Ubuntu Networking :: XRDP Being Blocked By Firestarter?
Dec 8, 2010
I recently installed the XRDP server on my desktop edition of Ubuntu v10.04 following the simple instructions available here. I did this on two computers. One computer has Firestarter installed while the other does not.
When I use Windows to connect to the Ubuntu box without Firestarter, everything works just fine. However, when I try to connect to the one running Firestarter, I get a pop up showing an error message (see the attached file).
I checked the incoming rules in Firestarter and I don't see a way to add RDP sessions to the list of exceptions. I also tried adding my IP address in the host section but this too didn't help the situation.
View 1 Replies
ADVERTISEMENT
Sep 19, 2010
I was looking for good way to remote login into my computer. VNC wasn't good because it causes problem to run before logging into gnome. XRDP haven't got such problems, BUT i can login only once. I mean, that after rebooting computer and login remotely via rdp, and logging off on remote session, i cannot log in again. Client application stucks on message "sending info to sesman".
View 1 Replies
View Related
Apr 14, 2010
I am helping a local genealogy society set up their research center. They want three workstations and a single data server. The genealogy program of choice was GRAMPS, which I have used for years a Wonderful program! No data is going to be input on the workstations the users are simply researching existing data on the server.
Since several RDP-based Wyse thin client units were available for free as were monitors and keyboards, the decision was quickly made to use an RDP based client/server system. Using VNC was unacceptable due to its speed and latency issues, plus, it isn't supported by the Wyse thin client units ONLY RDP and Cytrix.
Using Microsoft's server OS and Terminal Server package was far, far beyond the society's budget. We briefly considered equipping a Windows XP box with a copy ThinSoft's RDP server package, WinConnect Server XP, but its $300 price tag was still too much for the society.
The decision was to use Linux for the server. At first we considered LTSP but it is oriented towards PXE net boots and, while this may have worked, its complexity scared us off and we opted for what, we initially thought, was a much simpler solution XRDP.
We were right and wrong at the same time. It is simple to set up very simple, but the lack of documentation places many pitfalls in front of you, PLUS the solution is distribution dependent.
I spent many hours on this issue. There are numerous sources on the web citing solutions to running XRDP. Unfortunately, they all involve running vncserver against the destination logins. This is NOT what we desired. We wanted to be able to boot up the host system but not login at all, yet still be able to connect to a session via RDP.
I tried numerous distributions and eventually spending a lot of time going through the xrdp source code and planting out my own debug messages in /etc/xrdp/startsm.sh to output to a file in /tmp. Putting in ps -eS >> /tmp/xrdp.txt was particularly useful because it showed that xrdp/sesman DID launch an Xvnc, meaning that it was unnecessary to pre-launch vncserver, as most pundits recommend. The solution was figuring out how to connect to the Xvnc session created by sesman.
I discovered the solution somewhat by accident. It seems that the files created in the destination user's .vnc folder by vncserver were interfering with xrdp/sesman. Here is what worked. 1.Starting with a nearly virgin install of Ubuntu 10.04 beta 1, installed two users intended to be accessed for remote login via RDP. That is ALL that I did I never even logged into them. 2.My first entry xrdp.ini was unmodified except that ask was deleted from username=. Everything was unmodified.
3.Using tsclient on another machine, with the desired username, that was NOT logged in, and password pre-filled, I connected and received a nice Gnome desktop. 4.The session was on 5910. 5.While keeping this session active, I logged into the next login created for remote access and received my second nice Gnome sesktop on port 5911 automatically. Xrdp-sesman DOES automatically launch Xvnc in a useful way!
I can ONLY get this to work on Ubuntu version 10.04 e/w Gnome. It fails on CentOS 5.2, Xubuntu 9.10, SuperOS 9.10 and Lubuntu 10.04. In all cases xrdp was version 4.1.1, so the issue is not with xrdp/sesman it lies within the OS what, I do not know. I did not test KDE at all.
Code:
The system is running Ubuntu 10.04 LTS beta - the Lucid Lynx, amd64:
uname -a
Linux ubu910 2.6.32-16-generic #25-Ubuntu SMP Tue Mar 9 16:33:12 UTC 2010 x86_64 GNU/Linux
---------------------------------
Contents of /etc/xrdp/sesman.ini:
---------------------------------
[Globals]
ListenAddress=127.0.0.1
[code]...
View 9 Replies
View Related
Apr 8, 2010
I installed XRDP on my home machine, made sure the service was running, NAT'ed ports 3350 and 3389 TCP to the machine in my router and punched corresponding holes through Guarddog on these ports on the machine as well, but connecting with: rdesktop -f "my IP here" from my workplace doesn't work. I get "unable to connect".
I have a feeling, it's still the firewall. Do I need to tick permitting the rdesktop protocol in both the "local" and the "Internet" zone or do I need to also establish specific custom rules?
View 2 Replies
View Related
Feb 5, 2010
I installed firestarter and then at a later date uninstalled/purged it, both actions via synaptic. I have a very verbose boot, I like to see what's going on, and noticed after the uninstall/purge that I was getting an error zooming up the screen containing firestarter in it. After many restarts I found that a file was left in /etc/network/if-up.d/50firestarter and this file was simply a script trying to restart firestarter. At this point I've commented out the calling line and followed the commented line with exit 0. This removes the error but there's still a link calling the file so, is this a bug or am I missing something? It appears the uninstall/purge wasn't entirely complete.
View 1 Replies
View Related
Jul 23, 2010
I have wireless connection between my router and PC. It is the only computer connected. Sometimes Firestarter blocks ports 1900 and 6771 from 192.168.1.100 IP address and sometimes port 68 from 192.168.1.1 IP. I'm a bit confused because 192.168.1.100 is the IP addres i use to open ports in router and 192.168.1.1 is used to access the router settings..
View 7 Replies
View Related
Sep 26, 2010
i connect to internet with the connection (with Name: DSL Connection 1) that made by myself. now i wanna use the firestarter but i have a problem.
View 5 Replies
View Related
Oct 22, 2010
I allowed ports 3689 and 5353 for incoming and outgoing traffic in firestarter but my other machines wont detect a DAAP share. They do see them when I turn off firestarter. I'm even more confused when I see that I have a local connection using port 56690 when I turn off firestarter and monitor the log. It seems that DAAP is using 56690 but when I allow it for incoming/outgoing it still doesnt pick up my DAAP shares.
Is there a way I could fix this? I mean, I could run without a firewall but...idk if thats such a good idea :/
View 1 Replies
View Related
Nov 8, 2010
All I want to do is share my internet connection that comes through the eth0 cable to my wlan0 wiki card. Firestarter seems the convenient tool for doing this. BUT it keeps telling me wlan0 not ready. The card is connected correctly and network-manager does see incoming signals.
View 1 Replies
View Related
Feb 5, 2010
At my home I am using firestarter to connect my XBOX 360 to the internet and it works perfectly, never crashes etc and I get a moderate NAT which I've never experienced any problems in having.
I have my devices set up like this
eth0 - ifconfig eth0 192.168.2.1 netmask 255.255.255.0 broadcast 192.168.2.255
XBOX - 192.168.2.10 netmask 255.255.255.0 broadcast 192.168.255 gateway 192.168.2.1
This configuration works perfectly on my router at my house which has the IP of 192.168.0.1
However at my friends house he has a router with the IP adress of 192.168.2.10 or 192.168.2.7*, I don't remember exactly but I'll find out tonight. I have tried changing my IP settings on my xbox and eth0 to no avail. I noticed instantly that the XBOX IP is the same as my friends router. what the new settings would be, or simply changing the router's IP.
However there is also an issue with the DNS servers. I can't find them anywhere on the router or on the router box itself. I heard that I could point it towards my default gateway however.
View 2 Replies
View Related
Apr 21, 2010
I have a system running 9.10 configured with Firestarter acting as a router. We have multiple Xbox 360's on the network. Unless some ports are forwarded, the Xbox has a NAT type of "Moderate". I have been able to set an Xbox with a Static IP and forward the necessary ports for that IP, which allows the Xbox's NAT to become "Open." My question is, how do I do this for multiple Xboxs? If the follow the same procedure for additional Xboxes, only one Xbox at a time can have an "Open" NAT type, and the rest would be "Moderate". The ports the Xbox uses cannot be changed via the Xbox.
View 3 Replies
View Related
Jul 22, 2010
I am trying to set up a computer to act as a firewall/gateway on my network, and am using the Firestarter program to do this. Everything appears to be set up correctly, and I followed the instructions on their website completely, and I get an error message when I try to start the firewall. It says that eth0 (my internal NIC) isn't ready, and to make sure it's active.
View 3 Replies
View Related
Apr 27, 2010
So I set up an Ubuntu 10.04 server with apache2 installed, but for some reason I can't get to it from my browser. the iptables have all changed directories in 10.04 so I can't find the iptables. Apparmor wasn't the problem. The network hard ware is not the problem.There is something inside of 10.04 that is blocking port 80. I can ping it all day using the ip address but when I ping it useing http://ipaddress it can't find the host
View 4 Replies
View Related
Jun 12, 2010
I dont know how, but somehow all the ports on my comp appear to be blocked except for 24, for ssh and 5900 unknown. I can connect to the network, but as far as I can tell, I'm powerless to do anything. No webpages load, I'm typing this on my phone.
View 1 Replies
View Related
Jul 15, 2010
In my Ubuntu 9.04 installation, just a few days ago, I lost my usage of the internet. I still had internet access. Firstly though, there was a problem with the router, so I tried a friend's router (both Netgear DG834) and the friend's one worked. But in Ubuntu, I could not access any web pages or email. Skype works.
I tried using my netbook and that could access web pages okay. So then I booted my main PC into the old installation that I kept there of Ubuntu 8.04, which I am using now. And in this the internet works just fine, I can access websites and download and send email.
But in Ubuntu 9.04, it seems like something is blocking my access. I do not recall installing anything new, although something may have been updated recently. I can see the DNS servers from Ubuntu 9.04 and it gets an IP address from the router. What is the likely cause of the Internet being blocked for websites and email (but not Skype)?
View 2 Replies
View Related
Mar 2, 2010
Since yesterday Firestarter has been prompting me that it is blocking external connection attempts as shown in the picture below:I'm not even going to bother covering the IP addresses because I personally don't see why I should care but as you can see, there has been loads of them attempting to connect to ports 3674 - 3675. I ran nmap 127.0.0.1 and it came back as 631 being the only one open. So then I thought maybe lsof -i would mention much more but all it shown was:
@boris:~$ cat meh
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
cupsd 1644 root 5u IPv6 14329 0t0 TCP localhost:ipp (LISTEN)
[code]...
View 1 Replies
View Related
Aug 20, 2009
I have the following machine :
laptop : Dell Inspiron E1505
Wireless : Intel Pro Wireless 3945 (ipw3945-1.2.2 + ipw3945d-1.7.22 + ipw3945-ucode-1.14.2 / eth1)
Printer : HP C4580 Photosmart wireless (hplip-3.9.8)
Ethernet : Broadcom Corporation BCM4401-B0100Base-TX (b44.ko / eth0)
External Modem : Siemens CL-110 ADSL
OS : Fedora 6+11 (currently on fc6)
The external modem is connected via the laptop ethernet and provides the internet connection.
The printer is connected via wireless adhoc to the laptop's IPW3945 wireless card. I use firestarter as firewall. When firestarter is disabled everything works fine. If enabled it blocks my printer. I have tried to open every possible port via firestarter (according to several other threads) with no luck. My printer is set (under system-config-printer) as :
Code:
hp:/net/Photosmart_C4500_series?ip=192.168.2.5
$ netstat -rn .....
View 2 Replies
View Related
Aug 23, 2010
I am a bit new to fedora I have the following scenario in testbed of mobile ad hoc network
pc1 pc2 pc3 pc4
192.168.1.1 192.168.1.2 192.168.1.3 192.168.1.4
Now I have the source as pc1 and pc4 is destination and I want to send data/ping pc4 from pc1 via pc2 and pc3 using firewall firestarter,
View 1 Replies
View Related
Feb 10, 2011
I am connecting to a Ubuntu 10.10 (64 bit) instance from Windows 7 (64 bit) using XRDP. However, in Ubuntu's terminal window, whenever I type "d", the terminal window minimizes and i am not able to type in the "d" word.
View 2 Replies
View Related
Sep 18, 2010
I can't seem to establish a conncction to my site (that I'm hosting in the same computer as the gFTP client- running Lucid Lynx desktop as a server). My site is 'out there', with a domain etc. and also I work on it with localhost. I wanted to use ftp as Joomla has a 'ftp layer' for files permissions etc. But it keeps saying that I can't connect, or the connection 'was reset by a peer' whatever that means. For 'hostname' I use site.com (site is my site's name) and even tried the whole thing like http://www.site.com (I clicke on 'connect to remote, and enter that in the url). or just put it where 'host' goes (when I'm not using localhost) For user name and pass, I just enter what I usually put to access the administrator's back panel in joomla, but maybe I am supposed to use what I use to log on to ubuntu when I start my computer? note sure. Anyway I used a telnet command in the terminal and found that port 21 was blocked. MY isp says they don't block any ports so I don't know. I was able to do this last year so I don't know what is so hard about this lol In the router, I have 'ftp 21 to 21 and ip address 192.168.1.100 (ip is the same for http which is working as I have my site up) now it seems to be open as I used a command at the terminal (found from google). It's open but my ftp still can't connect to my server either localhost or to my site. there is no firewall blocking it and I think my router is set right.
View 1 Replies
View Related
Feb 13, 2011
I am facing an annoying problem with the wireless network of my university.The network is open, doesnt have wpa/wep, and once connected when requesting any page in the browser it gets redirected to a login page. Basically any pc running windows works fine, however if the os is linux-based than the pc connects just fine, it gets an ip, but the login page never loads. I have tried several browsers, several machines, even my android smartphone is locked out as well as all my friends running ubuntu, arch linux and others linux distros.The technical support never answered my email, and it's now 3 weeks that we are all without internet.
View 9 Replies
View Related
Jul 2, 2011
Recently My ISP provider blocked any kind of http proxies can be used in browsers. When I put my proxy settings in my browser, it keeps loading with no response. I've squid proxy running on my own server and worked fine before that modification.
View 3 Replies
View Related
Mar 2, 2011
All ports are blocked only 22 and 80 are open. I scan localhost and ports are open. When I scan IP address ports are blocked.I have no firewall rules.
View 5 Replies
View Related
Nov 28, 2009
The firewall in Fedora 12 seems to block UPnP by default, but opening port 1900 for UDP, as I have seen suggestedes not resolve the problem.have the following three scenarios:Firewall Enabled: Transmission cannot open a port by UPnPFirewall Enabled (1900 UDP allowed): Transmission cannot open a port by UPnPFirewall Disabled: Transmission opens a port via UPnP fineAny ideas? Yes, the port that I'm trying to open is also allowed. Router is a Linksys BEFSR41 v4.3, should you care
View 6 Replies
View Related
Feb 15, 2011
Fedora 13 64. NetworkManager tries to unlink /etc/hosts and is blocked:
Code:
SELinux is preventing /usr/sbin/NetworkManager from unlink access on the file /etc/hosts.
Additional Information:
[code]....
View 2 Replies
View Related
Nov 29, 2010
I connect to the internet at work through an authenticating proxy, and to avoid having to enter the proxy info into every app I use (e.g. firefox, wget, kde, etc) I have set up squid as a local transparent proxy which authenticates and routes all traffic to the work proxy. It has been working fine, but lately I haven't been able to connect to any https sites. I don't think I have changed the configuration, so perhaps it is the result of an upgrade, or something badly configured on my system from the start. I have tried connecting to https sites without squid and iptables and it works fine. My system is Arch linux, and my squid.conf file is: Code:
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80# http
acl Safe_ports port 21# ftp
acl Safe_ports port 443# https
[Code]....
View 2 Replies
View Related
Oct 13, 2010
In my work I am trying to connect my home server behind symantech gateway but I cannot but when I try to connect with telnet to ssh port I can make connection.How can I connect my server via ssh client.
View 11 Replies
View Related
May 17, 2010
Last night I installed all the updates that were available for CentOS. Today, I discovered that all connections to port 25 (Sendmail) are being blocked except connections coming from localhost.
I tried disabling the firewall to see if anything would change but it is still blocked.
If it is not the firewall doing the blocking, what else might it be?
View 4 Replies
View Related
Jul 10, 2011
Recently I discovered that we were accidentally running a POP server (port 110), when we only should have been running the encrypted version thereof (port 995). This wouldn't have been a problem if the port was blocked in the first place.Isn't the default iptables setup on CentOS to block unspecified ports? Specifically, this line from /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
Right? Well, this doesn't seem to be working for me. I added some rules to allow additional ports and commented out a couple (crucially port 110), but for some reason, port 110 is open.Here is /etc/sysconfig/iptables and the output of iptables -L below that:
# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
[code]....
Why isn't "-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited" doing what I think it should be doing?
View 3 Replies
View Related
Nov 21, 2010
I am in China, where some web sites(....., facebook, etc) are blocked. So I have to access these blocked site by VPN. But how can I access blocked sites by VPN and unblocked sites by my direct ADSL?
View 2 Replies
View Related
