commit 16e8beacafdc66e34ea0dc797292a78872a0ef0e
parent 06e74a5afa8523b7449ae4aa5ceb7f0c9d80f753
Author: hhvn <hayden@haydenvh.com>
Date: Wed, 3 Feb 2021 00:40:28 +0000
config.sh hbbs.sh include/log.sh: throttle ip when over $connection_limit connections in a minute
Diffstat:
3 files changed, 21 insertions(+), 1 deletion(-)
diff --git a/config.sh b/config.sh
@@ -22,6 +22,10 @@ board_files_desc="Links to files/torrents"
board_admin_post_whitelist="hhvn"
#board_admin_reply_whitelist="hhvn"
+# throttle for hour when reached
+post_limit=8 #per minute
+connection_limit=15 #per minute
+
bbs_addr="bbs.hlirc.net"
email_addr="bbs@hlirc.net"
term="xterm-256color"
diff --git a/hbbs.sh b/hbbs.sh
@@ -4,6 +4,7 @@ trap 'die "SIGINT received"' 2
export cwd=$(dirname $0)
. $cwd/include/common.sh
+. $cwd/include/log.sh
. $cwd/config.sh
mkdir $datadir -p || die "cannot write to data dir"
@@ -16,6 +17,15 @@ mkdir -p \
$datadir/log
touch $datadir/log/log
+add_log "connection" "${REMOTE_HOST:-localhost}"
+[ $(get_log_time "connection" | grep "^$(date +%H:%M)" | awk '{print $2}' | \
+ grep -v localhost | grep "${REMOTE_HOST:-localhost}" | wc -l) -eq $connection_limit ] && \
+ error "$connection_limit+ connection attempts in one minute - throttling for an hour" && \
+ add_log "throttled" "${REMOTE_HOST:-localhost}" && die "throttled"
+[ "$(get_log_time "throttled" | grep "$(date +%H:)" | awk '{print $2}' | \
+ grep -v localhost | grep "${REMOTE_HOST:-localhost}")" != "" ] && \
+ die "throttled"
+
[ "$1" = "-f" ] && bin finger && exit 1
info "Setting terminal to $term"
diff --git a/include/log.sh b/include/log.sh
@@ -14,6 +14,12 @@ add_log(){
get_log(){
awk -v "date=$(date +%Y-%d-%m)" -v "key=$1" -F" " '
- $1 == date && $3 == key
+ $1 == date && $3 == key {print $3}
+ ' < $datadir/log/log
+}
+
+get_log_time(){
+ awk -v "date=$(date +%Y-%d-%m)" -v "key=$1" -F" " '
+ $1 == date && $3 == key {print $2 "\t" $3}
' < $datadir/log/log
}
