Would it not be easier for you to use the port forwarding in SSH? At least
then you can control the hundreds of ports that X wants to use. I haven't
had time to try this myself, but I have been thinking about it lately. Most
SSHD's support X port forwarding so you can connect to an X server over port
22....
Anyone have more information on this.
Joe
=====================================================================
Joseph Voisin, Systems and Network Administrator, Engel Canada Inc.
www.engelmachinery.com | [EMAIL PROTECTED] | (519)836-0220 x436
=====================================================================
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 28, 2001 10:27 AM
To: [EMAIL PROTECTED]
Subject: [FW1] Exceed/X11 in the Rulebase
According to my knowledge tge PC which is using Exceed to open a display on
a U**x system is the XServer ... and the U**x System is the XClient in that
case. That means the rule should look like this:
U**x PC X11 Accept
Is that right ??
XProtocols have a portrange > 6000. That means the underlying usage
(Exceed-config calls that "Command" like telnet, ssh can not be
tracked/known by the state tables of Firewall1, so I need an extra ruke like
this:
PC U**x telnet Accept
Is that right. Does the Exceed connection with the telnet command really
need these two rules or does it simply need:
PC U**x X11 Accept
Thanks for comments and advice,
--Joerg
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
