[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Help setting DISPLAY to an ipmasq'd machine.



It's non-trivial, since under the X protocol the socket will be
initialized by work_linux_box, which means you need some way to tell
ipmasq_machine to forward those packets to xserver_machine. You could do
this with a specific ipchains rule for that situation, assuming you want
*all* X packets coming from work_linux_box to be routed to
xserver_machine; you'd have to forward all packets coming from x.x.x.x on
whatever port X comes in on to xserver_machine.

There's an easier way, though, which is what I generally do in a similar
situation: open an ssh session from xserver_machine to work_linux_box:

ssh -C -X work_linux_box

then, once logged in via ssh, make sure your DISPLAY variable is set
correctly (most ssh servers do this right- it should be
work_linux_box:x.0, where x > 0).  work_linux_box is now sending X packets
to itself on a different X display, which is caught by ssh and tunnelled
to xserver_machine.

Hope this helps.

----------------------------------------------------------------------
Andrew J Perrin - andrew_perrin@unc.edu - http://www.unc.edu/~aperrin
    Asst Professor of Sociology, U of North Carolina, Chapel Hill
      269 Hamilton Hall, CB#3210, Chapel Hill, NC 27599-3210 USA


On Fri, 8 Jun 2001 maillst@bellsouth.net wrote:

> I need some help figuring out how to set the display variable to a machine that is being ipmasq'd on my network.
> 
> Here is what I have:
> 
> Xserver_machine (192.168.1.3)
>   	|
> 	|
> IPMasq_Machine (192.168.1.1 on internal network)
> 	|      (x.x.x.x on internet)
>   ------------
>   | Internet |
>   ------------
> 	|
> Company_Firewall (y.y.y.y on internet)
> 	|        (10.a.b.c on company lan)
> Work_linux_box   (10.d.e.f)
> 
> I want to set the DISPLAY variable on work_linux_box to display on Xserver_machine to assist me doing off hours support.  It will be difficult to get the comany to modify the firewall.  
> 
> So, is this possible to do?  If so, what exactly do I need to do on the linux side.  I do have it setup that I can ssh from work_linux_box to ipmasq_machine and from there to anywhere on the 192.168 lan.  So I have that much connectivity setup.
> 
> Thanks for any help, and feel free to ask if more information is needed (the real internet ip's will NOT be supplied to help prevent attacks against me or my work).
> 
> Thanks,
> 
> maillst
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 
> 



Reply to: