SunSolve Internal
 

Infodoc ID   Synopsis   Date
18370   How do I enable CDE/Xwindow through a Firewall?   23 Jan 1999

Description Top

This question could be put in another way:
"What TCP and UDP ports does CDE/Xwindow use?"

This is a very hard question. Your best bets are the following:

enable ports 6000 to 6004, they are used by X.
enable port 177, this is the XDMCP port
enable port 32798 (dtlogin uses it)

try to connect from hostA to hostB using CDE.

gather and analyze the output of: 
snoop -V hostA hostB


on the machine you want to log into check the following for 
*.1234 like port numbers:

netstat -an
/usr/proc/bin/ptree
# you can get lsof from www.sunfreeware.com, it is a public domain package
# not supported by Sun.

lsof |grep Xsun|grep inet
lsof |grep dtlogin|grep inet

If you are using 3rd party applications, please check
them with 
lsof |grep app3rdparty |grep inet
/etc/services and 
ypcat -k services (if using NIS) or the NIS+ services table.

Unfortunately, enabling port 6000 by itself may not solve the problem
since Xsun uses other ports once the X connection is already established.

*** Warning ***
In general, running CDE through a firewall is not a good idea, because
of security considerations. See the Nutshell book, "Internet
Firewalls" for more information. This information is not supported
by Sun and is provided without warranty.

Top

SunWeb Home SunWeb Search SunSolve Home Simple Search

Sun Proprietary/Confidential: Internal Use Only
Feedback to SunSolve Team