Browse Source
Add x0vncserver option to only allow localhost connections
Patch originally by @KenMilmore on GitHub.tags/v1.9.90
Pierre Ossman
5 years ago
2 changed files with 12 additions and 1 deletions
+ 7
- 1
unix/x0vncserver/x0vncserver.cxx
View File
| @@ -60,6 +60,9 @@ IntParameter rfbport("rfbport", "TCP port to listen for RFB protocol",5900); | |||
| StringParameter rfbunixpath("rfbunixpath", "Unix socket to listen for RFB protocol", ""); | |||
| IntParameter rfbunixmode("rfbunixmode", "Unix socket access mode", 0600); | |||
| StringParameter hostsFile("HostsFile", "File with IP access control rules", ""); | |||
| BoolParameter localhostOnly("localhost", | |||
| "Only allow connections from localhost", | |||
| false); | |||
| // | |||
| // Allow the main loop terminate itself gracefully on receiving a signal. | |||
| @@ -259,7 +262,10 @@ int main(int argc, char** argv) | |||
| listeners.push_back(new network::UnixListener(rfbunixpath, rfbunixmode)); | |||
| vlog.info("Listening on %s (mode %04o)", (const char*)rfbunixpath, (int)rfbunixmode); | |||
| } else { | |||
| createTcpListeners(&listeners, 0, (int)rfbport); | |||
| if (localhostOnly) | |||
| createLocalTcpListeners(&listeners, (int)rfbport); | |||
| else | |||
| createTcpListeners(&listeners, 0, (int)rfbport); | |||
| vlog.info("Listening on port %d", (int)rfbport); | |||
| } | |||
+ 5
- 0
unix/x0vncserver/x0vncserver.man
View File
| @@ -162,6 +162,11 @@ Number of seconds to show the Accept Connection dialog before rejecting the | |||
| connection. Default is \fB10\fP. | |||
| . | |||
| .TP | |||
| .B \-localhost | |||
| Only allow connections from the same machine. Useful if you use SSH and want to | |||
| stop non-SSH connections from any other hosts. | |||
| . | |||
| .TP | |||
| .B \-AlwaysShared | |||
| Always treat incoming connections as shared, regardless of the client-specified | |||
| setting. Default is off. | |||
Loading…