Re: Help setting DISPLAY to an ipmasq'd machine.
OK, I just tried this:
ssh -C -X ipmasq_box from work_linux_box
ssh -C -X xserver_box from ipmasq_box (same session as above)
In a new work_linux_box session: export DISPLAY=ipmasq_box:0.0
xterm &
I get:
_X11TransSocketINETConnect: Can't connect: errno = 111
xterm Xt error: Can't open display: ipmasq_box:0.0
If I run xterm from xserver_box, the xterm is displayed on work_linux_box.
Am I doing this wrong? Also, does ipmasq_box need to be running an xserver? Right now it does not, but it has most if not all of the xserver stuff on it.
Thanks,
maillst
On Fri, Jun 08, 2001 at 11:26:04AM -0500, Andrew Perrin wrote:
> It's non-trivial, since under the X protocol the socket will be
> initialized by work_linux_box, which means you need some way to tell
> ipmasq_machine to forward those packets to xserver_machine. You could do
> this with a specific ipchains rule for that situation, assuming you want
> *all* X packets coming from work_linux_box to be routed to
> xserver_machine; you'd have to forward all packets coming from x.x.x.x on
> whatever port X comes in on to xserver_machine.
>
> There's an easier way, though, which is what I generally do in a similar
> situation: open an ssh session from xserver_machine to work_linux_box:
>
> ssh -C -X work_linux_box
>
> then, once logged in via ssh, make sure your DISPLAY variable is set
> correctly (most ssh servers do this right- it should be
> work_linux_box:x.0, where x > 0). work_linux_box is now sending X packets
> to itself on a different X display, which is caught by ssh and tunnelled
> to xserver_machine.
>
> Hope this helps.
>
> ----------------------------------------------------------------------
> Andrew J Perrin - andrew_perrin@unc.edu - http://www.unc.edu/~aperrin
> Asst Professor of Sociology, U of North Carolina, Chapel Hill
> 269 Hamilton Hall, CB#3210, Chapel Hill, NC 27599-3210 USA
>
>
> On Fri, 8 Jun 2001 maillst@bellsouth.net wrote:
>
> > I need some help figuring out how to set the display variable to a machine that is being ipmasq'd on my network.
> >
> > Here is what I have:
> >
> > Xserver_machine (192.168.1.3)
> > |
> > |
> > IPMasq_Machine (192.168.1.1 on internal network)
> > | (x.x.x.x on internet)
> > ------------
> > | Internet |
> > ------------
> > |
> > Company_Firewall (y.y.y.y on internet)
> > | (10.a.b.c on company lan)
> > Work_linux_box (10.d.e.f)
> >
> > I want to set the DISPLAY variable on work_linux_box to display on Xserver_machine to assist me doing off hours support. It will be difficult to get the comany to modify the firewall.
> >
> > So, is this possible to do? If so, what exactly do I need to do on the linux side. I do have it setup that I can ssh from work_linux_box to ipmasq_machine and from there to anywhere on the 192.168 lan. So I have that much connectivity setup.
> >
> > Thanks for any help, and feel free to ask if more information is needed (the real internet ip's will NOT be supplied to help prevent attacks against me or my work).
> >
> > Thanks,
> >
> > maillst
> >
> >
> > --
> > To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> >
> >
>
>
> --
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: