![]() |
![]() |
|
|
VNC Extras, Add-ons and modificationsFirewallsKarl Harkimian <hakimian@aha.com> sent in a patch to compile the Unix viewer so that it can reach external servers through a SOCKS firewall. It's very simple, and the patch is here: socks-patch.txt. These patches apply to 3.3.1 but they are simple enough to apply by hand to later versions.Obviously, you cannot access a server inside a firewall from outside without specially configuring the firewall; that's what firewalls are for! Christian A. Lademann cal@zls.de has used an elaborate scheme: I have had a problem with connections from my workstation to a PC connected
to a customers LAN, because my firewall as well as the customers firewall
does IP-masquerading. This means that my workstation can only connect to
the customers firewall and the customers PC can only connect to my
Christian's solution involved a script listening on a single accessible
well-known port behind the firewall, which could accept incoming connections
and redirect them to the appropriate machine. His full details are
here: rvnc.txt
SSLeay encryptionRay Jones rjones@pobox.com has built a version of VNC which uses SSLeay public key encryption for a more secure connection.You can get it from http://web.mit.edu/thouis/vnc
.
Restricting connections by IP address (TCP wrapper)Wolfram Gloger <wmglo@dent.med.uni-muenchen.de> writes:In the list archives I notice there was a discussion of implementing access control for Xvnc with the tcp wrapper library. I have now implemented this for 3.3.2r2. You will need to have tcpd.h and libwrap already installed. Wolfram's full message is at http://www.orl.co.uk/vnc/archives/1998-09/0168.html . Jared Smolens <jsmolens@andrew.cmu.edu> has done an equivalent for WinVNC. He writes: ... I wrote some code to read a list of IPs to allow and IPs to deny from a text file. The rules are identical (to the best of my knowledge) to /etc/hosts.allow and /etc/hosts.deny on my Linux box and the text file's syntax is close to that format. This is a feature which has been discussed at least once on the mailing list, so I thought that you might want to add it to the official code base. The x86 binaries and source code are available at: ftp://wik.res.cmu.edu/pub/vncip_bin.zip and ftp://wik.res.cmu.edu/pub/vncip_src.zip I have two new files, ipauth.h and ipauth.cpp. I made some changes to vncclient.cpp (but not the header) to use the class and disconnect unauthorized clients. I also have a sample "iplist.txt" file which contains the allowed IPs. The format of the text file works like this: <ALLOW|DENY> <Partial/full IP>
An unlimited, unordered list of IPs (or partial IPs) may be entered into the file like this: ALLOW 128.2.93.
In this case, the DENY 128.220. is redundant because of the DENY ALL, but you get the point. ALLOW ALL is the default, and if the user specifies that, it is ignored. Allows always take precidence over denies. This code is not case sensitive. I am fairly sure that I got rid of all of my memory leaks (I ran Purify
on it, but I have done some slight modifications since then). I also use
the fstream library. I don't know if you consider this to be too
-- Jared Smolens
zlib compressionDave DeBarr (debarr@mitre.org) has modified the X server and viewer to use zlib-based compression. We plan to incorporate something similar in the standard release before long, but until then you can find his patches at:http://www.orl.co.uk/vnc/archives/1998-08/0039.html In addition, Dave has provided patches for the Windows viewer at: http://www.orl.co.uk:80/vnc/archives/1998-08/0228.html Luis B. Almeida has also created a version of the Windows software
which you can get from ftp://146.193.2.131/pub/lba/vnc
.
x2vncHere's a different twist to VNC. Fredrik Hubinette hubbe@hubbe.net has written a VNC-based variation on the popular x2x program. If you run x2vnc on an X server, you can move off the side of the screen and the mouse movements will then be sent to a VNC server (eg. a PC sitting beside it) He writes:x2vnc is basically a stripped down version of the vncviewer but with slightly different goals and a very different GUI.. :) x2vnc emulates a 'dual head' setup by catching when the user tries to
move the pointer past the edge of the screen. This allows me to control
I have made x2vnc available for download from my web site: |
|||||||||||||||
For comments, feedback, etc, please see the 'Keeping
in touch' page.
|