• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2547
  • Last Modified:

Set up sudo to alllow Apache / PHP to execute iptables commands

I need to run iptables commands by using PHP's 'system' function.  Currently no errors are returned when I try to do this, but I don't believe the command is being run either.  When I run the command on the console as root, it works, when trying to run it from PHP, it doesn't.

If I run 'whoami' from PHP it returns 'www-data'.  I tried to set up sudo so www-data can run iptables, but that's where I got lost...
0
FWeston
Asked:
FWeston
1 Solution
 
xDamoxCommented:
Hi,

What is the exit status when you run the iptables command from PHP?? to display the exit status echo $?
0
 
LiganicCommented:
you will have to make PHP to use sudo. (If this is not possible define an alias or something else). A possible line could be
www-data    ALL=NOPASSWD:   /sbin/iptables
(editable with visudo) A comprehensive guide is available at http://www.gratisoft.us/sudo/man/sudoers.html.
0
 
ravenplCommented:
And after You configure sudo, don't forget to run from php
/usr/bin/sudo /sbin/iptables more options
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now