Craig Mautner <[EMAIL PROTECTED]> wrote:
>
> Just to make sure I'm understanding: Do I then set the DISPLAY
> environment variable on the client to the firewall IP address? Does
> this solution keep me from simultaneously supporting X servers on both
> the Linux firewall and the NT machine? Or only X connections to the
> same client IP address? Or are there no limitations at all?
Good questions all.
Yes, the remote client can only see your masq box's IP address, so you
must set your $DISPLAY to point to that address.
If you have multiple X servers running behind your masq box, you can
easily port-forward ports starting from 6000+, and forward them to port
6000 on your X server's internal IP address. That way, you can
differentiate them by $DISPLAY:
masq.box:0 ==> port 6000
masq.box:1 ==> port 6001
masq.box:2 ==> port 6002
(etc)
Then, you can set up forwarding like so:
ipmasqadm portfw -a -P tcp -L $localip 6000 -R server1 6000
ipmasqadm portfw -a -P tcp -L $localip 6001 -R server2 6000
ipmasqadm portfw -a -P tcp -L $localip 6002 -R server3 6000
Notice that in the first case, we are simply forwarding port 6000 to
port 6000, but in the other two we are forwarding to the same
DESTINATION port but using a different SOURCE port. That will mean that
you don't have to try to reconfigure your X server to listen on a
different port.
Using this scheme, if a remote client uses a DISPLAY setting of
"masq.box:0", it will talk to "server1:0". A DISPLAY of "masq.box:1"
will talk to "server2:0", and so on.
Simple, isn't it? :)
--
[EMAIL PROTECTED] (Fuzzy Fox) || "Nothing takes the taste out of peanut
sometimes known as David DeSimone || butter quite like unrequited love."
http://www.dallas.net/~fox/ || -- Charlie Brown
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
http://tiffany.indyramp.com/mailman/listinfo/masq
Admin requests can be handled by web (above) or [EMAIL PROTECTED]
