[FreeNX-kNX] FreeNX KNX and firewalls
Hamish
lists at subvs.co.uk
Fri Feb 25 10:39:25 UTC 2005
Hello everyone
I am having a strange firewall problem with FreeNX/KNX. I have set up a SuSE
9.2 box with FreeNX, now when connecting to it with KNX on another SuSE9.2
box, I authenticate fine, then nothing happens. The host shows sessions
connected when running `nxserver --list`, but nothing happens on the client.
If I turn off the firewall on the host box, it works fine - must be something
blocked, but I thought it used ssh only?
here is some log from the host firewall when it is on:
Feb 25 10:14:03 nx.host.box kernel: SFW2-INext-DROP-DEFLT IN=eth0 OUT=
MAC=xx:xx:xx:xx:xx:xxetc SRC=xxx.xxx.xxx.xxx DST=yyy.yyy.yyy.yyy LEN=60
TOS=0x00 PREC=0x00 TTL=54 ID=6642 DF PROTO=TCP SPT=1186 DPT=5001 WINDOW=5840
RES=0x00 SYN URGP=0
Feb 25 10:14:06 nx.host.box kernel: SFW2-INext-DROP-DEFLT IN=eth0 OUT=
MAC=xx:xx:xx:xx:xx:xxetc SRC=xxx.xxx.xxx.xxx DST=yyy.yyy.yyy.yyy LEN=60
TOS=0x00 PREC=0x00 TTL=54 ID=6643 DF PROTO=TCP SPT=1186 DPT=5001 WINDOW=5840
RES=0x00 SYN URGP=0
Feb 25 10:14:12 nx.host.box kernel: SFW2-INext-DROP-DEFLT IN=eth0 OUT=
MAC=xx:xx:xx:xx:xx:xxetc SRC=xxx.xxx.xxx.xxx DST=yyy.yyy.yyy.yyy LEN=60
TOS=0x00 PREC=0x00 TTL=54 ID=6644 DF PROTO=TCP SPT=1186 DPT=5001 WINDOW=5840
RES=0x00 SYN URGP=0
So its trying to make a connection to port 5001? WHY?
Here is the config file for the connection:
{snip}
<option key="Enable SSL encryption" value="true" />
{snip}
<option key="Server port" value="22" />
{snip}
So SSL is enabled, and it is trying on default port 22. Why are there
connection attempts to port 5001? Should I open this port?
On a windows box, connecting to the same host works (for full desktop at
least, see the single window thread...) without firewall changes ie port 22,
and nothing else.
Other slightly OT questions:
How can I turn on/up KNX logging? The conf directory seems to be used by
both !M client and KNX (~/.nx/config), is there anywhere else KNX may be
getting conf from? Is it possible that having KNX and !M client both
installed could cause problems?
Thanks,
H
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/freenx-knx/attachments/20050225/b82b77df/attachment.sig>
More information about the FreeNX-kNX
mailing list