Repeater Linux port (version 0.14)
Requirements
This software is intended to run on a Linux or BSD operating system where the
distribution is current as of at least May 2006. If you intend to make the
repeater available on the internet, you are strongly advised to get a static IP
for the computer on which this will run. It is not necessary to register a
domain.
Compiling
Just type "make" in the directory where you unpacked the zip file. It
should compile and link an executable "repeater".
Install by copying the executable "repeater" to a directory in your path,
perhaps /usr/sbin. Copy uvncrepeater.ini to /etc. See
Configuration below for more information.
Create a user uvncrep so that repeater can drop root privileges and run as a
normal user. For example
groupadd -g uvncrep
useradd -u uvncrep -g uvncrep -d /no/where -s /bin/false uvncrep
See
Starting and stopping the server below for a script that runs the server.
If you intend to use the event listener, you're on your own.
Usage / Hints
- Runs in terminal window in Linux (no GUI
whatsoever)
- Start command: ./repeater optionalinifilepathandname
- Command-line options: optional_ini_file_path_and_name (all other
settings are stored in uvncrepeater.ini file)
- If ini file path and name is not given, by default /etc/uvncrepeater.ini is
used (needs to be readable by repeater process).
- uvncrepeater.ini: A normal Windows style INI file (kind of), well commented.
- All versions support mode II (the mode where both
viewer and server make an outgoing connection to repeater)
- Starting from version 0.08, supports mode
I (the mode where viewer connects repeater which then connects server).
- By default, listens to port viewer_port
= 5900 for viewers (can be overridden via uvncrepeater.ini)
- By default, listens to port server_port
= 5500 for servers (can be overridden via uvncrepeater.ini)
- After start, program should report it has
opened both ports and is waiting for connection
- Use vncviewer.exe and winvnc.exe to establish
the connection. I just used 3 vmware windows, server and viewer running nt4 and
repeater running Ubuntu Hoary. Any Linux/BSD should work though.
- Example (Mode 2):
- Repeater is on ip address 192.168.137.131, listening
on port 5500 for servers and 5900 for viewers. If you need lower ports,
note that usually only root can open ports under 1024 on Linux. Running as root
is obviously dangerous. This danger can be decreased via setting "runasuser"
that allows repeater start as root, then drop root privileges after binding
ports and running as normal user after that.
- On UltraVnc server, choose "Add New connection"
from menu and give "host name" 192.168.137.131:5500 and "id code" ID:5555.
Repeater should now show lots of info about new connection, including
"addServerList(): Server added to list 5555"
- On UltraVnc viewer, write "ID:5555" on field
"VNC Server". Also mark "Proxy/Repeater" and write "192.168.137.131:5900" on
that line.
- Press "Connect"- button. Ultravnc viewer should
start to show Ultravnc server screen and Repeater should show lots of info,
including "addViewerList(): viewer added to list 5555".
- You can stop repeater with ctrl+c on terminal window
- Example (Mode 1):
- Repeater is on ip address 192.168.137.131, listening
on port 5500 for servers and 5900 for viewers.
- UltraVnc server is on address
192.168.137.132, listening on port 5900
- On UltraVnc viewer, write "192.168.137.132:5900" on
field "VNC Server". Also mark "Proxy/Repeater"
and write "192.168.137.131:5900" on that line.
- Press "Connect"- button. Ultravnc viewer should
start to show "VNC Authentication" dialog and ask for password. Repeater should
show something like "addViewerList(): viewer added to list -1".
- Maximum number of active session (server/viewer pair connected): 1000, can
be changed via ini file setting maxSessions
- Cleans up inactive (server/viewer pair "match" not
found) connections after 600 seconds, can be changed in repeater.cpp:
- #define
MAX_IDLE_CONNECTION_TIME 1200 //Seconds
Starting and stopping the server
Here is a sample script for starting or stopping the server:
#! /bin/sh
# Start/stop/restart the VNC repeater server
vnc_start() {
if [ ! -f /etc/uvncrepeater.ini ]; then
echo "uvncrepeater.ini does not exist. Aborting."
exit
fi
/usr/sbin/repeater 2>>/var/log/vnc.log &
pgrep repeater >/var/run/vnc.pid
}
vnc_stop() {
killall repeater
rm /var/run/vnc.pid
}
vnc_restart() {
if [ -r /var/run/vnc.pid ]; then
kill `cat /var/run/vnc.pid`
else
echo "Killing repeater in the absence of /var/run/vnc.pid"
killall repeater
fi
sleep 1
vnc_start
}
case "$1" in
'start')
vnc_start
;;
'stop')
vnc_stop
;;
'restart')
vnc_restart
;;
*)
echo "usage $0 start|stop|restart"
esac
Configuration
HINT Make this work on your LAN. That will ensure that
no firewall or other connectivity issue will give you grief. When it works on
your LAN, then you can make it work over the internet.
The included configuration only works on a LAN. If you also want to allow
connections from the internet, you need to modify /etc/uvncrepeater.ini
so that srvListAllow0 = 0.0.0.0 and srvListAllow1 is commented. Also set
srvListDeny0 = 255.255.255.255 and comment the srvListDeny1 line. If your
repeater server is to be accessible from the internet, you need to understand
that anyone can run vncviewer and connect to it. Use iptables to limit
connections to viewerport, perhaps like this
# Allow specified IP addresses to connect to VNC repeater
iptables -A INPUT -i eth1 -p tcp -s $ALLOWED_IP --dport 5900 -j ACCEPT
# Drop all IP addresses not specifically allowed above
iptables -A INPUT -i eth1 -p tcp --dport 5900 -j DROP
In order to quiet error messages from the event interface, set
useeventinterface = false. Once you have a working setup, you'll probably want
to set logginglevel = to 0 or 1. You probbly don't need to change anything else
unless you have more than 10 remote machines proxied to this server, in which
case you might need to add more lines of the format idlist[n] = 0, which is
determined by your requirelistedid = setting.
Set up the Victim (remote computer)
I use the word "victim" because that term is more meaningful to me than
"server". I consider the server to be the repeater computer.
Although you will see dialog telling you that the remote computer needs to
run vncviewer in listen mode, the only program that needs to run on the victim
is winvnc.exe. This should be set up as a Windows service that starts when the
computer boots.
You should install the newest version of UltraVNC that works, but be aware
that I could not connect when 1.0.8 was installed, so I used 1.0.5. You might
want to get things working with 1.0.5. If desired, upgrade your UltraVNC
version at a later time. My failure happened on a Windows 2000 Server where
1.0.2 was previously installed.
If the version of UltraVNC installed on the remote computer is 1.0.5 or
newer, there will be a file in the UltraVNC directory named ultravnc.ini. Edit
it so that the first 3 lines look like
[Permissions]
[admin]
service_commandline=-autoreconnect ID:5555 -connect ns.chsoft.biz::5501
Of course you will want to use the correct ID and either the IP address or the
fully qualified domain name of your repeater server, and the port will probably
be 5500. The service_commandline causes the equivalent of Add New
Client each time the computer boots and the service starts.
However, it also causes a reconnection between the victim and
the server as often as every 5 seconds. I believe that this reconnection
occurs because repeater does not convince winvnc that there is a connection, so
winvnc keeps attempting to reestablish the connection. I'm still looking for a
solution.
For version 1.0.2, you must right click the VNC icon in the system tray and
select Add New Client. Enter either the fully qualified domain name or
the IP address of the computer running repeater, a colon, and the port that
repeater is listening on (serverport). This must be
done each time winvnc is started. For example
66.102.7.105:5500
In the ID Code field, enter the letters ID, a colon, and up to 5 digits.
Because VNC expects that the entry to the right of the colon be a port number,
you may only enter a unique numeric value here, where the minimum is 1 and the
maximum is 65535.
When you click OK, a connection to your repeater server will be established.
Note that the port in the image is 5501 because ns.chsoft.biz handles
connections to port 5500 specially, so 5500 cannot be used. Its uvncrepeater.ini
sets the port with serverport = 5501. When connecting to the repeater
running on ns.chsoft.biz from a computer in the LAN at chsoft, the LAN IP is
used rather than the fully qualified domain name because machines on the LAN
cannot access ns.chsoft.biz using its internet IP.
Connecting to the victim from your Windows PC
Run UltraVNC Viewer. Enter the ID of the computer you want to remotely control
into the Server field and enter either the IP address or the fully
qualified domain name of your repeater server, a colon and the port - as
specified in uvncrepeater.ini's viewerport = 5900 line. Note
that the viewer uses port 5900 while the victim uses port 5500.
When you click the Connect button, you should shortly be running the remote
machine.
Download
Copyright © 2006 Jari Korhonen
Copyright © 2010 gypsy