Ok so I need to be a little less elusive about what I want to do. Network 1 gives me an IP. Now it would be possible for me to build Machine A as a bridge however then all the machines on Network 2 would also get IP's from Network 1. In the environment in which I am thinking of doing this, the above is not considered polite.
So the IP's of Machine A (eth0 and eth1) are on different subnets, eth1 will be a Class C or some such. I also want to run some services on Machine A, eth0 and eth1 (apache, mySQL, ssh) and be able to control which machines on both Network 1 and 2 have access to those services. I know this is all possible with NAT etc using IPTables. My concern with X11 forwarding is that some of the machines on Network 1 do not use ssh at all. Telnet, rlogin etc only. So other than installing ssh on them and using the ssh tunneling as suggested by Michael Beattie, I do not know of a way for ALL machines on Network 2 to get the graphics associated with the X11 apps they are running on machines on Network 1. Getting such access for one machine is easy, DNAT. Forward all incoming traffic on the X11 port to one machine on Network 2, and hope that it asked for the app to start. There may be some holes in mo understanding so correct me if I am wrong, Machine B (on Network 2) starts an app on Machine C (Network 1), this app is graphical so Machine C attempts to connect back to Machine B to tell it to draw so windows etc. However if NAT is running on Machine A, Machine B does not have a real work IP, instead NAT makes Machine C think that Machine A is the one starting the app. So Machine C starts a new connection back to Machine A (The Link between Network 1 and 2), Machine A sees the traffic on a new port from Machine C and does not understand what to do with it, so dumps it (or whatever the default rule in IPTables is). The end result being that Machine B does not get the graphics for the app that it started on Machine C. (WOW lots of confusing Machine A,B,C's....., unintentional I promise) Any penetrating glimpses into the obvious greatly appreciated. Mark Carey
