From 5947228548ebda59122319d40ad41dcb77dd8b86 Mon Sep 17 00:00:00 2001
From: Robert Langhammer <rlanghammer@web.de>
Date: Sun, 24 Nov 2019 22:22:23 +0100
Subject: [PATCH] DOS protection.

A DOS attack against this script can block the router completely.
This patch inserts a delay to fix this problem.
---
 babel.html | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/babel.html b/babel.html
index 087b773..fc01bf1 100755
--- a/babel.html
+++ b/babel.html
@@ -3,8 +3,16 @@
 <%
 echo -en "Content-Type: text/html\r\n\r\n"
 HOSTNAME="$(uci -q get "fff.system.hostname")"
+lockfile="/tmp/simple.babelweb.lock"
+
+if [ -e $lockfile ];then
+	if [ 30 -gt $(( $(date +%s) - $(date -r $lockfile +%s) )) ];then
+		echo "only one access per minute!!" && exit
+	fi
+fi
 
 data=$(echo "dump" | nc ::1 33123)
+touch $lockfile
 
 %><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">