vnc past past firewall and ip-masqing.

shea martin snowsquirrel "at" home.com
Fri, 15 Jun 2001 01:07:13 +0000


"Scott C. Best" wrote:

> Shea:
>
>         So...just to be sure:
>
> > > ipchains -I 1 input -s 0.0.0.0/0 -d $IP_EXT/32 5900 -p tcp -j ACCEPT
> >
> > I tried adding the commands right after the FTP section of the firewall
> > script.  Then I restarted the firewall.  I then started the vncserver on
> > my workstation and pointed the vncviewer at the external ip of my
> > ip-masq/firewall, but I was still told that access was denied?
>
>         You *did* change $IP_EXT in that command to whatever
> variable your firewall script uses? That is, look at the other
> rules and see how it's done in your system. Might be $IPX or
> $EXTIP or....something different than $IP_EXT (which I use
> in my scripts).
>         Same thing holds true for the $VNC_HOST variable on
> the ipmasqadm rule: that needs to be set correctly. I sorta
> left that part to the reader. :)
>
>         If all else fails...use "ipchains -L -n > ipchains.out"
> and "ipmasqadm portfw -l > ipmasq.out" and email me those.
> Good luck!
>
> -Scott

Scott,
    Yes, I changed the variable to the same thing that the pmfirewall script uses.  Here is the attachment of ipchains.out.  From what I can see, it looks like port 5900 is open?  This would indicate
that the problem is with the port forwarding?

Thanks again

~SHEA M>
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to majordomo "at" uk.research.att.com
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------