|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
|
|
#1
October 10th, 2004, 05:36 PM
|
|||
|
|||
|
Ethernet/server control from a webpage
The setup:
I have a home network setup and functioning with one machine acting as an internet gateway. This gateway box has two ethernet cards (eth0 - connected to the internal network, eth1 - connected to an adsl modem). At boot, only eth0 is enabled so that I can work on the internal network without exposure to the rest of the world - just in case I wreck the firewall!  The reality: When I want to go online I SSH into the gateway and enable eth1 to open up to the outside world. The goal: As I have Apache2 running (listening to eth0) for the internal network, I would like to be able to just click a link on a restricted page to enable eth1 without the need for SSh access to the gateway. Does anyone know if the goal is acheivable without too much struggle? If so a pointer in the right direction would be greatfully received, so that I can try and learn the solution if it exists.  At present I have some knowledge (limited) of PHP and JavaScript, would be prepared to dabble in a little bit of PERL if required. Cheers, Ratty. p.s. If this needs to go in a different part of the forums please could a moderator do the honours? p.p.s. Sorry for the poor formatting - employers IE6 implementation is crippled! 
|
|
#2
October 12th, 2004, 02:10 PM
|
||||
|
||||
|
Since you have eth0 and eth1, I assume your router runs Linux. In that case, it'll be fairly easy for you to install and properly configure 'sudo', which is a program that gives regular users one-off root (or other user/group) privileges.
The idea, then, is to write a script that executes something like 'sudo /sbin/ifup eth1' or whatever command you use to bring your interfaces up and then outputs something like 'Cool, it worked' to your browser. Of course, having a setuid root program immediately accessible from the web is a Bad Thing. At least put some password authentication on it. And read the entirety of the sudo documentation before implementing this. Colin
__________________
Colin Wetherbee
|
|
#3
October 16th, 2004, 08:29 AM
|
|||
|
|||
|
Thanks CWW for taking the time to reply to my query.
Yes the router is running Linux and SUDO with SSH is my current method of opening up the connection (eth1) to the net. What I am intending to do based on advice from elsewhere, along with my own thoughts which you have confirmed as feasible, is to use PHPs shell_exec option from a page in an .HTACCESS controlled directory which is only accessible via a set ip/mac combo using a valid password over HTTPS..... and yes, I am a touch paranoid! 
|
|
| Viewing: Dev Shed Forums > System Administration > Networking Help > Ethernet/server control from a webpage |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
