On Tue, 29 Jul 2003, Andrew Robinson wrote: > Could someone instruct me on how to configure iptables to allow X-Window > traffic? > > OK, it's an odd request. The reason is this. I have a copy of MacX. > That's mac-ex, as in X-Windows. It's an X-Windows client for Macintosh > sold by Apple until about 1998 or so. I'd like to be able to use my Umax > Mac-clone to access my Red Hat box. I know that in terms of security, > allowing X-Windows across the network is a Bad Thing. I'm hoping that in > the short term, doing this on my home network behind the cable router > firewall will be secure enough. I know that X-Windows can be funneled > through ssh, but I have no idea how to accomplish that on the Mac side. > Given that the Mac is in the den and the Linux box is not, it would give > me "comfortable" access to Linux while sitting next to my wife. She > would appreciate that. In the longer term, I figure this would give me > some practical experience with iptables, a topic I don't know anywhere > near enough about. If you are behind a firewall why are you running iptables on the Red Hat box? Why not just disable iptables to start with and then once you have X forwarding working then worry about iptables if you think it is necessary. Looks like opening the following ports should do it if you really want to fwd X: (tigger pts2) $ grep -i x11 /etc/services x11 6000/tcp X # the X Window System x11-ssh-offset 6010/tcp # SSH X11 forwarding offset I have never actually tried this so ymmv. There is another way though, if I were doing this I would get things working without iptables in the way and then fire up iptables and watch the logs. The logs should tell you exactly what you need to open. HTH, -- ......Tom Registered Linux User #14522 http://counter.li.org tdiehl@xxxxxxxxxxxx My current SpamTrap -------> mtd123@xxxxxxxxxxxx -- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
