User Tools

Site Tools


doc:howto:vncrepeater

Outdated Information!
This article contains information that is outdated or no longer valid. You can edit this page to update it.

VNC Repeater

I'm sure many of you are asking, "What is a VNC Repeater?" Well, say you have 2 computers in your house, and you want to be able to connect to both of them from the internet. You would have to forward 2 ports (not including the viewer applet which adds another port each) the default port for this is 5900. Well, what a VNC Repeater does, is you forward one port to it, and when it recieves a viewer connection, it then forwards the port to the appropriate vnc server. Thus, you can have many computers behind a NAT router and only have to forward one port.

Full documentation on the repeater is available at ultravnc

Installation

Configure your device to use the backports repository, see packages for instructions, then install the package:

ipkg install vncrepeater

Configuration

Configuration is pretty straightforward, The file /etc/vncrepeater.conf is the config file. (please note that I know about the ^M charachters you see when editing the file in vim. You can either remove them or leave them as is. They will not appear in the next version.)

The config file is as follows:

[general]
;Ports
viewerport = 5800
serverport = 5900

;Listen Ip address (of repeater itself) in case your server happens to have several
;ip addresses (for example, one physical machine running several virtual
;machines each having their own ip address)
;default (0.0.0.0 = INADDR_ANY = uses all addresses) is the same that
;older repeater versions (before 0.12) did
;Notice ! This IS NOT address of server or viewer, but repeater itself !
listeneripaddress = 0.0.0.0

;How many sessions can we have active at the same time ?
;values can be [1...1000]
;Notice: If you actually *have* computer(s) capable
;of 1000 simultaneous sessions, you are probably a *very big company*,
;so please invite me to visit and admire your server(s) ;-)
maxsessions = 100

;If program is started as root (to allow binding ports below 1024),
;it changes to this user after ports have been bound in startup
;You need to create a suitable (normal, non-privileged) user/group and change name here
runasuser = root

;Allowed modes for repeater
;0=None, 1=Only Mode 1, 2=Only Mode 2, 3=Both modes
;Notice: If you set allowedmodes = 0, repeater will run without listening to any ports,
;it will just wait for your ctlr + c ;-)
allowedmodes = 2

;Logging level
;0 = Very little (fatal() messages, relaying done)
;1 = 0 + Important messages + Connections opened / closed
;2 = 1 + Ini values + exceptions in logic flow
;3 = 2 + Everything else (very detailed and exhaustive logging == BIG log files)
logginglevel = 1

[mode1]
;0=All
allowedmode1serverport = 0

;0=Allow connections to all server addressess,
;1=Require that server address (or range of addresses) is listed in
;srvListAllow[0]...srvListAllow[SERVERS_LIST_SIZE-1]
requirelistedserver = 0

;List of allowed server addresses / ranges
;Ranges can be defined by setting corresponding number to 0, e.g. 10.0.0.0 allows all addresses 10.x.x.x
;Address 255.255.255.255 (default) does not allow any connections
;Address 0.0.0.0 allows all connections
;Only IP addresses can be used here, not DNS names
;There can be max SERVERS_LIST_SIZE (default 50) srvListAllow lines
srvListAllow0 = 10.0.0.0        ;Allow network 10.x.x.x
srvListAllow1 = 192.168.0.0     ;Allow network 192.168.x.x

;List of denied server addresses / ranges
;Ranges can be defined by setting corresponding number to 0, e.g. 10.0.0.0 denies all addresses 10.x.x.x
;Address 255.255.255.255 (default) does not deny any connections
;Address 0.0.0.0 denies all connections
;Only IP addresses can be used here, not DNS names
;If addresss/range is both allowed and denied, it will be denied (deny is stronger)
;There can be max SERVERS_LIST_SIZE (default 50) srvListDeny lines
srvListDeny0 = 10.0.0.0         ;Deny network 10.x.x.x
srvListDeny1 = 192.168.2.22     ;Deny host 192.168.2.22

[mode2]
;0=Allow all IDs, 1=Allow only IDs listed in idList[0]...idList[ID_LIST_SIZE-1]
requirelistedid = 0

;List of allowed ID: numbers
;Value 0 means "this authenticates negatively"
;If value is not listed, default is 0
;Values should be between [1...LONG_MAX-1]
;There can be max ID_LIST_SIZE (default 100) idList lines
idlist0 = 1111
idlist1 = 2222
idlist2 = 0
idlist3 = 0
idlist4 = 0
idlist5 = 0
idlist6 = 0
idlist7 = 0
idlist8 = 0
idlist9 = 0

Everything is pretty straightforward, the one thing you may want to take note of are the lines: viewerport = 5800 serverport = 5900 The viewerport is the port on the wan side which your viewer will connect to. The serverport is the port on the lan side which the repeater will connect to the server on.

Usage

NOTE: This is INCOMPATIBLE with the Ja va based viewer. You MUST use a vnc viewer that supports proxy servers in order to use this repeater.

In order to use the repeater, (as I said above) your viewer must support a proxy server. A great viewer I suggest is the standalone viewer available from ultravnc: Get it here. The proxy server will be configured to be your wan address (Dyndns is good for this) and the port the repeater is running on (ex. home.dyndns.org:5800). The server address is the LOCAL address of the computer you want to connect to (ex. 192.168.1.2).

That's it!

Notes

I hope you find the repeater useful, i decided to port it to the OpenWrt cuz i have been working to get rid of my server and replace it with my router. (many thanks to florian_ for helping to get it to compile) If you have any comments/suggestions, you can reach me at the forum

doc/howto/vncrepeater.txt · Last modified: 2010/09/18 04:00 by realopty