| Linux Forum Index » Linux Security » iptables and X11 forwarding... |
|
Page 1 of 1 |
|
| Author |
Message |
| p_a... |
 Posted: Tue Aug 04, 2009 3:16 pm |
|
|
|
Guest
|
Is something missing? I've tried to enable X11 forwarding thru
iptables with the following
set of rules. If I run "ggv &" a "can't open display" message is
displayed. I have sshed with the -X option.
iptables -A INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -j ACCEPT
iptables -A OUTPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -o lo -j ACCEPT
thx.,
pete. |
|
|
| Back to top |
|
|
|
| Allen Kistler... |
| Posted: Tue Aug 04, 2009 7:38 pm |
|
|
|
Guest
|
p_a wrote:
Quote: Is something missing? I've tried to enable X11 forwarding thru
iptables with the following
set of rules. If I run "ggv &" a "can't open display" message is
displayed. I have sshed with the -X option.
iptables -A INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -j ACCEPT
iptables -A OUTPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -o lo -j ACCEPT
1. You don't need to specify addresses for the lo rules.
BTW, it's good to put these rules first in INPUT and OUTPUT.
2. Is the DISPLAY variable set?
3. Is xauth installed? (rpm -q xorg-x11-xauth)
4. Are you running ssh over IPv4 or IPv6?
Typically localhost has to be defined for both. |
|
|
| Back to top |
|
|
|
|
