upstream URL",
"rewriteHost": "Rewrite Host",
"skipTlsVerify": "Skip TLS verify",
"directory": "Directory",
"statusCode": "Status code",
"body": "Body",
"headers": "Headers",
"proxyProtocol": "Proxy Protocol",
"requestVersion": "Request version",
"requestMethod": "Request method",
"requestPath": "Request path",
"requestHeaders": "Request headers",
"responseVersion": "Response version",
"responseStatus": "Response status",
"responseReason": "Response reason",
"responseHeaders": "Response headers",
"heartbeatPeriod": "Heartbeat Period",
"serviceName": "Service Name",
"authority": "Authority",
"multiMode": "Multi Mode",
"maxBufferedUpload": "Max Buffered Upload",
"maxUploadSize": "Max Upload Size (Byte)",
"streamUpServer": "Stream-Up Server",
"serverMaxHeaderBytes": "Server Max Header Bytes",
"paddingBytes": "Padding Bytes",
"uplinkHttpMethod": "Uplink HTTP Method",
"paddingObfsMode": "Padding Obfs Mode",
"paddingKey": "Padding Key",
"paddingHeader": "Padding Header",
"paddingPlacement": "Padding Placement",
"paddingMethod": "Padding Method",
"sessionPlacement": "Session Placement",
"sessionKey": "Session Key",
"sequencePlacement": "Sequence Placement",
"sequenceKey": "Sequence Key",
"uplinkDataPlacement": "Uplink Data Placement",
"uplinkDataKey": "Uplink Data Key",
"noSseHeader": "No SSE Header",
"ttiMs": "TTI (ms)",
"uplinkMbps": "Uplink (MB/s)",
"downlinkMbps": "Downlink (MB/s)",
"cwndMultiplier": "CWND Multiplier",
"maxSendingWindow": "Max Sending Window",
"externalProxy": "External Proxy",
"forceTls": "Force TLS",
"fingerprint": "Fingerprint",
"defaultOption": "Default",
"routeMark": "Route Mark",
"tcpKeepAliveInterval": "TCP Keep Alive Interval",
"tcpKeepAliveIdle": "TCP Keep Alive Idle",
"tcpMaxSeg": "TCP Max Seg",
"tcpUserTimeout": "TCP User Timeout",
"tcpWindowClamp": "TCP Window Clamp",
"tcpWindowClampHint": "Leave 0 to use the OS default. Non-zero values cap the advertised TCP receive window; values like 600 (from the Xray docs example) can collapse throughput on high-latency links.",
"tcpFastOpen": "TCP Fast Open",
"multipathTcp": "Multipath TCP",
"penetrate": "Penetrate",
"v6Only": "V6 Only",
"tcpCongestion": "TCP Congestion",
"dialerProxy": "Dialer Proxy",
"trustedXForwardedFor": "Trusted X-Forwarded-For",
"trustedXForwardedForHint": "Trust this request header for the real client IP (e.g. CF-Connecting-IP behind Cloudflare's CDN). Only honored on WebSocket, HTTPUpgrade and XHTTP transports. Leave empty to ignore forwarded headers.",
"proxyProtocolHint": "Accept the PROXY-protocol header to learn the real client IP from an upstream L4 tunnel or relay (HAProxy, gost, nginx-stream, Xray dokodemo-door) or Cloudflare Spectrum. The upstream MUST emit PROXY protocol. Works on TCP, WebSocket, HTTPUpgrade and gRPC; not on mKCP.",
"realClientIp": "Real client IP",
"realClientIpHint": "Capture the visitor's real IP when traffic reaches this inbound through a CDN or relay, instead of recording the intermediary's address. Pick a preset to fill the matching sockopt fields below. These fields are never sent to clients in subscriptions.",
"realClientIpPresetOff": "Off / direct",
"realClientIpPresetCloudflare": "Cloudflare CDN",
"realClientIpPresetProxyProtocol": "L4 relay / Spectrum (PROXY)",
"realClientIpTrustedHeaderTransportWarn": "Trusted X-Forwarded-For is only honored on WebSocket, HTTPUpgrade and XHTTP. On the current transport this header is ignored.",
"realClientIpProxyProtocolTransportWarn": "PROXY protocol is not supported on this transport (mKCP). Use TCP/RAW, WebSocket, HTTPUpgrade, gRPC or XHTTP.",
"addressPortStrategy": "Address+port strategy",
"tryDelayMs": "Try delay (ms)",
"prioritizeIPv6": "Prioritize IPv6",
"interleave": "Interleave",
"maxConcurrentTry": "Max concurrent try",
"customSockopt": "Custom sockopt",
"addCustomOption": "Add custom option",
"serverNameIndication": "Server Name Indication",
"cipherSuites": "Cipher Suites",
"autoOption": "Auto",
"minMaxVersion": "Min/Max Version",
"rejectUnknownSni": "Reject Unknown SNI",
"disableSystemRoot": "Disable System Root",
"sessionResumption": "Session Resumption",
"oneTimeLoading": "One Time Loading",
"usageOption": "Usage Option",
"buildChain": "Build Chain",
"echKey": "ECH key",
"echConfig": "ECH config",
"pinnedPeerCertSha256": "Pinned Peer Cert SHA-256",
"pinnedPeerCertSha256Tip": "SHA-256 hash(es) of the peer certificate as a hex string (e.g. e8e2d3…), comma-separated. Panel-only — not written to the server's xray config, but included in share links so clients can pin the certificate.",
"pinnedPeerCertSha256Placeholder": "hex hash(es), comma-separated",
"generateRandomPin": "Generate random hash",
"getNewEchCert": "Get New ECH Cert",
"show": "Show",
"xver": "Xver",
"target": "Target",
"maxTimeDiff": "Max Time Diff (ms)",
"minClientVer": "Min Client Ver",
"maxClientVer": "Max Client Ver",
"shortIds": "Short IDs",
"realityTargetHint": "Required. Must include a port (e.g. example.com:443). Without a port Xray-core refuses to start.",
"realityTargetRequired": "REALITY target is required",
"realityTargetNeedsPort": "REALITY target must include a port (e.g. example.com:443)",
"realityTargetInvalidPort": "REALITY target has an invalid port",
"spiderX": "SpiderX",
"getNewCert": "Get New Cert",
"mldsa65Seed": "mldsa65 Seed",
"mldsa65Verify": "mldsa65 Verify",
"getNewSeed": "Get New Seed",
"listenHelp": "You can also enter a Unix socket path (e.g. /run/xray/in.sock), or an abstract socket name prefixed with @ (e.g. @xray/in.sock), to listen on a socket instead of a TCP port — set Port to 0 in that case.",
"shareAddrStrategy": "Share address strategy",
"shareAddrStrategyHelp": "Controls which address is written into exported share links, QR codes, and subscription output.",
"shareAddr": "Custom share address",
"shareAddrHelp": "Used only when the share address strategy is Custom. Enter a host or IP without a scheme or port.",
"subSortIndex": "Subscription sort order",
"subSortIndexHelp": "Position of this inbound's links in subscription output (sub page and client apps). Lower values come first; equal values keep creation order. Does not affect the panel inbound list.",
"shareAddrStrategyOptions": {
"node": "Node address",
"listen": "Inbound listen",
"custom": "Custom"
}
},
"info": {
"mode": "Mode",
"grpcServiceName": "grpc serviceName",
"grpcMultiMode": "grpc multiMode",
"interfaceName": "Interface name",
"mtu": "MTU",
"gateway": "Gateway",
"dns": "DNS",
"outboundsInterface": "Outbounds interface",
"autoSystemRoutes": "Auto system routes",
"followRedirect": "FollowRedirect",
"auth": "Auth",
"noKernelTun": "No-kernel TUN",
"keepAlive": "Keep alive",
"peerNumber": "Peer {n}",
"peerNumberConfig": "Peer {n} config"
},
"stream": {
"general": {
"request": "Request",
"response": "Response",
"name": "Name",
"value": "Value"
},
"tcp": {
"version": "Version",
"method": "Method",
"path": "Path",
"status": "Status",
"statusDescription": "Status Desc",
"requestHeader": "Request Header",
"responseHeader": "Response Header"
}
}
},
"clients": {
"tabBasics": "Basics",
"tabCredentials": "Credentials",
"tabLinks": "Links",
"linksHint": "Add third-party share links and remote subscription URLs to include in this client's subscription.",
"addExternalLink": "Add External Link",
"addExternalSubscription": "Add External Subscription",
"noExternalLinks": "No external links yet.",
"noExternalSubscriptions": "No external subscriptions yet.",
"add": "Add Client",
"edit": "Edit Client",
"submitAdd": "Add Client",
"submitEdit": "Save Changes",
"clientCount": "Number of Clients",
"bulk": "Add Bulk",
"copyFromInbound": "Copy Clients from Inbound",
"copyToInbound": "Copy clients to",
"copySelected": "Copy Selected",
"copySource": "Source",
"copyEmailPreview": "Resulting email preview",
"copySelectSourceFirst": "Please select a source inbound first.",
"copyResult": "Copy result",
"copyResultSuccess": "Copied successfully",
"copyResultNone": "Nothing to copy: no clients selected or source is empty",
"copyResultErrors": "Copy errors",
"copyFlowLabel": "Flow for new clients (VLESS)",
"copyFlowHint": "Applied to all copied clients. Leave empty to skip.",
"selectAll": "Select all",
"clearAll": "Clear all",
"method": "Method",
"first": "First",
"last": "Last",
"ipLog": "IP Log",
"prefix": "Prefix",
"postfix": "Postfix",
"delayedStart": "Start After First Use",
"expireDays": "Duration (days)",
"days": "Day(s)",
"renew": "Auto Renew",
"renewDesc": "Auto-renewal after expiration. (0 = disable)(unit: day)",
"renewDays": "Auto Renew (days)",
"searchPlaceholder": "Search email, comment, sub ID, UUID, password, auth…",
"filterTitle": "Filter clients",
"clearAllFilters": "Clear all",
"filters": {
"nodes": "Nodes",
"localPanel": "Local (this panel)"
},
"showingCount": "Showing {shown} of {total}",
"sortOldest": "Oldest first",
"sortNewest": "Newest first",
"sortRecentlyUpdated": "Recently updated",
"sortRecentlyOnline": "Recently online",
"sortEmailAZ": "Email A→Z",
"sortEmailZA": "Email Z→A",
"sortMostTraffic": "Most traffic",
"sortHighestRemaining": "Highest remaining",
"sortExpiringSoonest": "Expiring soonest",
"has": "Has",
"hasNot": "Doesn't have",
"title": "Clients",
"actions": "Actions",
"totalGB": "Traffic Limit (GB)",
"totalGBDesc": "Data quota for this client. 0 = unlimited.",
"expiryTime": "Expiry",
"addClients": "Add Clients",
"limitIp": "IP Limit",
"limitIpDesc": "Maximum simultaneous IPs. 0 = unlimited.",
"password": "Password",
"subId": "Subscription ID",
"online": "Online",
"email": "Email",
"emailInvalidChars": "Email cannot contain spaces, '/', '\\', or control characters",
"subIdInvalidChars": "Subscription ID cannot contain spaces, '/', '\\', or control characters",
"group": "Group",
"groupDesc": "Logical label used to bucket related clients (e.g. team, customer, region). Filterable from the toolbar.",
"groupPlaceholder": "e.g. customer-a",
"comment": "Comment",
"traffic": "Traffic",
"offline": "Offline",
"addClient": "Add Client",
"qrCode": "QR Code",
"clientInfo": "Client Information",
"delete": "Delete",
"reset": "Reset Traffic",
"editClient": "Edit Client",
"client": "Client",
"enabled": "Enabled",
"remaining": "Remaining",
"duration": "Duration",
"attachedInbounds": "Attached inbounds",
"selectInbound": "Select one or more inbounds",
"selectAllInbounds": "Select all",
"clearAllInbounds": "Clear all",
"noSubId": "This client has no subId, no shareable link.",
"noLinks": "No shareable links — attach this client to a protocol-capable inbound first.",
"link": "Link",
"resetNotPossible": "Attach this client to an inbound first.",
"general": "General",
"resetAllTraffics": "Reset all client traffic",
"resetAllTrafficsTitle": "Reset all client traffic?",
"resetAllTrafficsContent": "Every client's up/down counter drops to zero. Quotas and expiry are not affected. This cannot be undone.",
"deleteConfirmTitle": "Delete client {email}?",
"deleteConfirmContent": "This removes the client from every attached inbound and drops its traffic record. This cannot be undone.",
"deleteSelected": "Delete ({count})",
"adjustSelected": "Adjust ({count})",
"subLinksSelected": "Sub links ({count})",
"addToGroupTitle": "Add {count} client(s) to a group",
"addToGroupTooltip": "Pick an existing group or type a new name. Use the Ungroup action to remove clients from their current group.",
"groupName": "Group name",
"addToGroupSuccessToast": "Added {count} client(s) to {group}",
"ungroupSuccessToast": "Cleared group from {count} client(s)",
"ungroup": "Ungroup",
"ungroupConfirmTitle": "Remove {count} client(s) from their group?",
"ungroupConfirmContent": "Clears the group label on each selected client. Clients themselves are kept (use Delete to remove them entirely).",
"addToGroup": "Add to group",
"attach": "Attach",
"adjust": "Adjust",
"subLinks": "Sub links",
"selectedCount": "{count} selected",
"attachSelected": "Attach ({count})",
"attachToInboundsTitle": "Attach {count} client(s) to inbound(s)",
"attachToInboundsDesc": "Attaches the selected {count} client(s) (same UUID/password and shared traffic) to the chosen inbound(s). They keep their existing attachments too.",
"attachToInboundsTargets": "Target inbounds",
"attachToInboundsNoTargets": "No multi-user inbounds available to attach to.",
"detachSelected": "Detach ({count})",
"detach": "Detach",
"detachFromInboundsTitle": "Detach {count} client(s) from inbound(s)",
"detachFromInboundsDesc": "Removes the selected {count} client(s) from the chosen inbound(s). Pairs where the client wasn't attached are silently skipped. Client records are kept (use Delete to remove fully).",
"detachFromInboundsTargets": "Inbounds to detach from",
"detachFromInboundsNoTargets": "No multi-user inbounds available.",
"detachFromInboundsResult": "Detached {detached}, skipped {skipped}.",
"detachFromInboundsResultMixed": "Detached {detached}, skipped {skipped}, errors {errors}.",
"subLinksTitle": "Sub links ({count})",
"subLinkColumn": "Subscription URL",
"subJsonLinkColumn": "Subscription JSON URL",
"subLinksCopyAll": "Copy all",
"subLinksCopiedAll": "Copied {count} link(s)",
"subLinksEmpty": "None of the selected clients have a subscription ID.",
"subLinksDisabled": "Subscription service is disabled.",
"subLinksDisabledHint": "Enable subscription in Panel Settings → Subscription to generate links.",
"bulkDeleteConfirmTitle": "Delete {count} clients?",
"bulkDeleteConfirmContent": "Each selected client is removed from every attached inbound and its traffic record is dropped. This cannot be undone.",
"bulkAdjustTitle": "Adjust {count} clients",
"bulkAdjustHint": "Positive values extend, negative values reduce. Clients with unlimited expiry or traffic are skipped for that field.",
"bulkAdjustNothing": "Set days or traffic before applying.",
"addDays": "Add days",
"addTrafficGB": "Add traffic (GB)",
"delDepleted": "Delete depleted",
"delDepletedConfirmTitle": "Delete depleted clients?",
"delDepletedConfirmContent": "Removes every client whose traffic quota is exhausted or whose expiry has passed. This cannot be undone.",
"auth": "Auth",
"hysteriaAuth": "Hysteria Auth",
"uuid": "UUID",
"flow": "Flow",
"vmessSecurity": "VMess Security",
"reverseTag": "Reverse tag",
"reverseTagPlaceholder": "Optional reverse tag",
"telegramId": "Telegram user ID",
"telegramIdPlaceholder": "Numeric Telegram user ID (0 = none)",
"created": "Created",
"updated": "Updated",
"ipLimit": "IP limit",
"toasts": {
"deleted": "Client deleted",
"trafficReset": "Traffic reset",
"allTrafficsReset": "All client traffic reset",
"bulkDeleted": "{count} clients deleted",
"bulkDeletedMixed": "{ok} deleted, {failed} failed",
"bulkCreated": "{count} clients created",
"bulkCreatedMixed": "{ok} created, {failed} failed",
"bulkAdjusted": "{count} clients adjusted",
"bulkAdjustedMixed": "{ok} adjusted, {skipped} skipped",
"delDepleted": "{count} depleted clients deleted"
}
},
"groups": {
"title": "Groups",
"name": "Name",
"clientCount": "Clients",
"totalGroups": "Total groups",
"totalGroupedClients": "Clients with a group",
"trafficUsed": "Traffic used",
"upload": "Upload",
"download": "Download",
"totalTraffic": "Total traffic",
"totalUpDown": "Total upload / download",
"addGroup": "Add Group",
"createSuccess": "Group \"{name}\" created.",
"rename": "Rename",
"renameTitle": "Rename {name}",
"renameCollision": "A group named \"{name}\" already exists.",
"renameSuccess": "Renamed group on {count} client(s).",
"deleteConfirmTitle": "Delete group {name}?",
"deleteConfirmContent": "This removes the group and clears its label from {count} client(s). The clients themselves are not deleted.",
"deleteSuccess": "Cleared group from {count} client(s).",
"resetTraffic": "Reset traffic",
"resetConfirmTitle": "Reset traffic for group {name}?",
"resetConfirmContent": "This zeros up/down for all {count} client(s) in this group.",
"resetSuccess": "Reset traffic for {count} client(s).",
"adjustSuccess": "Adjusted {count} client(s) in {name}.",
"emptyForAction": "This group has no clients yet.",
"deleteGroupOnly": "Delete group (keep clients)",
"deleteClients": "Delete clients in group",
"deleteClientsConfirmTitle": "Delete all clients in {name}?",
"deleteClientsConfirmContent": "This permanently removes {count} client(s) along with their traffic records. The group label is cleared too. This cannot be undone.",
"deleteClientsSuccess": "Deleted {count} client(s).",
"deleteClientsMixed": "{ok} deleted, {failed} skipped",
"addToGroup": "Add clients…",
"addToGroupTitle": "Add clients to group \"{name}\"",
"addToGroupDesc": "Select clients to add to this group. They keep their existing inbound attachments; only the group label changes. Clients already in this group are not listed.",
"addToGroupEmpty": "No other clients available to add.",
"addToGroupResult": "Added {count} client(s) to {name}.",
"removeFromGroup": "Remove clients…",
"removeFromGroupTitle": "Remove clients from group \"{name}\"",
"removeFromGroupDesc": "Select members to remove from this group. Clients themselves are kept (use \"Delete clients in group\" to remove them entirely).",
"removeFromGroupResult": "Removed {count} client(s) from {name}."
},
"hosts": {
"addHost": "Add Host",
"editHost": "Edit Host",
"selectInbound": "Select an inbound",
"selectedCount": "{count} selected",
"summary": {
"total": "Total",
"enabled": "Enabled",
"disabled": "Disabled"
},
"moveUp": "Move up",
"moveDown": "Move down",
"bulkEnable": "Enable",
"bulkDisable": "Disable",
"bulkDelete": "Delete",
"bulkDeleteConfirm": "Delete {count} selected host(s)?",
"deleteConfirmTitle": "Delete host \"{name}\"?",
"sections": {
"basic": "Basic",
"security": "Security",
"advanced": "Advanced",
"general": "General",
"clash": "Clash (mihomo)"
},
"fields": {
"remark": "Remark",
"serverDescription": "Description",
"inbound": "Inbound",
"address": "Address",
"port": "Port",
"endpoint": "Endpoint",
"enable": "Enable",
"actions": "Actions",
"security": "Security",
"sni": "SNI",
"overrideSniFromAddress": "Use address as SNI",
"keepSniBlank": "Keep SNI blank",
"hostHeader": "Host header",
"path": "Path",
"alpn": "ALPN",
"fingerprint": "Fingerprint",
"pins": "Pinned cert SHA-256",
"verifyPeerCertByName": "Verify peer cert by name",
"allowInsecure": "Allow insecure",
"echConfigList": "ECH config list",
"muxParams": "Mux",
"sockoptParams": "Sockopt",
"finalMask": "Final Mask",
"vlessRoute": "VLESS route",
"mihomoIpVersion": "IP version",
"mihomoX25519": "Mihomo X25519",
"shuffleHost": "Shuffle host",
"tags": "Tags",
"nodeGuids": "Nodes",
"excludeFromSubTypes": "Exclude from formats"
},
"hints": {
"address": "Leave blank to inherit the inbound's own address.",
"port": "0 inherits the inbound's port.",
"tags": "Not visible to end users; sent with RAW subscription only. Uppercase letters, digits, _ and : only.",
"nodeGuids": "Pick nodes which resolved from this host. Only visual assignment.",
"serverDescription": "Optional note shown under the remark.",
"allowInsecure": "Skip TLS certificate verification (allowInsecure / skip-cert-verify).",
"vlessRoute": "Ports/ranges routed via VLESS, e.g. 53,443,1000-2000. Leave blank for none.",
"remark": "A plain label for this host. Shown as the config name only when the inbound has no remark of its own."
},
"remarkVars": {
"title": "Template Variables",
"intro": "Click a variable to add it. It is replaced per client when the subscription is generated.",
"preview": "Preview",
"groups": {
"client": "Client",
"traffic": "Traffic",
"time": "Time & status"
},
"descEMAIL": "Client email",
"descINBOUND": "Config name: the host's remark when set, otherwise the inbound's remark",
"descHOST": "Host remark",
"descID": "Client UUID",
"descSHORT_ID": "First 8 characters of the UUID",
"descTELEGRAM_ID": "Client's Telegram ID (empty if unset)",
"descSUB_ID": "Subscription ID",
"descCOMMENT": "Client comment",
"descTRAFFIC_USED": "Used traffic (human readable)",
"descTRAFFIC_LEFT": "Remaining traffic (hidden if unlimited)",
"descTRAFFIC_TOTAL": "Total traffic (hidden if unlimited)",
"descTRAFFIC_USED_BYTES": "Used traffic in bytes",
"descTRAFFIC_LEFT_BYTES": "Remaining traffic in bytes",
"descTRAFFIC_TOTAL_BYTES": "Total traffic in bytes",
"descUP": "Upload traffic",
"descDOWN": "Download traffic",
"descSTATUS": "active / expired / disabled / depleted",
"descDAYS_LEFT": "Days until expiry (hidden if unlimited)",
"descEXPIRE_DATE": "Expiry date (YYYY-MM-DD)",
"descEXPIRE_UNIX": "Expiry as a Unix timestamp (seconds)",
"descCREATED_UNIX": "Creation time as a Unix timestamp (seconds)",
"descRESET_DAYS": "Traffic reset period in days"
},
"toasts": {
"list": "Failed to load hosts",
"obtain": "Failed to load host",
"add": "Add host",
"update": "Update host",
"delete": "Delete host",
"badTag": "Invalid tag",
"badVlessRoute": "Use ports/ranges like 53,443,1000-2000"
}
},
"nodes": {
"title": "Nodes",
"addNode": "Add Node",
"editNode": "Edit Node",
"totalNodes": "Total Nodes",
"onlineNodes": "Online",
"offlineNodes": "Offline",
"avgLatency": "Avg Latency",
"name": "Name",
"namePlaceholder": "e.g. de-frankfurt-1",
"addressPlaceholder": "panel.example.com or 1.2.3.4",
"remark": "Remark",
"scheme": "Scheme",
"address": "Address",
"port": "Port",
"basePath": "Base Path",
"apiToken": "API Token",
"apiTokenPlaceholder": "Token from the remote panel's Settings page",
"apiTokenHint": "The remote panel exposes its API token under Authentication → API Token.",
"regenerate": "Regenerate Token",
"regenerateConfirm": "Regenerating invalidates the current token. Any central panel using it will lose access until updated. Continue?",
"allowPrivateAddress": "Allow private address",
"allowPrivateAddressHint": "Enable only for nodes on a private network or VPN.",
"outboundTag": "Connection outbound",
"outboundTagHint": "Route this node's panel API traffic through the selected Xray outbound. A loopback bridge inbound is added to the running config automatically and applied live. Leave empty for a direct connection.",
"outboundTagPlaceholder": "Direct connection",
"inboundSyncMode": "Inbound import",
"inboundSyncModeHint": "Choose which inbounds are imported from this node. Existing nodes default to all inbounds.",
"allInbounds": "All inbounds",
"selectedInbounds": "Selected inbounds",
"inboundTags": "Inbounds",
"inboundTagsHint": "Selection is matched by the inbound tag. An empty selection imports none.",
"inboundTagsPlaceholder": "Load and select inbounds",
"loadInbounds": "Load inbounds from node",
"inboundsLoaded": "Loaded {{count}} inbounds",
"inboundsLoadFailed": "Failed to load inbounds",
"enable": "Enabled",
"status": "Status",
"cpu": "CPU",
"mem": "Memory",
"netUp": "Net Up (KB/s)",
"netDown": "Net Down (KB/s)",
"uptime": "Uptime",
"latency": "Latency",
"lastHeartbeat": "Last Heartbeat",
"xrayVersion": "Xray Version",
"panelVersion": "Panel Version",
"actions": "Actions",
"probe": "Probe Now",
"updatePanel": "Update Panel",
"updateSelected": "Update Selected ({count})",
"updateAvailable": "Update available",
"upToDate": "Up to date",
"updateConfirmTitle": "Update {count} node(s) to the latest version?",
"updateConfirmContent": "Each selected node downloads the latest release and restarts onto it. Only enabled, online nodes are updated.",
"testConnection": "Test Connection",
"connectionOk": "Connection OK ({ms} ms)",
"connectionFailed": "Connection failed",
"never": "never",
"justNow": "just now",
"subNode": "Sub-node",
"subNodeTip": "Read-only: a downstream node reached through {parent}. Manage it from {parent}'s own panel.",
"deleteConfirmTitle": "Delete node \"{name}\"?",
"deleteConfirmContent": "This stops monitoring the node. The remote panel itself is unaffected.",
"statusValues": {
"online": "Online",
"offline": "Offline",
"unknown": "Unknown",
"xrayError": "Xray Error",
"xrayStopped": "Stopped"
},
"toasts": {
"list": "Failed to load nodes",
"obtain": "Failed to load node",
"add": "Add node",
"update": "Update node",
"delete": "Delete node",
"deleted": "Node deleted",
"test": "Test connection",
"fillRequired": "Name, address, port and API token are required",
"probeFailed": "Probe failed",
"updateStarted": "Panel update started",
"updateResult": "Update triggered on {ok} node(s), {failed} failed",
"updateNoneEligible": "Select at least one online, enabled node",
"saveMtls": "Save node mTLS"
},
"tlsVerifyMode": "TLS verification",
"tlsVerifyModeHint": "How the panel validates the node's HTTPS certificate. Pin or Skip are for self-signed certs (https nodes only).",
"tlsVerify": "Verify (default CA)",
"tlsPin": "Pin certificate (SHA-256)",
"tlsSkip": "Skip verification",
"tlsMtls": "Mutual TLS (client certificate)",
"mtlsFormHint": "This node authenticates the panel with a client certificate. Copy this panel's CA from the Node mTLS section onto the node, set its Trusted parent CA, then restart it.",
"mtls": {
"title": "Node mTLS",
"intro": "Mutual TLS adds a client-certificate factor on top of the API token for node-to-node calls. It is opt-in: leave it empty to keep token-only auth.",
"copyCa": "Copy this panel's CA",
"copyCaHint": "Hand this CA to the nodes this panel manages, then set their TLS verification to Mutual TLS.",
"caCopied": "CA certificate copied to clipboard",
"caFailed": "Failed to obtain the CA certificate",
"trustLabel": "Trusted parent CA",
"trustHint": "When this panel is itself a node, paste the managing panel's CA here to require its client certificate. Restart the panel to apply.",
"trustPlaceholder": "-----BEGIN CERTIFICATE-----",
"save": "Save trust CA",
"saved": "Trust CA saved — restart the panel to apply"
},
"tlsSkipWarning": "Skipping verification removes protection against man-in-the-middle attacks — the API token could be intercepted. Prefer pinning the certificate.",
"pinnedCert": "Pinned certificate SHA-256",
"pinnedCertHint": "Base64 or hex SHA-256 of the node's certificate. Use Fetch to read it from the node now.",
"pinnedCertPlaceholder": "base64 or hex SHA-256",
"fetchPin": "Fetch",
"pinFetched": "Fetched the node's current certificate",
"pinFetchFailed": "Could not fetch the certificate"
},
"settings": {
"title": "Panel Settings",
"save": "Save",
"infoDesc": "Every change made here needs to be saved. Please restart the panel to apply changes.",
"restartPanel": "Restart Panel",
"restartPanelDesc": "Are you sure you want to restart the panel? If you cannot access the panel after restarting, please view the panel log info on the server.",
"restartPanelSuccess": "The panel was successfully restarted.",
"actions": "Actions",
"resetDefaultConfig": "Reset to Default",
"panelSettings": "General",
"securitySettings": "Authentication",
"securityWarnings": "Security warnings",
"panelExposed": "Your panel may be exposed:",
"warnHttp": "Panel is served over plain HTTP — set up TLS for production.",
"warnDefaultPort": "Default port 2053 is well-known — change it to a random port.",
"warnDefaultBasePath": "Default base path \"/\" is well-known — change it to a random path.",
"warnDefaultSubPath": "Default subscription path \"/sub/\" is well-known — change it.",
"warnDefaultJsonPath": "Default JSON subscription path \"/json/\" is well-known — change it.",
"TGBotSettings": "Telegram Bot",
"panelListeningIP": "Listen IP",
"panelListeningIPDesc": "The IP address for the web panel. (leave blank to listen on all IPs)",
"panelListeningDomain": "Listen Domain",
"panelListeningDomainDesc": "The domain name for the web panel. (leave blank to listen on all domains and IPs)",
"panelPort": "Listen Port",
"panelPortDesc": "The port number for the web panel. (must be an unused port)",
"publicKeyPath": "Public Key Path",
"publicKeyPathDesc": "The public key file path for the web panel. (begins with /)",
"privateKeyPath": "Private Key Path",
"privateKeyPathDesc": "The private key file path for the web panel. (begins with /)",
"panelUrlPath": "URI Path",
"panelUrlPathDesc": "The URI path for the web panel. (begins with / and concludes with /)",
"pageSize": "Pagination Size",
"pageSizeDesc": "Define page size for inbounds table. (0 = disable)",
"panelOutbound": "Panel Traffic Outbound",
"panelOutboundDesc": "Routes the panel's own requests — panel/Xray version checks and downloads, Telegram, and the normal geo-file update — through this Xray outbound to bypass server-side filtering of GitHub/Telegram. A loopback bridge inbound is added to the running config automatically and applied live. The Xray-native Geodata Auto-Update is not affected; it has its own download outbound. Leave empty for a direct connection.",
"panelOutboundPh": "Direct connection",
"remarkTemplate": "Remark Template",
"remarkTemplateDesc": "When set, this replaces the remark model for every subscription link — write your own format with the variable tokens (use the button to insert them). Leave empty to use the model above.",
"datepicker": "Calendar Type",
"datepickerPlaceholder": "Select date",
"datepickerDescription": "Scheduled tasks will run based on this calendar.",
"oldUsername": "Current Username",
"currentPassword": "Current Password",
"newUsername": "New Username",
"newPassword": "New Password",
"telegramBotEnable": "Enable Telegram Bot",
"telegramBotEnableDesc": "Enables the Telegram bot.",
"telegramToken": "Telegram Token",
"telegramTokenDesc": "The Telegram bot token obtained from '{'@'}BotFather'.",
"telegramProxy": "SOCKS Proxy",
"telegramProxyDesc": "Enables SOCKS5 proxy for connecting to Telegram. (adjust settings as per guide)",
"telegramAPIServer": "Telegram API Server",
"telegramAPIServerDesc": "The Telegram API server to use. Leave blank to use the default server.",
"telegramChatId": "Admin Chat ID",
"telegramChatIdDesc": "The Telegram Admin Chat ID(s). (comma-separated)(get it here {'@'}userinfobot) or (use '/id' command in the bot)",
"telegramNotifyTime": "Notification Time",
"telegramNotifyTimeDesc": "How often the Telegram bot sends periodic reports. Pick a preset interval, or choose Custom to enter a raw crontab expression.",
"notifyTime": {
"every": "@every — repeat at an interval",
"hourly": "@hourly — every hour",
"daily": "@daily — every day at 00:00",
"weekly": "@weekly — every week",
"monthly": "@monthly — every month",
"custom": "Custom (crontab)",
"seconds": "Seconds",
"minutes": "Minutes",
"hours": "Hours"
},
"tgNotifyBackup": "Database Backup",
"tgNotifyBackupDesc": "Send a database backup file with a report.",
"tgNotifyLogin": "Login Notification",
"tgNotifyLoginDesc": "Get notified about the username, IP address, and time whenever someone attempts to log into your web panel.",
"sessionMaxAge": "Session Duration",
"sessionMaxAgeDesc": "The duration for which you can stay logged in. (unit: minute)",
"expireTimeDiff": "Expiration Date Notification",
"expireTimeDiffDesc": "Get notified about expiration date when reaching this threshold. (unit: day)",
"trafficDiff": "Traffic Cap Notification",
"trafficDiffDesc": "Get notified about traffic cap when reaching this threshold. (unit: GB)",
"tgNotifyCpu": "CPU Load Notification",
"tgNotifyCpuDesc": "Get notified if CPU load exceeds this threshold. (unit: %)",
"timeZone": "Time Zone",
"timeZoneDesc": "Scheduled tasks will run based on this time zone.",
"subSettings": "Subscription",
"subEnable": "Subscription Service",
"subEnableDesc": "Enable/Disable the subscription service.",
"subJsonEnable": "Enable/Disable the JSON subscription endpoint independently.",
"subJsonEnableTitle": "JSON subscription",
"subClashEnableTitle": "Clash / Mihomo subscription",
"subTitle": "Subscription Title",
"subTitleDesc": "Title shown in VPN client",
"subSupportUrl": "Support URL",
"subSupportUrlDesc": "Technical support link shown in the VPN client",
"subProfileUrl": "Profile URL",
"subProfileUrlDesc": "A link to your website displayed in the VPN client",
"subAnnounce": "Announce",
"subAnnounceDesc": "The announcement text displayed in the VPN client",
"subThemeDir": "Sub Theme Directory",
"subThemeDirDesc": "Absolute path to a folder containing a custom index.html/sub.html subscription page template (e.g. /etc/3x-ui/sub_templates/my-theme/). Leave empty to use the default page.",
"subThemeDirDocs": "Template guide ↗",
"subEnableRouting": "Enable routing",
"subEnableRoutingDesc": "Global setting to enable routing in the VPN client. (Only for Happ)",
"subRoutingRules": "Routing rules",
"subRoutingRulesDesc": "Global routing rules for the VPN client. (Only for Happ)",
"subClashEnableRouting": "Enable routing",
"subClashEnableRoutingDesc": "Include global Clash/Mihomo routing rules in generated YAML subscriptions.",
"subClashRoutingRules": "Global routing rules",
"subClashRoutingRulesDesc": "Default Clash/Mihomo rules prepended to every generated YAML subscription before MATCH,PROXY.",
"subListen": "Listen IP",
"subListenDesc": "The IP address for the subscription service. (leave blank to listen on all IPs)",
"subPort": "Listen Port",
"subPortDesc": "The port number for the subscription service. (must be an unused port)",
"subCertPath": "Public Key Path",
"subCertPathDesc": "The public key file path for the subscription service. (begins with /)",
"subKeyPath": "Private Key Path",
"subKeyPathDesc": "The private key file path for the subscription service. (begins with /)",
"subPath": "URI Path",
"subPathDesc": "The URI path for the subscription service. (begins with / and concludes with /)",
"subDomain": "Listen Domain",
"subDomainDesc": "The domain name for the subscription service. (leave blank to listen on all domains and IPs)",
"subUpdates": "Update Intervals",
"subUpdatesDesc": "The update intervals of the subscription URL in the client apps. (unit: hour)",
"subEncrypt": "Encode",
"subEncryptDesc": "The returned content of subscription service will be Base64 encoded.",
"subURI": "Reverse Proxy URI",
"subURIDesc": "The URI path of the subscription URL for use behind proxies.",
"externalTrafficInformEnable": "External Traffic Inform",
"externalTrafficInformEnableDesc": "Inform external API on every traffic update.",
"externalTrafficInformURI": "External Traffic Inform URI",
"externalTrafficInformURIDesc": "Traffic updates are sent to this URI.",
"restartXrayOnClientDisable": "Restart Xray After Auto Disable",
"restartXrayOnClientDisableDesc": "When a client is automatically disabled due to expiration or traffic limit, restart Xray.",
"fragment": "Fragmentation",
"fragmentDesc": "Enable fragmentation for TLS hello packet.",
"fragmentSett": "Fragmentation Settings",
"noisesDesc": "Enable Noises.",
"noisesSett": "Noises Settings",
"trustedProxyCidrs": "Trusted proxy CIDRs",
"trustedProxyCidrsDesc": "Comma-separated IPs/CIDRs allowed to set forwarded host, proto, and client IP headers.",
"ldap": {
"enable": "Enable LDAP sync",
"host": "LDAP host",
"port": "LDAP port",
"useTls": "Use TLS (LDAPS)",
"bindDn": "Bind DN",
"passwordConfigured": "Configured; leave blank to keep current password.",
"passwordUnconfigured": "Not configured.",
"passwordPlaceholder": "Configured - enter a new value to replace",
"baseDn": "Base DN",
"userFilter": "User filter",
"userAttr": "User attribute (username/email)",
"vlessField": "VLESS flag attribute",
"flagField": "Generic flag attribute (optional)",
"flagFieldDesc": "If set, overrides VLESS flag — e.g. shadowInactive.",
"truthyValues": "Truthy values",
"truthyValuesDesc": "Comma-separated; default: true,1,yes,on",
"invertFlag": "Invert flag",
"invertFlagDesc": "Enable when the attribute means disabled (e.g. shadowInactive).",
"syncSchedule": "Sync schedule",
"syncScheduleDesc": "Cron-like string, e.g. @every 1m",
"inboundTags": "Inbound tags",
"inboundTagsDesc": "Inbounds that LDAP sync may auto-create or auto-delete clients on.",
"noInbounds": "No inbounds found. Create one in Inbounds first.",
"autoCreate": "Auto create clients",
"autoDelete": "Auto delete clients",
"defaultTotalGb": "Default total (GB)",
"defaultExpiryDays": "Default expiry (days)",
"defaultIpLimit": "Default IP limit"
},
"subFormats": {
"finalMask": "Final Mask",
"finalMaskDesc": "xray finalmask masks (TCP/UDP) and QUIC tuning injected into every JSON subscription stream. Requires a recent xray client.",
"packets": "Packets",
"length": "Length",
"interval": "Interval",
"maxSplit": "Max split",
"noises": "Noises",
"noiseItem": "Noise №{n}",
"type": "Type",
"packet": "Packet",
"delayMs": "Delay (ms)",
"applyTo": "Apply to",
"addNoise": "+ Noise",
"concurrency": "Concurrency",
"xudpConcurrency": "xudp concurrency",
"xudpUdp443": "xudp UDP 443"
},
"mux": "Mux",
"muxDesc": "Transmit multiple independent data streams within an established data stream.",
"muxSett": "Mux Settings",
"direct": "Direct Connection",
"directDesc": "Directly establishes connections with domains or IP ranges of a specific country.",
"notifications": "Notifications",
"certs": "Certificates",
"externalTraffic": "External Traffic",
"dateAndTime": "Date and Time",
"proxyAndServer": "Proxy and Server",
"intervals": "Intervals",
"information": "Information",
"profile": "Profile",
"language": "Language",
"telegramBotLanguage": "Telegram Bot Language",
"security": {
"admin": "Admin credentials",
"twoFactor": "Two-factor authentication",
"twoFactorEnable": "Enable 2FA",
"twoFactorEnableDesc": "Adds an additional layer of authentication to provide more security.",
"twoFactorModalSetTitle": "Enable two-factor authentication",
"twoFactorModalDeleteTitle": "Disable two-factor authentication",
"twoFactorModalSteps": "To set up two-factor authentication, perform a few steps:",
"twoFactorModalFirstStep": "1. Scan this QR code in the app for authentication or copy the token near the QR code and paste it into the app",
"twoFactorModalSecondStep": "2. Enter the code from the app",
"twoFactorModalRemoveStep": "Enter the code from the application to remove two-factor authentication.",
"twoFactorModalChangeCredentialsTitle": "Change credentials",
"twoFactorModalChangeCredentialsStep": "Enter the code from the application to change administrator credentials.",
"twoFactorModalSetSuccess": "Two-factor authentication has been successfully established",
"twoFactorModalDeleteSuccess": "Two-factor authentication has been successfully deleted",
"twoFactorModalError": "Wrong code",
"show": "Show",
"hide": "Hide",
"apiTokenNew": "New token",
"apiTokenName": "Name",
"apiTokenNamePlaceholder": "e.g. central-panel-a",
"apiTokenNameRequired": "Name is required",
"apiTokenEmpty": "No tokens yet — create one to authenticate bots or remote panels.",
"apiTokenDeleteWarning": "Any caller using this token will stop authenticating immediately.",
"apiTokenCreatedTitle": "Token created",
"apiTokenCreatedNotice": "Copy this token now. For security it is not stored in readable form and will not be shown again."
},
"toasts": {
"modifySettings": "The parameters have been changed.",
"getSettings": "An error occurred while retrieving parameters.",
"modifyUserError": "An error occurred while changing administrator credentials.",
"modifyUser": "You have successfully changed the credentials of the administrator.",
"originalUserPassIncorrect": "The current username or password is invalid",
"userPassMustBeNotEmpty": "The new username and password are empty",
"getOutboundTrafficError": "Error getting traffic",
"resetOutboundTrafficError": "Error resetting outbound traffic"
},
"smtpSettings": "SMTP Settings",
"smtpEnable": "Enable Email Notifications",
"smtpEnableDesc": "Enable email notifications via SMTP",
"smtpHost": "SMTP Host",
"smtpHostDesc": "SMTP server hostname (e.g. smtp.gmail.com)",
"smtpPort": "SMTP Port",
"smtpPortDesc": "SMTP server port (default: 587)",
"smtpUsername": "SMTP Username",
"smtpUsernameDesc": "SMTP authentication username",
"smtpPassword": "SMTP Password",
"smtpPasswordDesc": "SMTP authentication password",
"smtpTo": "Recipients",
"smtpToDesc": "Comma-separated recipient email addresses",
"emailSettings": "Email",
"emailNotifications": "Notifications",
"smtpEventBusNotify": "Email Event Notifications",
"smtpEventBusNotifyDesc": "Select which events trigger email notifications",
"tgEventBusNotify": "Telegram Event Notifications",
"tgEventBusNotifyDesc": "Select which events trigger Telegram notifications",
"testSmtp": "Send Test Email",
"testTgBot": "Send Test Message",
"eventGroupOutbound": "Outbound",
"eventGroupXray": "Xray Core",
"eventGroupSystem": "System",
"eventGroupSecurity": "Security",
"eventGroupNode": "Nodes",
"eventOutboundDown": "Down",
"eventOutboundUp": "Up",
"eventXrayCrash": "Crash",
"eventNodeDown": "Down",
"eventNodeUp": "Up",
"eventCPUHigh": "CPU high (%)",
"requestFailed": "Request failed",
"smtpEncryption": "Encryption",
"smtpEncryptionDesc": "SMTP connection encryption method",
"smtpEncryptionNone": "None (plain text)",
"smtpEncryptionStartTLS": "STARTTLS",
"smtpEncryptionTLS": "TLS (implicit)",
"smtpStageConnect": "Connection",
"smtpStageAuth": "Authentication",
"smtpStageSend": "Send",
"smtpTestSuccess": "Test email sent successfully",
"smtpHostNotConfigured": "SMTP host not configured",
"smtpNoRecipients": "No recipients configured",
"eventLoginAttempt": "Login attempt",
"telegramTokenConfigured": "Configured; leave blank to keep current token.",
"telegramTokenPlaceholder": "Configured - enter a new token to replace",
"smtpPasswordConfigured": "Configured; leave blank to keep current password.",
"smtpPasswordPlaceholder": "Configured - enter a new password to replace",
"smtpNotInitialized": "SMTP not initialized",
"tgBotNotEnabled": "Telegram bot is not enabled",
"tgTestFailed": "Telegram test failed",
"tgTestSuccess": "Test message sent to Telegram",
"tgBotNotRunning": "Telegram bot not running",
"smtpErrorAuth": "Authentication failed — check username and password",
"smtpErrorStarttls": "Server requires STARTTLS — change encryption type",
"smtpErrorTls": "Server requires TLS — change encryption type",
"smtpErrorRefused": "Connection refused — check host and port",
"smtpErrorTimeout": "Connection timeout — host unreachable",
"smtpErrorRelay": "Server rejects sending from this address",
"smtpErrorEof": "Connection closed by server",
"smtpErrorUnknown": "SMTP error: {{ .Error }}"
},
"xray": {
"title": "Xray Configs",
"save": "Save",
"restart": "Restart Xray",
"restartSuccess": "Xray has been successfully relaunched.",
"restartOutputTitle": "Xray restart output",
"restartConfirmTitle": "Restart xray?",
"restartConfirmContent": "Reloads the xray service with the saved configuration.",
"stopSuccess": "Xray has been successfully stopped.",
"restartError": "There was an error when rebooting the Xray.",
"stopError": "There was an error when stopping the Xray.",
"basicTemplate": "Basics",
"advancedTemplate": "Advanced",
"generalConfigs": "General",
"generalConfigsDesc": "These options will determine general adjustments.",
"logConfigs": "Log",
"logConfigsDesc": "Logs may affect your server's efficiency. It is recommended to enable them wisely only when needed.",
"blockConfigsDesc": "These options will block traffic based on specific requested protocols and websites.",
"basicRouting": "Basic Routing",
"blockConnectionsConfigsDesc": "These options will block traffic based on the specific requested country.",
"directConnectionsConfigsDesc": "A direct connection ensures that specific traffic is not routed through another server.",
"blockips": "Block IPs",
"blockdomains": "Block Domains",
"directips": "Direct IPs",
"directdomains": "Direct Domains",
"ipv4Routing": "IPv4 Routing",
"ipv4RoutingDesc": "These options will route traffic based on a specific destination via IPv4.",
"warpRouting": "WARP Routing",
"warpRoutingDesc": "These options will route traffic based on a specific destination via WARP.",
"nordRouting": "NordVPN Routing",
"nordRoutingDesc": "These options will route traffic based on a specific destination via NordVPN.",
"Template": "Advanced Xray Configuration Template",
"TemplateDesc": "The final Xray config file will be generated based on this template.",
"FreedomStrategy": "Freedom Protocol Strategy",
"FreedomStrategyDesc": "Set the output strategy for the network in the Freedom Protocol.",
"FreedomHappyEyeballs": "Freedom Happy Eyeballs (IPv4/IPv6)",
"FreedomHappyEyeballsDesc": "Dual-stack dialing for the direct (freedom) outbound — useful on exit servers with both IPv4 and IPv6.",
"FreedomHappyEyeballsTryDelayDesc": "Milliseconds before trying the alternate address family. 150250 ms is a good starting point.",
"RoutingStrategy": "Overall Routing Strategy",
"RoutingStrategyDesc": "Set the overall traffic routing strategy for resolving all requests.",
"outboundTestUrl": "Outbound Test URL",
"outboundTestUrlDesc": "URL used when testing outbound connectivity.",
"Torrent": "Block BitTorrent Protocol",
"Inbounds": "Inbounds",
"InboundsDesc": "Accepting the specific clients.",
"Outbounds": "Outbounds",
"OutboundSubscriptions": "Outbound Subscriptions",
"OutboundSubscriptionsDesc": "Import outbounds from remote subscription URLs (vmess/vless/trojan/ss/...). Tags are kept stable for use in balancers and routing rules. Updates are automatic.",
"Balancers": "Balancers",
"balancerTagRequired": "Tag is required",
"balancerSelectorRequired": "Pick at least one outbound",
"balancerLive": "Live Target",
"balancerOverride": "Override",
"balancerOverridePh": "Auto (strategy)",
"balancerLiveRefresh": "Refresh live balancer state",
"balancerNotRunning": "This balancer is not active in the running Xray — save your changes or start Xray first",
"routeTester": "Route Tester",
"routeTesterDesc": "Ask the running Xray which outbound would handle a connection. No traffic is sent — the decision comes straight from the live routing engine.",
"routeTesterDest": "Domain or IP",
"routeTesterPort": "Port",
"routeTesterInbound": "Inbound",
"routeTesterProtocol": "Sniffed protocol",
"routeTesterTest": "Test Route",
"routeTesterMatchedOutbound": "Matched outbound",
"routeTesterViaBalancer": "via balancer",
"routeTesterDefaultOutbound": "No routing rule matched — traffic goes to the default (first) outbound.",
"OutboundsDesc": "Set the outgoing traffic pathway.",
"Routings": "Routing Rules",
"RoutingsDesc": "The priority of each rule is important!",
"completeTemplate": "All",
"logLevel": "Log Level",
"logLevelDesc": "The log level for error logs, indicating the information that needs to be recorded.",
"accessLog": "Access Log",
"accessLogDesc": "The file path for the access log. The special value 'none' disables access logs",
"errorLog": "Error Log",
"errorLogDesc": "The file path for the error log. The special value 'none' disables error logs",
"dnsLog": "DNS Log",
"dnsLogDesc": "Whether to enable DNS query logs",
"maskAddress": "Mask Address",
"maskAddressDesc": "IP address mask, when enabled, will automatically replace the IP address that appears in the log.",
"statistics": "Statistics",
"statsInboundUplink": "Inbound Upload Statistics",
"statsInboundUplinkDesc": "Enables the statistics collection for upstream traffic of all inbound proxies.",
"statsInboundDownlink": "Inbound Download Statistics",
"statsInboundDownlinkDesc": "Enables the statistics collection for downstream traffic of all inbound proxies.",
"statsOutboundUplink": "Outbound Upload Statistics",
"statsOutboundUplinkDesc": "Enables the statistics collection for upstream traffic of all outbound proxies.",
"statsOutboundDownlink": "Outbound Download Statistics",
"statsOutboundDownlinkDesc": "Enables the statistics collection for downstream traffic of all outbound proxies.",
"connectionLimits": "Connection Limits",
"connectionLimitsDesc": "Connection-level policies for user level 0. Leave a field empty to use Xray's default.",
"connIdle": "Idle Timeout",
"connIdleDesc": "Closes a connection after it stays idle for this many seconds. Lowering it frees memory and file descriptors faster on busy servers (Xray default: 300).",
"bufferSize": "Buffer Size",
"bufferSizeDesc": "Per-connection internal buffer size in KB. Set to 0 to minimize memory usage on low-RAM servers (Xray default depends on the platform).",
"bufferSizePlaceholder": "auto",
"seconds": "seconds",
"rules": {
"first": "First",
"last": "Last",
"up": "Up",
"down": "Down",
"source": "Source",
"dest": "Destination",
"inbound": "Inbound",
"outbound": "Outbound",
"balancer": "Balancer",
"info": "Info",
"add": "Add Rule",
"edit": "Edit Rule",
"useComma": "Comma-separated list"
},
"routing": {
"dragToReorder": "Drag to reorder"
},
"ruleForm": {
"sourceIps": "Source IPs",
"sourcePort": "Source port",
"vlessRoute": "VLESS route",
"attributes": "Attributes",
"value": "Value",
"user": "User",
"inboundTags": "Inbound tags",
"outboundTag": "Outbound tag",
"balancerTag": "Balancer tag",
"balancerTagTooltip": "Routes traffic through one of the configured load balancers"
},
"outboundForm": {
"tagDuplicate": "Tag already used by another outbound",
"tagRequired": "Tag is required",
"tagPlaceholder": "unique-tag",
"localIpPlaceholder": "local IP",
"dialerProxyPlaceholder": "Select an outbound to chain through",
"dialerProxyHint": "Dial this outbound through another outbound (by tag) to build a proxy chain. Leave empty to connect directly.",
"addressRequired": "Address is required",
"portRequired": "Port is required",
"optional": "optional",
"udpOverTcp": "UDP over TCP",
"uotVersion": "UoT version",
"inboundTag": "Inbound tag",
"inboundTagPlaceholder": "inbound tag used in routing rules",
"responseType": "Response type",
"rewriteNetwork": "Rewrite network",
"unchanged": "(unchanged)",
"unchangedAddress": "(unchanged) e.g. 1.1.1.1",
"rules": "Rules",
"ruleN": "Rule {n}",
"action": "Action",
"redirect": "Redirect",
"fragment": "Fragment",
"finalRules": "Final Rules",
"overrideXrayPrivateIp": "Override Xray's default private-IP block",
"blockDelay": "Block delay (ms)",
"reverseSniffing": "Reverse Sniffing",
"workers": "Workers",
"reserved": "Reserved",
"minUploadInterval": "Min upload interval (ms)",
"maxUploadSizeBytes": "Max upload size (bytes)",
"uplinkChunkSize": "Uplink chunk size",
"noGrpcHeader": "No gRPC header",
"maxConcurrency": "Max concurrency",
"maxConnections": "Max connections",
"maxReuseTimes": "Max reuse times",
"maxRequestTimes": "Max request times",
"maxReusableSecs": "Max reusable secs",
"keepAlivePeriod": "Keep alive period",
"authPassword": "Auth password",
"visionTestpre": "Vision testpre",
"serverNamePlaceholder": "server name",
"verifyPeerName": "Verify peer name",
"pinnedSha256": "Pinned SHA256",
"shortId": "Short ID",
"sockopts": "Sockopts",
"keepAliveInterval": "Keep alive interval",
"markFwmark": "Mark (fwmark)",
"interface": "Interface",
"ipv6Only": "IPv6 only",
"acceptProxyProtocol": "Accept proxy protocol",
"proxyProtocol": "Proxy protocol",
"tcpUserTimeoutMs": "TCP user timeout (ms)",
"tcpKeepAliveIdleS": "TCP keep-alive idle (s)"
},
"outbound": {
"addOutbound": "Add Outbound",
"addReverse": "Add Reverse",
"editOutbound": "Edit Outbound",
"editReverse": "Edit Reverse",
"reverseTag": "Reverse Tag",
"reverseTagDesc": "VLESS simple reverse proxy tag. Leave empty to disable.",
"reverseTagPlaceholder": "reverse tag (leave empty to disable)",
"tag": "Tag",
"tagDesc": "Unique Tag",
"address": "Address",
"reverse": "Reverse",
"domain": "Domain",
"type": "Type",
"bridge": "Bridge",
"portal": "Portal",
"link": "Link",
"intercon": "Interconnection",
"settings": "Settings",
"accountInfo": "Account Information",
"outboundStatus": "Outbound Status",
"sendThrough": "Send Through",
"test": "Test",
"testResult": "Test Result",
"testing": "Testing connection...",
"testSuccess": "Test successful",
"testFailed": "Test failed",
"testError": "Failed to test outbound",
"testModeTooltip": "TCP: fast dial-only probe. HTTP: full request through xray.",
"testAll": "Test all",
"httpStatus": "HTTP status",
"breakdownConnect": "Proxy connect",
"breakdownTls": "TLS via outbound",
"breakdownTtfb": "First byte",
"nordvpn": "NordVPN",
"accessToken": "Access Token",
"country": "Country",
"server": "Server",
"city": "City",
"allCities": "All Cities",
"privateKey": "Private Key",
"load": "Load"
},
"outboundSub": {
"manage": "Subscriptions",
"title": "Outbound Subscriptions",
"remark": "Remark (optional)",
"remarkPlaceholder": "e.g. HK nodes",
"url": "Subscription URL",
"urlPlaceholder": "https://... (base64 list of links)",
"tagPrefix": "Tag prefix",
"tagPrefixPlaceholder": "hk-",
"interval": "Update interval",
"hours": "h",
"minutes": "min",
"intervalHint": "Default 10 minutes. The background job checks frequently; each subscription only re-fetches when its own interval has passed.",
"enabled": "Enabled",
"allowPrivate": "Allow private address",
"allowPrivateHint": "Permit localhost / LAN / private IPs for this subscription's URL. Off by default for security — enable only for a trusted local source.",
"prepend": "Before manual outbounds",
"prependHint": "Place this subscription's outbounds before your manual ones, so one can become the default.",
"preview": "Preview",
"previewEmpty": "No outbounds found at this URL.",
"refreshAll": "Refresh all",
"statusOk": "OK",
"toastUpdated": "Subscription updated",
"addButton": "Add",
"active": "Active subscriptions",
"empty": "No subscriptions yet. Add one above.",
"colRemark": "Remark",
"colPrefix": "Prefix",
"colInterval": "Interval",
"colLastFetch": "Last fetch",
"colEnabled": "Enabled",
"auto": "auto",
"never": "never",
"yes": "Yes",
"no": "No",
"refreshNow": "Refresh now",
"lastError": "Last error",
"deleteConfirm": "Delete this subscription?",
"restartHint": "After adding or refreshing, restart Xray (or wait for the next auto-reload) to make the outbounds active.",
"fromSubsTitle": "From outbound subscriptions (read-only)",
"fromSubsDesc": "Imported from your active subscriptions. Manage them in the Subscriptions panel above.",
"toastLoadFailed": "Failed to load subscriptions",
"toastUrlRequired": "Subscription URL is required",
"toastAdded": "Subscription added",
"toastAddFailed": "Failed to add subscription",
"toastRefreshed": "Refreshed",
"toastRefreshFailed": "Refresh failed",
"toastDeleted": "Deleted",
"toastDeleteFailed": "Delete failed"
},
"balancer": {
"addBalancer": "Add Balancer",
"editBalancer": "Edit Balancer",
"balancerStrategy": "Strategy",
"balancerSelectors": "Selectors",
"tag": "Tag",
"tagDesc": "Unique Tag",
"tagDuplicate": "Tag already used by another balancer",
"tagPlaceholder": "unique balancer tag",
"selector": "Selector",
"fallback": "Fallback",
"expected": "Expected",
"expectedPlaceholder": "optimal node count",
"maxRtt": "Max RTT",
"tolerance": "Tolerance",
"baselines": "Baselines",
"costs": "Costs",
"balancerDesc": "It is not possible to use balancerTag and outboundTag at the same time. If used at the same time, only outboundTag will work."
},
"wireguard": {
"secretKey": "Secret Key",
"publicKey": "Public Key",
"allowedIPs": "Allowed IPs",
"endpoint": "Endpoint",
"psk": "PreShared Key",
"domainStrategy": "Domain Strategy"
},
"tun": {
"nameDesc": "The name of the TUN interface. Default is 'xray0'",
"mtuDesc": "Maximum Transmission Unit. The maximum size of data packets. Default is 1500",
"userLevel": "User Level",
"userLevelDesc": "All connections made through this inbound will use this user level. Default is 0"
},
"nord": {
"accessToken": "Access token",
"privateKey": "Private key",
"noServers": "No servers found for the selected country",
"noPublicKey": "Selected server does not advertise a NordLynx public key.",
"outboundAdded": "NordVPN outbound added",
"outboundUpdated": "NordVPN outbound updated"
},
"warp": {
"changeIp": "Change IP",
"changeIpSuccess": "WARP IP changed successfully!",
"autoUpdateIp": "Auto Update IP Address",
"intervalDays": "Interval (Days)",
"intervalDesc": "0 to disable. Changes IP address automatically.",
"licenseError": "Failed to set WARP license.",
"fetchFirst": "Fetch the WARP config first.",
"createAccount": "Create WARP account",
"accessToken": "Access token",
"deviceId": "Device ID",
"licenseKey": "License key",
"privateKey": "Private key",
"deleteAccount": "Delete account",
"settings": "Settings",
"licenseKeyLabel": "WARP / WARP+ license key",
"key": "Key",
"keyPlaceholder": "26-char WARP+ key",
"accountInfo": "Account info",
"deviceName": "Device name",
"deviceModel": "Device model",
"deviceEnabled": "Device enabled",
"accountType": "Account type",
"role": "Role",
"warpPlusData": "WARP+ data",
"quota": "Quota",
"usage": "Usage",
"addOutbound": "Add outbound"
},
"dns": {
"enable": "Enable DNS",
"enableDesc": "Enable built-in DNS server",
"tag": "DNS Inbound Tag",
"tagDesc": "This tag will be available as an Inbound tag in routing rules.",
"clientIp": "Client IP",
"clientIpDesc": "Used to notify the server of the specified IP location during DNS queries",
"disableCache": "Disable cache",
"disableCacheDesc": "Disables DNS caching",
"disableFallback": "Disable Fallback",
"disableFallbackDesc": "Disables fallback DNS queries",
"disableFallbackIfMatch": "Disable Fallback If Match",
"disableFallbackIfMatchDesc": "Disables fallback DNS queries when the matching domain list of the DNS server is hit",
"enableParallelQuery": "Enable Parallel Query",
"enableParallelQueryDesc": "Enable parallel DNS queries to multiple servers for faster resolution",
"strategy": "Query Strategy",
"strategyDesc": "Overall strategy to resolve domain names",
"add": "Add Server",
"edit": "Edit Server",
"domains": "Domains",
"expectIPs": "Expect IPs",
"unexpectIPs": "Unexpected IPs",
"useSystemHosts": "Use System Hosts",
"useSystemHostsDesc": "Use the operating system's hosts file",
"serveStale": "Serve Stale",
"serveStaleDesc": "Return expired cached results while refreshing in the background",
"serveExpiredTTL": "Serve Expired TTL",
"serveExpiredTTLDesc": "Validity (seconds) of stale cache entries; 0 = never expire",
"timeoutMs": "Timeout (ms)",
"skipFallback": "Skip Fallback",
"finalQuery": "Final Query",
"hosts": "Hosts",
"hostsAdd": "Add Host",
"hostsEmpty": "No host overrides defined",
"hostsDomain": "Domain (e.g. domain:example.com)",
"hostsValues": "IP or domain — type and press Enter",
"usePreset": "Use Preset",
"dnsPresetTitle": "DNS Presets",
"dnsPresetFamily": "Family",
"clearAll": "Delete All",
"clearAllTitle": "Delete all DNS servers?",
"clearAllConfirm": "This removes every DNS server from the list. This cannot be undone."
},
"fakedns": {
"add": "Add Fake DNS",
"edit": "Edit Fake DNS",
"ipPool": "IP Pool Subnet",
"poolSize": "Pool Size"
}
}
},
"tgbot": {
"keyboardClosed": "❌ Custom keyboard closed!",
"noResult": "❗ No result!",
"noQuery": "❌ Query not found! Please use the command again!",
"wentWrong": "❌ Something went wrong!",
"noIpRecord": "❗ No IP Record!",
"noInbounds": "❗ No inbound found!",
"unlimited": "♾ Unlimited(Reset)",
"add": "Add",
"month": "Month",
"months": "Months",
"day": "Day",
"days": "Days",
"hours": "Hours",
"minutes": "Minutes",
"unknown": "Unknown",
"inbounds": "Inbounds",
"clients": "Clients",
"offline": "🔴 Offline",
"online": "🟢 Online",
"commands": {
"unknown": "❗ Unknown command.",
"pleaseChoose": "👇 Please choose:\r\n",
"help": "🤖 Welcome to this bot! It's designed to offer specific data from the web panel and allows you to make modifications as needed.\r\n\r\n",
"start": "👋 Hello <i>{{ .Firstname }}</i>.\r\n",
"welcome": "🤖 Welcome to <b>{{ .Hostname }}</b> management bot.\r\n",
"status": "✅ Bot is OK!",
"usage": "❗ Please provide a text to search!",
"getID": "🆔 Your ID: <code>{{ .ID }}</code>",
"helpAdminCommands": "To restart Xray Core:\r\n<code>/restart</code>\r\n\r\nTo search for a client email:\r\n<code>/usage [Email]</code>\r\n\r\nTo search for inbounds (with client stats):\r\n<code>/inbound [Remark]</code>\r\n\r\nTelegram Chat ID:\r\n<code>/id</code>",
"helpClientCommands": "To search for statistics, use the following command:\r\n\r\n<code>/usage [Email]</code>\r\n\r\nTelegram Chat ID:\r\n<code>/id</code>",
"restartUsage": "\r\n\r\n<code>/restart</code>",
"restartSuccess": "✅ Operation successful!",
"restartFailed": "❗ Error in operation.\r\n\r\n<code>Error: {{ .Error }}</code>.",
"xrayNotRunning": "❗ Xray Core is not running.",
"startDesc": "Show the main menu",
"helpDesc": "Bot help",
"statusDesc": "Check bot status",
"idDesc": "Show your Telegram ID"
},
"messages": {
"cpuThreshold": "🔴 CPU Load {{ .Percent }}% exceeds the threshold of {{ .Threshold }}%",
"selectUserFailed": "❌ Error in user selection!",
"userSaved": "✅ Telegram User saved.",
"loginSuccess": "✅ Logged in to the panel successfully.\r\n",
"loginFailed": "❗️Login attempt to the panel failed.\r\n",
"2faFailed": "2FA Failed",
"report": "🕰 Scheduled Reports: {{ .RunTime }}\r\n",
"datetime": "⏰ Date&Time: {{ .DateTime }}\r\n",
"hostname": "💻 Host: {{ .Hostname }}\r\n",
"version": "🚀 3X-UI Version: {{ .Version }}\r\n",
"xrayVersion": "📡 Xray Version: {{ .XrayVersion }}\r\n",
"ipv6": "🌐 IPv6: {{ .IPv6 }}\r\n",
"ipv4": "🌐 IPv4: {{ .IPv4 }}\r\n",
"ip": "🌐 IP: {{ .IP }}\r\n",
"ips": "🔢 IPs:\r\n{{ .IPs }}\r\n",
"serverUpTime": "⏳ Uptime: {{ .UpTime }} {{ .Unit }}\r\n",
"serverLoad": "📈 System Load: {{ .Load1 }}, {{ .Load2 }}, {{ .Load3 }}\r\n",
"serverMemory": "📋 RAM: {{ .Current }}/{{ .Total }}\r\n",
"tcpCount": "🔹 TCP: {{ .Count }}\r\n",
"udpCount": "🔸 UDP: {{ .Count }}\r\n",
"traffic": "🚦 Traffic: {{ .Total }} (↑{{ .Upload }},↓{{ .Download }})\r\n",
"xrayStatus": "️ Status: {{ .State }}\r\n",
"username": "👤 Username: {{ .Username }}\r\n",
"reason": "❗️ Reason: {{ .Reason }}\r\n",
"time": "⏰ Time: {{ .Time }}\r\n",
"inbound": "📍 Inbound: {{ .Remark }}\r\n",
"port": "🔌 Port: {{ .Port }}\r\n",
"expire": "📅 Expire Date: {{ .Time }}\r\n",
"expireIn": "📅 Expire In: {{ .Time }}\r\n",
"active": "💡 Active: {{ .Enable }}\r\n",
"enabled": "🚨 Enabled: {{ .Enable }}\r\n",
"online": "🌐 Connection status: {{ .Status }}\r\n",
"lastOnline": "🔙 Last online: {{ .Time }}\r\n",
"email": "📧 Email: {{ .Email }}\r\n",
"upload": "🔼 Upload: ↑{{ .Upload }}\r\n",
"download": "🔽 Download: ↓{{ .Download }}\r\n",
"total": "📊 Total: ↑↓{{ .UpDown }} / {{ .Total }}\r\n",
"TGUser": "👤 Telegram User: {{ .TelegramID }}\r\n",
"exhaustedMsg": "🚨 Exhausted {{ .Type }}:\r\n",
"exhaustedCount": "🚨 Exhausted {{ .Type }} count:\r\n",
"onlinesCount": "🌐 Online Clients: {{ .Count }}\r\n",
"disabled": "🛑 Disabled: {{ .Disabled }}\r\n",
"depleteSoon": "🔜 Deplete Soon: {{ .Deplete }}\r\n\r\n",
"backupTime": "🗄 Backup Time: {{ .Time }}\r\n",
"refreshedOn": "\r\n📋🔄 Refreshed On: {{ .Time }}\r\n\r\n",
"yes": "✅ Yes",
"no": "❌ No",
"received_id": "🔑📥 ID updated.",
"received_password": "🔑📥 Password updated.",
"received_email": "📧📥 Email updated.",
"received_comment": "💬📥 Comment updated.",
"id_prompt": "🔑 Default ID: {{ .ClientId }}\n\nEnter your ID.",
"pass_prompt": "🔑 Default Password: {{ .ClientPassword }}\n\nEnter your password.",
"email_prompt": "📧 Default Email: {{ .ClientEmail }}\n\nEnter your email.",
"comment_prompt": "💬 Default Comment: {{ .ClientComment }}\n\nEnter your comment.",
"inbound_client_data_id": "🔄 Inbound: {{ .InboundRemark }}\n\n🔑 ID: {{ .ClientId }}\n📧 Email: {{ .ClientEmail }}\n📊 Traffic: {{ .ClientTraffic }}\n📅 Expire Date: {{ .ClientExp }}\n🌐 IP Limit: {{ .IpLimit }}\n💬 Comment: {{ .ClientComment }}\n\nYou can add the client to inbound now!",
"inbound_client_data_pass": "🔄 Inbound: {{ .InboundRemark }}\n\n🔑 Password: {{ .ClientPass }}\n📧 Email: {{ .ClientEmail }}\n📊 Traffic: {{ .ClientTraffic }}\n📅 Expire Date: {{ .ClientExp }}\n🌐 IP Limit: {{ .IpLimit }}\n💬 Comment: {{ .ClientComment }}\n\nYou can add the client to inbound now!",
"cancel": "❌ Process Canceled! \n\nYou can /start again anytime. 🔄",
"error_add_client": "⚠️ Error:\n\n {{ .error }}",
"using_default_value": "Okay, I'll stick with the default value. 😊",
"incorrect_input": "Your input is not valid.\nThe phrases should be continuous without spaces.\nCorrect example: aaaaaa\nIncorrect example: aaa aaa 🚫",
"AreYouSure": "Are you sure? 🤔",
"SuccessResetTraffic": "📧 Email: {{ .ClientEmail }}\n🏁 Result: ✅ Success",
"FailedResetTraffic": "📧 Email: {{ .ClientEmail }}\n🏁 Result: ❌ Failed \n\n🛠️ Error: [ {{ .ErrorMessage }} ]",
"FinishProcess": "🔚 Traffic reset process finished for all clients.",
"eventOutboundDown": "Outbound {{ .Tag }} is DOWN",
"eventOutboundUp": "Outbound {{ .Tag }} is UP",
"eventErrorDetail": "Error: {{ .Error }}",
"eventDelayDetail": "Delay: {{ .Delay }}ms",
"eventXrayCrash": "Xray CRASHED",
"eventXrayCrashError": "Error: {{ .Error }}",
"eventNodeDown": "Node {{ .Name }} is DOWN",
"eventNodeUp": "Node {{ .Name }} is UP",
"eventCPUHigh": "CPU high",
"eventCPUHighDetail": "CPU: {{ .Detail }}",
"eventLoginFallback": "Login failed from {{ .Source }}"
},
"buttons": {
"closeKeyboard": "❌ Close Keyboard",
"cancel": "❌ Cancel",
"cancelReset": "❌ Cancel Reset",
"cancelIpLimit": "❌ Cancel IP Limit",
"confirmResetTraffic": "✅ Confirm Reset Traffic?",
"confirmClearIps": "✅ Confirm Clear IPs?",
"confirmRemoveTGUser": "✅ Confirm Remove Telegram User?",
"confirmToggle": "✅ Confirm Enable/Disable User?",
"dbBackup": "Get DB Backup",
"serverUsage": "Server Usage",
"getInbounds": "Get Inbounds",
"depleteSoon": "Deplete Soon",
"clientUsage": "Get Usage",
"onlines": "Online Clients",
"commands": "Commands",
"refresh": "🔄 Refresh",
"clearIPs": "❌ Clear IPs",
"removeTGUser": "❌ Remove Telegram User",
"selectTGUser": "👤 Select Telegram User",
"selectOneTGUser": "👤 Select a Telegram User:",
"resetTraffic": "📈 Reset Traffic",
"resetExpire": "📅 Change Expiry Date",
"ipLog": "🔢 IP Log",
"ipLimit": "🔢 IP Limit",
"setTGUser": "👤 Set Telegram User",
"toggle": "🔘 Enable / Disable",
"custom": "🔢 Custom",
"confirmNumber": "✅ Confirm: {{ .Num }}",
"confirmNumberAdd": "✅ Confirm adding: {{ .Num }}",
"limitTraffic": "🚧 Traffic Limit",
"getBanLogs": "Get Ban Logs",
"allClients": "All Clients",
"addClient": "Add Client",
"submitDisable": "Submit As Disable ☑️",
"submitEnable": "Submit As Enable ✅",
"use_default": "🏷️ Use default",
"change_id": "⚙️🔑 ID",
"change_password": "⚙️🔑 Password",
"change_email": "⚙️📧 Email",
"change_comment": "⚙️💬 Comment",
"change_flow": "⚙️🚦 Flow",
"ResetAllTraffics": "Reset All Traffic",
"SortedTrafficUsageReport": "Sorted Traffic Usage Report"
},
"answers": {
"successfulOperation": "✅ Operation successful!",
"errorOperation": "❗ Error in operation.",
"getInboundsFailed": "❌ Failed to get inbounds.",
"getClientsFailed": "❌ Failed to get clients.",
"canceled": "❌ {{ .Email }}: Operation canceled.",
"clientRefreshSuccess": "✅ {{ .Email }}: Client refreshed successfully.",
"IpRefreshSuccess": "✅ {{ .Email }}: IPs refreshed successfully.",
"TGIdRefreshSuccess": "✅ {{ .Email }}: Client's Telegram User refreshed successfully.",
"resetTrafficSuccess": "✅ {{ .Email }}: Traffic reset successfully.",
"setTrafficLimitSuccess": "✅ {{ .Email }}: Traffic limit saved successfully.",
"expireResetSuccess": "✅ {{ .Email }}: Expire days reset successfully.",
"resetIpSuccess": "✅ {{ .Email }}: IP limit {{ .Count }} saved successfully.",
"clearIpSuccess": "✅ {{ .Email }}: IPs cleared successfully.",
"getIpLog": "✅ {{ .Email }}: Get IP Log.",
"getUserInfo": "✅ {{ .Email }}: Get Telegram User Info.",
"removedTGUserSuccess": "✅ {{ .Email }}: Telegram User removed successfully.",
"enableSuccess": "✅ {{ .Email }}: Enabled successfully.",
"disableSuccess": "✅ {{ .Email }}: Disabled successfully.",
"askToAddUserId": "Your configuration is not found!\r\nPlease ask your admin to use your Telegram ChatID in your configuration(s).\r\n\r\nYour ChatID: <code>{{ .TgUserID }}</code>",
"chooseClient": "Choose a Client for Inbound {{ .Inbound }}",
"chooseInbound": "Choose an Inbound"
}
},
"email": {
"subjectOutboundDown": "Outbound {{ .Tag }} is DOWN",
"subjectOutboundUp": "Outbound {{ .Tag }} is UP",
"subjectXrayCrash": "Xray CRASHED",
"subjectCPUHigh": "CPU high",
"subjectLoginSuccess": "Login successful",
"subjectLoginFailed": "Login failed",
"titleOutboundDown": "Outbound DOWN",
"titleOutboundUp": "Outbound UP",
"titleXrayCrash": "Xray CRASHED",
"titleCPUHigh": "CPU high",
"titleLoginSuccess": "Login successful",
"titleLoginFailed": "Login failed",
"labelStatus": "Status",
"labelOutbound": "Outbound",
"labelNode": "Node",
"labelError": "Error",
"labelDelay": "Delay",
"labelDetail": "Detail",
"labelUsername": "Username",
"labelIP": "IP",
"labelReason": "Reason",
"labelSource": "Source",
"labelTime": "Time",
"statusCrashed": "CRASHED",
"statusRunning": "Running",
"statusHigh": "HIGH",
"statusSuccess": "SUCCESS",
"statusFailed": "FAILED",
"statusDown": "DOWN",
"statusUp": "UP"
}
}