Jump to content

CURL, CISCO Firewall and subdomains...experts needed.


sbritton

Recommended Posts

I have a problem that I have been tearing my hair out.  This is what I have:

 

http://subdomain.url.com    IP 2.2.2.2

Cisco PIX firewall                IP 1.0.0.1

 

I have a PHP program (parent.php) that needs to use CURL or FOPEN (with HTTP wrapper) to read a file on my same server (child.php).  The problem is that when I use CURL or FOPEN to get the file, it essentially timesout...never finding the file.  I use the same code on my development server (http:/dev.url.com) and it works perfectly only difference is there is no firewall on that server.  (They are all UNIX PHP 5+ servers).

 

What I'm realizing is that the parent.php code on the production machine is trying to CURL to "http://subdomain.url.com/child.php" but the domain is being translated to the pubic ip (2.2.2.2).  When in reality because we are behind the firewall for both the call and the receive it should be trying to go to the firewall (1.0.0.1).

 

I considered using the IP address in the CURL as "http://1.0.0.1/child.php" HOWEVER the code is on a subdomain and can't be referenced like this.

 

SO....the question I have is there must be a way to configure the server such that when it translates the IP correctly accounting for the Firewall.  Or...there shold be a way to configure the firewall to just pass these through.

 

 

Link to comment
Share on other sites

This is not a PHP bug, but rather I'm looking for help from others who may know a PHP workaround that most likely would involve some kind of configuration of the Firewall (above my head) or ideally a PHP technique that I'm not aware of.

 

There might be other ways that may help, like using a CURL proxy or other techniques that a few smart folks out there can help with.  I'm just hoping someone who has enough experience with PHP, UNIX, Firewalls and NAT configuration might give me a clue.

 

Really what this boils down to whatever method I use, it can't rely on the translation of the URL to and IP because the firewall prevents that.  However at the same time, I need the PHP to be executed as a script rather than bring back an unprocess PHP source code.

 

Maybe running a system command through php???

Link to comment
Share on other sites

OMG...LIGHTNING STRIKES.  I swear sometimes just having to write it down helps.

 

What I tried was using the PHP "system" command to invoke the code I wanted.  Since it runs on the server and you give it a file name, not a URL wrapper, there is no need to translate the URL to an IP.

 

Voilla!!

 

echo system("child.php")

 

QED

 

 

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.