[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Exceed/X11 in the Rulebase
Hi Joerg, If you have sshd on the unix box, and a ssh client with x11 tunneling on the PC you can just run x-windows though the ssh session, and you'll only need to add one rule to the rule base. On the other hand you won't know what else is going though the ssh tunnel since FW1 won't be able to see inside the encrypted. There is also a page on http://www.phoneboy.com/ on how to run X11 though securemote. HTH, Pete --- [email protected] wrote: > > According to my knowledge tge PC which is using > Exceed to open a display on > a U**x system is the XServer ... and the U**x System > is the XClient in that > case. That means the rule should look like this: > > U**x PC X11 Accept > > Is that right ?? > > XProtocols have a portrange > 6000. That means the > underlying usage > (Exceed-config calls that "Command" like telnet, ssh > can not be > tracked/known by the state tables of Firewall1, so I > need an extra ruke like > this: > > PC U**x telnet Accept > > Is that right. Does the Exceed connection with the > telnet command really > need these two rules or does it simply need: > > PC U**x X11 Accept > > Thanks for comments and advice, > --Joerg > > > > > > ================================================================================ > To unsubscribe from this mailing list, please > see the instructions at > > http://www.checkpoint.com/services/mailing.html > ================================================================================ __________________________________________________ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|