You are not logged in.
Pages: 1
Hi,
I ran netstat recently and noticed that X server was listening on port 6000 on all interfaces, not just local loopback. I figured that the firewall was blocking it anyway but then noticed that iptables was not installed. Is there any reason why X should listen on all interfaces by default especially when there isn't a firewall installed if you only pick base packages (as recommended) at installation, or isn't that the case and I have done something I shouldn't have? Also is there any way I can force X to only listen on the lo interface?
Thanks,
Calef13
Offline
There's no point running X on only the loopback address only. X listens on the network so that you can run X applications on remote hosts.
You want to disable tcp communication altogether if you only run applications on the local host. This can be done by putting the following into /etc/X11/xinit/xserverrc:
exec X :0 -nolisten tcp
Offline
There was no xserverrc file so I created one and fired the line your gave me into it, I also added it to the xinitrc, but still no joy.
Calef13
Offline
I'm not sure which file I put it, but I have my X not to listen to TCP, the only thing I can find is suggestions to edit /usr/bin/startx and add it to "defaultserverargs". But since I use GDM I have added it to some other file and I can't remember which one.
PC: Antec P182B | Asus P8Z77-V PRO | Intel i5 3570k | 16GB DDR3 | GeForce 450GTS | 4TB HDD | Pioneer BDR-207D | Asus Xonar DX | Altec Lansing CS21 | Eizo EV2736W-BK | Arch Linux x86_64
HTPC: Antec NSK2480 | ASUS M3A78-EM (AMD 780G) | AMD Athlon X3 425 | 8GB DDR2 | GeForce G210 | 2TB HDD | Arch Linux x86_64
Server: Raspberry Pi (model B) | 512MB RAM | 750GB HDD | Arch Linux ARM
Offline
By default, gdm appends -nolisten tcp when it starts a X session.
Last edited by hussam (2007-06-14 17:29:57)
Offline
It's ok now anyway, I configured iptables to take care of it, and that means I can still use it to run X apps on remote machines if I ever need to, as phildg mentioned.
Thanks for all the replies anyway,
Calef13
Offline
Perhaps you should tell us how you're launching X. I launch it manually and what I suggested works on my system. If however your happy with using iptables to block it then nevermind.
Offline
i don't have an /etc/X11/xinit/xserverrc file, either. what i do is add "-nolisten tcp" to the defaultserverargs= option in the /usr/bin/startx script itself. another way to do it is to make "startx --nolisten tcp" an alias for the startx command (edit: if you log in manually from the command line).
heh, ADD strikes again.
Last edited by slackhack (2007-06-17 02:39:50)
Offline
phildg,
I'm launching X automatically when I boot, from rc.conf I launch kdm and so on. I did boot it manually for a while though. Thanks for the tip about adding it to /usr/bin/startx slackhack, I'll give that a go.
Calef13
Offline
if you are using KDE, you can shutdown port 6000 by editing the /opt/kde/share/config/kdm/kdmrc file. Look at the entry ServerCmd and put this line in:
ServerCmd=/usr/bin/X -br -nolisten tcp
Cheers
Offline
Pages: 1