Jump to content


This topic is now archived and is closed to further replies.



Recommended Posts

I've got a linux box logging (ulogd) firewall dropped packets to a mysql database for research. I'm writing a script to show the top 25 daily udp hits from ip addresses. For some reason, when I open this query in a web browser, all I get is a blank page.  I tried the sql query from the command line in mysql and it returned what I was looking for, but putting it in php is returning nothing. I have a similar script with the same connection details, and everything works fine. Any help would be greatly appreciated! Script is below:
//database name
$db_name = "ulogd";
//connection string
$connection = @mysql_connect("localhost", "****", "****")
or die(mysql_error());
$db = @mysql_select_db($db_name, $connection) or die(mysql_error());
//starting time and ending time for query
$timea = "2006-09-30 00:00:01";  //temporary entry for testing
$timeb = "2006-09-30 23:59:59";  //temporary entry for testing
//$date1 = date("Y-m-d");  // Should give the format of yyyy-mm-dd, will be used for future dynamic use
//Actual MySQL query
$sql = "SELECT COUNT(inet_ntoa(ip_saddr)), inet_ntoa(ip_saddr), MID(raw_mac,19,17),
inet_ntoa(ip_daddr), udp_sport, udp_dport

FROM ulog

WHERE (pkt_time > '$timea' AND pkt_time < '$timeb')
GROUP BY inet_ntoa(ip_saddr)

ORDER BY COUNT(inet_ntoa(ip_saddr)) DESC LIMIT 25";
//Process the actual query
$result = mysql_query($sql, $connection) or die(mysql_error());
// Loop through the results returned from the query
while ($row = mysql_fetch_array($result))  {
$count = $row['count(inet_ntoa(ip_saddr))'];
$saddr = $row['inet_ntoa(ip_saddr)'];
$mac = $row['mid(raw_mac,19,17)'];
$daddr = $row['inet_ntoa(ip_daddr)'];
$sport = $row['udp_sport'];
$dport = $row['udp_dport'];
//Results that will be displayed in html table
$display_block .= "<td>$count</td>
<Title> Today's UDP Heavy Hitters</Title>
<? echo "<table><table border = \"1\" cellspacing = \"0\" cellpadding = \"0\" width = \"350\"><tbody align = \"center\" style = \"font-family:arial\"><tr>
<th>Msg Count</th>
<th>Source IP</th>
<th>Source MAC Address</th>
<th>Destination IP</th>
<th>UDP Source Port</th>
<th>UDP Destination Port</th></tr>"; ?>
<? echo "$display_block"; ?>
<? echo "</tbody></table>"; ?>

Share this post

Link to post
Share on other sites
Got it! I learned two lessons from this:
1. While debugging and testing, error reporting turned to "on" in the php.ini file is a really,really, really good idea ( that was my blank page issue!  :o)
2. Use the appropriate editor. I was using gedit. Yes it's pretty and nice. But it'll also leave extra characters in the code (as found while reading file using vi! >:( ). After removing extra characters in vi, script ran fine.
Thanks again for the input. Has anyone used Bluefish from OpenOffice to write any php scripts? If so, how's it working out for you?

Share this post

Link to post
Share on other sites


Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.