Yes, this is kindof what I am looking for but it needs to be done for
multiple remote hosts that are unknown until they sign on.
I need something that will recognize "Tom" and will forward his traffic to
5801. On the flip side, if Nancy wants to use VNC, she should also be able
to get her traffic forwarded to 5802.
Tom comes in on port 80 and is forwarded to 5801
Nancy comes in on port 80 and is forwarded to 5802
Both Tom and Nancy's remote IPS are unknown, but they currently connect to
their sessions via a simple URL that is created by a CGI script.
http://vncserver:5801
http://vncserver:5802
etc etc etc for however many people have sessions open.
This would be a simple thing if it was a web server that we are talking
about since they use virtual hosts.
I could easily do this with forwarding 80 to 5800 and 81 to 5801 etc etc but
that defeats the purpose since we are NOT on port 80 anymore.
I think I'll head over to the mmtcpfwd utility list to see if they have any
suggestions. If you have any, could you please send me a reply? I would
really hate to try to rewrite the vnc html server to recognize virtual
hosts......
There has got to be a way to make a firewall forward packets to different
ports by specifiying it beforehand (Possibly in the URL?)
Thanks,
Steve
-----Original Message-----
From: Carl Karsten
To: [EMAIL PROTECTED]
Cc: Technical Staff
Sent: 03/06/2001 8:43 PM
Subject: Re: VNC Ports and firewalling.
I just got this working:
ipmasqadm portfw -d -P tcp -L 24.29.255.187 80 -R 192.168.1.22 5800
forwards everything from port 80 on linux box to port 5800 on an
internal
machine.
really cool.
Carl Karsten
----- Original Message -----
From: "Steve Russo" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: "Technical Staff" <[EMAIL PROTECTED]>
Sent: Tuesday, March 06, 2001 4:14 PM
Subject: VNC Ports and firewalling.
> Hello, I would like to use VNC for some online training but we are
running
> into firewalling issues. The problem stems from VNC using only ports
58xx.
> Most corporations and people in the know will block all ports except
for a
> few given ones like httpd etc,etc, into their network (duh, tell us
> something we don't know.).
>
> Well, I want these people to train. I don't mind using port 80 as the
> incoming port, but this will only allow me ONE connection to this VNC
server
> (It's running Linux so the sky is the limit of course).
>
> My question is this:
>
> Has anyone found a way around the firewalling issues? (Besides asking
said
> client to open ports on their firewall?).
>
> If so, what did you do? Did you run into any problems with proxy
servers?
If
> not, read on.
>
> I have been working with Apache lately to setup virtual hosts. The
Apache
> server will figure out WHERE the connection is going to and forward
that
> connection to the appropriate "server"
> . What about doing something like this with mmtcpfwd (Linux port
forwarding
> utility)? Has anyone thought of the virtual hosts idea for VNC?
>
> Maybe a firewall that takes in port 80 from the outside and forwards
it to
> 58xx on the inside.
>
> Maybe this is as easy as setting up mmtcpfwd?
>
> Any ideas are appreciated.
>
> Thanks,
>
> Steve
> ---------------------------------------------------------------------
> To unsubscribe, send a message with the line: unsubscribe vnc-list
> to [EMAIL PROTECTED]
> See also: http://www.uk.research.att.com/vnc/intouch.html
> ---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
