Menu
▾
▴
Re: [Shorewall-users] Local Host and VNC access
|
From: Pascal D. <mai...@ne...> - 2003-01-30 05:13:47
|
Depends from where you are accessing it and where vncserver is running. If vncserver is running on the firewall ACCEPT net fw tcp 5900:5910 # access from internet ACCEPT loc fw tcp 5900:5910 # access from local network If vncserver is running behind the firewall, you will need a proxy or read what follows. If using java viewer, open 5800:5810 (if I remember correctly). Note that accessing your firewall this way is not secure as VNC traffic is not encrypted and VNC authentication is pretty weak. A much better approach is using ssh for accessing your firewall and redirecting the VNC traffic over your ssh tunnel from a machine (remote) on the internet, type the following: assuming vncserver was started on :1 ssh -L 5901:localhost:5901 <firewall_running_vncserver_ip> Then in an another xterm, on the machine (remote) type vncviewer localhost:1 (note that you might want to try different compression algorithm because vncviewer will think your vncserver is local. See vncviewer man page) WHat you are doing here is start a ssh session while redirecting all tcp traffic from the host 5901 port to your local port 5901. Then call vncviewer looking at your own 5901 port. The advantage of such solution is now you can also access machine running vncserver behind your firewall without using a proxy ssh -L 5901:<machine behind firewall ip>:5901 <firewall ip> Hope that helps Pascal On Wed, 2003-01-29 at 17:10, Shaun Marolf wrote: > I finally figured out Shorewall and have configured my Internet Sharing and > have configured my Samba access, webmin access and SSH access. How do I > configure access for VNC and to allow the local host to access the Internet > as well (I need this to get updates and software packages.) > > Thanks, > Shaun Marolf > > Mandrake 9.0 > > ______________________________________________________________________ > > _______________________________________________ > Shorewall-users mailing list > Sho...@li... > http://lists.shorewall.net/mailman/listinfo/shorewall-users |