vncviewer

Tom Rivers tom at impact-crater.com
Thu Feb 27 21:31:26 UTC 2014 

On 2/27/2014 15:37, Patrick Dupre wrote:
> OK, I restarted it:

If you look below, I have removed all the chains that didn't reference 
SSH.  Notice that the VNC ports you were trying to access are not listed 
in these chains.  That's why you aren't getting access to them remotely.

Now that we have solved that part of the problem, it's worth restating 
that encrypting your VNC sessions is a really good idea I would strongly 
recommend.  Tunneling via SSH is an option and so is creating a VPN 
tunnel between the server and your remote system.

> Chain IN_dmz_allow (1 references)
> target     prot opt source               destination
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh ctstate NEW
>
> Chain IN_external_allow (1 references)
> target     prot opt source               destination
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh ctstate NEW
>
> Chain IN_home_allow (1 references)
> target     prot opt source               destination
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh ctstate NEW
> ACCEPT     udp  --  anywhere             anywhere             udp dpt:ipp ctstate NEW
> ACCEPT     udp  --  anywhere             224.0.0.251          udp dpt:mdns ctstate NEW
> ACCEPT     udp  --  anywhere             anywhere             udp dpt:netbios-ns ctstate NEW
> ACCEPT     udp  --  anywhere             anywhere             udp dpt:netbios-dgm ctstate NEW
>
> Chain IN_internal_allow (1 references)
> target     prot opt source               destination
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh ctstate NEW
> ACCEPT     udp  --  anywhere             anywhere             udp dpt:ipp ctstate NEW
> ACCEPT     udp  --  anywhere             224.0.0.251          udp dpt:mdns ctstate NEW
> ACCEPT     udp  --  anywhere             anywhere             udp dpt:netbios-ns ctstate NEW
> ACCEPT     udp  --  anywhere             anywhere             udp dpt:netbios-dgm ctstate NEW
>
> Chain IN_public_allow (1 references)
> target     prot opt source               destination
> ACCEPT     udp  --  anywhere             anywhere             udp dpt:ipp ctstate NEW
> ACCEPT     udp  --  anywhere             224.0.0.251          udp dpt:mdns ctstate NEW
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ipp ctstate NEW
> ACCEPT     udp  --  anywhere             anywhere             udp dpt:ipp ctstate NEW
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh ctstate NEW
>
> Chain IN_work_allow (1 references)
> target     prot opt source               destination
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh ctstate NEW
> ACCEPT     udp  --  anywhere             224.0.0.251          udp dpt:mdns ctstate NEW
> ACCEPT     udp  --  anywhere             anywhere             udp dpt:ipp ctstate NEW

Tom

More information about the users mailing list