CN113965622A - Graphical agent method for bitmap display window based on X window - Google Patents

Graphical agent method for bitmap display window based on X window Download PDF

Info

Publication number
CN113965622A
CN113965622A CN202010630394.4A CN202010630394A CN113965622A CN 113965622 A CN113965622 A CN 113965622A CN 202010630394 A CN202010630394 A CN 202010630394A CN 113965622 A CN113965622 A CN 113965622A
Authority
CN
China
Prior art keywords
x11server
client
data
proxy
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010630394.4A
Other languages
Chinese (zh)
Inventor
杨青鹏
刘光明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong Chinasoft Goldencis Software Co ltd
Original Assignee
Shandong Chinasoft Goldencis Software Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong Chinasoft Goldencis Software Co ltd filed Critical Shandong Chinasoft Goldencis Software Co ltd
Priority to CN202010630394.4A priority Critical patent/CN113965622A/en
Publication of CN113965622A publication Critical patent/CN113965622A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/451Execution arrangements for user interfaces
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Human Computer Interaction (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention provides a graphical agent method based on an X window bitmap display window, which comprises the following steps: starting an X11Server at the PC end of an operation and maintenance user; step two: installing a Lightdm in a resource device to be operated and maintained, wherein the resource device is X11 Client; step three: starting a proxy Server, wherein the proxy Server is used as a transparent proxy between an X11Server and an X11 Client, and analyzes and forwards the data packet; the proxy mode comprises a UDP proxy, and the specific implementation steps are as follows: a. starting a proxy Server, monitoring data sent by an X11Server on a port number 177, and performing XDMCP analysis on the data; b. acquiring a message with a message type of Request, namely the message of a Request packet in the Request, performing data analysis, and changing an IP field in data content in the message into an IP of a proxy server; c. sending the data of the X11Server to an X11 Client; d. and receiving data of the X11 Client and transmitting the data to the X11 Server. The invention can enable the X11 protocol to be suitable for the bastion machine, and facilitates the Linux, Unix, BSD and other operating systems to realize the operation of the graphical interface through the X11 system.

Description

Graphical agent method for bitmap display window based on X window
Technical Field
The invention relates to the field of network security, in particular to a graphical proxy method of an X11(X Window System Protocol Version11, X Windows System Version 11) Protocol in a bastion machine.
Background
The X Window is also called as X11 system, and is currently widely used in Linux, Unix, BSD, and other operating systems. The Linux system can implement operation of a graphical interface, such as mouse operation, through X11.
X11 is based on a client-server model. An X11server communicates with multiple client programs. Among them, X11 is not as commonly known as a "client" and a "server", which are displays local to the user and not remote machines. The various applications are the X11 clients. Desktop sharing can be achieved through the characteristic of X11, and desktops at an X11 client side can be remotely connected.
The bastion machine can ensure that data is not invaded and damaged by external and internal users under a certain specific network environment. The operation behavior of operation and maintenance personnel on the servers, network equipment, databases and the like in the network can be monitored and recorded by various technologies, so that timely processing and auditing can be realized. Functionally, the bastion machine currently supports protocols such as SSH, Telnet, RADMIN, PCANYWHERE, and the like, and the bastion machine does not support the X11 protocol.
Disclosure of Invention
The invention aims to solve the defects and provides a graphical agent method based on an X Window bitmap display Window.
The technical scheme adopted by the invention for solving the technical problems is as follows:
a graphical agent method based on an X window bitmap display window comprises the following steps:
the method comprises the following steps: starting an X11Server at the PC end of an operation and maintenance user;
step two: installing a Lightdm in a resource device to be operated and maintained, wherein the resource device is X11 Client;
step three: starting a proxy Server, wherein the proxy Server is used as a transparent proxy between an X11Server and an X11 Client, and analyzes and forwards the data packet; the proxy mode comprises a UDP proxy, the data transmission format between an X11 Client and an X11Server is XDMCP by adopting the UDP proxy mode, and the whole interaction process is divided into Query, Willing, Request, Accept and management;
query: a query packet is sent to an X11Server of an operation and maintenance user PC end from an X11 Client, whether the X11Server provides an XDMCP service or not is asked, and the X11Server replies a response of the X11 Client;
willing: after the X11Server receives the query packet request, if the XDMCP of the X11Server is willing to link, replying an X11 Client with a ringing packet, which indicates that the X11Server is willing to establish a link;
request: a request packet is sent to an X11Server of the PC end of the operation and maintenance user by an X11 Client to request a session ID to prepare for establishing connection, if the X11Server is willing to provide service, an accept packet with a valid session ID is returned to prepare for a subsequent management request;
accept: after the X11Server receives the accept packet, replying the X11 Client to receive the accept packet, indicating that the data is received, and performing row confirmation with the X11 Client;
management: after the interaction confirmation of the X11Server and the X11 Client, sending a range packet to indicate that a callback is successfully established;
the agent comprises the following concrete implementation steps:
a. starting a proxy Server, monitoring data sent by an X11Server on a port number 177, and performing XDMCP analysis on the data;
b. acquiring a message with a message type of Request, namely the message of a Request packet in the Request, performing data analysis, and changing an IP field in data content in the message into an IP of a proxy server;
c. sending the data of the X11Server to an X11 Client;
d. and receiving data of the X11 Client and transmitting the data to the X11 Server.
Preferably, the proxy mode in step three further includes a TCP proxy, after the X11Server and the X11 Client are interactively confirmed, the ip addresses and the port numbers of the X11Server and the X11 Client are known, the calculation rule of the port numbers is port 6000+ n, n is the value of display _ number field in request message, these data are stored in a dynamic array and then sent to the TCP proxy, and the X11 Client actively sends data to the X11Server as the TCP Client;
the agent specifically implements the following steps:
a. monitoring is carried out on a port number 6000+ n, and a proxy Server monitors sockets at two ends of an X11Server and an X11 Client by utilizing an EPOLL IO multiplexing mechanism;
b. when the data Socket of the X11 Client has a readable event, the proxy Server reads the data and transmits the data to the X11 Server;
c. when the data Socket of the X11Server has a readable event, the proxy Server reads the data and transmits the data to the X11 Client.
Preferably, in the first step, the start-up of the X11Server is performed by using MobaXterm, which is a terminal software, and the MobaXterm is provided with an X11Server, and the start-up of the software is equivalent to the start-up of the X11 Server.
Preferably, in the second step, the Lightdm is a lightweight Linux desktop display manager, and the Lightdm supports the X11 protocol and runs in the operation and maintenance device as the X11 Client.
According to the invention, the X11 protocol is suitable for the fortress machine through the UDP proxy or the TCP proxy, so that the Linux, Unix, BSD and other operating systems can conveniently realize the operation of a graphical interface through the X11 system, the desktop sharing is realized by remotely connecting the desktops of the clients, and the fortress machine can conveniently monitor and record the operation behavior of the operation and maintenance personnel.
Drawings
FIG. 1 is a flow chart of the graphical agent work flow based on an X Window bitmap display Window of the present invention.
Figure 2 is a flow chart of the operation of the fort machine maintenance equipment through X11.
FIG. 3 is a flowchart of UDP proxy in the graphical proxy method based on X Window bitmap display Window of the present invention.
FIG. 4 is a flowchart of a TCP proxy in the graphical proxy method based on an X Window bitmap display Window according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 2, the specific operation process of the invention in the fort machine operation and maintenance equipment through the X11 is as follows:
and step 1) logging in the bastion machine through a system administrator to create an operation and maintenance user.
And 2) after the operation and maintenance equipment is created, adding corresponding operation and maintenance equipment for the operation and maintenance user.
And 3) authorizing the equipment corresponding to the operation and maintenance user.
And 4) logging in the operation and maintenance platform of the operation and maintenance user through the user name and the password.
And 5) after logging in, operating and maintaining the equipment, and selecting X11 as a logging mode.
A graphical agent method based on an X window bitmap display window comprises the following steps:
the method comprises the following steps: starting an X11Server at the PC end of an operation and maintenance user; the X11Server is started by MobaXterm which is a source-opening, free and full-function terminal software and is provided with an X11Server, and the starting of the software is equivalent to the starting of the X11 Server.
Step two: installing a Lightdm in a resource device to be operated and maintained, wherein the resource device is X11 Client; the Lightdm is a lightweight Linux desktop display manager, supports the X11 protocol, and runs in the operation and maintenance device as an X11 Client.
Step three: starting a proxy Server, wherein the proxy Server is between an X11Server and an X11 Client, and is used as a transparent proxy as shown in figure 1 to analyze and forward a data packet; the proxy mode comprises a UDP proxy, the data transmission format between an X11 Client and an X11Server is XDMCP (X display monitoring protocol), and the whole interaction process comprises Query, Willing, Request, Accept and manager;
query: a query packet is sent to an X11Server of an operation and maintenance user PC end from an X11 Client, whether the X11Server provides an XDMCP service or not is asked, and the X11Server replies a response of the X11 Client;
willing: after the X11Server receives the query packet request, if the XDMCP of the X11Server is willing to link, replying an X11 Client with a ringing packet, which indicates that the X11Server is willing to establish a link;
request: a request packet is sent to an X11Server of the PC end of the operation and maintenance user by an X11 Client to request a session ID to prepare for establishing connection, if the X11Server is willing to provide service, an accept packet with a valid session ID is returned to prepare for a subsequent management request;
accept: after the X11Server receives the accept packet, replying the X11 Client to receive the accept packet, indicating that the data is received, and performing row confirmation with the X11 Client;
management: after the interaction confirmation of the X11Server and the X11 Client, sending a range packet to indicate that a callback is successfully established;
as shown in fig. 3, the specific implementation steps of the agent are as follows:
a. starting a proxy Server, monitoring data sent by an X11Server on a port number 177, and performing XDMCP analysis on the data;
b. acquiring a message with a message type of Request, namely the message of a Request packet in the Request, performing data analysis, and changing an IP field in data content in the message into an IP of a proxy server;
c. sending the data of the X11Server to an X11 Client;
d. and receiving data of the X11 Client and transmitting the data to the X11 Server.
Preferably, the proxy mode in step three further includes a TCP proxy, after the X11Server and the X11 Client are interactively confirmed, the ip addresses and the port numbers of the X11Server and the X11 Client are known, the calculation rule of the port numbers is port 6000+ n, n is the value of display _ number field in request message, n is obtained by negotiation in XDMCP interaction, the data are stored in dynamic array, and then sent to the TCP proxy, a TCP link is established with the X11 Client, and the X11 Client actively sends the data to the X11Server as the TCP Client;
as shown in fig. 4, the agent specifically implements the following steps:
a. monitoring is carried out on a port number 6000+ n, and a proxy Server monitors sockets at two ends of an X11Server and an X11 Client by utilizing an EPOLL IO multiplexing mechanism;
b. when the data Socket of the X11 Client has a readable event, the proxy Server reads the data and transmits the data to the X11 Server;
c. when the data Socket of the X11Server has a readable event, the proxy Server reads the data and transmits the data to the X11 Client.
Although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that various changes in the embodiments and/or modifications of the invention can be made, and equivalents and modifications of some features of the invention can be made without departing from the spirit and scope of the invention.

Claims (4)

1. A graphical agent method based on an X window bitmap display window is characterized in that: the method comprises the following steps:
the method comprises the following steps: starting an X11Server at the PC end of an operation and maintenance user;
step two: installing a Lightdm in a resource device to be operated and maintained, wherein the resource device is X11 Client;
step three: starting a proxy Server, wherein the proxy Server is used as a transparent proxy between an X11Server and an X11 Client, and analyzes and forwards the data packet; the proxy mode comprises a UDP proxy, the data transmission format between an X11 Client and an X11Server is XDMCP by adopting the UDP proxy mode, and the whole interaction process is divided into Query, Willing, Request, Accept and management;
query: a query packet is sent to an X11Server of an operation and maintenance user PC end from an X11 Client, whether the X11Server provides an XDMCP service or not is asked, and the X11Server replies a response of the X11 Client;
willing: after the X11Server receives the query packet request, if the XDMCP of the X11Server is willing to link, replying an X11 Client with a ringing packet, which indicates that the X11Server is willing to establish a link;
request: a request packet is sent to an X11Server of the PC end of the operation and maintenance user by an X11 Client to request a session ID to prepare for establishing connection, if the X11Server is willing to provide service, an accept packet with a valid session ID is returned to prepare for a subsequent management request;
accept: after the X11Server receives the accept packet, replying the X11 Client to receive the accept packet, indicating that the data is received, and performing row confirmation with the X11 Client;
management: after the interaction confirmation of the X11Server and the X11 Client, sending a range packet to indicate that a callback is successfully established;
the agent comprises the following concrete implementation steps:
a. starting a proxy Server, monitoring data sent by an X11Server on a port number 177, and performing XDMCP analysis on the data;
b. acquiring a message with a message type of Request, namely the message of a Request packet in the Request, performing data analysis, and changing an IP field in data content in the message into an IP of a proxy server;
c. sending the data of the X11Server to an X11 Client;
d. and receiving data of the X11 Client and transmitting the data to the X11 Server.
2. The graphical agent method based on an X-window bitmap display window of claim 1, wherein: the proxy mode in the third step further comprises a TCP proxy, after the X11Server and the X11 Client are interactively confirmed, the ip addresses and the port numbers of the X11Server and the X11 Client are known, the calculation rule of the port numbers is that port is 6000+ n, n is the value of a display _ number field in a request message, the data are stored in a dynamic array and then sent to the TCP proxy, and the X11 Client is used as the TCP Client to actively send the data to the X11 Server;
the agent specifically implements the following steps:
a. monitoring is carried out on a port number 6000+ n, and a proxy Server monitors sockets at two ends of an X11Server and an X11 Client by utilizing an EPOLL IO multiplexing mechanism;
b. when the data Socket of the X11 Client has a readable event, the proxy Server reads the data and transmits the data to the X11 Server;
c. when the data Socket of the X11Server has a readable event, the proxy Server reads the data and transmits the data to the X11 Client.
3. The graphical agent method based on an X-window bitmap display window of claim 1, wherein: in the first step, the X11Server is started by using MobaXterm, which is a terminal software, and the starting of the MobaXterm is equivalent to the starting of the X11Server with the X11 Server.
4. The graphical agent method based on an X-window bitmap display window of claim 1, wherein: in the second step, the Lightdm is a lightweight Linux desktop display manager, and the Lightdm supports the X11 protocol and runs in the operation and maintenance device as the X11 Client.
CN202010630394.4A 2020-07-03 2020-07-03 Graphical agent method for bitmap display window based on X window Pending CN113965622A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010630394.4A CN113965622A (en) 2020-07-03 2020-07-03 Graphical agent method for bitmap display window based on X window

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010630394.4A CN113965622A (en) 2020-07-03 2020-07-03 Graphical agent method for bitmap display window based on X window

Publications (1)

Publication Number Publication Date
CN113965622A true CN113965622A (en) 2022-01-21

Family

ID=79459333

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010630394.4A Pending CN113965622A (en) 2020-07-03 2020-07-03 Graphical agent method for bitmap display window based on X window

Country Status (1)

Country Link
CN (1) CN113965622A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116506511A (en) * 2023-06-25 2023-07-28 成都中科合迅科技有限公司 Application program control method and system based on X11 protocol
CN117873414A (en) * 2024-03-12 2024-04-12 麒麟软件有限公司 X11-based linux program appointed display method and device
CN117873414B (en) * 2024-03-12 2024-06-07 麒麟软件有限公司 X11-based linux program appointed display method and device

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116506511A (en) * 2023-06-25 2023-07-28 成都中科合迅科技有限公司 Application program control method and system based on X11 protocol
CN116506511B (en) * 2023-06-25 2023-09-01 成都中科合迅科技有限公司 Application program control method and system based on X11 protocol
CN117873414A (en) * 2024-03-12 2024-04-12 麒麟软件有限公司 X11-based linux program appointed display method and device
CN117873414B (en) * 2024-03-12 2024-06-07 麒麟软件有限公司 X11-based linux program appointed display method and device

Similar Documents

Publication Publication Date Title
US7212962B2 (en) Host-terminal emulation program, a relay program, a host-terminal emulation method, a communication program, a communication method, and a client computer
US7562146B2 (en) Encapsulating protocol for session persistence and reliability
EP1099329B1 (en) System and method for managing client requests in client-server networks
US6115744A (en) Client object API and gateway to enable OLTP via the internet
EP1892887B1 (en) Communication method between communication devices and communication apparatus
US7945676B2 (en) Processing requests transmitted using a first communication protocol directed to an application that uses a second communication protocol
US20090254648A1 (en) Method and System for Using Presence in a System Management Environment
CN111510325B (en) Alarm information pushing method, server, client and system
CN113067834A (en) Method for remotely controlling server based on Web browser
US7251695B2 (en) Computer network communication method and apparatus
CN113965622A (en) Graphical agent method for bitmap display window based on X window
CN113852595B (en) Cross-network-segment encryption communication method for embedded equipment
CN114389831A (en) TCP proxy method based on remote desktop protocol
US7603459B2 (en) System, method and program to troubleshoot a distributed computer system or determine application data flows
CN115941541A (en) Method, device, network equipment and readable storage medium for detecting network connection
WO2002023808A2 (en) Network management system
CN111885101A (en) Data storage method
CN111756873A (en) Intranet penetration method, device, equipment and storage medium for environmental protection monitoring
CN112118284A (en) Gateway device-oriented http data request method, device and medium
CN114338633B (en) Method and system for remotely connecting Linux server
WO2002021795A2 (en) Asynchronous full-duplex request/response protocol
Deccio DNS Diagnostics through the Eye of the Beholder
CN113691388A (en) Data acquisition system and method based on LVS and SNMP protocol
CN116483489A (en) Cloud desktop processing method and related equipment
CN115484153A (en) Method and system for realizing automatic diagnosis of CPE (customer premise equipment) based on MQTT (maximum likelihood test) protocol

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination