[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Exceed/X11 in the Rulebase
Would it not be easier for you to use the port forwarding in SSH? At least then you can control the hundreds of ports that X wants to use. I haven't had time to try this myself, but I have been thinking about it lately. Most SSHD's support X port forwarding so you can connect to an X server over port 22.... Anyone have more information on this. Joe ===================================================================== Joseph Voisin, Systems and Network Administrator, Engel Canada Inc. www.engelmachinery.com | [email protected] |===================================================================== -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Wednesday, February 28, 2001 10:27 AM To: [email protected] Subject: [FW1] Exceed/X11 in the Rulebase According to my knowledge tge PC which is using Exceed to open a display on a U**x system is the XServer ... and the U**x System is the XClient in that case. That means the rule should look like this: U**x PC X11 Accept Is that right ?? XProtocols have a portrange > 6000. That means the underlying usage (Exceed-config calls that "Command" like telnet, ssh can not be tracked/known by the state tables of Firewall1, so I need an extra ruke like this: PC U**x telnet Accept Is that right. Does the Exceed connection with the telnet command really need these two rules or does it simply need: PC U**x X11 Accept Thanks for comments and advice, --Joerg ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|