LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Programming (https://www.linuxquestions.org/questions/programming-9/)
-   -   A PHP Library for IPTables (https://www.linuxquestions.org/questions/programming-9/a-php-library-for-iptables-903884/)

koosha 09-19-2011 02:59 PM
A PHP Library for IPTables
 
Dear users

I would like you to just know that I've written a lightweight library in PHP that enables you manipulate iptables chains and rules. You can download it at: https://sourceforge.net/projects/libiptphp/
Feel free to contact me in case of any comment.

resolv_25 09-20-2011 04:57 AM
Looks interesting.
Still, would be good to have some example of using this library ? Would be easier to understand the exact way to use the class.
Best regards,

koosha 09-20-2011 10:16 AM
Of course an example will help you understand it. An article is going to be published in Linux Journal. But, I'm thinking of including a sample rule file and an example PHP script that uses it.

resolv_25 09-21-2011 01:15 AM
Quote:
Originally Posted by koosha (Post 4477223)
Of course an example will help you understand it. An article is going to be published in Linux Journal. But, I'm thinking of including a sample rule file and an example PHP script that uses it.
Yes, this would be great.
Thank you.

corp769 09-21-2011 01:39 AM
Could you post a small example here so we could get a quick glimpse? I'm pretty sure that if one was within the forums, you would get more people to try your library out.

koosha 09-21-2011 04:00 AM
OK. The following simple code lists tables, chains, and rules defined in iptables rules file.
Code:
<?php
    require_once 'libiptables.php';
    // Path of iptables rules. Yours may differ.
    $rules_file = '/etc/iptables/rules';
    $ipt = new IptablesConfig($rules_file);
    foreach ($ipt->getAllTables() as $t) {
        echo "<pre>Table <b>$t</b><br/>";
        foreach ($ipt->getTableChains($t) as $c) {
            echo "  Chain <b>$c</b><br/>";
                foreach ($ipt->getAllRuleStrings($t, $c) as $r) {
                    echo "    <b>Rule</b> $r<br/>";
                }
        }
        echo '</pre>';
    }
?>

yonux 12-25-2012 09:31 AM
hai koosha. thank you for your code.

i try to get byte couter using getRuleByteCounter function, but it shows nothing. here is my code, correct me please.
Code:
<?php
    require_once 'libiptables-php-1.0/libiptables.php';
    // Path of iptables rules. Yours may differ.
    $rules_file = '/etc/iptables/rules';
    $ipt = new IptablesConfig($rules_file);
    foreach ($ipt->getAllTables() as $t) {
        echo "<pre>Table <b>$t</b><br/>";
        foreach ($ipt->getTableChains($t) as $c) {
            echo "  Chain <b>$c</b><br/>";
                foreach ($ipt->getRuleByteCounter($t, $c, 0) as $r) {
                    echo "    <b>bytes</b> $r<br/>";
                }
        }
        echo '</pre>';
    }
?>
could you give me an example for doing this please? i want to get bytes couter of rule #0.

thank you very much for help :)

koosha 12-25-2012 02:40 PM
Quote:
Originally Posted by yonux (Post 4856572)
hai koosha. thank you for your code.

i try to get byte couter using getRuleByteCounter function, but it shows nothing. here is my code, correct me please.
Code:
<?php
                foreach ($ipt->getRuleByteCounter($t, $c, 0) as $r) {
                    echo "    <b>bytes</b> $r<br/>";
                }
?>
could you give me an example for doing this please? i want to get bytes couter of rule #0.

thank you very much for help :)

Two points:
1. Your rule MUST begin with counters; that is, it must have counters; otherwise it is reasonable that nothing is returned if your rule does not have counters. Rules which begin with [1234:5678] (ignore the numbers, consider the form [\d+:\d+]) have byte and packet counters set.

2. getRuleByteCounter() does not return an array; it returns an integer. So it should be used as a stand-alone statement not in a foreach loop.


All times are GMT -5. The time now is 11:52 PM.