View previous topic :: View next topic |
Author |
Message |
RTAdams89 -
Joined: 06 Nov 2005 Posts: 102
|
Posted: Wed Dec 13, 2006 4:44 am Post subject: Displaying netstat -n |
|
|
One one of my PHP pages I use the following code:
Code: |
$connections = `netstat -n`;
echo $connections;
|
With that, I get an output like this:
Code: |
Active Connections
Proto Local Address Foreign Address State
TCP 127.0.0.1:4578 127.0.0.1:8100 TIME_WAIT
TCP 127.0.0.1:4579 127.0.0.1:8100 TIME_WAIT
TCP 127.0.0.1:4588 127.0.0.1:8100 TIME_WAIT
TCP 127.0.0.1:4589 127.0.0.1:8100 TIME_WAIT
TCP 127.0.0.1:4599 127.0.0.1:80 TIME_WAIT
TCP 127.0.0.1:4601 127.0.0.1:5800 TIME_WAIT
TCP 127.0.0.1:4603 127.0.0.1:9554 TIME_WAIT
TCP 127.0.0.1:4607 127.0.0.1:8100 TIME_WAIT
TCP 127.0.0.1:4608 127.0.0.1:8100 TIME_WAIT
TCP 127.0.0.1:4621 127.0.0.1:8100 TIME_WAIT
TCP 127.0.0.1:4622 127.0.0.1:8100 TIME_WAIT
TCP 127.0.0.1:4628 127.0.0.1:80 TIME_WAIT
TCP 127.0.0.1:4630 127.0.0.1:5800 TIME_WAIT
TCP 127.0.0.1:4633 127.0.0.1:9554 TIME_WAIT
TCP 127.0.0.1:4634 127.0.0.1:4664 TIME_WAIT
TCP 127.0.0.1:4641 127.0.0.1:8100 TIME_WAIT
TCP 127.0.0.1:4642 127.0.0.1:8100 TIME_WAIT
TCP 127.0.0.1:4655 127.0.0.1:8100 TIME_WAIT
TCP 127.0.0.1:4656 127.0.0.1:8100 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4571 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4572 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4575 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4576 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4582 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4583 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4586 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4587 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4592 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4593 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4605 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4606 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4617 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4618 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4623 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4624 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4637 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4638 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4643 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4644 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4647 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4648 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4657 TIME_WAIT
TCP 127.0.0.1:8100 127.0.0.1:4658 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4570 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4573 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4574 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4577 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4581 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4584 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4585 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4590 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4591 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4594 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4597 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4609 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4616 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4619 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4620 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4625 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4636 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4639 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4640 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4645 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4646 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4649 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4654 TIME_WAIT
TCP 127.0.0.1:8200 127.0.0.1:4659 TIME_WAIT
TCP 192.168.1.102:80 192.168.1.101:2890 ESTABLISHED
TCP 192.168.1.102:80 192.168.1.101:2891 ESTABLISHED
TCP 192.168.1.102:80 192.168.1.101:2906 ESTABLISHED
TCP 192.168.1.102:80 192.168.1.102:4610 TIME_WAIT
TCP 192.168.1.102:80 192.168.1.102:4611 TIME_WAIT
TCP 192.168.1.102:80 192.168.1.102:4612 TIME_WAIT
TCP 192.168.1.102:139 192.168.1.104:1869 ESTABLISHED
TCP 192.168.1.102:445 192.168.1.101:1025 ESTABLISHED
TCP 192.168.1.102:2888 66.102.7.147:80 CLOSE_WAIT
TCP 192.168.1.102:3152 66.102.7.147:443 CLOSE_WAIT
TCP 192.168.1.102:4613 66.150.96.111:80 TIME_WAIT
TCP 192.168.1.102:4614 4.79.120.120:80 TIME_WAIT
TCP 192.168.1.102:4615 66.150.96.117:80 TIME_WAIT
TCP 192.168.1.102:4626 212.58.240.44:80 TIME_WAIT
TCP 192.168.1.102:4631 66.35.250.203:80 TIME_WAIT
TCP 192.168.1.102:4664 192.168.1.101:2899 TIME_WAIT
TCP 192.168.1.102:9554 192.168.1.102:4652 TIME_WAIT
TCP 192.168.1.102:9554 192.168.1.102:4653 TIME_WAIT
|
As you can see, there are a bunch of loopback connections (127.0.0.1). Is there a quick way to remove all of those before echoing back $connections? |
|
Back to top |
|
|
TRUSTAbyss -
Joined: 29 Oct 2003 Posts: 3752 Location: USA, GA
|
|
Back to top |
|
|
RTAdams89 -
Joined: 06 Nov 2005 Posts: 102
|
Posted: Wed Dec 13, 2006 2:00 pm Post subject: |
|
|
Doesn't quite do it. I need to show all connections (not just those to port 80) from all IPs. |
|
Back to top |
|
|
aprelium -
Joined: 22 Mar 2002 Posts: 6800
|
Posted: Wed Dec 13, 2006 5:07 pm Post subject: Re: Displaying netstat -n |
|
|
RTAdams89 wrote: | As you can see, there are a bunch of loopback connections (127.0.0.1). Is there a quick way to remove all of those before echoing back $connections? |
Use explode() to transform the string into an array of strings, next use a for loop to test every string and retain only those who do not have 127.0.0.1. _________________ Support Team
Aprelium - http://www.aprelium.com |
|
Back to top |
|
|
RTAdams89 -
Joined: 06 Nov 2005 Posts: 102
|
Posted: Wed Dec 13, 2006 10:33 pm Post subject: |
|
|
How would I go about doing that to this code:
Code: | $connections = `netstat -n`;
echo "<pre>".$connections."</pre>"; |
|
|
Back to top |
|
|
aprelium -
Joined: 22 Mar 2002 Posts: 6800
|
Posted: Thu Dec 14, 2006 12:12 pm Post subject: |
|
|
RTAdams89 wrote: | How would I go about doing that to this code:
Code: | $connections = `netstat -n`;
echo "<pre>".$connections."</pre>"; |
|
You can use the following function to filter the local IPs (not tested):
Code: | function filter_loopback($c)
{
$r = array();
for ($line in explode("\n", $c))
{
list($proto, $from_ip, $from_port, $to_ip, $to_port, $status) = preg_split("[ :]", $line, -1, PREG_SPLIT_NO_EMPTY);
if ($from_ip != "127.0.0.1")
$r[] = $line;
}
return implode("\n", $r);
}
$connections = `netstat -n`;
echo "<pre>". filter_loopback($connections) ."</pre>"; |
_________________ Support Team
Aprelium - http://www.aprelium.com |
|
Back to top |
|
|
RTAdams89 -
Joined: 06 Nov 2005 Posts: 102
|
Posted: Thu Dec 14, 2006 9:29 pm Post subject: |
|
|
I had originally tried a script like you just suggested (though mine was a lot messier), and neither work. I could be way off base on this, but I think it might have to do with
Code: | ($line in explode("\n", $c) |
that uses lines breaks as the deliminator, however,
Code: | $connections = `netstat -n`; |
doesn't really have any lien breaks in it. The only reason it appears that way on the page is due to the <pre> tags used around
Does that make sense? Is that the problem? |
|
Back to top |
|
|
pkSML -
Joined: 29 May 2006 Posts: 952 Location: Michigan, USA
|
Posted: Thu Dec 14, 2006 11:24 pm Post subject: |
|
|
Actually, netstat returns the list with line breaks as the delimiter. You won't see \n in a command prompt because the line breaks are displayed as new lines. But PHP knows they're there.
A \n in your PHP code will be shown in your HTML code as a new line. When that line break in your HTML is in a PRE tag, it will show as a line break in the browser. Still with me? :) _________________ Stephen
Need a LitlURL?
http://CodeBin.yi.org |
|
Back to top |
|
|
RTAdams89 -
Joined: 06 Nov 2005 Posts: 102
|
Posted: Fri Dec 15, 2006 12:20 am Post subject: |
|
|
Ahh, OK that makes sense. The issue seems to be somewhere in the
Code: | for ($line in explode("\n", $c))
{
list($proto, $from_ip, $from_port, $to_ip, $to_port, $status) = preg_split("[ :]", $line, -1, PREG_SPLIT_NO_EMPTY);
if ($from_ip != "127.0.0.1")
$r[] = $line;
} |
part of the code. All i get when I run the script is a blank page. |
|
Back to top |
|
|
pkSML -
Joined: 29 May 2006 Posts: 952 Location: Michigan, USA
|
Posted: Fri Dec 15, 2006 1:49 am Post subject: |
|
|
I had the same issue. I toyed around with the code and came up with this. It works right for me.
exec() creates an array with each element being a line of output from the command prompt. We start with the fourth line ($connections[3]) because the first three don't contain information we want. The if statement checks that and makes sure the the foreign address doesn't begin with 127. If both conditions pass, the line will be printed.
Code: | <PRE>
<?php
exec("netstat -n", $connections);
foreach( $connections as $key => $value){
if (($key > 3) && (substr($value, 32, 3) !== "127"))
{echo $value."\n";}
}
?>
</PRE> |
_________________ Stephen
Need a LitlURL?
http://CodeBin.yi.org |
|
Back to top |
|
|
aprelium -
Joined: 22 Mar 2002 Posts: 6800
|
Posted: Fri Dec 15, 2006 12:45 pm Post subject: |
|
|
RTAdams89,
Actually there is a syntax error in the line:
Code: | for ($line in explode("\n", $c)) |
It should be:
Code: | foreach (explode("\n", $c) as $line) |
_________________ Support Team
Aprelium - http://www.aprelium.com |
|
Back to top |
|
|
RTAdams89 -
Joined: 06 Nov 2005 Posts: 102
|
Posted: Fri Dec 15, 2006 2:34 pm Post subject: |
|
|
pkSML's code worked great, and trying the updated code from aprelium also did the trick. Thanks guys. |
|
Back to top |
|
|
|