Programming Forums > Web Development and Design > PHP

zdb · Nov 16th, 2004, 7:14 AM

We recently got assigned a project where we need to allow access to our server via iptables.

The problem is that we don't know where to start because we come from a Windows environment. If someone has some info that could help us onto the right path we would highly appreciate it!

Thanks

zdb

tempest · Nov 16th, 2004, 8:11 AM

Add to top of all pages...

(Toggle Plain Text)

<?php
  include("ipCheck.php");
?>

ipCheck.php

(Toggle Plain Text)

$ips = array("127.0.0.1",
          "0.0.0.0");

$access = 0;
foreach($ips as $col => $ip)
  if($_SERVER['REMOTE_ADRR'] == $ip) {
    $access = 1;
    break;
  }

if(!$access) {
  header("HTTP/1.0 403 Not Authorized");
  die();
}

zdb · Nov 16th, 2004, 8:21 AM

I will give it a bash! Thanks.

zdb

Pizentios · Nov 16th, 2004, 8:21 AM

IpTables as in a firewall?

zdb · Nov 18th, 2004, 3:45 AM

The main idea behind this IPTable firewall it to deny \ allow access to the network \ server from remote areas. We need to decline access to the network to a wireless access user that should not be able to use our server for the internet. Do you have a way that might help Pizentios?

Thanks

zdb · Nov 18th, 2004, 4:23 AM

Quote:

Originally posted by tempest@Nov 16 2004, 02:11 PM
Add to top of all pages...

(Toggle Plain Text)

<?php * *include("ipCheck.php"); ?>

<?php * *include("ipCheck.php"); ?>

ipCheck.php

(Toggle Plain Text)

$ips = array("127.0.0.1", * * * * * * * * * "0.0.0.0"); $access = 0; foreach($ips as $col => $ip) * *if($_SERVER['REMOTE_ADRR'] == $ip) { * * * *$access = 1; * * * *break; * *} if(!$access) { * *header("HTTP/1.0 403 Not Authorized"); * *die(); }

$ips = array("127.0.0.1", * * * * * * * * * "0.0.0.0"); $access = 0; foreach($ips as $col => $ip) * *if($_SERVER['REMOTE_ADRR'] == $ip) { * * * *$access = 1; * * * *break; * *} if(!$access) { * *header("HTTP/1.0 403 Not Authorized"); * *die(); }

Is it possible to include this in a Firewall config file?

tempest · Nov 18th, 2004, 7:05 AM

You'll have to write something that calls the firewall admin screen and gets the information you need with custom HTTP headers sent by your PHP application. This is a fairly complex procedure, i dont think that can be dropped in a firewall config file unless the firewall allows you to include PHP in some odd way, which is doubtful. There are ways to do this but its extremely complicated and takes hours to do...

Pizentios · Nov 18th, 2004, 10:35 AM

Quote:

Originally posted by zdb@Nov 18 2004, 04:45 AM
The main idea behind this IPTable firewall it to deny \ allow access to the network \ server from remote areas. We need to decline access to the network to a wireless access user that should not be able to use our server for the internet. Do you have a way that might help Pizentios?

Thanks

What about using public and private keys. Only problem with that is that thew users will have to have they're own public key on what ever computer that they want to use.

tempest · Nov 18th, 2004, 6:49 PM

Add to top of all pages...

(Toggle Plain Text)

<?php
  include("ipCheck.php");
?>

ipCheck.php

(Toggle Plain Text)

// * is random... you get the idea
$ips = "192.168.1.*";

$access = 1;
$rm = explode(".", $_SERVER['REMOTE_ADDR']);
foreach(explode(".", $ips) as $col => $ip) {
  if($ip != "*")
    if($ip != $rm[$col]) $access = 0;
}


if(!$access) {
  header("HTTP/1.0 403 Not Authorized");
  die();
}

zdb · Nov 20th, 2004, 4:50 AM

Quote:

Originally posted by tempest@Nov 18 2004, 01:05 PM
You'll have to write something that calls the firewall admin screen and gets the information you need with custom HTTP headers sent by your PHP application. This is a fairly complex procedure, i dont think that can be dropped in a firewall config file unless the firewall allows you to include PHP in some odd way, which is doubtful. There are ways to do this but its extremely complicated and takes hours to do...

If it is not possible to add php to my firewall scripts, then how else should I approach it?

I need to be able to deny access to certain remote users to our Server. This would mean that they may not access anything outside their own pc (via our Server anyway) unless the script redirects them.

I suppose I could use Java \ Kylix then to interact with the IPTables and manage whoever gets on and off our net using packet filtering? I just thougt it would be easier to set up a script in the IPTable configs.

Will my Java \ Delphi (Kylix) approach work, I wonder. Can't see why not. I can do it in Windows and compile to Linux right? Well I'll give it a try then. Tx, Adios

Nov 16th, 2004, 8:11 AM	#2
tempest Programming Guru Join Date: Oct 2004 Posts: 1,041 Rep Power: 5	Add to top of all pages... (Toggle Plain Text) <?php include("ipCheck.php"); ?> <?php include("ipCheck.php"); ?> ipCheck.php (Toggle Plain Text) $ips = array("127.0.0.1", "0.0.0.0"); $access = 0; foreach($ips as $col => $ip) if($_SERVER['REMOTE_ADRR'] == $ip) { $access = 1; break; } if(!$access) { header("HTTP/1.0 403 Not Authorized"); die(); } $ips = array("127.0.0.1", "0.0.0.0"); $access = 0; foreach($ips as $col => $ip) if($_SERVER['REMOTE_ADRR'] == $ip) { $access = 1; break; } if(!$access) { header("HTTP/1.0 403 Not Authorized"); die(); } __________________

Nov 16th, 2004, 8:21 AM	#4
Pizentios Programming Guru Join Date: May 2004 Location: Brandon, Manitoba, Canada Posts: 2,023 Rep Power: 7	IpTables as in a firewall? __________________ Profanity is the one language that all programmers understand. Check out my Blog <---updated Nov 30 2007!

Nov 18th, 2004, 7:05 AM	#7
tempest Programming Guru Join Date: Oct 2004 Posts: 1,041 Rep Power: 5	You'll have to write something that calls the firewall admin screen and gets the information you need with custom HTTP headers sent by your PHP application. This is a fairly complex procedure, i dont think that can be dropped in a firewall config file unless the firewall allows you to include PHP in some odd way, which is doubtful. There are ways to do this but its extremely complicated and takes hours to do... __________________

Nov 18th, 2004, 6:49 PM	#9
tempest Programming Guru Join Date: Oct 2004 Posts: 1,041 Rep Power: 5	Add to top of all pages... (Toggle Plain Text) <?php include("ipCheck.php"); ?> <?php include("ipCheck.php"); ?> ipCheck.php (Toggle Plain Text) // * is random... you get the idea $ips = "192.168.1."; $access = 1; $rm = explode(".", $_SERVER['REMOTE_ADDR']); foreach(explode(".", $ips) as $col => $ip) { if($ip != "") if($ip != $rm[$col]) $access = 0; } if(!$access) { header("HTTP/1.0 403 Not Authorized"); die(); } // * is random... you get the idea $ips = "192.168.1."; $access = 1; $rm = explode(".", $_SERVER['REMOTE_ADDR']); foreach(explode(".", $ips) as $col => $ip) { if($ip != "") if($ip != $rm[$col]) $access = 0; } if(!$access) { header("HTTP/1.0 403 Not Authorized"); die(); } __________________

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Nov 16th, 2004, 7:14 AM	#1
zdb Newbie Join Date: Nov 2004 Location: South Africa Posts: 8 Rep Power: 0	We recently got assigned a project where we need to allow access to our server via iptables. The problem is that we don't know where to start because we come from a Windows environment. If someone has some info that could help us onto the right path we would highly appreciate it! Thanks zdb

Nov 18th, 2004, 3:45 AM	#5
zdb Newbie Join Date: Nov 2004 Location: South Africa Posts: 8 Rep Power: 0	The main idea behind this IPTable firewall it to deny \ allow access to the network \ server from remote areas. We need to decline access to the network to a wireless access user that should not be able to use our server for the internet. Do you have a way that might help Pizentios? Thanks

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Programming Forums > Web Development and Design > PHP

Iptable Filtering