ARP / net-tools installation

software development

#1

Hi,

I have been given permission to install a local version of the ARP command in my space as I need to use it in one of my PHP scripts.

I’ve downloaded a copy of the source for net-tools -
net-tools-1.60.tar.gz

I have read the readme and install guide then tried to do a make and am now completely lost as the make falls over with several errors (at end of message).

The questions -

  1. how do I fix this??? do I need to patch anything (and yes I don’t know how to patch either!)

  2. once the make works has it produced “executables” (sorry I am a DOS/Windows users, don’t flame me please !!!)

  3. where should i put the “executables” i am only interested really in the arp command

many thanks in advance, from a complete NIX beginner, sorry if this sounds really mundane and silly!

Miss Pixie
aka Alison

cc -D_GNU_SOURCE -O2 -Wall -g -I. -idirafter ./include/ -Ilib -I/home//sr c/net-tools-1.60 -idirafter /home//src/net-tools-1.60/include -c -o x25 _sr.o x25_sr.c
x25_sr.c: In function X25_setroute': x25_sr.c:80: error:x25_address’ undeclared (first use in this function)
x25_sr.c:80: error: (Each undeclared identifier is reported only once
x25_sr.c:80: error: for each function it appears in.)
make[1]: *** [x25_sr.o] Error 1
make[1]: Leaving directory `****/net-tools-1.60/lib’
make: *** [subdirs] Error 2


#2

Eh? What does this PHP script do?

[quote]

  1. how do I fix this??? do I need to patch anything (and yes I don’t know how to patch either!)
  2. once the make works has it produced “executables” (sorry I am a DOS/Windows users, don’t flame me please !!!)
  3. where should i put the “executables” i am only interested really in the arp command[/quote]
    For what it’s worth, I got the same error after doing a “make config” and a “make”; after hacking out all the X.25 references (…PAD protocols probably aren’t used here) I did get it to compile and got the “arp” binary (executable).

However, it won’t work here - arp needs access to the “/proc/net” system directory and I don’t think that’s gonna happen.

But I am puzzled/curious as to what a PHP script would need access to the arp tables for. You may be better off trying to dork with the PHP rather than playing unix games.


#3

Hi and thanks for replying, the script looks up a MAC address for a given IP. (see end of message).

re: “However, it won’t work here - arp needs access to the “/proc/net” system directory and I don’t think that’s gonna happen.”

I was given permission to do this by Patrick in support now it seems I can’t do this at all, bother!

re: “You may be better off trying to dork with the PHP rather than playing unix games.” any suggestions on where to start dorking ?

Finally if I can’t be allowed to use ARP or get ARP to work locally BIG QUESTION - Could Dreamhost hack a version of ARP so it only returns the ARP table and allow me to give access to that version of ARP.

I am sure many of Dreamhosts customers would also be interested in this facility - specially if it means able to look up MAC addresses and block nasty users.

This would obviously mean Dreamhost support are wonderful people who will do anything to help their discerning clientele

Miss Pixie
aka Alison

function returnMacAddress() {
// This code is under the GNU Public Licence
// Written by michael_stankiewicz {don’t spam} at yahoo {no spam} dot com
// Tested only on linux, please report bugs

// WARNING: the commands ‘which’ and ‘arp’ should be executable
// by the apache user; on most linux boxes the default configuration
// should work fine

// Get the arp executable path
$location = which arp;
// Execute the arp command and store the output in $arpTable
$arpTable = $location;
// Split the output so every line is an entry of the $arpSplitted array
$arpSplitted = split("\n",$arpTable);
// Get the remote ip address (the ip address of the client, the browser)
$remoteIp = $GLOBALS[‘REMOTE_ADDR’];
// Cicle the array to find the match with the remote ip address
foreach ($arpSplitted as $value) {
// Split every arp line, this is done in case the format of the arp
// command output is a bit different than expected
$valueSplitted = split(" “,$value);
foreach ($valueSplitted as $spLine) {
if (preg_match(”/$remoteIp/",$spLine)) {
$ipFound = true;
}
// The ip address has been found, now rescan all the string
// to get the mac address
if ($ipFound) {
// Rescan all the string, in case the mac address, in the string
// returned by arp, comes before the ip address
// (you know, Murphy’s laws)
reset($valueSplitted);
foreach ($valueSplitted as $spLine) {
if (preg_match("/[0-9a-f][0-9a-f][:-]".
"[0-9a-f][0-9a-f][:-]".
"[0-9a-f][0-9a-f][:-]".
"[0-9a-f][0-9a-f][:-]".
"[0-9a-f][0-9a-f][:-]".
"[0-9a-f][0-9a-f]/i",$spLine)) {
return $spLine;
}
}
}
$ipFound = false;
}
}
return false;
}


#4

You should probably read up on the OSI model a bit. MAC addresses are used on layer 2, and so are not accessible outside of the originating host’s subnet. You can’t get MAC addresses over the internet. This example code will only work on a local area network.


If you want useful replies, ask smart questions.


#5

As Kenn pointed out, you can only do that on a local network layer/route; machines coming from a foreign route won’t resolve MAC info and will definitely not be subject to hardware layer based protocols (such as arp and bootp).

Your only real option is to block by individual IP address or IP CIDRs, which can be done from either your .htaccess file (which is a bit cumbersome to maintain) or from within PHP code (much easier to maintain if you program it corrrectly).