Discussion:
Routing the RFB Protocol
Mike Gehl
1999-06-29 21:02:13 UTC
Permalink
My setup...


|--> 192,168.1.2:0 vnc server
|
VNC Client <--> Linux Gateway <--|--> 192.168.1.3:0 vnc server
206.xxx.xxx.xxx |
192.168.1.1 |--> 192.168.1.4:0 vnc server


The VNC client enters 206.xxx.xxx.xxx:y to connect to a vnc server. I'm
trying to configure the gateway machine to redirect port (y) to a specific
local address.

206.xxx.xxx.xxx:0 -> 192.168.1.2:0
206.xxx.xxx.xxx:1 -> 192.168.1.3:0
206.xxx.xxx.xxx:2 -> 192.168.1.4:0

Currently I'm trying to redirect the packets with...

/etc/inetd.conf

5900 stream tcp nowait nobody /sbin/redir 192.168.1.2 5900
5901 stream tcp nowait nobody /sbin/redir 192.168.1.3 5900
5902 stream tcp nowait nobody /sbin/redir 192.168.1.4 5900

When doing this, the VNC client displays a protocol error. I assume my
inetd.conf entries are incorrect for the rfb protocol. Can anyone point me
in the right direction or suggest an alternative. Thanks.

-Mike Gehl
Cognition Inc.


---------------------------------------------------------------------
The VNC mailing list - see http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
Quentin Stafford-Fraser
1999-06-30 20:42:03 UTC
Permalink
Post by Mike Gehl
206.xxx.xxx.xxx:0 -> 192.168.1.2:0
206.xxx.xxx.xxx:1 -> 192.168.1.3:0
206.xxx.xxx.xxx:2 -> 192.168.1.4:0
Currently I'm trying to redirect the packets with...
/etc/inetd.conf
5900 stream tcp nowait nobody /sbin/redir 192.168.1.2 5900
5901 stream tcp nowait nobody /sbin/redir 192.168.1.3 5900
5902 stream tcp nowait nobody /sbin/redir 192.168.1.4 5900
When doing this, the VNC client displays a protocol error.
Mike - this looks OK, though I'm not familiar with redir or the finer
bits of inetd.

Can you telnet to ports 5900, 5901, 5902 on the gateway machine?

And I assume you aren't using the Java viewer? If you are, you'll need
to redirect 58xx as well as 59xx, though if you've got this far, that's
probably obvious :-)


Quentin
--
----------------------------------------------------------------------
Dr Quentin Stafford-Fraser
AT&T Laboratories Cambridge
http://www.uk.research.att.com/~qsf

---------------------------------------------------------------------
The VNC mailing list - see http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
Mills, Wes
1999-06-30 21:10:34 UTC
Permalink
What it looks like to me is that the port numbers are off. The docs say
that the port is 5900 plus the display number. Since you're rerouting 5901
to port 5900 on another machine, the client expects to see display 1, but
the server expects to send display 0, resulting in a mismatch.

Wes
Post by Mike Gehl
206.xxx.xxx.xxx:0 -> 192.168.1.2:0
206.xxx.xxx.xxx:1 -> 192.168.1.3:0
206.xxx.xxx.xxx:2 -> 192.168.1.4:0
Currently I'm trying to redirect the packets with...
/etc/inetd.conf
5900 stream tcp nowait nobody /sbin/redir 192.168.1.2 5900
5901 stream tcp nowait nobody /sbin/redir 192.168.1.3 5900
5902 stream tcp nowait nobody /sbin/redir 192.168.1.4 5900
When doing this, the VNC client displays a protocol error.
---------------------------------------------------------------------
The VNC mailing list - see http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
Quentin Stafford-Fraser
1999-06-30 23:57:09 UTC
Permalink
Post by Mills, Wes
What it looks like to me is that the port numbers are off. The docs say
that the port is 5900 plus the display number. Since you're rerouting 5901
to port 5900 on another machine, the client expects to see display 1, but
the server expects to send display 0, resulting in a mismatch.
No, the VNC software doesn't mind this at all. It's the usual way of
routing VNC through SSH, for example. You tell the viewer to connect to
display 3 on the local machine, for example, and arrange for SSH to
forward that to some display on the actual server (which may or may not
be number three). As long as the TCP/IP connection itself succeeds, the
VNC protocol should work.

Regards,
Quentin
----------------------------
Dr Quentin Stafford-Fraser
AT&T Laboratories Cambridge
http://www.uk.research.att.com/~qsf

---------------------------------------------------------------------
The VNC mailing list - see http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
Mike Gehl
1999-07-01 00:08:08 UTC
Permalink
Post by Quentin Stafford-Fraser
Post by Mike Gehl
206.xxx.xxx.xxx:0 -> 192.168.1.2:0
206.xxx.xxx.xxx:1 -> 192.168.1.3:0
206.xxx.xxx.xxx:2 -> 192.168.1.4:0
Currently I'm trying to redirect the packets with...
/etc/inetd.conf
5900 stream tcp nowait nobody /sbin/redir 192.168.1.2 5900
5901 stream tcp nowait nobody /sbin/redir 192.168.1.3 5900
5902 stream tcp nowait nobody /sbin/redir 192.168.1.4 5900
When doing this, the VNC client displays a protocol error.
Mike - this looks OK, though I'm not familiar with redir or the finer
bits of inetd.
Can you telnet to ports 5900, 5901, 5902 on the gateway machine?
And I assume you aren't using the Java viewer? If you are, you'll need
to redirect 58xx as well as 59xx, though if you've got this far, that's
probably obvious :-)
Thank you. Your telnet comment was the key to solving the problem. I had
redir incorrectly configured. I'm now running it in daemon mode.

/usr/sbin/redir --lport=5900 --caddr=192.168.1.2 --cport=5900 &
/usr/sbin/redir --lport=5901 --caddr=192.168.1.3 --cport=5900 &
/usr/sbin/redir --lport=5902 --caddr=192.168.1.4 --cport=5900 &

Runs like a charm! Thanks again.

-Mike Gehl
Cognition Inc.


---------------------------------------------------------------------
The VNC mailing list - see http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
Loading...