asad`s page

about new year holiday )))

Несчастный Случай – С первого по тринадцатое
Несчастный Случай – С первого по тринадцатое

funny video

very funny))

Iptables, working with ports. Port forwarding DNAT / SNAT

Iptables ports. Port forwarding DNAT / SNAT

Many people are often faced with the problem when there is a local computer network and to whatever packages from falling out from inside and outside the internal network on certain ports. Then a few rules. IPs Allow specific access to the internet port

iptables-I FORWARD — s 192.168.0.2-p tcp-dport 25-j ACCEPT

Explanation

-I – insert rules in the beginning of a chain

FORWARD – who go through the chain of passing packets

-s – source address (the computer which turns on the port to the Internet)

-p tcp – protocol type-dport – specify the destination port 25 port

-j – do Effects ACCEPT rule to allow

What would prevent packets going to a remote port

iptables-I FORWARD-s 192.168.0.2-p tcp-dport 25-j DROP

What would be from outside the block or allow packets to go to a computer on the internal network to a specific port.

iptables -I FORWARD-d 192.168.0.2-p tcp-dport 25-j DROP

(ACCEPT) also FORWARD to filter the table there is a chain OUTPUT and INPUT

OUTPUT – to filter outgoing packets

INPUT – to filter incoming packets

But if it concerns only the computers on the internal network and Internet access is better to use only the FORWARD

How to organize forwarding ports provide an

internet – IP1 (router)-IP2 (local computer)

If you want that to be treated to a specific port on your server from outside the internal network packet is received on a specific aypi, then it is done with NAT

iptables -t nat -A PREROUTING -p tcp –dport 2106 -d IP1 -j DNAT –to-destination IP2
iptables -t nat -A POSTROUTING -p tcp –dport 2106 -d IP2 -j SNAT –to IP1

1 rule – пробрасывает a package on port in внутреннею a network on concrete айпи
The citation
-t nat to specify the table nat
-A – to add rules in the chain end
PREROUTING – to specify a chain
-p tcp–dport 2106 example указывания port on which will be the reference to a server
-d IP1 – your external айпи
-j DNAT to broadcast addresses in an internal network
–to-destination — to specify where

2 rule — return of a package to the sender
The citation
-t nat to specify the table nat
-A – to add rules in the chain end
PREROUTING – to specify a chain
-p tcp–dport 2106 example указывания port on which will be the reference to a server

-d IP2 — the address in an internal network
-j SNAT–to IP1 to broadcast the address back your external айпи for package return back to the sender

Thus the package getting to your router on a particular port hits the port on the local computer and is able to go back.

Configuring Internet Gateway (OS Linux)

Configuring Internet Gateway (OS Linux)

Internet Gateways of this kind are often very utilization of the Internet for distribution to small offices or businesses. Consider one of the simplest versions of this problem risheniya which will provide Internet access to small groups of computers through the Internet gateway.As seen in Figure 1, we have simple wiring diagram of a network of computers to the Internet. Configuring the gateway will be conducted on the basis of OS Linux ubunu (debian).

To begin, define what a gateway will be 2 network interface: Eth0 – interface with an external address 194.15.15.1 which has access to educational and internet Eth1 – Interface with local address 192.168.1.1 to which computers in your network will continue to address the gateway (gateway)

see the image

begin configuring the gateway. First you need to activate the option allowing the routing on our internet gateway, to find this file /etc/sysctl.conf and uncomment line

net.ipv4.ip_forward = 1

Now you need to configure the network interfaces gateway. We find the network configuration file /etc/network/ interfaces and write there setting our interfaces.

iface eth0 inet static
##  description of the interface and the type of static means that the address is set statically # #
address 194.15.15.1 ##  detection of network address of the interface
netmask 255.255.255.0 ##  description mask equivalent / 24
gateway 194.15.15.253
##  define a gateway address in this case, the address # # by ISP to connect to the Internet

iface eth1 inet static
address 192.168.1.1
netmask 255.255.255.0
auto eth0 eth1 ##  means automatically when you start your computer to activate # # Interfaces

Now we need to enable NAT on the gateway to the fact that the packets would pass through the gateway on the Internet have the gateway address 194,15,15,1, for normal operation of the Internet. To do this, use the iptables firewall Define a chain rule.

iptables -t nat -A POSTROUTING -s 192.168.1.1/24 -j MASQUERADE

This means that we add to nat table rule to mask all the addresses from the subnet 192,168,1,1 arriving at the gateway. For convenience, create a script called nat.sh and save it in /etc then the text of the script

#!/bin/sh
#iptables -t nat -A POSTROUTING -s 192.168.1.1/24 -j MASQUERADE

To add to the autostart of the chain rule is only in the file /etc/init.d/iptables start to finish in the section line /etc/nat.sh. Now rebooting gateway and configuring local machines  to the gateway address 192,168,1,1 After rebooting check the gateway the Internet to local machines.

We hang their program (service) at the port with xinetd

We hang their program (service) at the port with xinetd

To do this we need the xinetd daemon if you do not want to put it:

# apt-get install xinetd

To realize this task will create a file with any name eg myprog directory /etc/xinetd.d

#touch asad

service asad # # Service name

{

# # Allow

disable = no

# ask the socket type

socket_type = stream

type = UNLISTED

# service not specified in the standard (system) file (eg /etc/rpc for RPC services, or # / etc / services for non-RPC services).

port = 2329

# 3zadaem port on which to listen to your service connection

protocol = tcp # specify the protocol tcp

wait = no

# This attribute determines whether the service is single-threaded or multi-threaded.If it is # set to yes service is single-threaded; this means that xinetd starts the server and # then stops processing requests for this server until the server is not running # exit. If the value is no, it means that service is multi-threaded and # xinetd will continue to handle the new incoming requests.#

User = root

# user who runs the program

group = tty # defines gid under which the process will run. The group name must exist # in the file /etc /group. If the group is not specified, will be used to which the user # (from / etc / passwd).This option does not apply if the effective uid xinetd # uid does not match the super-user. #

Server = / home / asad / check # path to the software service that will receive the string sent to the port

}

Next, go not to podsredstvenno programa listener /home/asad/check I realized it this way:

#!/bin/sh

read -r cmd; # получать строку

………
something code

Then simply restart xinet /etc/init.d/xinetd restart

Nagios in ubuntu server, Installing and Configuring nagios2 in ubuntu

Nagios in ubuntu server, Installing and Configuring nagios2 in ubuntu

Customize Nagios2 (Ubuntu server-8.10)

a brief description Nagios – an application designed to carry out monitoring systems and networks. It monitors the designated applications and services and generates a warning, depending on the behavior of the observed services.Usually a large provider menie sooner or later need to monitor their servers, switches, routers, nagios provides collection services for this as it can be used to build a virtual network and configure a suitable warning system for any developments in this network.

We need the following packages: apache2 nagios2

Installation:

# apt-get install nagios2
# apt-get install apache2

Configuration:

Normally Nagios is installed in the directory

/etc/nagios2/

Web directory is in /usr/share/nagios2/htdocs should also add the file /etc/nagios2/apache.conf in the configuration file apahce2. This is done as follows:

Open the file /etc/apache2/apache2.conf and appends it Include

/etc/nagios2/apache.conf then just restarted apache:

# /etc/init.d/apache2 restart

Now the details on the configuration of the nagios-a and so go to the directory /etc/nagios2/

#cd /etc/nagios2

list files by default:

cgi.cfg-sample
checkcommands.cfg-sample
contactgroups.cfg-sample
contacts.cfg-sample
dependencies.cfg-sample
escalations.cfg-sample
hostgroups.cfg-sample
hosts.cfg-sample
misccommands.cfg-sample
nagios.cfg-sample
resource.cfg-sample
services.cfg-sample
timeperiods.cfg-sample

Naturally *.- sample is removed from the file names simply renaming. After this operation we obtain the list of configuration files, but we will use the following configuration files:

apache.conf – configuration file for the web site nagios2 (there are usually no changes are necessary)

cgi.cfg – a file that describes the users who have access to services and somndam nagios

commands.cfg – file ktoroy describes the commands nagios

contactgroups.cfg – file in which We will describe the group of users

contacts.cfg – file in which we will describe a group of users and their contacts

hostextinfo.cfg – configuration file for hosts dopolnitelnyyh settings displayed on the 2d map

hostgroups.cfg – file descriptions of groups of hosts

hosts.cfg – configuration file for hosts

nagios.cfg – the main configuration file nagios-and

services.cfg – configuration file services

timeperiods.cfg – file which will describe periods of time and notification of services

So start configuring:

nagios.cfg: in this file we need to describe all the configuration files that we nuzhnf for open and edit nagios.cfg

cfg_file=/etc/nagios2/contactgroups.cfg
cfg_file=/etc/nagios2/contacts.cfg
#cfg_file=/etc/nagios2/dependencies.cfg
#cfg_file=/etc/nagios2/escalations.cfg
cfg_file=/etc/nagios2/hostgroups.cfg
cfg_file=/etc/nagios2/hosts.cfg
cfg_file=/etc/nagios2/services.cfg
cfg_file=/etc/nagios2/timeperiods.cfg

cfg_file=/etc/nagios2/hostextinfo.cfg
#cfg_file=/etc/nagios2/serviceextinfo.cfg

##and edit
check_external_commands=1 ## I will access to run command for users

Others will not touch because it’s all there is normal. Then go to file cgi.cfg Here is an example of my configuration.

main_config_file=/etc/nagios2/nagios.cfg
physical_html_path=/usr/share/nagios2/htdocs
url_html_path=/nagios2
show_context_help=1
nagios_check_command=/usr/lib/nagios/plugins/check_nagios /var/cache/nagios2/status.dat 5 ‘/usr/sbin/nagios2′

use_authentication=1

default_user_name=nagiosadmin
authorized_for_system_information=*
authorized_for_configuration_information=*
authorized_for_system_commands=*

authorized_for_all_services=nagiosadmin, asad
authorized_for_all_hosts=nagiosadmin, asad

#authorized_for_all_services=nagiosadmin,guest
#authorized_for_all_hosts=nagiosadmin,guest

authorized_for_all_service_commands=nagiosadmin, asad
authorized_for_all_host_commands=nagiosadmin, asad

#statusmap_background_image=smbackground.gd2 ## background image  for statusmap
default_statusmap_layout=5
default_statuswrl_layout=4
#statuswrl_include=myworld.wrl
ping_syntax=/bin/ping -n -U -c 5 $HOSTADDRESS$
refresh_rate=90 ## update time

## sounds
#host_unreachable_sound=hostdown.wav
#host_down_sound=hostdown.wav
#service_critical_sound=critical.wav
#service_warning_sound=warning.wav
#service_unknown_sound=warning.wav
#normal_sound=noproblem.wav

It is configured so that users have to authenticate via the web to have access to all commands and processes nagios accessible through a web interface.

This is set as the password file htpasswd.users using htpasswd

# htpasswd-c htpasswd.users asad

enter your password and to register the file for use in the authorization

/etc/nagios2/apache.conf:

<DirectoryMatch (/var/www/nagios/htdocs|/usr/lib/cgi-bin/nagios2)>
Options FollowSymLinks
DirectoryIndex index.html
AllowOverride AuthConfig
Options ExecCGI
Order Allow,Deny
Allow From All
AuthName «Nagios Access»
AuthType Basic
AuthUserFile /etc/nagios2/htpasswd.users ## path to password`s file
require valid-user
</DirectoryMatch>

Then go to contacts.cfg In it we describe the user who will receive notification and be able to view the information via the web.

Contacts.cfg:

define contact{
contact_name asad
alias asad
service_notification_period 24×7
host_notification_period 24×7
service_notification_options u ## if host unreachable
host_notification_options d,u ## if service is down and unreachable
service_notification_commands notify-by-email,notify-by-epager ## kind of notification
host_notification_commands host-notify-by-email,host-notify-by-epager
email asad@neocom.net.ua ## your mail address
pager ххххххххх@sms.ecotel.com.ua ## your phone number for sms

}

contactgroup.cfg:

define contactgroup{
contactgroup_name domain-admins
alias Domain.Com Admins
members asad
}

File which describes a group of users then a file which describes the period of time timeperiods.cfg. In it I described the two periods 24×7 ie 5 days a week, and none ever Toyota.

Timeperiods.cfg:

define timeperiod{
timeperiod_name 24×7
alias 24 Hours A Day, 7 Days A Week
sunday 00:00-24:00
monday 00:00-24:00
tuesday 00:00-24:00
wednesday 00:00-24:00
thursday 00:00-24:00
friday 00:00-24:00
saturday 00:00-24:00
}

# ‘none’ timeperiod definition
define timeperiod{
timeperiod_name none
alias No Time Is A Good Time
}

Then go directly to the configuration of hosts crawled and used for this service.

Hosts.cfg here we describe our hosts:

define host{
use generic-host
host_name myserver # host name
contact_groups domain-admins # group of users
alias My Registered Domain
address 192.168.0.1 ## ip address of host
check_command check-host-alive # chack – if host alive? it is chacked by ping command
max_check_attempts 10
notification_interval 120 ## interval between messages
notification_period 24×7 ## period  of users notification
notification_options d # if host down
}

define host{
use generic-host
host_name myrouter # host name
parents myserver ## this is a name of parent host, he wrote upper
contact_groups domain-admins #group of users
alias My Registered
address 192.168.0.2 ## ip address of host
check_command check-host-alive
max_check_attempts 10
notification_interval 120
notification_period 24×7 ## period  of users notification
notification_options d,u,r # down, unreachable, recover
}

We also ask podnadopitsya group of hosts for this edit the file hostgroups.cfg:

define hostgroup{
hostgroup_name domain-servers
alias Domain Servers
members myserver, myrouter
}

Next, we describe the service to the PING command in a file services.cfg:

define service{
use generic-service
host_name myserver # имя хоста
service_description PING ## команда проверки
is_volatile 0
check_period 24×7 # период проверки
max_check_attempts 3
normal_check_interval 1
retry_check_interval 1
contact_groups domain-admins
notification_interval 120
notification_period 24×7 # период нотификации
notification_options u,c,r
check_command check_ping!100.0,20%!500.0,60%
}

define service{
# Name of service template to use
use generic-service
host_name myrouter
service_description PING
is_volatile 0
check_period 24×7
max_check_attempts 3
normal_check_interval 1
retry_check_interval 1
contact_groups domain-admins
notification_interval 120
notification_period 24×7
notification_options u,c,r
check_command check_ping!100.0,20%!500.0,60%
}

So nagios will check the 2 hosts using the ping command and display the state hosts the web page. But for convenience we can add additional settings for the host such as a display piktogramka host. All this is described in the file hostexinfo.cfg

define hostextinfo{
host_name myserver
icon_image serv.png ## вот так описываются иконки на statusmap
vrml_image serv.png
statusmap_image serv.png
}

define hostextinfo{
host_name myrouter
icon_image net.png
vrml_image net.png
statusmap_image net.png
}

Well, that’s all to start is to start nagios in scan mode

# nagios-v /etc/nagios2/nagios.cfg

team will load all the configuration files and report all errors that it finds. Correct any mistakes on the queue, and then run the command again.

Cost more to start or restart nagios so: /etc/init.d/nagios2 start | restart | stop

More http://www.nagios.org/

Configuring client vpn connection pptp-client in Linux, Setting up pptp-client for the vpn connection in linux ubuntu, suse, asp, fedora

Setting up pptp-client for the vpn connection linux Installation

First you need to install pptp-linux So I am using linux ubuntu it will install a package using apt-get

# apt-get install pptp-linux

Then go to the directory / etc / ppp / peers create a file with the name of the connection:

#sudo touch asad.inet

pty «pptp [ip-addr] –nolaunchpppd» #ip-addr remote server

name asad ## your login for vpn connection
noauth
nodeflate
nobsdcomp
lock
remotename x #alias
defaultroute
replacedefaultroute
persist
#debug ##debug mode
#nodetach  ## uncomment fo view logs

Then edit the file /etc/ppp/chap-secrets

# Secrets for authentication using CHAP
# client server secret IP addresses
asad x password *
x asad password *

Now you can install soedenienie server

# sudo pppd call asad.inet

where asad.inet is the name of the connection

check:

# ps ax | grep ppp

28802 ? Ss 0:00 pppd call asad.inet
28803 ? S 0:00 sh -c pptp vpn.server –nolaunchpppd
28806 ? S 0:01 pptp vpn.server –nolaunchpppd
28819 ? S 0:00 pptp vpn.server –nolaunchpppd
28966 pts/7 S+ 0:00 grep ppp

See ppp0 interface and learn what aypi gave us a server.

#ifconfig

ppp0 Link encap:Протокол PPP (Point-to-Point Protocol)
inet addr:10.100.1.2 P-t-P:10.9.15.1 Mask:255.255.255.255
ВВЕРХ POINTOPOINT RUNNING NOARP MULTICAST MTU:400 Metric:1
RX packets:7294 errors:0 dropped:0 overruns:0 frame:0
TX packets:5447 errors:0 dropped:0 overruns:0 carrier:0
коллизии:0 txqueuelen:3
RX bytes:2693494 (2.6 MB) TX bytes:421037 (421.0 KB)

Also in some network your VPN server may be located in another Segment & network then you should add a route through your router to other networks if your ip address is in the 172.16.2.0/24 network and router 172.16.22.254, and the VPN server is in network 172.16.1.0 / 24 the addition of the route will look like this:

# route add-net 172.16.0.0 netmask 255.255.0.0 gw 172.16.2.254

This configuration has been successfully experimented in Linux Ubuntu 8, Suse, ASP Linux 11.2-12, Fedora 10.

Nokia connects people

That got the Nokia 6300.

Telephone good and worth pursuing. long wanted to be pampered this thing but could not bring himself to choose what is best PDA or a normal monoblock phone? Of course it was not a choice of brands I never thought about anything else other than Nokia.Of course, once was the issue price, as I am willing to spend on the phone? I put a line in 2000 UAH and no more. Spending bag above that I do not like and not seen the need to invest in objects of everyday use and do not like the cult of the regular tube.And so I prishol to the conclusion that the CCP is for people excluded from work and the stationary computer that ride through the city or traveling with no access to a reliable source of internet. I’m not the type of people and then my eyes caught monoblocks sliders and clamshells, on PDA or glorified ayfon I was not thinking.There was more difficult, how to determine which is more convenient and better? Concluded on the basis of the reverse: clamshell – hlopalka and generally female type phones, the slider – but looks good and comfortable but my friends advised against a decent slider and even frequent visitors for a specified financial threshold. The remaining options with monoblock well, and here I have already fallen in love with model nokia 6300.Why? Impressed with what he made of steel, that is, he has a steel hull and it is quality made. (Crash test was conducted thrown into a brick wall and all vporyadke). He has a great small screen and complete quests, conundrums was at 512 meters that is important. Disadvantages of course there but they are little worried about me, like no wi-fi and IR port.

See the specifications

Device Type Mobile Case Type Monoblock Standard GSM GSM 900/1800/1900 Built-in Antenna Weight 91 g Shock proof Yes, Yes, No Water resistant Dimensions mm 106 x 44 x 12 mm Year November 2006 Battery Nokia 6300 type, the amount of Li-Ion 860 mAh talk mode up to 3.5 hrs Standby up to 330 hours Charging time up to 2 hours Main display Nokia 6300 Overview Color TFT-LCD 16 777216 colors, screen resolution 240 x 320 pixels Memory Nokia 6300 General information 50 Mb.The expansion slot, removable manual: supported format: TransFlash, microSD Messaging Nokia 6300 SMS Yes, support for joint communications. Multilingual input EMS Yes, MIDP 2.0 MMS Yes, full-featured MMS. Video / Audio Editing Data Nokia 6300 GPRS Yes, class 10 Bluetooth Yes, version 2.0 WAP Yes, version 2.0.HTML-Browser: xHTML Accessibility Nokia 6300 MP3-player Yes, stereo FM-radio Yes, stereo, Visual Radio Infrared No Java Yes Voice Recorder Yes Voice Features Nokia 6300 Handsfree Yes Voice Dialing Yes Voice control have a digital camera Nokia 6300 Built-in Camera There are features built-in UXGA-camera, maximum resolution of 1600 x 1200 pixels (2.0 Megapixels). Magnification: x8. Ability to record video in QCIF format with a resolution of 176 x 144 pixels with sound. Supported video formats: 3GPP (3gp), H.263, MPEG4 (mp4). Standard features Nokia 6300 Polyphonic Yes, 64-tone, MP3, AAC, AAC +, eAAC +, MIDI, True Tones.Ability to download ringtones Editor Vibrating alert Yes Yes Alarm clock Yes Calculator Yes Calendar Yes Currency Converter Yes Keypad Lock Yes Automatic redial Yes For more information E-mail: IMAP4, POP3, SMTP. USB. Built-in modem. Support for 3D-animation.

Ability to download.Buying was happy and joy pumped a lot of themes and screensavers are tested on the first day. Has pleased that you have a phone with a mini-yuzbi port and download инфы not a problem since such a cable to find and buy no problem.But there are nuances that I was disappointed, for example battery holds no more than 2 days that such phones are considered normal. The quality of snaps taken at 2-megapixel camera is worse than I expected. Digital zoom total garbage (((. In the end, I want to say that the phone is quite good I would say 9 out of 10.For those who want to buy something like that and doubt I will say once you pozheleete phone is worth the money and the quality and multimedia and appearance.

Using CBQ for shaping traffic in the Linux debian (ubuntu).

Using CBQ for shaping traffic in the Linux debian (ubuntu).

CBQ – constitute a system of restrictions on traffic speed. This is one of the most common variant shaper. Unfortunately, it can limit the outgoing traffic from a computer that is running.

Installation

#cd /usr/src/
#wget http://surfnet.dl.sourceforge.net/project/cbqinit/cbqinit/0.7.3/cbq.init-v0.7.3

Rename this script cbq.init for convenience and put in the directory / etc / init.d /

Setting

In the directory / etc / sysconfig create the directory / cbq It will store shaper config files. Create files should be named according to the template cbq-<Number >. <imya_sheypera> example cbq-100.test

add the following lines:

DEVICE=eth0,1000Mbit ## interface definition in the following order: the interface name, max speed is passed through the interface.
RATE=256Kbit
# speed shaper
WEIGHT=25Kbit
#10% of the rate shaper (weight)
PRIO=1
# priority, generally can not set this option
LEAF=sfq
RULE=10.9.15.1 # typically contains in itself  ip address to which the traffic shaper will

You can also specify the address or the port but istochka (src) looks like this:

RULE=10.9.15.2:80,

sing it is just to specify the source address other words, if the source address of 10.9.15.2 and port 80 then use sheypig. You can also specify a rule such as network addresses aypi 10.9.15.0/24 ie shaping will act on the entire subnet addresses.

RULE=0.0.0.0/0

Run shaper is very simple #/etc/ini.t/cbq.init start

you can use stop and restart to stoping and restarting shaper

Installing and configuring vnc4server in Linux. We raise X-s on the remote server.

Installing and configuring vnc4server in Linux. We raise X-s on the remote server.

Often there is a need for installation on a remote server running linux graphical shell gnom or kde. I propose to consider the implementation of this task with vnc4server. Installation was carried out in linux debian lenny.

#apt-get install vnc4server
#apt-get install xorg

Also set the KDE3.

#apt-get install kde-core

after you move into your user home directory in my case, this root:

#cd /root/

#!/bin/sh # раскомментируйте (если файл существовал и он закомментированы ) эти строки для запуска графической оболочки
unset SESSION_MANAGER
exec /etc/X11/xinit/xinitrc
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
xterm -geometry 80×24+10+10 -ls -title «$VNCDESKTOP Desktop» &
twm &

Set the password for your user.

#vncpassword

enter password 2 times.

Then go to the directory / etc/X11/xinitrc and edit the file xinitrc

#!/bin/bash
# $Xorg: xinitrc.cpp,v 1.3 2000/08/17 19:54:30 cpqbld Exp $
# /etc/X11/xinit/xinitrc
# global xinitrc file, used by all X sessions started by xinit (startx)
# invoke global X session script
#. /etc/X11/Xsession
# закоментировать startkde
#строка для запуска kde автоматически

now run our vnc4server

#vnc4server

New ‘178-59-12-55:1 (root)’ desktop is 178-59-12-55:1

Starting applications specified in /root/.vnc/xstartup

Log file is /root/.vnc/78-159-112-55:1.log

Now you can connect to our Remote Desktop at 178.59.12.55:5901, entering the password you get is directly in kde. If, after connecting you will not see graphical environment and the console only, enter startkde.(Encountered a problem for users windows) Note that normer after the sign “:” bar New ‘178-59-12-55: 1 corresponds to the last digit port 5901. When you restart if you do not clean the directory / tmp / from the files of type. X1-lock. X2-lock the port will be changed to increase the last digit of the port.To view the remote desktop users to linux and windows should install the utility vncviewer. This article was published by me on http://linuxshop.ru