4
I’m creating in PHP a page that tracks UDP packet traffic from my machine. My intention was to get the list so:
____________________________________________________________________________
| Proto | Endereço local | Endereço externo | Estado |
| UDP | meu Ip : nº porta | IP de destino : nº porta | ESTABLISHED |
| |exemplo: 192.168.A.A:1000|exemplo:187.173.A.AAA:2300| |
But using the command netstat -a is printing something +- like this:
____________________________________________________________________________
| Proto | Endereço local | Endereço externo | Estado |
| UDP | 192.168.A.A:1000 | *:* | |
In other words, it shows neither the IP nor the destination port, and this only happens with UDP packets, because when I track TCP packets the destination address appears normally. Running at the command prompt itself as Administrator gets the same result without returning the destination address. But there are UDP packets running on the network, because I’m using the program Wireshark to track them. But I need to track them with php to use the data later.
I have a page rastreador.php executing the command netstat -a and transforms the returned value into an array and prints the array on the screen:
$exec = exec('netstat -a', $array3);
echo '<fieldset>';
if($exec){
echo '<pre>'.'<br>'.'<B>Executando Comando netstat -a: </B>'.'<br>';
var_dump($array3);
echo '</pre>';
}
echo '</fieldset>';
but he’s not printing the doors I want. If anyone knows why or knows what these asterisks mean *:* that are returned when executing the command I will be very grateful.
exit the var_dump:
Executando Comando netstat -a:
array (size=139)
0 => string '' (length=0)
1 => string 'Conex�es ativas' (length=15)
2 => string '' (length=0)
3 => string ' Proto Endere�o local Endere�o externo Estado' (length=61)
4 => string ' TCP 0.0.0.0:80 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
5 => string ' TCP 0.0.0.0:135 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
6 => string ' TCP 0.0.0.0:445 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
7 => string ' TCP 0.0.0.0:2869 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
8 => string ' TCP 0.0.0.0:3306 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
9 => string ' TCP 0.0.0.0:5357 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
10 => string ' TCP 0.0.0.0:6646 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
11 => string ' TCP 0.0.0.0:47984 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
12 => string ' TCP 0.0.0.0:47989 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
13 => string ' TCP 0.0.0.0:49664 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
14 => string ' TCP 0.0.0.0:49665 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
15 => string ' TCP 0.0.0.0:49666 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
16 => string ' TCP 0.0.0.0:49667 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
17 => string ' TCP 0.0.0.0:49668 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
18 => string ' TCP 0.0.0.0:49689 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
19 => string ' TCP 127.0.0.1:9990 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
20 => string ' TCP 127.0.0.1:23403 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
21 => string ' TCP 127.0.0.1:30800 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
22 => string ' TCP 127.0.0.1:30900 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
23 => string ' TCP 127.0.0.1:31752 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
24 => string ' TCP 127.0.0.1:50022 LAPTOP-3R4M4UFI:31752 TIME_WAIT' (length=64)
25 => string ' TCP 127.0.0.1:50023 LAPTOP-3R4M4UFI:31752 TIME_WAIT' (length=64)
26 => string ' TCP 127.0.0.1:50025 LAPTOP-3R4M4UFI:31752 TIME_WAIT' (length=64)
27 => string ' TCP 127.0.0.1:50028 LAPTOP-3R4M4UFI:31752 TIME_WAIT' (length=64)
28 => string ' TCP 127.0.0.1:50029 LAPTOP-3R4M4UFI:31752 TIME_WAIT' (length=64)
29 => string ' TCP 127.0.0.1:50035 LAPTOP-3R4M4UFI:31752 TIME_WAIT' (length=64)
30 => string ' TCP 127.0.0.1:63905 LAPTOP-3R4M4UFI:65001 ESTABLISHED' (length=66)
31 => string ' TCP 127.0.0.1:65000 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
32 => string ' TCP 127.0.0.1:65001 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
33 => string ' TCP 127.0.0.1:65001 LAPTOP-3R4M4UFI:63905 ESTABLISHED' (length=66)
34 => string ' TCP 192.168.1.37:139 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
35 => string ' TCP 192.168.1.37:49291 f50001:imaps ESTABLISHED' (length=66)
36 => string ' TCP 192.168.1.37:49480 6:http ESTABLISHED' (length=66)
37 => string ' TCP 192.168.1.37:49537 stackoverflow:https ESTABLISHED' (length=66)
38 => string ' TCP 192.168.1.37:49951 8.43.72.98:https TIME_WAIT' (length=64)
39 => string ' TCP 192.168.1.37:49953 199.16.156.232:https ESTABLISHED' (length=66)
40 => string ' TCP 192.168.1.37:49981 ec2-54-186-9-130:https ESTABLISHED' (length=67)
41 => string ' TCP 192.168.1.37:49991 gru06s26-in-f14:https ESTABLISHED' (length=66)
42 => string ' TCP 192.168.1.37:50020 gru09s19-in-f14:https ESTABLISHED' (length=66)
43 => string ' TCP 192.168.1.37:50021 ec2-54-215-241-186:https TIME_WAIT' (length=67)
44 => string ' TCP 192.168.1.37:50024 openrg:2555 TIME_WAIT' (length=64)
45 => string ' TCP 192.168.1.37:50031 a23-76-248-182:https ESTABLISHED' (length=66)
46 => string ' TCP 192.168.1.37:50033 64.4.54.254:https ESTABLISHED' (length=66)
47 => string ' TCP 192.168.1.37:50034 190.98.146.42:http ESTABLISHED' (length=66)
48 => string ' TCP 192.168.1.37:50038 gru09s19-in-f14:http ESTABLISHED' (length=66)
49 => string ' TCP 192.168.1.37:50039 LAPTOP-3R4M4UFI:http TIME_WAIT' (length=64)
50 => string ' TCP 192.168.1.37:63890 msnbot-65-52-108-192:https ESTABLISHED' (length=71)
51 => string ' TCP 192.168.1.37:63931 bn3sch020010553:https ESTABLISHED' (length=66)
52 => string ' TCP 192.168.1.37:63971 bc:35061 ESTABLISHED' (length=66)
53 => string ' TCP 192.168.1.37:63974 ec2-52-24-34-19:5222 ESTABLISHED' (length=66)
54 => string ' TCP 192.168.1.37:64495 ec2-54-225-235-246:https ESTABLISHED' (length=69)
55 => string ' TCP [::]:80 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
56 => string ' TCP [::]:135 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
57 => string ' TCP [::]:445 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
58 => string ' TCP [::]:2869 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
59 => string ' TCP [::]:3306 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
60 => string ' TCP [::]:5357 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
61 => string ' TCP [::]:49664 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
62 => string ' TCP [::]:49665 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
63 => string ' TCP [::]:49666 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
64 => string ' TCP [::]:49667 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
65 => string ' TCP [::]:49668 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
66 => string ' TCP [::]:49689 LAPTOP-3R4M4UFI:0 LISTENING' (length=64)
67 => string ' TCP [::1]:80 LAPTOP-3R4M4UFI:50037 ESTABLISHED' (length=66)
68 => string ' TCP [::1]:50037 LAPTOP-3R4M4UFI:http ESTABLISHED' (length=66)
69 => string ' UDP 0.0.0.0:500 *:*' (length=35)
70 => string ' UDP 0.0.0.0:3544 *:*' (length=35)
71 => string ' UDP 0.0.0.0:3702 *:*' (length=35)
72 => string ' UDP 0.0.0.0:3702 *:*' (length=35)
73 => string ' UDP 0.0.0.0:3702 *:*' (length=35)
74 => string ' UDP 0.0.0.0:3702 *:*' (length=35)
75 => string ' UDP 0.0.0.0:3702 *:*' (length=35)
76 => string ' UDP 0.0.0.0:3702 *:*' (length=35)
77 => string ' UDP 0.0.0.0:4500 *:*' (length=35)
78 => string ' UDP 0.0.0.0:5353 *:*' (length=35)
79 => string ' UDP 0.0.0.0:5355 *:*' (length=35)
80 => string ' UDP 0.0.0.0:6646 *:*' (length=35)
81 => string ' UDP 0.0.0.0:50291 *:*' (length=35)
82 => string ' UDP 0.0.0.0:54620 *:*' (length=35)
83 => string ' UDP 0.0.0.0:58571 *:*' (length=35)
84 => string ' UDP 0.0.0.0:61114 *:*' (length=35)
85 => string ' UDP 0.0.0.0:61117 *:*' (length=35)
86 => string ' UDP 0.0.0.0:62952 *:*' (length=35)
87 => string ' UDP 127.0.0.1:1900 *:*' (length=35)
88 => string ' UDP 127.0.0.1:48400 *:*' (length=35)
89 => string ' UDP 127.0.0.1:48401 *:*' (length=35)
90 => string ' UDP 127.0.0.1:53982 *:*' (length=35)
91 => string ' UDP 127.0.0.1:54615 *:*' (length=35)
92 => string ' UDP 127.0.0.1:54616 *:*' (length=35)
93 => string ' UDP 127.0.0.1:54617 *:*' (length=35)
94 => string ' UDP 127.0.0.1:54618 *:*' (length=35)
95 => string ' UDP 127.0.0.1:54619 *:*' (length=35)
96 => string ' UDP 127.0.0.1:60847 *:*' (length=35)
97 => string ' UDP 127.0.0.1:61116 *:*' (length=35)
98 => string ' UDP 127.0.0.1:65000 *:*' (length=35)
99 => string ' UDP 127.0.0.1:65535 *:*' (length=35)
100 => string ' UDP 192.168.1.37:137 *:*' (length=35)
101 => string ' UDP 192.168.1.37:138 *:*' (length=35)
102 => string ' UDP 192.168.1.37:1900 *:*' (length=35)
103 => string ' UDP 192.168.1.37:2177 *:*' (length=35)
104 => string ' UDP 192.168.1.37:5353 *:*' (length=35)
105 => string ' UDP 192.168.1.37:20224 *:*' (length=35)
106 => string ' UDP 192.168.1.37:20225 *:*' (length=35)
107 => string ' UDP 192.168.1.37:20226 *:*' (length=35)
108 => string ' UDP 192.168.1.37:20227 *:*' (length=35)
109 => string ' UDP 192.168.1.37:20228 *:*' (length=35)
110 => string ' UDP 192.168.1.37:20229 *:*' (length=35)
111 => string ' UDP 192.168.1.37:20230 *:*' (length=35)
112 => string ' UDP 192.168.1.37:20231 *:*' (length=35)
113 => string ' UDP 192.168.1.37:53981 *:*' (length=35)
114 => string ' UDP 192.168.1.37:56777 *:*' (length=35)
115 => string ' UDP [::]:500 *:*' (length=35)
116 => string ' UDP [::]:3702 *:*' (length=35)
117 => string ' UDP [::]:3702 *:*' (length=35)
118 => string ' UDP [::]:3702 *:*' (length=35)
119 => string ' UDP [::]:3702 *:*' (length=35)
120 => string ' UDP [::]:3702 *:*' (length=35)
121 => string ' UDP [::]:3702 *:*' (length=35)
122 => string ' UDP [::]:4500 *:*' (length=35)
123 => string ' UDP [::]:5353 *:*' (length=35)
124 => string ' UDP [::]:5355 *:*' (length=35)
125 => string ' UDP [::]:50292 *:*' (length=35)
126 => string ' UDP [::]:54621 *:*' (length=35)
127 => string ' UDP [::]:61115 *:*' (length=35)
more elements...
You can put the full output of var_dump?
– MagicHat
@Magichat I put
– Sarah
What returns using
netstat -au?– Marcelo de Andrade
@Marcelodeandrade does not execute anything, shows the options of the netstat command
– Sarah
@zekk but does not have a way of showing which IP address is connected?
– Sarah
Do the following test. On a computer that is on the same network, leave running the following command
nc -ul 6111and on this computer leave running the following commandnc -u <ip_do_outro_pc> 6111and run on another terminalnetstat -a– vmartins