LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-29-2014, 05:13 AM   #1
szejiekoh
LQ Newbie
 
Registered: Jun 2014
Posts: 28

Rep: Reputation: Disabled
xhost+ (wireshark saw network packets exchange), but still cannot display error


Hi all,

1) I got 2 VMs running linux centos 6.5 in my office remotely.

2) With vsphere client, i logined to the individual console for vmNode1, and vmNode2.

3) Both nodes are on the same subnet, and can be ping from one another

4) Both nodes have their iptables turn off

5) Both nodes have x11-apps installed and i can run xclock before i change the $DISPLAY variable value.

-----------

nodeA ip = 192.168.123.243
nodeB ip = 192.168.123.233

1) Now, with nodeA as server, i done an xhost+ due to desperation to disable control list access.

2) with nodeB, i issue this command
export DISPLAY=192.168.123.243:0.0

3) within nodeB terminal, i done a xclock expecting the clock to be showing in nodeA, but have this error "Can't open Display:192.168.123.243:0.0"

4) within nodeA terminal, i ssh to node B and issue a xclock expecting the clock to be showing in nodeA, but still having the same error.

5) wireshark running on both nodes shows sending and receiving of the following message below


577 487.305938000 192.168.123.133 192.168.123.143 TCP 74 41530 > x11 [SYN] Seq=0 Win=14600 Len=0 MSS=1460 SACK_PERM=1 TSval=31909316 TSecr=0
WS=128

578 487.306376000 192.168.123.143 192.168.123.133 TCP 60 x11 > 41530 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0

-----------------------

Q1) Not really sure what it meant, but the xServer (nodeA) seems to be resetting the connection ? (is RST reset ?)

Q2) Is my concept correct ? nodeA = Xserver nodeB = client

(nodeB) client set display to point to Xserver(nodeA)

Q3) or am i, on my local pc running the vsphere client's 2 consoles to see my nodeA and nodeB being the Xserver ??? (dont make sense to me).

Please advise!

Regards,
Noob!
 
Old 06-29-2014, 05:57 AM   #2
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,601

Rep: Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241
Unless you made special exceptions, the firewall will reject the connection.

Second, even with the exceptions, X servers do not permit TCP connections with also first enabling them in the X server.

Network connections are well known to be insecure - passwords sent in the clear, non-encrypted connections...

Use ssh to forward connections.
 
Old 06-29-2014, 09:49 AM   #3
szejiekoh
LQ Newbie
 
Registered: Jun 2014
Posts: 28

Original Poster
Rep: Reputation: Disabled
Hi jpollard,

I have turn off iptables on both side and both nodes are in the same network, so how is the firewall (where) going to block any traffic ?

I have also turn off access list for Xserver by issuing xhost+, so what's wrong ?

Regards,
Noob
 
Old 06-29-2014, 10:47 AM   #4
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,601

Rep: Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241
what remains is that the X server doesn't support TCP connections.

SSh works better. Use it.
 
Old 06-29-2014, 11:32 AM   #5
szejiekoh
LQ Newbie
 
Registered: Jun 2014
Posts: 28

Original Poster
Rep: Reputation: Disabled
jpollard, short but useful replies.

i have enabled TCP in the schema config and now it works
Just wanna prove that my understanding is correct

Thanks
 
Old 06-29-2014, 05:18 PM   #6
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,601

Rep: Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241
Quote:
Originally Posted by szejiekoh View Post
jpollard, short but useful replies.

i have enabled TCP in the schema config and now it works
Just wanna prove that my understanding is correct

Thanks
Correct but incomplete - xhost + allows anybody to connect and do anything they want. It totally disables any security.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
how do i get wireshark to save only the packets i have filtered baronobeefdip Linux - Software 3 05-08-2012 10:30 PM
Wireshark UDP Packets Socket not set robtard Programming 3 10-27-2010 06:45 PM
[SOLVED] UDP packets not seen with wireshark when sending too fast mibo Programming 1 09-04-2009 04:31 AM
How to capture packets using wireshark exl75 Linux - General 24 07-21-2007 03:10 AM
xhost and DISPLAY error miguelchagas Linux - Newbie 2 10-25-2006 06:16 PM


All times are GMT -5. The time now is 08:03 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration