From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <gentoo-user+bounces-205248-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(No client certificate requested)
by finch.gentoo.org (Postfix) with ESMTPS id 88E6E15812D
for <garchives@archives.gentoo.org>; Thu, 02 Jan 2025 04:34:20 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
by pigeon.gentoo.org (Postfix) with SMTP id 569E6E07D0;
Thu, 02 Jan 2025 04:34:13 +0000 (UTC)
Received: from wilbur.contactoffice.com (wilbur.contactoffice.com [212.3.242.68])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(No client certificate requested)
by pigeon.gentoo.org (Postfix) with ESMTPS id A70F9E0536
for <gentoo-user@lists.gentoo.org>; Thu, 02 Jan 2025 04:34:12 +0000 (UTC)
Received: from smtpauth2.co-bxl (smtpauth2.co-bxl [10.2.0.24])
by wilbur.contactoffice.com (Postfix) with ESMTP id E2B0F16F4
for <gentoo-user@lists.gentoo.org>; Thu, 2 Jan 2025 05:34:10 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1735792450;
s=20230101-jyav; d=connell.tech; i=matt@connell.tech;
h=Message-ID:Subject:From:To:Date:In-Reply-To:References:Content-Type:Content-Transfer-Encoding:MIME-Version;
bh=lk9BiISySHg4slGqsmDx6dfaIut/UJIvmZfoTj5Uuak=;
b=pkBANTxxv42ubtW/d109wMMEzTMpNFeCtS8+Pj1zuuIygpnj0T5osDvIP9dXizwe
emSA5H4mKkYUDdrW4yqS4NyjWgLafglY8e4Lmat0vwS456L//A18cVf8Z+0DexuDcsG
tqoxjI85p66xxFE0/KHQK8d8L9wQqi4AizDPm2bGtwK+qsXxtKVpo6IC5c7tG5Hlwg/
frqlHSIBBSGJ/EfcY7SzYQJbrgJ5xwnVys3RkInopVMfmlYJQngyx21zF1cyqowyxcx
qQpZ3c/OPObh4hMutv3+6cHa7Nxzx3pYt2gStjV7ICfnekUM59Ov0jIePr9A/7lxXQ1
bV+QpLEGBw==
Received: by smtp.mailfence.com with ESMTPSA
for <gentoo-user@lists.gentoo.org> ; Thu, 2 Jan 2025 05:34:09 +0100 (CET)
Message-ID: <673fdadaaa7de7e12ac8d0f4c3443b18c0751ecc.camel@connell.tech>
Subject: Re: [gentoo-user] Strange behaviour of iptables
From: Matt Connell <matt@connell.tech>
To: gentoo-user@lists.gentoo.org
Date: Wed, 01 Jan 2025 23:34:07 -0500
In-Reply-To: <c60339e6-c175-7b74-bc79-fa0b070951f2@hanft.de>
References: <c60339e6-c175-7b74-bc79-fa0b070951f2@hanft.de>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
User-Agent: Evolution 3.52.4
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
MIME-Version: 1.0
X-ContactOffice-Account: com:118923487
X-Archives-Salt: d328a3ad-cd6f-46c5-88b5-fcd2c92240f8
X-Archives-Hash: 3342f9cb2491f3cac5ea3870c92fd356
On Wed, 2025-01-01 at 18:33 +0100, Matthias Hanft wrote:
>=20
> So it seems that I can't use any parameters at all any more -
> from PHP.
>=20
> What's the trick to get this working again?
Hmm. I can't replicate this failure. Using both `php -a` and foo.php,
I get expected results. (I'm using the INPUT chain because that's what
I have with real rules.)
---
php > exec("/sbin/iptables -L INPUT -n -v -x -w", $iptables); =20
php > var_dump($iptables); =20
array(37) { =20
[0]=3D> =20
string(46) "Chain INPUT (policy ACCEPT 0 packets, 0 bytes)" =20
...
...
=20
---
=20
$ cat foo.php
<?php
exec("/sbin/iptables -L INPUT -n -v -x -w", $iptables);
var_dump($iptables);
$ php foo.php
array(37) { =20
[0]=3D> =20
string(46) "Chain INPUT (policy ACCEPT 0 packets, 0 bytes)"
...
...
=20
---
I noticed that your path to iptables is in /usr/bin/, but `which` on my
system says /sbin/. Are you running this as root? What version of PHP
are you using?