Hello all, Im trying to set up VNC here to get from one system to another. I have three boxes. windows 2000 windows xp Linux with mandrake with shorewall running on it. I can VNC to the server in Linux from any system no problem there. I can VNC to the windows xp and 2000 box to each other. the problem is I cant VNCviewer to any of the windows boxes from the Linux box. says its refused. Jul 4 09:40:57 all2all:REJECT:IN= OUT=eth1 SRC=192.168.1.1 DST=192.168.1.60 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=15616 DF PROTO=TCP SPT=39265 DPT=5900 WINDOW=5840 RES=0x00 SYN URGP=0 why can I go from windows to windows and windows to Linux but not Linux to windows? #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL # PORT PORT(S) DEST ACCEPT net fw tcp 80,443,22,20,21,5801:5810,5901:5910 - ACCEPT masq fw tcp 80,443,22,20,21,5801:5810,5901:5910 - ACCEPT loc fw tcp 80,443,22,20,21 - ACCEPT masq fw tcp domain,bootps,http,https,631,imap,pop3,smtp,nntp,ntp - ACCEPT masq fw udp domain,bootps,http,https,631,imap,pop3,smtp,nntp,ntp - ACCEPT fw masq tcp 631,137,138,139 - ACCEPT fw masq udp 631,137,138,139 - #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE Thanks
On Fri, 2003-07-04 at 07:55, John L. Goodale wrote:> Hello all, > > Im trying to set up VNC here to get from one system to another. > > I have three boxes. > > windows 2000 > > windows xp > > Linux with mandrake with shorewall running on it. > > I can VNC to the server in Linux from any system no problem there. > > I can VNC to the windows xp and 2000 box to each other. > > the problem is I cant VNCviewer to any of the windows boxes from the Linux > box. > says its refused. > > Jul 4 09:40:57 all2all:REJECT:IN= OUT=eth1 SRC=192.168.1.1 DST=192.168.1.60 > LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=15616 DF PROTO=TCP SPT=39265 DPT=5900 > WINDOW=5840 RES=0x00 SYN URGP=0 > > why can I go from windows to windows and windows to Linux but not Linux to > windows?Because you have no ACCEPT rule for fw->masq that includes TCP port 5900. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net
On Fri, 2003-07-04 at 08:22, John L. Goodale wrote:> thanks tom > I was trying to get to port 5901. > it works but I still have a problem. Its looping when im in the Linux box > vncing to a windows box? so im getting multiple connections to the windows > box. > > how can I fix that? >Given the description of the problem, I have no idea. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net
On Fri, 2003-07-04 at 09:06, John L. Goodale wrote:> when I log into the VNC from the Linux box it opens up multiple windows from > the vncserver n the windows box its a 2000 box. it loops it tell I kill it > or I get a core dump. >And how that relates to Shorewall is totally unclear. a) Are you seeing any Shorewall log messages when this occurs? b) If you "shorewall clear", does this still happen? -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net