I need to connect to a webservice which is behind of a VPN via PHP. My server is Debian Linux (Squeeze).
Is it possible to accomplish this via PHP on Linux?
Is it risky to do this if it is possible? (When VPN connection hangs etc., does the operating system or any other what-so-over handles the situation)
I have only one network card, therefore I really wonder whether it is possible to keep server online for normal users while "posting data over an accomplished VPN connection in the background".
Although my question seems to a conceptual question, any specific help is also welcome.
Server OS : Debian Linux Squeeze (x64)
Web Server : Apache HTTP
PHP Version: 5.3
Framework: Symfony 1.4
VPNs are at a network layer below PHP, PHP won't know or care that the connection is over a VPN or a normal connection. It's handled by the network stack.
If you use a permanent one (e.g. IPSEC) then PHP doesn't need to create the connection, it's just there to use when PHP connects to an IP address that is in the VPN. It is selected to use by the network layer when it does the routing, not by PHP. This is true even if you create the VPN on demand, as jderda suggested using exec() or similar. But a permanent connection is better (IPSEC).
So to answer your questions:
The question doesn't make sense, the only way PHP could do this is using PPTP or similar and exec() to bring the connection up, but better to use IPSEC
If the VPN connection hangs/dies PHP won't get a connection to the remote end and will timeout the connection.
Yes it is.
From PHP point of view, the VPN is just a plain network connection. It does not require additional handling.
If you want to dynamicaly estabilish a VPN connection, you'll probably need to use exec() and some commandline tool for estabilishing a connection. But as such connection doesn't interfere with normal network communication (as long as it's properly configured, with other subnet ip range), you should estabilish it once and keep it active for PHP and other apps to use.
Related
For a new project I need to implement remote desktop protocols. The addresses of the remote need to be secured and may never get sent to the client. After a lot of research and some tests I found Guacamole, which also has a Java client. The project is designed as an API though, so I started porting some bits of the Java client example to PHP.
The use case will be the following:
User logs into my service (Laravel application)
WebSocket connection establishes to a constantly running PHP script (using HOA\WebSocket)
Upon authorization a TCP socket needs to be established to the Guacamole Daemon
Commands coming via WebSocket need to be directed to the Guacamole Daemon and vice versa
What makes this complicated is the fact that the application needs to be able to serve multiple clients simultaneously. Multiple TCP sockets need to be established and multiple WebSocket connections need to be managed all at once.
For my simple test I opened the socket via fsockopen and then looped to wait for data. With this I obviously can't listen to multiple sockets at once (at least realistically), but I stumbled upon the React Socket Client library:
Think of this library as an async version of fsockopen() or stream_socket_client().
This sounds like it is what I need, but then again, I'm using HOA and its WeSocket server, which apparently also runs in a loop (when invoking WebsocketConnectionHandler->run()).
Should I even be using React's Socket Client or should I try to use HOA's Socket library instead (seeing as I'm already using WebSocket from that)? Are React and HOA even compatible in their event loop, so could I listen to WebSocket clients and a TCP connection at the same time?
If so, could anyone give me some hints or examples on how to get started with coupling these two? Thanks!
The target is simple: clients post http requests to query data and update record by some keys。 Highest request: 500/sec (the higher the better, but the best is to fulfil this requirement while making the system easy to achieve and using less mashines)
what I've done: nginx + php-cgi(using php) to serve http request, the php use thrift RPC to retrieve data from a DB proxy which is only used to query and update DB(mysql). The DB proxy uses mysql connection pool and thrift's TNonblockingServer. (In my country, there are 2 ISP, DB Proxy will be deployed in multi-isp machine and so is the db, web servers can be deployed on single-isp mashine according to the experience)
what trouble me: when I do stress test(when >500/sec), I found " TSocket: Could not connect to 172.19.122.32:9090 (Connection refused [111]" from php log. I think it may be caused by the port's running out(may be incorrect conclusion). So I design to use thrift connection bool to reduce thrift connection. But there is no connection pool in php (there seem to be some DB connection pool tech) and php does not support the feature.
So I think maybe the project is designed in the wrong way from the beginning(like use php ,thrift). Is there a good way to solve this based on what i've done? And I think most people will doubt my awkward scheme. Well, your new scheme will help a lot
thanks.
"TSocket: Could not connect to 172.19.122.32:9090 (Connection refused [111])" from php log shows the ports running out because of too many short connections in a short time. So I config the tcp TIME_WAIT status to recycle port in time using:
sysctl -w net.ipv4.tcp_timestamps=1
sysctl -w net.ipv4.tcp_tw_recycle=1
it works!
what droubles me is sloved, but to change the kernal parameter will affect the NAT. It's not a perfect solution. I think a new good design of this system can be continue to discuss.
I'm currently developing a PHP application that is going to use websockets for client-server communication. I've heard numerous times that PHP shouldn't be used for server applications because of the lack of threading mechanisms, its memory-management (cyclic references) or the unhandy socket library.
So far, everything is working quite well. I'm using phpws as the websocket library and the Doctrine DBAL to access different database systems; PHP is version 5.3.8 . The server should serve a maximum of 30 clients. Yet especially in the last days I've read several articles stating the ineffectiveness of PHP for long running applications.
Now I'm not aware whether I should continue using websockets with PHP or rebuild the entire serverside application. I've tried Python with Socket.IO, though I did not get the results I expected.
I guess I have the following options:
Keep everything as it is.
Make the application use Ajax in combination with Socket.IO - e.g. run a serverside script that invokes the client's ajax calls when data is submitted to the server.
The last point sounds quite interesting, though it would require some work .. Would it be a problem for servers to execute all the clients requests at one time?
What would you recommend? Is the problem with PHP's memory management (I'm using gc_collect each time a client sends data to the server) still valid? Are there other reasons beside the obvious reasons (no threading, ...) for not using PHP as a server?
You can try running your socket.io on a node server on another port on your server (that is if you are not using a hosting plan like goDaddy).
I am using it and the performances are really satisfying.
I have an apache server on the port 80 serving my php files, and my server-client communications are done using a Node.js server running socket.io on the port 8080 (dev) or 843 (prod).
Node.js is really light and has great performance, but you need to run it as a server. Nodejitsu.com is a hosting solution that has the websocket protocol available and is on beta, so it is still free for now. Just note that you need to listen on the port 80 with socket.io, this is a limitation from theyr network.
If you want your pages all to be accessed on the port 80 then you will need a reverse proxy like varnish .
I hope that helps! Have a nice day.
Are there other reasons beside the obvious reasons (no threading, ...)
for not using PHP as a server?
Yep, lots of socketfunctions are incompatible with each other and it's a hell to debug.
i tried something similar myself and quit frustrated sind every function i thought would make sense didnt do what i expected
I used to have a small chat app(which was almost working), that uses PHP, jQuery and MySQL. The volume of users is very small (only my friends uses it). I used long polling method for this.
And now, I am thinking about using HTML5 Websockets for this, because it is a lot more efficient. And also most of my friends are using Google Chrome(which already supports HTML5). I have gone through some tutorials that talks about HTML5 websockets. And I have downloaded the phpWebSocket from github. I have gone through the code. But the readme file says that the PHP page that listens to incoming connections should be run using "PHP -q" from commandline. So, I have searched what this "q" flag would do. And I found that it runs the page in quiet mode. So, when I run this in quiet mode what is happened ? It would run endlessly ? Will this running process affect the system resources ?
This PHP page should run the entire time. Then only the connections could be accepted. Isn't it ?
I am having a shared hosting package with HostGator. And they allow cron jobs too. And my present chat app(that uses long polling method) inserts all the messages to database. When the user polls, it would search for any new messages from the database and then output them (if any).
So, I am bit stuck here. :(
It should be run from the command line because as you suspected, it is intended to run endlessly. It binds to a socket on the server and listens for incoming connections. It can't be reliably run from the browser.
The "-q" option tells it not to output any browser headers such as X-Powered-By: PHP or Content-Type: text/html
It will consume as much memory as PHP requires as long as its running. Your memory footprint on startup with no clients will vary between configurations. The more connected clients, the more cpu, memory and socket descriptors you will use. It uses select so it is efficient socket handling.
Also, since you're on shared hosting, you probably won't be able to use it because your user will most likely not have the ability to bind to a port and listen for connections.
As you can see in the demo, the URL to connect the WebSocket to is ws://localhost:12345/websocket/server.php. Unless you have a webserver capable of using WebSockets, you will have to run something like phpWebSocket that acts as a server and listens on a port other than 80.
Hope that helps.
The shared hosting package for HostGator does not allow clients to bind to local ports for incoming. This might be part of the problem.
http://support.hostgator.com/articles/pre-sales-policies/socket-connections
Ok, let me first start off by saying that I've only ever dealt with VPN access through windows by setting up a connection through the control panel. It's pretty simple since everything is pretty much a point-and-click setup.
I'm now working on a project where I need to access a computer cloud on a private network (there is no public IP directly to the cloud so it can only be accessed when I'm on the network). My project involves a website that needs to access that cloud "somehow". Because of my lack of experience/knowledge with VPN's through the command line and how to programmatically connect to a VPN, I've hit a mild obstacle that I'm hoping someone here can help me with.
What kind of server side scripting would I do to get a VPN connection up and running? The website is being hosted on a linux machine. Is their a "default" VPN utility under linux that I can call through PHP to establish a connection? If not, I would really appreciate any and all suggestions on how to circumvent this little problem of mine. FYI the VPN uses PPTP.
Looks like there is a little bit to getting it set up from a shell rather than the GUI, but here are some references that will hopefully help you out.
If you set up the connection and connect it, when your PHP script attempts to communicate with an IP address on the remote side of the connection, it will go through the PPTP connection. Having the connection always open is probably better than having to your PHP script connect every time it needs to do something.
http://ubuntuforums.org/showthread.php?t=1443735 - An easy PPTP client setup
http://pptpclient.sourceforge.net/ - Client you can install and configure
http://www.cyberciti.biz/tips/howto-configure-ubuntu-fedora-linux-pptp-client.html - Walk through of setting up PPTP using the linux PPTP network manager
Hopefully those will help you out a bit. The first one looks like it may be worth trying first.