Jerome Posted June 2, 2010 Posted June 2, 2010 Hello ! Usually I am using a web script in order to start my computer remotely and check is state. I was very satisfied with your services because you are the only webhost that allows socket creation. Since today my script doesn't work anymore . I think you probably added some firewall rules that block the outgoing packets. I need to send an UDP packet on port 20009, which I did by employing both PHP fonctions fsockopen() and fwrite(). My username : jer0me24 My subdomain : jer0me24.heliohost.org Links : http://jer0me24.heliohost.org/test.php?a=launch http://jer0me24.heliohost.org/test.php?a=status Thanks in advance ! Cordially, Jerome.
Wizard Posted June 2, 2010 Posted June 2, 2010 This support request is being escalated to our root admin.
Ashoat Posted June 2, 2010 Posted June 2, 2010 Our firewall was accidentally down, so I had to restart it. Unfortunately, we can't open specific ports for custom applications
Jerome Posted June 2, 2010 Author Posted June 2, 2010 There shouldn't be any need to open a specific port for my application. It has worked very well until yesterday. Something changed concerning your firewall rules, because before I have never met such a problem. Could you just check your firewall logs and tell me if you notice any event that would concern my script please ? My first webpage must say "Succeded" instead of "Failed". The error message is : "Notice: fwrite() [function.fwrite]: send of 102 bytes failed with errno=1 Operation not permitted in /home/jer0me24/public_html/test.php on line 37" I even tried to chmod the file to 777 but it didn't solve anything. Thanks in advance ! Jerome.
Ashoat Posted June 3, 2010 Posted June 3, 2010 Like I said, our firewall was down before. This is why you were able to run your script. I reenabled it yesterday. I don't plan on disabling it again.
Jerome Posted June 3, 2010 Author Posted June 3, 2010 Okay, I understand! Your firewall was disabled until yesterday, so it let me run my script without any problem. And unfortunately it now blocks all the packets that I try to send... I think you cannot claim that you allow sockets connections whether you don't plan to allow outgoing packets through the firewall. Of course I know that the PHP.ini value "allow_url_fopen" is enabled, but it becomes completely useless unless to set firewall rules. I guess I'm probably not the only user who needs the function fwrite(). You would be very kind to check the logs and let us know which ports have to be opened.
Ashoat Posted June 3, 2010 Posted June 3, 2010 We allow socket connections, but only locally. I do see your point, though. It might make sense to just disable that feature at this point. Again: we aren't going to open any ports for you
Jerome Posted June 3, 2010 Author Posted June 3, 2010 I am quite sad now because I understand that this stupid firewall will never allow outgoing packets... All I have to do is looking for another host that didn't use so strict rules. I was so happy to had found HelioHost, who purposed all the services I needed, especially a working fwrite() function. But this time has gone... I disagree with you concerning the firewall rules. I don't see why you cannot open outgoing traffic ? Or why you cannot open some port range reserved to outgoing applications. There is no reason why it should down the security, and above all it would let us easily play with sockets without such issues. Thanks in advance. Cordially, Jerome.
Ashoat Posted June 3, 2010 Posted June 3, 2010 I'm sorry, but hackers often use our services to execute port scans and to try to take advantage of exploits on other servers. Allowing outgoing connections on arbitrary ports is a security risk
Recommended Posts