X11 Forwarding
(November 2005)
We want to run a graphic application (using the X11 protocol) on computer A, and have it displayed on computer C, but the network has the following configuration :
computer A <--> computer B <--> computer C
- computers A and B are running Unix
- computer C cannot receive packets from computer A (because of a firewall for instance)
- computer C is allowed to exchange packets with computer B only
- network traffic is allowed between computers A and B
Thus, we want the following X11 forwarding :
computer A -> computer B -> computer C
A simple way to solve this is to install a program on computer B which will forward the X11 display.
For further understanding, let's remind us that the X11 protocol is conveyed by the TCP/IP protocol.
GNU Netcat is a very useful network utility on TCP and UDP streams.
The original netcat 1.10 is not suitable for our topic. Make sure you are using GNU netcat 0.7.1 or later.
On computer A, set the display :
export DISPLAY=ip.of.computer.B:33
(33 means that the display will be conveyed on TCP port 6033)
On computer B, run netcat :
netcat -p 6033 --tunnel=ip.of.computer.C:6000
This reads data on port 6033 and forwards it onto the display of computer C (port 6000 is the usual port for X11 display).
Xmond is a X11 utility originally developped for Unix systems. It may work on Linux, but a few modifications must be done in the Makefile.
Xmond can be downloaded here.
On computer A, set the display :
export DISPLAY=ip.of.computer.B:33
On computer B, run xmond :
xmond -server ip.of.computer.C:0 -port 33