You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
200 lines
5.1 KiB
200 lines
5.1 KiB
#!/bin/sh -- # A comment mentioning perl
eval 'exec perl -S $0 ${1+"$@"}'
if 0;
# Here is the remote x11vnc command.
# Modify to your needs, required to have %DISP item that expands to X display
# and the -bg option to go into the background.
$x11vnc_cmd = "x11vnc -localhost -nap -q -bg -display %DISP";
# We will redir local ports to these remote ports hoping the remote
# x11vnc selects one of them:
@tunnel_ports = qw(5900 5901 5902 5903 5904);
# We need to specify the encoding preferences since vncviewer will
# mistakeningly prefer "raw" encoding for local connection. required to
# have %VNC_ITEM to expand to localhost:<port>
# One really needs an -encodings option otherwise the vncviewer will
# prefer 'raw' which is very slow.
$viewer_cmd = "vncviewer -encodings 'copyrect tight zrle hextile zlib corre rre' %VNC_DISP";
$sleep_time = 15;
if ($ENV{USER} eq 'runge') {
# my personal kludges:
$viewer_cmd =~ s/vncviewer/vncviewerz/; # for tight
$x11vnc_cmd .= ' -rfbauth .vnc/passwd'; # I always want rfbauth
chop($Program = `basename $0`);
$Usage = <<"END";
$Program: wrapper to tunnel vncviewer <-> x11vnc VNC traffic through a ssh
encrypted tunnel port redirection.
Usage: $Program <options> <remote-Xdisplay>
-l <user> ssh login as remote user <user>
-rfbauth <remote-auth-file> this option is passed to the remote
x11vnc command for passwd file.
Example: $Program snoopy:0
while (@ARGV) {
$_ = shift;
/^-display$/ && ($remote_xdisplay = shift, last CASE);
/^-rfbauth$/ && ($x11vnc_cmd .= ' -rfbauth ' . shift, last CASE);
/^-l$/ && ($remote_user = ' -l ' . shift, last CASE);
/^--$/ && (last LOOP); # -- means end of switches
/^-(-.*)$/ && (unshift(@ARGV, $1), last CASE);
/^(-h|-help)$/ && ((print STDOUT $Usage), exit 0, last CASE);
if ( /^-(..+)$/ ) { # split bundled switches:
local($y, $x) = ($1, '');
(unshift(@ARGV, $y), last CASE) if $y =~ /^-/;
foreach $x (reverse(split(//, $y))) { unshift(@ARGV,"-$x") };
last CASE;
/^-/ && ((print STDERR "Invalid arg: $_\n$Usage"), exit 1, last CASE);
last LOOP;
select(STDERR); $| = 1;
select(STDOUT); $| = 1;
# Determine the remote X display to connect to:
$remote_xdisplay = shift if $remote_xdisplay eq '';
if ($remote_xdisplay !~ /:/) {
$remote_xdisplay .= ':0'; # assume they mean :0 over there.
if ($remote_xdisplay =~ /:/) {
$host = $`;
$disp = ':' . $';
} else {
die "bad X display: $remote_xdisplay, must be <host>:<display>\n";
# Get list of local ports in use so we can avoid them:
# (tested on Linux and Solaris)
open(NETSTAT, "netstat -an|") || die "netstat -an: $!";
while (<NETSTAT>) {
chomp ($line = $_);
next unless $line =~ /(ESTABLISHED|LISTEN|WAIT2?)\s*$/;
$line =~ s/^\s*//;
$line =~ s/^tcp[\s\d]*//;
$line =~ s/\s.*$//;
$line =~ s/^.*\D//;
if ($line !~ /^\d+$/) {
die "bad netstat line: $line from $_";
$used_port{$line} = 1;
# Now match up free local ports with the desired remote ports
# (note that the remote ones could be in use but that won't stop
# the ssh with port redirs from succeeding)
$lport = 5900;
$cnt = 0;
foreach $rport (@tunnel_ports) {
while ($used_port{$lport}) {
die "too hard to find local ports 5900-$lport" if $cnt > 200;
$port_map{$rport} = $lport;
$redir = '';
foreach $rport (@tunnel_ports) {
$redir .= " -L $port_map{$rport}:localhost:$rport";
# Have ssh put the command in the bg, then we look for PORT= in the
# tmp file. The sleep at the end is to give us enough time to connect
# thru the port redir, otherwise ssh will exit before we can connect.
# This is the x11vnc cmd for the remote side:
$cmd = $x11vnc_cmd;
$cmd =~ s/%DISP/$disp/;
# This is the ssh cmd for the local side (this machine):
$ssh_cmd = "ssh -t -f $remote_user $redir $host '$cmd; echo END; sleep $sleep_time'";
$ssh_cmd =~ s/ / /g;
print STDERR "running ssh command:\n\n$ssh_cmd\n\n";
# Run ssh and redir into a tmp file (assumes ssh will use /dev/tty
# for password/passphrase dialog)
$tmp = "/tmp/rx.$$";
system("$ssh_cmd > $tmp");
# Now watch for the PORT=XXXX message:
$sleep = 0;
$rport = '';
print STDERR "\nWaiting for x11vnc to indicate its port ..";
while ($sleep < $sleep_time + 10) {
print STDERR ".";
if (`cat $tmp` =~ /PORT=(\d+)/) {
$rport = $1;
# wait 1 more second for output:
if (`cat $tmp` =~ /PORT=(\d+)/) {
$rport = $1;
print STDERR "\n";
if (! $rport) {
print STDERR `cat $tmp`;
die "could not determine remote port.\n";
# Find the remote to local mapping:
$lport = $port_map{$rport};
print STDERR "remote port is: $rport (corresponds to port $lport here)\n";
if (! $lport) {
die "could not determine local port redir.\n";
# Apply the special casing vncviewer does for 5900 <= port < 6000
if ($lport < 6000 && $lport >= 5900) {
$lport = $lport - 5900;
# Finally, run the viewer.
$cmd = $viewer_cmd;
$cmd =~ s/%VNC_DISP/localhost:$lport/;
print STDERR "running vncviewer command:\n\n$cmd\n\n";