470,874 Members | 1,457 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 470,874 developers. It's quick & easy.

SO_ORIGINAL_DST in php...??

I'm working on a transparent proxy for spam killing (mostly just an
experiment and a home project). I have a Linux server that is acting
as a firewall/router/development box, and I would really like to see
this work. I have a good grasp of both C and PHP, and though I made
the socket part work in C, I'm finding that the database, filtering,
editing, and basically everything else would be a HECK of a lot easier
in PHP.

Here's the dilemma...C has this nice little socket option you can use
called SO_ORIGINAL_DST, which is ideal for transparent proxying. With
netfilter (i.e. iptables), you can't get the original destination of
redirected packets with just a plain ol' getsockname() call, which
returns the address of the final destination (where the connection was
redirected to). With C and SO_ORIGINAL_DST, you can get the original
destination quite easily.

However, there isn't any way to do that with PHP that I can see.
Though there are plenty of socket functions, there is no
SO_ORIGINAL_DST. There also are not many people writing transparent
proxies in PHP, cause I haven't found any info on the net. I figured
if there's any way to do it, this is the place to ask. Am I missing
something? Can I patch it? Anything?

Thanks,

Jeff
Jul 17 '05 #1
1 1850
On 1 May 2004 00:01:34 -0700, je*********@adelphia.net (Jeff Rowberg)
wrote:
Here's the dilemma...C has this nice little socket option you can use
called SO_ORIGINAL_DST, which is ideal for transparent proxying. With
netfilter (i.e. iptables), you can't get the original destination of
redirected packets with just a plain ol' getsockname() call, which
returns the address of the final destination (where the connection was
redirected to). With C and SO_ORIGINAL_DST, you can get the original
destination quite easily.


Ok, so I've found a cheap way around this that does work. I wrote a
small C program that takes a socket file descriptor for a parameter,
then prints out the original destination info for that socket. PHP
parses the output, and voila, it works great. Chewing gum and bailing
wire great, but great nonetheless.

There's another problem though. PHP doesn't provide any way to get
the actual socket file descriptor from anything opened with
socket_create() and other socket_xxx() functions. What PHP calls a
"socket descriptor" in the manual is actually a PHP numbered resource.
These on rare occasion coincide with the actual socket file descriptor
number, but most of the time, they don't.

So the new question is this: is there any way to decode, convert, or
in any other way get a socket resource into an integer that contains
the actual socket file descriptor? (I'm talking about the kind of
file descriptor where 0 is <stdin>, 1 is <stdout>, and 2 is <stderr>,
with 3 and above available for user-space programs).

Thanks,

Jeff
Jul 17 '05 #2

This discussion thread is closed

Replies have been disabled for this discussion.

By using this site, you agree to our Privacy Policy and Terms of Use.