LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 10-26-2012, 04:39 PM   #1
esolve
LQ Newbie
 
Registered: Oct 2012
Posts: 16

Rep: Reputation: Disabled
ssh DISPLAY issues and remote DESKTOP


I want to use tcpdump to capture packets of website visiting with firefox on a remote machine.
I'm now operating on my laptop with fedora
I want the firefox is opened on the remote machine, not on my laptop

I ssh onto the machine and notice that I can't open firefox coz no DISPLAY is set
so I set DISPLAY


Code:
export DISPLAY=":0.0"
and then start tcpdump and open firefox with a website
but I got nothing about the website
while the firefox seems to be running
Code:
[root@canard tor_capture]# sudo -u wgong firefox www.google.com &
[1] 15061
[root@canard tor_capture]# ps -ef|grep "firefox"
root     15061 14987  0 23:33 pts/0    00:00:00 sudo -u wgong firefox www.google.com
esolve    15062 15061  4 23:33 pts/0    00:00:00 /usr/lib64/firefox/firefox
esolve    15080 15062  0 23:33 pts/0    00:00:00 [firefox] <defunct>
root     15104 14987  0 23:33 pts/0    00:00:00 grep --color=auto firefox
what is wrong with this?






besides, I want to configure remote desktop TigerVNC following the guide:
http://zeusville.wordpress.com/2012/...-on-fedora-16/

the author said:
Code:
let’s update iptables:

sudo vi /etc/sysconfig/iptables

Add this to the file:

-A INPUT -p tcp -m state --state NEW -m tcp --dport 5903 -j ACCEPT

Save the file, then restart iptables and verify that the port is active.

sudo systemctl restart iptables.service

sudo iptables --list | grep 5903
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp d
but I get
Code:
[root@canard tor_capture]# systemctl restart iptables.service
[root@canard tor_capture]# iptables --list 
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
how to deal with this?
thanks!

Last edited by esolve; 10-26-2012 at 07:31 PM.
 
Old 10-26-2012, 07:13 PM   #2
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,396
Blog Entries: 2

Rep: Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903
A bunch of stuff is probably getting in your way. First, I will rephrase your question, so you can confirm that I'm answering the questions you want answered.
You use the ssh client on a Linux host that is running an X server, to log into a remote Linux host. You want to run X client applications on that host, such that they connect and render on the X server at your local Linux console. If incorrect, please clarify.

To get the remote X clients to render on your local X server, the easiest thing to do is simply use the ssh -X option, which will cause ssh to build a tunnel back to your local X server, and automatically set $DISPLAY on the remote host session for you. Now, having done this, simply start your X applications as if they are running locally. Setting $DISPLAY to ':0.0' will cause the X applications to try to make a connection to an X server running on the remote host, which should probably fail if it's security is adequately configured, and you won't be able to see or control anyway, since it's remote.

Now, for firefox, things get more complicated. When firefox launches, it snoops around on the attached X server (defined by $DISPLAY), and looks for an existing firefox application using the X server. Not sure how it does that, but it does. Now, even if the instance of firefox using the X server is running on a totally different host, it will hand off the launch request to that other firefox sharing the X server. If it is on a host with multiple virtual desktops, and the firefox window(s) obscured, you won't even see the result. The solution there is to start firefox with the -no-remote option. That defeats the default pernicious behavior.

You don't have to open any firewall rules on the host for which you've posted the listings. It is already wide open, accepting anything from anywhere.

--- rod.

Last edited by theNbomr; 10-26-2012 at 07:18 PM.
 
Old 10-26-2012, 07:29 PM   #3
esolve
LQ Newbie
 
Registered: Oct 2012
Posts: 16

Original Poster
Rep: Reputation: Disabled
thanks
You misunderstood me
I just want everything is done on the remote machine, I'm now operating with my laptop on fedora.
I want the remote machine open firefox, visit website and capture packets, all these stuff are done on the remote machine, I wrote a script on that machine for doing these stuff.
I just want to ssh into that remote machine, use "screen" and start the script and then exit and then power off my laptop.

you said
Quote:
Setting $DISPLAY to ':0.0' will cause the X applications to try to make a connection to an X server running on the remote host, which should probably fail if it's security is adequately configured, and you won't be able to see or control anyway, since it's remote.
this really is not a good news, are there any solutions for this?
last time I used tigerVPN to log onto that machine and opened firefox on that machine.
tigerVPN can, why can't ssh ?
 
Old 10-27-2012, 11:27 AM   #4
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,396
Blog Entries: 2

Rep: Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903
firefox will not run without an X server to connect to. That can be a real X server, on either the host running firefox, a real X server on your local host running the ssh client, or a virtual X server such as Xvfb (which would run on the remote host that will run firefox).

Is there something about the web site that actually requires firefox? Is the problem better solved by using either a text-mode browser such as links or lynx, or a downloader/command-line HTTP client such as wget or curl?

Perhaps tell us what the actual objective is, as there is probably a clean solution to be used.

--- rod.
 
Old 10-27-2012, 12:00 PM   #5
esolve
LQ Newbie
 
Registered: Oct 2012
Posts: 16

Original Poster
Rep: Reputation: Disabled
I want to use firefox get video streaming
and capture the packets for the video streaming,
and so running firefox is mandatory

I'm now considering the tigerVPN, coz tigerVPN should be fine
but I have problems on the iptable stuff


Quote:
Originally Posted by theNbomr View Post
firefox will not run without an X server to connect to. That can be a real X server, on either the host running firefox, a real X server on your local host running the ssh client, or a virtual X server such as Xvfb (which would run on the remote host that will run firefox).

Is there something about the web site that actually requires firefox? Is the problem better solved by using either a text-mode browser such as links or lynx, or a downloader/command-line HTTP client such as wget or curl?

Perhaps tell us what the actual objective is, as there is probably a clean solution to be used.

--- rod.
 
Old 10-27-2012, 01:49 PM   #6
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,396
Blog Entries: 2

Rep: Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903
So, is it the TCP/IP data that you are trying to capture, or are you trying to capture the actual streaming video? If you want the streaming video, it is a long way to go from captured ethernet packets to a video file that you can play on anything. It might be impossible, due to encryption and compression between the source and destination.
How does using a VPN solve the problem? Is it because the streaming video is supposed to be contained within some IP doamain? If so, then consider the idea of using the Xvfb to support X for firefox. It isn't very complex to set up, and plays well with your screen session. In fact I've used those two pieces in combination for reasons not dissimilar to yours.

--- rod.
 
Old 10-27-2012, 03:06 PM   #7
esolve
LQ Newbie
 
Registered: Oct 2012
Posts: 16

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by theNbomr View Post
So, is it the TCP/IP data that you are trying to capture, or are you trying to capture the actual streaming video? If you want the streaming video, it is a long way to go from captured ethernet packets to a video file that you can play on anything. It might be impossible, due to encryption and compression between the source and destination.
How does using a VPN solve the problem? Is it because the streaming video is supposed to be contained within some IP doamain? If so, then consider the idea of using the Xvfb to support X for firefox. It isn't very complex to set up, and plays well with your screen session. In fact I've used those two pieces in combination for reasons not dissimilar to yours.

--- rod.

I'm actually doing research on video streaming with browser, for example, youtube.
so I hope the packets are between the youtube server and the remote machine, there should be no encryption/compression
I don't want to watch the video on my local laptop

I don't understand your second paragraph, can you make it a bit clearer?
thanks!
 
Old 10-27-2012, 08:11 PM   #8
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,396
Blog Entries: 2

Rep: Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903
What I mean is that you can run firefox on the remote host, using a virtual X server. I don't know what role the VPN you talked about plays, or how it contributes to a solution.
--- rod.
 
Old 11-10-2012, 04:26 PM   #9
MrUmunhum
Member
 
Registered: May 2006
Location: Mt Umunhum, CA, USA
Distribution: Debian/ Fedora
Posts: 442

Rep: Reputation: 33
Quote:
Originally Posted by esolve View Post
I want to use tcpdump to capture packets of website visiting with firefox on a remote machine.

. . .

how to deal with this?
thanks!
Ssh into your server and start tcpdump, then use 'ssh -Y user@xx.xx.xx.xx firefox' to start Firefox on your local machine from your server, or use mplayer to get the video.
( Do not export DISPLAY )
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Help with Ubuntu server remote ssh and local network ssh issues using putty. scottpops Linux - Server 8 05-17-2012 05:07 PM
SSH shell disabled + Remote desktop NX (or another remote desktop software) zoltan32 Linux - Software 2 04-12-2011 03:36 AM
The difference in settings: console from desktop & ssh as DISPLAY not set when ssh in wikapuki Linux - Newbie 10 07-02-2010 09:44 AM
unable to setup Remote DISPLAY using ssh mmateen Linux - Newbie 2 08-09-2009 12:02 PM
Remote login with SSH, but display on remote computer. brodin Linux - Software 3 09-09-2007 03:01 AM


All times are GMT -5. The time now is 06:56 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration