[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: port scans and X redirection



well this still doesnt do the solving of my problem so i guess i can live
with 17 inches, but 21 would have been nice!

thanks
tim carmean
----- Original Message -----
From: "David O. Torrey, Jr." <tj@xxxxxxx>
To: <lug-l@xxxxxxx>
Sent: Tuesday, February 26, 2002 1:38 PM
Subject: Re: port scans and X redirection


> You'll need to use the external IP of your machine.
>
> Set up your firewall to forward port 6001 to port 6000 on the internal
> machine.  On snapster04, set your DISPLAY to the *external* (resnet) name
> of your machine followed by :1.
>
> Snapster04 has no idea how to get to 192.168.anything.
>
> Thanks,
> Dave
>
> +------------------------------------------------------------------------+
> | David Torrey                     Senior Systems Programmer             |
> | tj@xxxxxxx                       Center for Experimental Computation   |
> | (906) 487-2165 voice             Michigan Technological University     |
> | (906) 487-2283 fax                  Houghton, MI 49931                 |
> | http://www.cec.mtu.edu/~tj/                                            |
> +------------------------------------------------------------------------+
>
> On Tue, 26 Feb 2002, Tim Carmean wrote:
>
> > ok i think i know what the problem is.  the remote x server is trying to
> > send the data through port 6000 but my firewall is fowarding 6001.  is
there
> > some command somewhere uring the X -query process where i can tell the
> > server what port i want the stuff to com in on?
> >
> > thanks
> > tim carmean
> > ----- Original Message -----
> > From: "Tim Carmean" <tecarmea@xxxxxxx>
> > To: <lug-l@xxxxxxx>
> > Sent: Tuesday, February 26, 2002 1:32 PM
> > Subject: Re: port scans and X redirection
> >
> >
> > > that still doesnt work.  i wonder what the problem is.  i keep getting
> > that
> > > same error too.
> > >
> > > thanks
> > > tim carmean
> > > ----- Original Message -----
> > > From: "David O. Torrey, Jr." <tj@xxxxxxx>
> > > To: <lug-l@xxxxxxx>
> > > Sent: Tuesday, February 26, 2002 1:09 PM
> > > Subject: Re: port scans and X redirection
> > >
> > >
> > > > For one application, it might be easier to just use ssh with
> > X-redirection
> > > > turned on.  The $DISPLAY setting is taken care of for you, and
> > everything
> > > > should be happy.
> > > >
> > > > As for forwarding ports, you'll want to forward port 6001 to the
inside
> > > > machine's port 6000 (not 6001):
> > > >
> > > > $IPTABLES -A PREROUTING -t nat -p udp -d $EXTIP --dport 6001 -j
> > DNAT --to
> > > 192.168.0.70:6001
> > > >
> > > > should be:
> > > >
> > > > $IPTABLES -A PREROUTING -t nat -p udp -d $EXTIP --dport 6001 -j
> > DNAT --to
> > > 192.168.0.70:6000
> > > >
> > > > X is a TCP-based protocol, if that helps.
> > > >
> > > > Thanks,
> > > > Dave
> > > >
> > > >
> >
+------------------------------------------------------------------------+
> > > > | David Torrey                     Senior Systems Programmer
> > |
> > > > | tj@xxxxxxx                       Center for Experimental
Computation
> > |
> > > > | (906) 487-2165 voice             Michigan Technological University
> > |
> > > > | (906) 487-2283 fax                  Houghton, MI 49931
> > |
> > > > | http://www.cec.mtu.edu/~tj/
> > |
> > > >
> >
+------------------------------------------------------------------------+
> > > >
> > > > On Tue, 26 Feb 2002, Tim Carmean wrote:
> > > >
> > > > > all i want to do is X -query snapster11.snap.mtu.edu which is the
> > civil
> > > > > server so i can run ideas from my dorm room.  i can do it fine
from my
> > > > > router but the problem is my router only has a 17" screen.  the
> > machine
> > > im
> > > > > trying to X -query from is my HP Workstation running debian and
kernel
> > > > > 2.4.16.  this machine has a 21" monitor (fixed frequency sync on
green
> > > which
> > > > > is why i dont use it on my main machine).  what i tried was
setting
> > > > > DISPLAY=192.168.0.70:1 (ip and port i want to use), and to my
firewall
> > > > > ruleset:
> > > > >
> > > > > $IPTABLES -A PREROUTING -t nat -p udp -d $EXTIP --dport 6001 -j
> > > DNAT --to
> > > > > 192.168.0.70:6001
> > > > >
> > > > > its probably something as simple as being tcp or something but i
still
> > > get
> > > > > the error "session failed for display 192.168.0.70:1: cannot open
> > > display"
> > > > >
> > > > > all i want to do is be able to do X -query snapster11.snap.mtu.edu
so
> > i
> > > can
> > > > > run ideas from the dorm.
> > > > >
> > > > > /me wonders if anyone can provide some more insight to his problem
> > > > >
> > > > > tim carmean
> >