iptables settings for X11 forwarding in CentOS 6.2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Hi,

We recently installed CentOS 6.2 on our cluster.  During
the installation/debugging of various secondary software, we had
disabled iptables.  When we re-enabled them, we found that the
front-end would no longer X11 forward (although it does so
when the iptables are off).  What do we need to set in the
iptables to permit X11 forwarding?  Currently we're using


iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

iptables -A INPUT -m limit --limit 15/minute -j LOG --log-level 7 
--log-prefix "Dropped by firewall: "

iptables -A INPUT -i eth1 -p tcp --dport 22 -m state --state 
NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --dport 80 -m state --state 
NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --dport 8080 -m state --state 
NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --dport 6000 -m state --state 
NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --dport 6001 -m state --state 
NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --dport 6002 -m state --state 
NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --dport 6003 -m state --state 
NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --dport 6004 -m state --state 
NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --dport 6005 -m state --state 
NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth1 -p udp --dport 177 -m state --state 
NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth1 -p udp --dport 6000 -m state --state 
NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth1 -p udp -m state --state ESTABLISHED,RELATED -j 
ACCEPT
iptables -A INPUT -i eth1 -p tcp -m state --state ESTABLISHED,RELATED -j 
ACCEPT

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Pat Haley                          Email:  phaley@xxxxxxx
Center for Ocean Engineering       Phone:  (617) 253-6824
Dept. of Mechanical Engineering    Fax:    (617) 253-8125
MIT, Room 5-213                    http://web.mit.edu/phaley/www/
77 Massachusetts Avenue
Cambridge, MA  02139-4301
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux