Page 2 of 2 FirstFirst 12
Results 11 to 18 of 18

Thread: Need help with iptables

  1. #11
    Associate
    Join Date
    Apr 2008
    Posts
    11
    1. Can php actually executes shell scripts in the first place?

  2. #12
    Associate
    Join Date
    Apr 2008
    Posts
    11
    Quote Originally Posted by redhead View Post
    Are you sure you're trying it out under absolute correct conditions ?

    When you manualy executes the line, then you need to act as if you're the apache server, meaning executing it with the correct settings as apache would use, on debian this would be as the "www-data" user.

    You can also turn on error displaying, then you can see if it's the PHP part thats not working correct, try adding
    Code:
    error_reporting(E_ALL); 
    ini_set('display_errors',1); 
    
    befor the shell_exec() call.
    RedHead, it is able to be executed in the command line Via php -q Test.php, and return display the result on the command line itself just that when i used it on apache, no display came out at all and when i check the string whether is it blank, it returns empty string. or should i treat it as array?

  3. #13
    Associate
    Join Date
    Apr 2008
    Posts
    11
    And ya RedHead, i tried to execute the iptables commands from apache i.e instead of "iptables -L" i type "iptables -A INPUT -i lo -j ACCEPT" and then going to the command line to check and it does not execute it. Am i wrong, omg i realli have no idea on how to do,

    and it dun seems to have any links to the command line although specifying the shell_exec().

  4. #14
    Moderator
    Advisor
    redhead's Avatar
    Join Date
    Jun 2001
    Location
    Copenhagen, Denmark
    Posts
    811
    Plaese check if PHP is running in safemode, shell_exec() is one of the functions that are restricted when PHP is in safemode.

    You should atleast get something out of it, and yes shell_exec() returns a string which can be used in as an "echo .." argument, or print_r() if you want to make sure it's not because the return is of some obscure return type.

    You could as a test add
    Code:
     echo ini_get('safe_mode');
    to see what it's initialy set as, if it returns "1", then PHP is in safemode.

    Or perhaps it has something todo with apache not knowing where iptables resides, so you could make it
    Code:
    shell_exec("/sbin/iptables -L");
    Don't worry Ma'am. We're university students, - We know what We're doing.
    'Ruiat coelum, fiat voluntas tua.'
    Datalogi - en livsstil; Intet liv, ingen stil.

  5. #15
    Associate
    Join Date
    Apr 2008
    Posts
    11
    Yah redhead i did wat u told mi i wasn't able to see the result of echo ini_get('safe_mode'); either in the command line or on the apache.

    and strange thing is i can get iptables command to run in the terminal and not apache i believe when interfacing with command line, something is missing, i believe it is not executed.

    I tried normal commands like "ls -al" is able to work perfectly, but when come to iptables on apache it does not show the result, strange didn't know where went wrong.

    i tried executing "iptables -L" in the command line, it works but when i access it from the web, it does not show anithing and when i write simple check to check whether the variable is "", it return the the string is empty. ??

  6. #16
    Associate
    Join Date
    Apr 2008
    Posts
    11
    Anyone knows how to execute shell scripts from apache?

    Having problem here, or is the concept wrong in the first place.

  7. #17
    Yes, backticks work for me with PHP. (Same thing as shell_exec).
    I'd check permissions on iptables... it's normally in sbin, which shouldn't be in the PATH of the apache user
    63,000 bugs in the code, 63,000 bugs,
    ya get 1 whacked with a service pack,
    now there's 63,005 bugs in the code!!

  8. #18
    Associate
    Join Date
    Apr 2008
    Posts
    11
    RedHead, The problem is solved, just that for now.

    i missed out this line at visudo.

    www-data ALL=(ALL) NOPASSWD: /sbin/iptables
    and by using the command $output = `sudo /sbin/iptables -L`;

Similar Threads

  1. iptables
    By digitalspy99 in forum Linux - General Topics
    Replies: 1
    Last Post: 08-05-2008, 03:42 AM
  2. GUI for iptables???
    By SwampDonkey in forum Linux - Software, Applications & Programming
    Replies: 2
    Last Post: 12-13-2002, 12:50 PM
  3. Where do iptables go?
    By flashingcurser in forum Linux - Software, Applications & Programming
    Replies: 3
    Last Post: 08-14-2002, 08:37 PM
  4. iptables
    By elovkoff in forum Security
    Replies: 9
    Last Post: 03-19-2002, 02:23 PM
  5. IPTables
    By MrMoray in forum Linux - Software, Applications & Programming
    Replies: 3
    Last Post: 12-18-2001, 08:31 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •