Tweak IPTables Rules on your workstation
Wait! Skip this part if you are not running a firewall on your Linux box!
If you are indeed running a firewall on your Linux box, then you will need to modify your firewall rules on a Linux workstation to allow X-traffic from AVIDD's firewall node bh3.
Note: The following information is provided for your convenience; there is no guarantee it will enable you to open X applications from AVIDD or any other *n*x based server (ultimately your other rules also have to be taken into consideration)
As root , add the rules shown below (check to see if you already have the last two rules):
$ /sbin/iptables -A INPUT -i eth0 -p tcp -s 149.165.228.0/255.255.255.0 -d <your_IP_address> \ --dport 6000 -m state --state NEW -j ACCEPT $ /sbin/iptables -A INPUT -i eth0 -p tcp -s 149.165.229.0/255.255.255.0 -d <your_IP_address> \ --dport 6000 -m state --state NEW -j ACCEPT $ /sbin/iptables -A INPUT -i eth0 -m state --state EST,REL -j ACCEPT $ /sbin/iptables -A OUTPUT -m state --state EST,REL -j ACCEPT
All you are doing with the above rules is: allowing NEW packets IN from AVIDD compute nodes (both Bloomington and Indy) into your workstation on TCP ports 6000 as well as established and related packets.
If the above rules work, then you can go ahead and save them to your default IP tables ruleset, so they will be applied every time your computer starts!
Append Xhost list on your workstation
modify-xhost-for-avidd-x-traffic.pl; Run the script by doing:
$ perl modify-xhost-for-avidd-x-traffic.pl b add
149.165.228.1 being added to access control list 149.165.228.2 being added to access control list . . .
i instead
of b as the first parameter. I.e. do
"modify-xhost-for-avidd-x-traffic.pl i add".
remove as the second parameter to
clear out the xhost list back to its original state. I.e. do
"modify-xhost-for-avidd-x-traffic.pl b remove".
Find your workstation's IP address (assuming you are using the Ethernet interface eth0):
[agopu@peart agopu]$ /sbin/ifconfig eth0 | grep "inet addr" | cut -f2 -d: | cut -f1 -d " " | head -1
bash-2.04$ /usr/sbin/ifconfig -a | grep -v "127.0.0.1" | grep "inet" | cut -f2 -d" "If you are unable to access ifconfig, then you could use the fully qualified hostname instead. You can get it by doing:
bash-2.04$ cat /etc/hosts | grep -v "#" | grep -v "localhost" | cut -f3 | head -1
Set the DISPLAY environment variable on the compute node
[agopu@bc81 agopu]$ export DISPLAY=xxx.xxx.xxx.xxx:0.0
For example
On my laptop running Linux:
[agopu@laptop agopu]$ perl modify-xhost-for-avidd-x-traffic.pl b add 149.165.228.1 being added to access control list 149.165.228.2 being added to access control list . . . 149.165.228.96 being added to access control list [agopu@laptop agopu]$ /sbin/ifconfig eth0 | grep "inet addr" | cut -f2 -d: | cut -f1 -d " " | head -1 156.56.18.241
Then on AVIDD's compute node:
[agopu@bc81 agopu]$ export DISPLAY=156.56.18.241:0.0
Note: If you are using wireless and VPN (for example, on your laptop) then you'll need to find that interface's IP address. Let us know if you have trouble doing this.
| Previous | Up: Table of Contents | Next |
|---|