It's non-trivial, since under the X protocol the socket will be initialized by work_linux_box, which means you need some way to tell ipmasq_machine to forward those packets to xserver_machine. You could do this with a specific ipchains rule for that situation, assuming you want *all* X packets coming from work_linux_box to be routed to xserver_machine; you'd have to forward all packets coming from x.x.x.x on whatever port X comes in on to xserver_machine.
There's an easier way, though, which is what I generally do in a similar situation: open an ssh session from xserver_machine to work_linux_box: ssh -C -X work_linux_box then, once logged in via ssh, make sure your DISPLAY variable is set correctly (most ssh servers do this right- it should be work_linux_box:x.0, where x > 0). work_linux_box is now sending X packets to itself on a different X display, which is caught by ssh and tunnelled to xserver_machine. Hope this helps. ---------------------------------------------------------------------- Andrew J Perrin - [EMAIL PROTECTED] - http://www.unc.edu/~aperrin Asst Professor of Sociology, U of North Carolina, Chapel Hill 269 Hamilton Hall, CB#3210, Chapel Hill, NC 27599-3210 USA On Fri, 8 Jun 2001 [EMAIL PROTECTED] wrote: > I need some help figuring out how to set the display variable to a machine > that is being ipmasq'd on my network. > > Here is what I have: > > Xserver_machine (192.168.1.3) > | > | > IPMasq_Machine (192.168.1.1 on internal network) > | (x.x.x.x on internet) > ------------ > | Internet | > ------------ > | > Company_Firewall (y.y.y.y on internet) > | (10.a.b.c on company lan) > Work_linux_box (10.d.e.f) > > I want to set the DISPLAY variable on work_linux_box to display on > Xserver_machine to assist me doing off hours support. It will be difficult > to get the comany to modify the firewall. > > So, is this possible to do? If so, what exactly do I need to do on the linux > side. I do have it setup that I can ssh from work_linux_box to > ipmasq_machine and from there to anywhere on the 192.168 lan. So I have that > much connectivity setup. > > Thanks for any help, and feel free to ask if more information is needed (the > real internet ip's will NOT be supplied to help prevent attacks against me or > my work). > > Thanks, > > maillst > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >
