Şimdi Ara

xvidcap kullanmayı bilen varmı .??

Daha Fazla
Bu Konudaki Kullanıcılar: Daha Az
2 Misafir (1 Mobil) - 1 Masaüstü1 Mobil
5 sn
5
Cevap
0
Favori
1.011
Tıklama
Daha Fazla
İstatistik
  • Konu İstatistikleri Yükleniyor
0 oy
Öne Çıkar
Sayfa: 1
Giriş
Mesaj
  • Pardus kullanıyorum. Ekran kayıt programı olarak xvidcap ı ıındırdım kurdum fakat bı turlu kullanamadım.. tam ekran kayıt olmuyor..Bazen kayıt ederken renkler farklı cıkıyor.. Kullanan varsa nasıl yapacagımız yazarsa mutesekkır kalırım :)



  • Onu denemedim ama bunu denedim. Ve çalıştırdım baya iği..
    İStersen bir çıktı dosyasınıda yollarım..
  • hangisini denedın :)) bısey goremedım paketı falan soylersen sevınırım.
  • ya pardon mesajı yazarken başka bişe ile uğraşıyordum acele ile yazmıştım. :>

    $ vnc2swf -v 
    vnc2swf version 0.5.0
    Copyright (C) 2002-2005 Yusuke Shinyama <yusuke at cs dot nyu dot edu>
    - Based on VNC viewer version 3.3.7
    Copyright (C) 2002-2003 RealVNC Ltd.
    Copyright (C) 1994-2000 AT&T Laboratories Cambridge.
    Seehttp://www.realvnc.com for information on VNC.

    usage: vnc2swf [<options>] <out.swf> <host>:<display#>
    vnc2swf [<options>] <out.swf> -listen [<display#>]

    <options> are standard Xt options, or:
    -shared
    -viewonly
    -fullscreen
    -passwd <passwd-file>
    -noauto
    -encodings <encoding-list> (e.g. "raw copyrect")
    -geometry <geometry>
    -bgr233
    -owncmap
    -truecolour
    -depth <depth>
    -framerate <frames-per-sec>
    -startrecording
    -nowindow
    -nostatus
    -clippinggeometry <geometry>
    $

    yukaraki program flaş yapıyor.. Ama programın çalışması için bir x11vnc server kurman gerekiyor . Ve kurulumuda çok basit. Derleyip kuracaksın.

     
    x11vnc: allow VNC connections to real X11 displays. 0.8.2 lastmod: 2006-06-10

    (type "x11vnc -opts" to just list the options.)

    Typical usage is:

    Run this command in a shell on the remote machine "far-host"
    with X session you wish to view:

    x11vnc -display :0

    Then run this in another window on the machine you are sitting at:

    vncviewer far-host:0

    Once x11vnc establishes connections with the X11 server and starts listening
    as a VNC server it will print out a string: PORT=XXXX where XXXX is typically
    5900 (the default VNC server port). One would next run something like
    this on the local machine: "vncviewer hostname:N" where "hostname" is
    the name of the machine running x11vnc and N is XXXX - 5900, i.e. usually
    "vncviewer hostname:0".

    By default x11vnc will not allow the screen to be shared and it will exit
    as soon as the client disconnects. See -shared and -forever below to override
    these protections. See the FAQ for details how to tunnel the VNC connection
    through an encrypted channel such as ssh(1). In brief:

    ssh -L 5900:localhost:5900 far-host 'x11vnc -localhost -display :0'

    vncviewer -encodings 'copyrect tight zrle hextile' localhost:0

    Also, use of a VNC password (-rfbauth or -passwdfile) is strongly recommend.

    For additional info see:http://www.karlrunge.com/x11vnc/
    and http://www.karlrunge.com/x11vnc/#faq


    Rudimentary config file support: if the file $HOME/.x11vncrc exists then each
    line in it is treated as a single command line option. Disable with -norc.
    For each option name, the leading character "-" is not required. E.g. a
    line that is either "forever" or "-forever" may be used and are equivalent.
    Likewise "wait 100" or "-wait 100" are acceptable and equivalent lines.
    The "#" character comments out to the end of the line in the usual way
    (backslash it for a literal). Leading and trailing whitespace is trimmed off.
    Lines may be continued with a "\" as the last character of a line (it
    becomes a space character).

    Options:

    -display disp X11 server display to connect to, usually :0. The X
    server process must be running on same machine and
    support MIT-SHM. Equivalent to setting the DISPLAY
    environment variable to "disp". See the description
    below of the "-display WAIT:..." extensions.
    -auth file Set the X authority file to be "file", equivalent to
    setting the XAUTHORITY environment variable to "file"
    before startup. Same as -xauth file. See Xsecurity(7),
    xauth(1) man pages for more info.

    -id windowid Show the window corresponding to "windowid" not
    the entire display. New windows like popup menus,
    transient toplevels, etc, may not be seen or may be
    clipped. Disabling SaveUnders or BackingStore in the
    X server may help show them. x11vnc may crash if the
    window is initially partially obscured, changes size,
    is iconified, etc. Some steps are taken to avoid this
    and the -xrandr mechanism is used to track resizes. Use
    xwininfo(1) to get the window id, or use "-id pick"
    to have x11vnc run xwininfo(1) for you and extract
    the id. The -id option is useful for exporting very
    simple applications (e.g. the current view on a webcam).
    -sid windowid As -id, but instead of using the window directly it
    shifts a root view to it: this shows SaveUnders menus,
    etc, although they will be clipped if they extend beyond
    the window.
    -clip WxH+X+Y Only show the sub-region of the full display that
    corresponds to the rectangle with size WxH and offset
    +X+Y. The VNC display has size WxH (i.e. smaller than
    the full display). This also works for -id/-sid mode
    where the offset is relative to the upper left corner
    of the selected window.

    -flashcmap In 8bpp indexed color, let the installed colormap flash
    as the pointer moves from window to window (slow).
    Also try the -8to24 option to avoid flash altogether.
    -shiftcmap n Rare problem, but some 8bpp displays use less than 256
    colorcells (e.g. 16-color grayscale, perhaps the other
    bits are used for double buffering) *and* also need to
    shift the pixels values away from 0, .., ncells. "n"
    indicates the shift to be applied to the pixel values.
    To see the pixel values set DEBUG_CMAP=1 to print out
    a colormap histogram. Example: -shiftcmap 240
    -notruecolor For 8bpp displays, force indexed color (i.e. a colormap)
    even if it looks like 8bpp TrueColor (rare problem).
    -visual n Experimental option: probably does not do what you
    think. It simply *forces* the visual used for the
    framebuffer; this may be a bad thing... (e.g. messes
    up colors or cause a crash). It is useful for testing
    and for some workarounds. n may be a decimal number,
    or 0x hex. Run xdpyinfo(1) for the values. One may
    also use "TrueColor", etc. see <X11/X.h> for a list.
    If the string ends in ":m" then for better or for
    worse the visual depth is forced to be m.

    -overlay Handle multiple depth visuals on one screen, e.g. 8+24
    and 24+8 overlay visuals (the 32 bits per pixel are
    packed with 8 for PseudoColor and 24 for TrueColor).

    Currently -overlay only works on Solaris via
    XReadScreen(3X11) and IRIX using XReadDisplay(3).
    On Solaris there is a problem with image "bleeding"
    around transient popup menus (but not for the menu
    itself): a workaround is to disable SaveUnders
    by passing the "-su" argument to Xsun (in
    /etc/dt/config/Xservers).

    Use -overlay as a workaround for situations like these:
    Some legacy applications require the default visual to
    be 8bpp (8+24), or they will use 8bpp PseudoColor even
    when the default visual is depth 24 TrueColor (24+8).
    In these cases colors in some windows will be incorrect
    in x11vnc unless -overlay is used. Another use of
    -overlay is to enable showing the exact mouse cursor
    shape (details below).

    Under -overlay, performance will be somewhat slower
    due to the extra image transformations required.
    For optimal performance do not use -overlay, but rather
    configure the X server so that the default visual is
    depth 24 TrueColor and try to have all apps use that
    visual (e.g. some apps have -use24 or -visual options).
    -overlay_nocursor Sets -overlay, but does not try to draw the exact mouse
    cursor shape using the overlay mechanism.

    -8to24 [opts] Try this option if -overlay is not supported on your
    OS, and you have a legacy 8bpp app that you want to
    view on a multi-depth display with default depth 24
    (and is 32 bpp) OR have a default depth 8 display with
    depth 24 overlay windows for some apps. This option
    may not work on all X servers and hardware (tested
    on XFree86/Xorg mga driver and Xsun). The "opts"
    string is not required and is described below.

    This mode enables a hack where x11vnc monitors windows
    within 3 levels from the root window. If it finds
    any that are 8bpp it extracts the indexed color
    pixel values using XGetImage() and then applies a
    transformation using the colormap(s) to create TrueColor
    RGB values that it in turn inserts into bits 1-24 of
    the framebuffer. This creates a depth 24 "view"
    of the display that is then exported via VNC.

    Conversely, for default depth 8 displays, the depth
    24 regions are read by XGetImage() and everything is
    transformed and inserted into a depth 24 TrueColor
    framebuffer.

    Note that even if there are *no* depth 24 visuals or
    windows (i.e. pure 8bpp), this mode is potentially
    an improvement over -flashcmap because it avoids the
    flashing and shows each window in the correct color.

    This method appear to work, but may still have bugs
    and it does hog resources. If there are multiple 8bpp
    windows using different colormaps, one may have to
    iconify all but one for the colors to be correct.

    There may be painting errors for clipping and switching
    between windows of depths 8 and 24. Heuristics are
    applied to try to minimize the painting errors. One can
    also press 3 Alt_L's in a row to refresh the screen
    if the error does not repair itself. Also the option
    -fixscreen 8=3.0 or -fixscreen V=3.0 may be used to
    periodically refresh the screen at the cost of bandwidth
    (every 3 sec for this example).

    The [opts] string can contain the following settings.
    Multiple settings are separated by commas.

    For for some X servers with default depth 24 a
    speedup may be achieved via the option "nogetimage".
    This enables a scheme were XGetImage() is not used
    to retrieve the 8bpp data. Instead, it assumes that
    the 8bpp data is in bits 25-32 of the 32bit X pixels.
    There is no reason the X server should put the data
    there for our poll requests, but some do and so the
    extra steps to retrieve it can be skipped. Tested with
    mga driver with XFree86/Xorg. For the default depth
    8 case this option is ignored.

    To adjust how often XGetImage() is used to poll the
    non-default visual regions for changes, use the option
    "poll=t" where "t" is a floating point time.
    (default: 0.05)

    Setting the option "level2" will limit the search
    for non-default visual windows to two levels from the
    root window. Do this on slow machines where you know
    the window manager only imposes one extra window between
    the app window and the root window.

    Also for very slow machines use "cachewin=t"
    where t is a floating point amount of time to cache
    XGetWindowAttributes results. E.g. cachewin=5.0.
    This may lead to the windows being unnoticed for this
    amount of time when deiconifying, painting errors, etc.

    While testing on a very old SS20 these options gave
    tolerable response: -8to24 poll=0.2,cachewin=5.0. For
    this machine -overlay is supported and gives better
    response.

    Debugging for this mode can be enabled by setting
    "dbg=1", "dbg=2", or "dbg=3".

    -24to32 Very rare problem: if the framebuffer (X display
    or -rawfb) is 24bpp instead of the usual 32bpp, then
    dynamically transform the pixels to 32bpp. This will be
    slower, but can be used to work around problems where
    VNC viewers cannot handle 24bpp (e.g. "main: setPF:
    not 8, 16 or 32 bpp?"). See the FAQ for more info.

    In the case of -rawfb mode, the pixels are directly
    modified by inserting a 0 byte to pad them out to 32bpp.
    For X displays, a kludge is done that is equivalent to
    "-noshm -visual TrueColor:32". (If better performance
    is needed for the latter, feel free to ask).

    -scale fraction Scale the framebuffer by factor "fraction". Values
    less than 1 shrink the fb, larger ones expand it. Note:
    image may not be sharp and response may be slower.
    If "fraction" contains a decimal point "." it
    is taken as a floating point number, alternatively
    the notation "m/n" may be used to denote fractions
    exactly, e.g. -scale 2/3

    Scaling Options: can be added after "fraction" via
    ":", to supply multiple ":" options use commas.
    If you just want a quick, rough scaling without
    blending, append ":nb" to "fraction" (e.g. -scale
    1/3:nb). No blending is the default for 8bpp indexed
    color, to force blending for this case use ":fb".

    To disable -scrollcopyrect and -wirecopyrect under
    -scale use ":nocr". If you need to to enable them use
    ":cr" or specify them explicitly on the command line.
    If a slow link is detected, ":nocr" may be applied
    automatically. Default: :cr

    More esoteric options: for compatibility with vncviewers
    the scaled width is adjusted to be a multiple of 4:
    to disable this use ":n4". ":in" use interpolation
    scheme even when shrinking, ":pad" pad scaled width
    and height to be multiples of scaling denominator
    (e.g. 3 for 2/3).

    -scale_cursor frac By default if -scale is supplied the cursor shape is
    scaled by the same factor. Depending on your usage,
    you may want to scale the cursor independently of the
    screen or not at all. If you specify -scale_cursor
    the cursor will be scaled by that factor. When using
    -scale mode to keep the cursor at its "natural" size
    use "-scale_cursor 1". Most of the ":" scaling
    options apply here as well.

    -viewonly All VNC clients can only watch (default off).
    -shared VNC display is shared, i.e. more than one viewer can
    connect at the same time (default off).
    -once Exit after the first successfully connected viewer
    disconnects, opposite of -forever. This is the Default.
    -forever Keep listening for more connections rather than exiting
    as soon as the first client(s) disconnect. Same as -many
    -loop Create an outer loop restarting the x11vnc process
    whenever it terminates. -bg and -inetd are ignored in
    this mode. Useful for continuing even if the X server
    terminates and restarts (you will need permission to
    reconnect of course). Use, e.g., -loop100 to sleep
    100 millisecs between restarts, etc. Default is 2000ms
    (i.e. 2 secs) Use, e.g. -loop300,5 to sleep 300 ms
    and only loop 5 times.
    -timeout n Exit unless a client connects within the first n seconds
    after startup.
    -inetd Launched by inetd(8): stdio instead of listening socket.
    Note: if you are not redirecting stderr to a log file
    (via shell 2> or -o option) you MUST also specify the -q
    option, otherwise the stderr goes to the viewer which
    will cause it to abort. Specifying both -inetd and -q
    and no -o will automatically close the stderr.
    -nofilexfer Disable the TightVNC file transfer extension. (same as
    -disablefiletransfer). Note that when the -viewonly
    option is supplied all file transfers are disabled.
    Also clients that log in viewonly cannot transfer files.
    However, if the remote control mechanism is used to
    change the global or per-client viewonly state the
    filetransfer permissions will NOT change.
    -http Instead of using -httpdir (see below) to specify
    where the Java vncviewer applet is, have x11vnc try
    to *guess* where the directory is by looking relative
    to the program location and in standard locations
    (/usr/local/share/x11vnc/classes, etc).
    -connect string For use with "vncviewer -listen" reverse connections.
    If "string" has the form "host" or "host:port"
    the connection is made once at startup. Use commas
    for a list of host's and host:port's.

    Note that unlike most vnc servers, x11vnc will require a
    password for reverse as well as for forward connections.
    (provided password auth has been enabled, -rfbauth, etc)
    If you do not want to require a password for reverse
    connections set X11VNC_REVERSE_CONNECTION_NO_AUTH=1 in
    your environment before starting x11vnc.

    If "string" contains "/" it is instead interpreted
    as a file to periodically check for new hosts.
    The first line is read and then the file is truncated.
    Be careful for this usage mode if x11vnc is running as
    root (e.g. via gdm(1), etc).

    -vncconnect Monitor the VNC_CONNECT X property set by the standard
    -novncconnect VNC program vncconnect(1). When the property is
    set to "host" or "host:port" establish a reverse
    connection. Using xprop(1) instead of vncconnect may
    work (see the FAQ). The -remote control mechanism uses
    X11VNC_REMOTE channel, and this option disables/enables
    it as well. Default: -vncconnect

    -allow host1[,host2..] Only allow client connections from hosts matching
    the comma separated list of hostnames or IP addresses.
    Can also be a numerical IP prefix, e.g. "192.168.100."
    to match a simple subnet, for more control build
    libvncserver with libwrap support (See the FAQ). If the
    list contains a "/" it instead is a interpreted as a
    file containing addresses or prefixes that is re-read
    each time a new client connects. Lines can be commented
    out with the "#" character in the usual way.
    -localhost Same as "-allow 127.0.0.1".

    Note: if you want to restrict which network interface
    x11vnc listens on, see the -listen option below.
    E.g. "-listen localhost" or "-listen 192.168.3.21".
    As a special case, the option "-localhost" implies
    "-listen localhost".

    For non-localhost -listen usage, if you use the remote
    control mechanism (-R) to change the -listen interface
    you may need to manually adjust the -allow list (and
    vice versa) to avoid situations where no connections
    (or too many) are allowed.

    -nolookup Do not use gethostbyname() or gethostbyaddr() to look up
    host names or IP numbers. Use this if name resolution
    is incorrectly set up and leads to long pauses as name
    lookups time out, etc.

    -input string Fine tuning of allowed user input. If "string" does
    not contain a comma "," the tuning applies only to
    normal clients. Otherwise the part before "," is for
    normal clients and the part after for view-only clients.
    "K" is for Keystroke input, "M" for Mouse-motion
    input, "B" for Button-click input, and "C" is for
    Clipboard input. Their presence in the string enables
    that type of input. E.g. "-input M" means normal
    users can only move the mouse and "-input KMBC,M"
    lets normal users do anything and enables view-only
    users to move the mouse. This option is ignored when
    a global -viewonly is in effect (all input is discarded
    in that case).

    -viewpasswd string Supply a 2nd password for view-only logins. The -passwd
    (full-access) password must also be supplied.

    -passwdfile filename Specify the libvncserver password via the first line
    of the file "filename" (instead of via -passwd on
    the command line where others might see it via ps(1)).
    See below for how to supply multiple passwords.

    If the filename is prefixed with "rm:" it will be
    removed after being read. Perhaps this is useful in
    limiting the readability of the file. In general,
    the password file should not be readable by untrusted
    users (BTW: neither should the VNC -rfbauth file:
    it is NOT encrypted).

    If the filename is prefixed with "read:" it will
    periodically be checked for changes and reread.

    Note that only the first 8 characters of a password
    are used.

    If multiple non-blank lines exist in the file they are
    all taken as valid passwords. Blank lines are ignored.
    Password lines may be "commented out" (ignored) if
    they begin with the charactor "#" or the line contains
    the string "__SKIP__". Lines may be annotated by use
    of the "__COMM__" string: from it to the end of the
    line is ignored. An empty password may be specified
    via the "__EMPTY__" string on a line by itself (note
    your viewer might not accept empty passwords).

    If the string "__BEGIN_VIEWONLY__" appears on a
    line by itself, the remaining passwords are used for
    viewonly access. For compatibility, as a special case
    if the file contains only two password lines the 2nd
    one is automatically taken as the viewonly password.
    Otherwise the "__BEGIN_VIEWONLY__" token must be
    used to have viewonly passwords. (tip: make the 3rd
    and last line be "__BEGIN_VIEWONLY__" to have 2
    full-access passwords)

    -unixpw [list] Use Unix username and password authentication. x11vnc
    uses the su(1) program to verify the user's password.
    [list] is an optional comma separated list of allowed
    Unix usernames. See below for per-user options that
    can be applied.

    A familiar "login:" and "Password:" dialog is
    presented to the user on a black screen inside the
    vncviewer. The connection is dropped if the user fails
    to supply the correct password in 3 tries or does not
    send one before a 25 second timeout. Existing clients
    are view-only during this period.

    Since the detailed behavior of su(1) can vary from
    OS to OS and for local configurations, test the mode
    carefully on your systems before using it in production.
    Test different combinations of valid/invalid usernames
    and valid/invalid passwords to see if it behaves as
    expected. x11vnc will attempt to be conservative and
    reject a login if anything abnormal occurs.

    On FreeBSD and the other BSD's by default it is
    impossible for the user running x11vnc to validate
    his *own* password via su(1) (evidently commenting out
    the pam_self.so entry in /etc/pam.d/su eliminates this
    problem). So the x11vnc login will always *fail* for
    this case (even when the correct password is supplied).

    A possible workaround for this would be to start
    x11vnc as root with the "-users +nobody" option to
    immediately switch to user nobody. Another source of
    problems are PAM modules that prompt for extra info,
    e.g. password aging modules. These logins will fail
    as well even when the correct password is supplied.

    **IMPORTANT**: to prevent the Unix password being sent
    in *clear text* over the network, one of two schemes
    will be enforced: 1) the -ssl builtin SSL mode, or 2)
    require both -localhost and -stunnel be enabled.

    Method 1) ensures the traffic is encrypted between
    viewer and server. A PEM file will be required, see the
    discussion under -ssl below (under some circumstances
    a temporary one can be automatically generated).

    Method 2) requires the viewer connection to appear
    to come from the same machine x11vnc is running on
    (e.g. from a ssh -L port redirection). And that the
    -stunnel SSL mode be used for encryption over the
    network.(see the description of -stunnel below).

    Note: as a convenience, if you ssh(1) in and start
    x11vnc it will check if the environment variable
    SSH_CONNECTION is set and appears reasonable. If it
    does, then the -ssl or -stunnel requirement will be
    dropped since it is assumed you are using ssh for the
    encrypted tunnelling. -localhost is still enforced.
    Use -ssl or -stunnel to force SSL usage even if
    SSH_CONNECTION is set.

    To override the above restrictions you can set
    environment variables before starting x11vnc:

    Set UNIXPW_DISABLE_SSL=1 to disable requiring either
    -ssl or -stunnel. Evidently you will be using a
    different method to encrypt the data between the
    vncviewer and x11vnc: perhaps ssh(1) or an IPSEC VPN.

    Note that use of -localhost with ssh(1) is roughly
    the same as requiring a Unix user login (since a Unix
    password or the user's public key authentication is
    used by sshd on the machine where x11vnc runs and only
    local connections from that machine are accepted)

    Set UNIXPW_DISABLE_LOCALHOST=1 to disable the -localhost
    requirement in Method 2). One should never do this
    (i.e. allow the Unix passwords to be sniffed on the
    network).

    Regarding reverse connections (e.g. -R connect:host
    and -connect host), when the -localhost constraint is
    in effect then reverse connections can only be used
    to connect to the same machine x11vnc is running on
    (default port 5500). Please use a ssh or stunnel port
    redirection to the viewer machine to tunnel the reverse
    connection over an encrypted channel. Note that in -ssl
    mode reverse connection are disabled (see below).

    In -inetd mode the Method 1) will be enforced (not
    Method 2). With -ssl in effect reverse connections
    are disabled. If you override this via env. var, be
    sure to also use encryption from the viewer to inetd.
    Tip: you can also have your own stunnel spawn x11vnc
    in -inetd mode (thereby bypassing inetd). See the FAQ
    for details.

    The user names in the comma separated [list] can have
    per-user options after a ":", e.g. "fred:opts"
    where "opts" is a "+" separated list of
    "viewonly", "fullaccess", "input=XXXX", or
    "deny", e.g. "karl,fred:viewonly,boss:input=M".
    For "input=" it is the K,M,B,C described under -input.

    If a user in the list is "*" that means those
    options apply to all users. It also means all users
    are allowed to log in after supplying a valid password.
    Use "deny" to explicitly deny some users if you use
    "*" to set a global option.

    There are also some utilities for testing password
    if [list] starts with the "%" character. See the
    quick_pw() function in the source for details.

    -unixpw_nis [list] As -unixpw above, however do not use su(1) but rather
    use the traditional getpwnam(3) + crypt(3) method to
    verify passwords instead. This requires that the
    encrypted passwords be readable. Passwords stored
    in /etc/shadow will be inaccessible unless x11vnc
    is run as root.

    This is called "NIS" mode simply because in most
    NIS setups the user encrypted passwords are accessible
    (e.g. "ypcat passwd"). NIS is not required for this
    mode to work (only that getpwnam(3) return the encrypted
    password is required), but it is unlikely it will work
    for any other modern environment. All of the -unixpw
    options and contraints apply.

    -display WAIT:... A special usage mode for the normal -display option.
    Useful with -unixpw, but can be used independently
    of it. If the display string begins with WAIT: then
    x11vnc waits until a VNC client connects before opening
    the X display (or -rawfb device).

    This could be useful for delaying opening the display
    for certain usage modes (say if x11vnc is started at
    boot time and no X server is running or users logged
    in yet).

    If the string is, e.g. WAIT:0.0 or WAIT:1, i.e. "WAIT"
    in front of a normal X display, then that indicated
    display is used. A more interesting case is like this:

    WAIT:cmd=/usr/local/bin/find_display

    in which case the command after "cmd=" is run to
    dynamically work out the DISPLAY and optionally the
    XAUTHORITY data. The first line of the command output
    must be of the form DISPLAY=<xdisplay>. Any remaining
    output is taken as XAUTHORITY data. It can be either
    of the form XAUTHORITY=<file> or raw xauthority data for
    the display (e.g. "xauth extract - $DISPLAY" output).

    In the case of -unixpw, then the above command is run
    as the user who just authenticated via the login and
    password prompt.

    Thus the combination of -display WAIT:cmd=... and
    -unixpw allows automatic pairing of an unix
    authenticated VNC user with his desktop. This could
    be very useful on SunRays and also any system where
    multiple users share a given machine. The user does
    not need to remember special ports or passwords set up
    for his desktop and VNC.

    A nice way to use WAIT:cmd=... is out of inetd(8)
    (it automatically forks a new x11vnc for each user).
    You can have the x11vnc inetd spawned process run as,
    say, root or nobody. When run as root (for either
    inetd or display manager), you can also supply the
    option "-users unixpw=" to have the x11vnc process
    switch to the user as well. Note: there will be a 2nd
    SSL helper process that will not switch, but it is only
    encoding and decoding the stream at that point.

    As a special case, WAIT:cmd=FINDDISPLAY will run
    a script that works on most Unixes to determine a
    user's DISPLAY variable and xauthority data. To have
    this default script printed to stdout (e.g. for
    customization) run with WAIT:cmd=FINDDISPLAY-print

    Finally, one can insert a geometry between colons,
    e.g. WAIT:1280x1024:... to set the size of the display
    the VNC client first attaches to since some VNC viewers
    will not automatically adjust to a new framebuffer size.

    -ssl [pem] Use the openssl library (www.openssl.org) to provide a
    built-in encrypted SSL tunnel between VNC viewers and
    x11vnc. This requires libssl support to be compiled
    into x11vnc at build time. If x11vnc is not built
    with libssl support it will exit immediately when -ssl
    is prescribed.

    [pem] is optional, use "-ssl /path/to/mycert.pem"
    to specify a PEM certificate file to use to identify
    and provide a key for this server. See openssl(1) for
    more info about PEMs and the -sslGenCert option below.

    The connecting VNC viewer SSL tunnel can optionally
    authenticate this server if they have the public
    key part of the certificate (or a common certificate
    authority, CA, is a more sophisicated way to verify
    this server's cert, see -sslGenCA below). This is
    used to prevent man-in-the-middle attacks. Otherwise,
    if the VNC viewer accepts this server's key without
    verification, at least the traffic is protected
    from passive sniffing on the network (but NOT from
    man-in-the-middle attacks).

    If [pem] is not supplied and the openssl(1) utility
    command exists in PATH, then a temporary, self-signed
    certificate will be generated for this session (this
    may take 5-30 seconds on slow machines). If openssl(1)
    cannot be used to generate a temporary certificate
    x11vnc exits immediately.

    If successful in using openssl(1) to generate a
    temporary certificate, the public part of it will be
    displayed to stderr (e.g. one could copy it to the
    client-side to provide authentication of the server to
    VNC viewers.) See following paragraphs for how to save
    keys to reuse when x11vnc is restarted.

    Set the env. var. X11VNC_SHOW_TMP_PEM=1 to have x11vnc
    print out the entire certificate, including the PRIVATE
    KEY part, to stderr. One could reuse this cert if saved
    in a [pem] file. Similarly, set X11VNC_KEEP_TMP_PEM=1
    to not delete the temporary PEM file: the file name
    will be printed to stderr (so one could move it to
    a safe place for reuse). You will be prompted for a
    passphrase for the private key.

    If [pem] is "SAVE" then the certificate will be saved
    to the file ~/.vnc/certs/server.pem, or if that file
    exists it will be used directly. Similarly, if [pem]
    is "SAVE_PROMPT" the server.pem certificate will be
    made based on your answers to its prompts for info such
    as OrganizationalName, CommonName, etc.

    Use "SAVE-<string>" and "SAVE_PROMPT-<string>"
    to refer to the file ~/.vnc/certs/server-<string>.pem
    instead. E.g. "SAVE-charlie" will store to the file
    ~/.vnc/certs/server-charlie.pem

    See -ssldir below to use a directory besides the
    default ~/.vnc/certs

    Example: x11vnc -ssl SAVE -display :0 ...

    Reverse connections are disabled in -ssl mode because
    there is no way to ensure that data channel will
    be encrypted. Set X11VNC_SSL_ALLOW_REVERSE=1 to
    override this.

    Your VNC viewer will also need to be able to connect
    via SSL. See the discussion below under -stunnel and
    the FAQ (ssl_vncviewer script) for how this might be
    achieved. E.g. on Unix it is easy to write a shell
    script that starts up stunnel and then vncviewer.
    Also in the x11vnc source a SSL enabled Java VNC Viewer
    applet is provided in the classes/ssl directory.

    -ssldir [dir] Use [dir] as an alternate ssl certificate and key
    management toplevel directory. The default is
    ~/.vnc/certs

    This directory is used to store server and other
    certificates and keys and also other materials. E.g. in
    the simplest case, "-ssl SAVE" will store the x11vnc
    server cert in [dir]/server.pem

    Use of alternate directories via -ssldir allows you to
    manage multiple VNC Certificate Authority (CA) keys.
    Another use is if ~/.vnc/cert is on an NFS share you
    might want your certificates and keys to be on a local
    filesystem to prevent network snooping (for example
    -ssldir /var/lib/x11vnc-certs).

    -ssldir affects nearly all of the other -ssl* options,
    e.g. -ssl SAVE, -sslGenCert, etc..

    -sslverify [path] For either of the -ssl or -stunnel modes, use [path]
    to provide certificates to authenticate incoming VNC
    *Client* connections (normally only the server is
    authenticated in SSL.) This can be used as a method
    to replace standard password authentication of clients.

    If [path] is a directory it contains the client (or CA)
    certificates in separate files. If [path] is a file,
    it contains multiple certificates. See special tokens
    below. These correspond to the "CApath = dir" and
    "CAfile = file" stunnel options. See the stunnel(8)
    manpage for details.

    Examples:
    x11vnc -ssl -sslverify ~/my.pem
    x11vnc -ssl -sslverify ~/my_pem_dir/

    Note that if [path] is a directory, it must contain
    the certs in separate files named like <HASH>.0, where
    the value of <HASH> is found by running the command
    "openssl x509 -hash -noout -in file.crt". Evidently
    one uses <HASH>.1 if there is a collision...

    The the key-management utility "-sslCertInfo HASHON"
    and "-sslCertInfo HASHOFF" will create/delete these
    hashes for you automatically (via symlink) in the HASH
    subdirs it manages. Then you can point -sslverify to
    the HASH subdir.

    Special tokens: in -ssl mode, if [path] is not a file or
    a directory, it is taken as a comma separated list of
    tokens that are interpreted as follows:

    If a token is "CA" that means load the CA/cacert.pem
    file from the ssl directory. If a token is "clients"
    then all the files clients/*.crt in the ssl directory
    are loaded. Otherwise the file clients/token.crt
    is attempted to be loaded. As a kludge, use a token
    like ../server-foo to load a server cert if you find
    that necessary.

    Use -ssldir to use a directory different from the
    ~/.vnc/certs default.

    Note that if the "CA" cert is loaded you do not need
    to load any of the certs that have been signed by it.
    You will need to load any additional self-signed certs
    however.

    Examples:
    x11vnc -ssl -sslverify CA
    x11vnc -ssl -sslverify self:fred,self:jim
    x11vnc -ssl -sslverify CA,clients

    Usually "-sslverify CA" is the most effective.
    See the -sslGenCA and -sslGenCert options below for
    how to set up and manage the CA framework.



    NOTE: the following utilities, -sslGenCA, -sslGenCert,
    -sslEncKey, and -sslCertInfo are provided for
    completeness, but for casual usage they are overkill.

    They provide VNC Certificate Authority (CA) key creation
    and server / client key generation and signing. So they
    provide a basic Public Key management framework for
    VNC-ing with x11vnc. (note that they require openssl(1)
    be installed on the system)

    However, the simplest usage mode (where x11vnc
    automatically generates its own, self-signed, temporary
    key and the VNC viewers always accept it, e.g. accepting
    via a dialog box) is probably safe enough for most
    scenarios. CA management is not needed.

    To protect against Man-In-The-Middle attacks the
    simplest mode can be improved by using "-ssl SAVE"
    to have x11vnc create a longer term self-signed
    certificate, and then (safely) copy the corresponding
    public key cert to the desired client machines (care
    must be taken the private key part is not stolen;
    you will be prompted for a passphrase).

    So keep in mind no CA key creation or management
    (-sslGenCA and -sslGenCert) is needed for either of
    the above two common usage modes.

    One might want to use -sslGenCA and -sslGenCert
    if you had a large number of VNC client and server
    workstations. That way the administrator could generate
    a single CA key with -sslGenCA and distribute its
    certificate part to all of the workstations.

    Next, he could create signed VNC server keys
    (-sslGenCert server ...) for each workstation or user
    that then x11vnc would use to authenticate itself to
    any VNC client that has the CA cert.

    Optionally, the admin could also make it so the
    VNC clients themselves are authenticated to x11vnc
    (-sslGenCert client ...) For this -sslverify would be
    pointed to the CA cert (and/or self-signed certs).

    x11vnc will be able to use all of these cert and
    key files. On the VNC client side, they will need to
    be "imported" somehow. Web browsers have "Manage
    Certificates" actions as does the Java applet plugin
    Control Panel. stunnel can also use these files (see
    the ssl_vncviewer example script in the FAQ.)

    -sslGenCA [dir] Generate your own Certificate Authority private key,
    certificate, and other files in directory [dir].

    If [dir] is not supplied, a -ssldir setting is used,
    or otherwise ~/.vnc/certs is used.

    This command also creates directories where server and
    client certs and keys will be stored. The openssl(1)
    program must be installed on the system and available
    in PATH.

    After the CA files and directories are created the
    command exits; the VNC server is not run.

    You will be prompted for information to put into the CA
    certificate. The info does not have to be accurate just
    as long as clients accept the cert for VNC connections.
    You will also need to supply a passphrase of at least
    4 characters for the CA private key.

    Once you have generated the CA you can distribute
    its certificate part, [dir]/CA/cacert.pem, to other
    workstations where VNC viewers will be run. One will
    need to "import" this certicate in the applications,
    e.g. Web browser, Java applet plugin, stunnel, etc.
    Next, you can create and sign keys using the CA with
    the -sslGenCert option below.

    Examples:
    x11vnc -sslGenCA
    x11vnc -sslGenCA ~/myCAdir
    x11vnc -ssldir ~/myCAdir -sslGenCA

    (the last two lines are equivalent)

    -sslGenCert type name Generate a VNC server or client certificate and private
    key pair signed by the CA created previously with
    -sslGenCA. The openssl(1) program must be installed
    on the system and available in PATH.

    After the Certificate is generated the command exits;
    the VNC server is not run.

    The type of key to be generated is the string "type".
    It is either "server" (i.e. for use by x11vnc) or
    "client" (for a VNC viewer). Note that typically
    only "server" is used: the VNC clients authenticate
    themselves by a non-public-key method (e.g. VNC or
    unix password). "type" is required.

    An arbitrary default name you want to associate with
    the key is supplied by the "name" string. You can
    change it at the various prompts when creating the key.
    "name" is optional.

    If name is left blank for clients keys then "nobody"
    is used. If left blank for server keys, then the
    primary server key: "server.pem" is created (this
    is the saved one referenced by "-ssl SAVE" when the
    server is started)

    If "name" begins with the string "self:" then
    a self-signed certificate is created instead of one
    signed by your CA key.

    If "name" begins with the string "req:" then only a
    key (.key) and a certificate signing *request* (.req)
    are generated. You can then send the .req file to
    an external CA (even a professional one, e.g. Thawte)
    and then combine the .key and the received cert into
    the .pem file with the same basename.

    The distinction between "server" and "client" is
    simply the choice of output filenames and sub-directory.
    This makes it so the -ssl SAVE-name option can easily
    pick up the x11vnc PEM file this option generates.
    And similarly makes it easy for the -sslverify option
    to pick up your client certs.

    There is nothing special about the filename or directory
    location of either the "server" and "client" certs.
    You can rename the files or move them to wherever
    you like.

    Precede this option with -ssldir [dir] to use a
    directory other than the default ~/.vnc/certs You will
    need to run -sslGenCA on that directory first before
    doing any -sslGenCert key creation.

    Note you cannot recreate a cert with exactly the same
    distiguished name (DN) as an existing one. To do so,
    you will need to edit the [dir]/CA/index.txt file to
    delete the line.

    Similar to -sslGenCA, you will be prompted to fill
    in some information that will be recorded in the
    certificate when it is created. Tip: if you know
    the fully-quailified hostname other people will be
    connecting to you can use that as the CommonName "CN"
    to avoid some applications (e.g. web browsers and java
    plugin) complaining it does not match the hostname.

    You will also need to supply the CA private key
    passphrase to unlock the private key created from
    -sslGenCA. This private key is used to sign the server
    or client certicate.

    The "server" certs can be used by x11vnc directly by
    pointing to them via the -ssl [pem] option. The default
    file will be ~/.vnc/certs/server.pem. This one would
    be used by simply typing -ssl SAVE. The pem file
    contains both the certificate and the private key.
    server.crt file contains the cert only.

    The "client" cert + private key file will need
    to be copied and imported into the VNC viewer
    side applications (Web browser, Java plugin,
    stunnel, etc.) Once that is done you can delete the
    "client" private key file on this machine since
    it is only needed on the VNC viewer side. The,
    e.g. ~/.vnc/certs/clients/<name>.pem contains both
    the cert and private key. The <name>.crt contains the
    certificate only.

    NOTE: It is very important to know one should always
    generate new keys with a passphrase. Otherwise if an
    untrusted user steals the key file he could use it to
    masquerade as the x11vnc server (or VNC viewer client).
    You will be prompted whether to encrypt the key with
    a passphrase or not. It is recommended that you do.
    One inconvenience to a passphrase is that it must
    be suppled every time x11vnc or the client app is
    started up.

    Examples:

    x11vnc -sslGenCert server
    x11vnc -ssl SAVE -display :0 ...

    and then on viewer using ssl_vncviewer stunnel wrapper
    (see the FAQ):
    ssl_vncviewer -verify ./cacert.crt hostname:0

    (this assumes the cacert.crt cert from -sslGenCA
    was safely copied to the VNC viewer machine where
    ssl_vncviewer is run)

    Example using a name:

    x11vnc -sslGenCert server charlie
    x11vnc -ssl SAVE-charlie -display :0 ...

    Example for a client certificate (rarely used):

    x11vnc -sslGenCert client roger
    scp ~/.vnc/certs/clients/roger.pem somehost:.
    rm ~/.vnc/certs/clients/roger.pem

    x11vnc is then started with the the option -sslverify
    ~/.vnc/certs/clients/roger.crt (or simply -sslverify
    roger), and on the viewer user on somehost could do
    for example:

    ssl_vncviewer -mycert ./roger.pem hostname:0

    -sslEncKey [pem] Utility to encrypt an existing PEM file with a
    passphrase you supply when prompted. For that key to be
    used (e.g. by x11vnc) the passphrase must be supplied
    each time.

    The "SAVE" notation described under -ssl applies as
    well. (precede this option with -ssldir [dir] to refer
    a directory besides the default ~/.vnc/certs)

    The openssl(1) program must be installed on the system
    and available in PATH. After the Key file is encrypted
    the command exits; the VNC server is not run.

    Examples:
    x11vnc -sslEncKey /path/to/foo.pem
    x11vnc -sslEncKey SAVE
    x11vnc -sslEncKey SAVE-charlie

    -sslCertInfo [pem] Prints out information about an existing PEM file.
    In addition the public certificate is also printed.
    The openssl(1) program must be in PATH. Basically the
    command "openssl x509 -text" is run on the pem.

    The "SAVE" notation described under -ssl applies
    as well.

    Using "LIST" will give a list of all certs being
    managed (in the ~/.vnc/certs dir, use -ssldir to refer
    to another dir). "ALL" will print out the info for
    every managed key (this can be very long). Giving a
    client or server cert shortname will also try a lookup
    (e.g. -sslCertInfo charlie). Use "LISTL" or "LL"
    for a long (ls -l style) listing.

    Using "HASHON" will create subdirs [dir]/HASH and
    [dir]/HASH with OpenSSL hash filenames (e.g. 0d5fbbf1.0)
    symlinks pointing up to the corresponding *.crt file.
    ([dir] is ~/.vnc/certs or one given by -ssldir.)
    This is a useful way for other OpenSSL applications
    (e.g. stunnel) to access all of the certs without
    having to concatenate them. x11vnc will not use them
    unless you specifically reference them. "HASHOFF"
    removes these HASH subdirs.

    The LIST, LISTL, LL, ALL, HASHON, HASHOFF words can
    also be lowercase, e.g. "list".

    -sslDelCert [pem] Prompts you to delete all .crt .pem .key .req files
    associated with [pem]. "SAVE" and lookups as in
    -sslCertInfo apply as well.


    -stunnel [pem] Use the stunnel(8) (www.stunnel.org) to provide an
    encrypted SSL tunnel between viewers and x11vnc.

    This external tunnel method was implemented prior to the
    integrated -ssl encryption described above. It still
    works well. This requires stunnel to be installed
    on the system and available via PATH (n.b. stunnel is
    often installed in sbin directories). Version 4.x of
    stunnel is assumed (but see -stunnel3 below.)

    [pem] is optional, use "-stunnel /path/to/stunnel.pem"
    to specify a PEM certificate file to pass to stunnel.
    Whether one is needed or not depends on your stunnel
    configuration. stunnel often generates one at install
    time. See the stunnel documentation for details.

    stunnel is started up as a child process of x11vnc and
    any SSL connections stunnel receives are decrypted and
    sent to x11vnc over a local socket. The strings
    "The SSL VNC desktop is ..." and "SSLPORT=..."
    are printed out at startup to indicate this.

    The -localhost option is enforced by default
    to avoid people routing around the SSL channel.
    Set STUNNEL_DISABLE_LOCALHOST=1 before starting x11vnc
    to disable the requirement.

    Your VNC viewer will also need to be able to connect via
    SSL. Unfortunately not too many do this. UltraVNC has
    an encryption plugin but it does not seem to be SSL.

    Also, in the x11vnc distribution, a patched TightVNC
    Java applet is provided in classes/ssl that does SSL
    connections (only).

    It is also not too difficult to set up an stunnel or
    other SSL tunnel on the viewer side. A simple example
    on Unix using stunnel 3.x is:

    % stunnel -c -d localhost:5901 -r remotehost:5900
    % vncviewer localhost:1

    For Windows, stunnel has been ported to it and there
    are probably other such tools available. See the FAQ
    for more examples.

    -stunnel3 [pem] Use version 3.x stunnel command line syntax instead of
    version 4.x

    -https [port] Choose a separate HTTPS port (-ssl mode only).

    In -ssl mode, it turns out you can use the
    single VNC port (e.g. 5900) for both VNC and HTTPS
    connections. (HTTPS is used to retrieve a SSL-aware
    VncViewer.jar applet that is provided with x11vnc).
    Since both use SSL the implementation was extended to
    detect if HTTP traffic (i.e. GET) is taking place and
    handle it accordingly. The URL would be, e.g.:

    https://mymachine.org:5900/

    This is convenient for firewalls, etc, because only one
    port needs to be allowed in. However, this heuristic
    adds a few seconds delay to each connection and can be
    unreliable (especially if the user takes much time to
    ponder the Certificate dialogs in his browser, Java VM,
    or VNC Viewer applet. That's right 3 separate "Are
    you sure you want to connect" dialogs!)

    So use the -https option to provide a separate, more
    reliable HTTPS port that x11vnc will listen on. If
    [port] is not provided (or is 0), one is autoselected.
    The URL to use is printed out at startup.

    The SSL Java applet directory is specified via the
    -httpdir option. If not supplied it will try to guess
    the directory as though the -http option was supplied.

    -usepw If no other password method was supplied on the command
    line, first look for ~/.vnc/passwd and if found use it
    with -rfbauth; next, look for ~/.vnc/passwdfile and
    use it with -passwdfile; otherwise, prompt the user
    for a password to create ~/.vnc/passwd and use it with
    the -rfbauth option. If none of these succeed x11vnc
    exits immediately.

    Note: -unixpw currently does not count as a password
    method by this option.

    -storepasswd pass file Store password "pass" as the VNC password in the
    file "file". Once the password is stored the
    program exits. Use the password via "-rfbauth file"

    If called with no arguments, "x11vnc -storepasswd",
    the user is prompted for a password and it is stored
    in the file ~/.vnc/passwd. Called with one argument,
    that will be the file to store the prompted password in.

    -nopw Disable the big warning message when you use x11vnc
    without some sort of password.

    -accept string Run a command (possibly to prompt the user at the
    X11 display) to decide whether an incoming client
    should be allowed to connect or not. "string" is
    an external command run via system(3) or some special
    cases described below. Be sure to quote "string"
    if it contains spaces, shell characters, etc. If the
    external command returns 0 the client is accepted,
    otherwise the client is rejected. See below for an
    extension to accept a client view-only.

    If x11vnc is running as root (say from inetd(8) or from
    display managers xdm(1), gdm(1), etc), think about the
    security implications carefully before supplying this
    option (likewise for the -gone option).

    Environment: The RFB_CLIENT_IP environment variable will
    be set to the incoming client IP number and the port
    in RFB_CLIENT_PORT (or -1 if unavailable). Similarly,
    RFB_SERVER_IP and RFB_SERVER_PORT (the x11vnc side
    of the connection), are set to allow identification
    of the tcp virtual circuit. The x11vnc process
    id will be in RFB_X11VNC_PID, a client id number in
    RFB_CLIENT_ID, and the number of other connected clients
    in RFB_CLIENT_COUNT. RFB_MODE will be "accept".
    RFB_STATE will be PROTOCOL_VERSION, SECURITY_TYPE,
    AUTHENTICATION, INITIALISATION, NORMAL, or UNKNOWN
    indicating up to which state the client has acheived.
    RFB_LOGIN_VIEWONLY will be 0, 1, or -1 (unknown).
    RFB_USERNAME, RFB_LOGIN_TIME, and RFB_CURRENT_TIME may
    also be set.

    If "string" is "popup" then a builtin popup window
    is used. The popup will time out after 120 seconds,
    use "popup:N" to modify the timeout to N seconds
    (use 0 for no timeout).

    If "string" is "xmessage" then an xmessage(1)
    invocation is used for the command. xmessage must be
    installed on the machine for this to work.

    Both "popup" and "xmessage" will present an option
    for accepting the client "View-Only" (the client
    can only watch). This option will not be presented if
    -viewonly has been specified, in which case the entire
    display is view only.

    If the user supplied command is prefixed with something
    like "yes:0,no:*,view:3 mycommand ..." then this
    associates the numerical command return code with
    the actions: accept, reject, and accept-view-only,
    respectively. Use "*" instead of a number to indicate
    the default action (in case the command returns an
    unexpected value). E.g. "no:*" is a good choice.

    Note that x11vnc blocks while the external command
    or popup is running (other clients may see no updates
    during this period). So a person sitting a the physical
    display is needed to respond to an popup prompt. (use
    a 2nd x11vnc if you lock yourself out).

    More -accept tricks: use "popupmouse" to only allow
    mouse clicks in the builtin popup to be recognized.
    Similarly use "popupkey" to only recognize
    keystroke responses. These are to help avoid the
    user accidentally accepting a client by typing or
    clicking. All 3 of the popup keywords can be followed
    by +N+M to supply a position for the popup window.
    The default is to center the popup window.
    -afteraccept string As -accept, except to run a user supplied command after
    a client has been accepted and authenticated. RFB_MODE
    will be set to "afteraccept" and the other RFB_*
    variables are as in -accept. Unlike -accept, the
    command return code is not interpreted by x11vnc.
    Example: -afteraccept 'killall xlock &'
    -gone string As -accept, except to run a user supplied command when
    a client goes away (disconnects). RFB_MODE will be
    set to "gone" and the other RFB_* variables are as
    in -accept. The "popup" actions apply as well.
    Unlike -accept, the command return code is not
    interpreted by x11vnc. Example: -gone 'xlock &'

    -users list If x11vnc is started as root (say from inetd(8) or from
    display managers xdm(1), gdm(1), etc), then as soon
    as possible after connections to the X display are
    established try to switch to one of the users in the
    comma separated "list". If x11vnc is not running as
    root this option is ignored.

    Why use this option? In general it is not needed since
    x11vnc is already connected to the X display and can
    perform its primary functions. The option was added
    to make some of the *external* utility commands x11vnc
    occasionally runs work properly. In particular under
    GNOME and KDE to implement the "-solid color" feature
    external commands (gconftool-2 and dcop) unfortunately
    must be run as the user owning the desktop session.
    Since this option switches userid it also affects the
    userid used to run the processes for the -accept and
    -gone options. It also affects the ability to read
    files for options such as -connect, -allow, and -remap.
    Note that the -connect file is also sometimes written
    to.

    So be careful with this option since in some situations
    its use can decrease security.

    In general the switch to a user will only take place
    if the display can still be successfully opened as that
    user (this is primarily to try to guess the actual owner
    of the session). Example: "-users fred,wilma,betty".
    Note that a malicious user "barney" by quickly using
    "xhost +" when logging in may possibly get the x11vnc
    process to switch to user "fred". What happens next?

    Under display managers it may be a long time before
    the switch succeeds (i.e. a user logs in). To instead
    make it switch immediately regardless if the display
    can be reopened prefix the username with the "+"
    character. E.g. "-users +bob" or "-users +nobody".

    The latter (i.e. switching immediately to user
    "nobody") is probably the only use of this option
    that increases security.

    In -unixpw mode, if "-users unixpw=" is supplied
    then after a user authenticates himself via the
    -unixpw mechanism, x11vnc will try to switch to that
    user as though "-users +username" had been supplied.
    If you want to limit which users this will be done for,
    provide them as a comma separated list after "unixpw="

    To immediately switch to a user *before* connections
    to the X display are made or any files opened use the
    "=" character: "-users =bob". That user needs to
    be able to open the X display and any files of course.

    The special user "guess=" means to examine the utmpx
    database (see who(1)) looking for a user attached to
    the display number (from DISPLAY or -display option)
    and try him/her. To limit the list of guesses, use:
    "-users guess=bob,betty".

    Even more sinister is the special user "lurk="
    that means to try to guess the DISPLAY from the utmpx
    login database as well. So it "lurks" waiting for
    anyone to log into an X session and then connects to it.
    Specify a list of users after the = to limit which users
    will be tried. To enable a different searching mode, if
    the first user in the list is something like ":0" or
    ":0-2" that indicates a range of DISPLAY numbers that
    will be tried (regardless of whether they are in the
    utmpx database) for all users that are logged in. Also
    see the "-display WAIT:..." functionality. Examples:
    "-users lurk=" and also "-users lurk=:0-1,bob,mary"

    Be especially careful using the "guess=" and "lurk="
    modes. They are not recommended for use on machines
    with untrustworthy local users.

    -noshm Do not use the MIT-SHM extension for the polling.
    Remote displays can be polled this way: be careful this
    can use large amounts of network bandwidth. This is
    also of use if the local machine has a limited number
    of shm segments and -onetile is not sufficient.
    -flipbyteorder Sometimes needed if remotely polled host has different
    endianness. Ignored unless -noshm is set.
    -onetile Do not use the new copy_tiles() framebuffer mechanism,
    just use 1 shm tile for polling. Limits shm segments
    used to 3.

    -solid [color] To improve performance, when VNC clients are connected
    try to change the desktop background to a solid color.
    The [color] is optional: the default color is "cyan4".
    For a different one specify the X color (rgb.txt name,
    e.g. "darkblue" or numerical "#RRGGBB").

    Currently this option only works on GNOME, KDE, CDE,
    and classic X (i.e. with the background image on the
    root window). The "gconftool-2" and "dcop" external
    commands are run for GNOME and KDE respectively.
    Other desktops won't work, e.g. Xfce (send us the
    corresponding commands if you find them). If x11vnc is
    running as root (inetd(8) or gdm(1)), the -users option
    may be needed for GNOME and KDE. If x11vnc guesses
    your desktop incorrectly, you can force it by prefixing
    color with "gnome:", "kde:", "cde:" or "root:".
    -blackout string Black out rectangles on the screen. "string" is a
    comma separated list of WxH+X+Y type geometries for
    each rectangle. If one of the items on the list is the
    string "noptr" the mouse pointer will not be allowed
    to go into a blacked out region.
    -xinerama If your screen is composed of multiple monitors
    -noxinerama glued together via XINERAMA, and that screen is
    not a rectangle this option will try to guess the
    areas to black out (if your system has libXinerama).
    default: -xinerama

    In general, we have noticed on XINERAMA displays you
    may need to use the "-xwarppointer" option if the mouse
    pointer misbehaves.

    -xtrap Use the DEC-XTRAP extension for keystroke and mouse
    input insertion. For use on legacy systems, e.g. X11R5,
    running an incomplete or missing XTEST extension.
    By default DEC-XTRAP will be used if XTEST server grab
    control is missing, use -xtrap to do the keystroke and
    mouse insertion via DEC-XTRAP as well.

    -xrandr [mode] If the display supports the XRANDR (X Resize, Rotate
    and Reflection) extension, and you expect XRANDR events
    to occur to the display while x11vnc is running, this
    options indicates x11vnc should try to respond to
    them (as opposed to simply crashing by assuming the
    old screen size). See the xrandr(1) manpage and run
    'xrandr -q' for more info. [mode] is optional and
    described below.

    Since watching for XRANDR events and trapping errors
    increases polling overhead, only use this option if
    XRANDR changes are expected. For example on a rotatable
    screen PDA or laptop, or using a XRANDR-aware Desktop
    where you resize often. It is best to be viewing with a
    vncviewer that supports the NewFBSize encoding, since it
    knows how to react to screen size changes. Otherwise,
    libvncserver tries to do so something reasonable for
    viewers that cannot do this (portions of the screen
    may be clipped, unused, etc).

    "mode" defaults to "resize", which means create a
    new, resized, framebuffer and hope all viewers can cope
    with the change. "newfbsize" means first disconnect
    all viewers that do not support the NewFBSize VNC
    encoding, and then resize the framebuffer. "exit"
    means disconnect all viewer clients, and then terminate
    x11vnc.
    -padgeom WxH Whenever a new vncviewer connects, the framebuffer is
    replaced with a fake, solid black one of geometry WxH.
    Shortly afterwards the framebuffer is replaced with the
    real one. This is intended for use with vncviewers
    that do not support NewFBSize and one wants to make
    sure the initial viewer geometry will be big enough
    to handle all subsequent resizes (e.g. under -xrandr,
    -remote id:windowid, rescaling, etc.)

    -o logfile Write stderr messages to file "logfile" instead of
    to the terminal. Same as "-logfile file". To append
    to the file use "-oa file" or "-logappend file".
    -flag file Write the "PORT=NNNN" (e.g. PORT=5900) string to
    "file" in addition to stdout. This option could be
    useful by wrapper script to detect when x11vnc is ready.

    -rc filename Use "filename" instead of $HOME/.x11vncrc for rc file.
    -norc Do not process any .x11vncrc file for options.

    -h, -help Print this help text.
    -?, -opts Only list the x11vnc options.
    -V, -version Print program version and last modification date.

    -dbg Instead of exiting after cleaning up, run a simple
    "debug crash shell" when fatal errors are trapped.

    -q Be quiet by printing less informational output to
    stderr. Same as -quiet.
    -bg Go into the background after screen setup. Messages to
    stderr are lost unless -o logfile is used. Something
    like this could be useful in a script:
    port=`ssh $host "x11vnc -display :0 -bg" | grep PORT`
    port=`echo "$port" | sed -e 's/PORT=//'`
    port=`expr $port - 5900`
    vncviewer $host:$port

    -modtweak Option -modtweak automatically tries to adjust the AltGr
    -nomodtweak and Shift modifiers for differing language keyboards
    between client and host. Otherwise, only a single key
    press/release of a Keycode is simulated (i.e. ignoring
    the state of the modifiers: this usually works for
    identical keyboards). Also useful in resolving cases
    where a Keysym is bound to multiple keys (e.g. "<" + ">"
    and "," + "<" keys). Default: -modtweak
    -xkb When in modtweak mode, use the XKEYBOARD extension (if
    -noxkb the X display supports it) to do the modifier tweaking.
    This is powerful and should be tried if there are still
    keymapping problems when using -modtweak by itself.
    The default is to check whether some common keysyms,
    e.g. !, @, [, are only accessible via -xkb mode and if
    so then automatically enable the mode. To disable this
    automatic detection use -noxkb.

    -capslock When in -modtweak (the default) or -xkb mode,
    if a keysym in the range A-Z comes in check the X
    server to see if the Caps_Lock is set. If it is do
    not artificially press Shift to generate the keysym.
    This will enable the CapsLock key to behave correctly
    in some circumstances: namely *both* the VNC viewer
    machine and the x11vnc X server are in the CapsLock
    on state. If one side has CapsLock on and the other
    off and the keyboard is not behaving as you think it
    should you should correct the CapsLock states (hint:
    pressing CapsLock inside and outside of the viewer can
    help toggle them both to the correct state). However,
    for best results do not use this option, but rather
    *only* enable CapsLock on the VNC viewer side (i.e. by
    pressing CapsLock outside of the viewer window, also
    -skip_lockkeys below). Also try -nomodtweak for a
    possible workaround.

    -skip_lockkeys Have x11vnc ignore all Caps_Lock, Shift_Lock, Num_Lock,
    Scroll_Lock keysyms received from viewers. The idea is
    you press Caps_Lock on the VNC Viewer side but that does
    not change the lock state in the x11vnc-side X server.
    Nevertheless your capitalized letters come in over
    the wire and are applied correctly to the x11vnc-side
    X server. Note this mode probably won't do what you
    want in -nomodtweak mode. Also, a kludge for KP_n
    digits is always done it this mode: they are mapped to
    regular digit keysyms. See also -capslock above.

    -skip_keycodes string Ignore the comma separated list of decimal keycodes.
    Perhaps these are keycodes not on your keyboard but
    your X server thinks exist. Currently only applies
    to -xkb mode. Use this option to help x11vnc in the
    reverse problem it tries to solve: Keysym -> Keycode(s)
    when ambiguities exist (more than one Keycode per
    Keysym). Run 'xmodmap -pk' to see your keymapping.
    Example: "-skip_keycodes 94,114"
    -sloppy_keys Experimental option that tries to correct some
    "sloppy" key behavior. E.g. if at the viewer you
    press Shift+Key but then release the Shift before
    Key that could give rise to extra unwanted characters
    (usually only between keyboards of different languages).
    Only use this option if you observe problems with
    some keystrokes.
    -skip_dups Some VNC viewers send impossible repeated key events,
    -noskip_dups e.g. key-down, key-down, key-up, key-up all for the same
    key, or 20 downs in a row for the same modifier key!
    Setting -skip_dups means to skip these duplicates and
    just process the first event. Note: some VNC viewers
    assume they can send down's without the corresponding
    up's and so you should not set this option for
    these viewers (symptom: some keys do not autorepeat)
    Default: -noskip_dups
    -add_keysyms If a Keysym is received from a VNC viewer and that
    -noadd_keysyms Keysym does not exist in the X server, then add the
    Keysym to the X server's keyboard mapping on an unused
    key. Added Keysyms will be removed periodically and
    also when x11vnc exits. Default: -add_keysyms
    -clear_mods At startup and exit clear the modifier keys by sending
    KeyRelease for each one. The Lock modifiers are skipped.
    Used to clear the state if the display was accidentally
    left with any pressed down.
    -clear_keys As -clear_mods, except try to release any pressed key.
    Note that this option and -clear_mods can interfere
    with a person typing at the physical keyboard.
    -remap string Read Keysym remappings from file named "string".
    Format is one pair of Keysyms per line (can be name
    or hex value) separated by a space. If no file named
    "string" exists, it is instead interpreted as this
    form: key1-key2,key3-key4,... See <X11/keysymdef.h>
    header file for a list of Keysym names, or use xev(1).
    To map a key to a button click, use the fake Keysyms
    "Button1", ..., etc. E.g: "-remap Super_R-Button2"
    (useful for pasting on a laptop)

    To disable a keysym (i.e. make it so it will not be
    injected), remap it to "NoSymbol" or "None".

    Dead keys: "dead" (or silent, mute) keys are keys that
    do not produce a character but must be followed by a 2nd
    keystroke. This is often used for accenting characters,
    e.g. to put "`" on top of "a" by pressing the dead
    key and then "a". Note that this interpretation
    is not part of core X11, it is up to the toolkit or
    application to decide how to react to the sequence.
    The X11 names for these keysyms are "dead_grave",
    "dead_acute", etc. However some VNC viewers send the
    keysyms "grave", "acute" instead thereby disabling
    the accenting. To work around this -remap can be used.
    For example "-remap grave-dead_grave,acute-dead_acute"
    As a convenience, "-remap DEAD" applies these remaps:

    g grave-dead_grave
    a acute-dead_acute
    c asciicircum-dead_circumflex
    t asciitilde-dead_tilde
    m macron-dead_macron
    b breve-dead_breve
    D abovedot-dead_abovedot
    d diaeresis-dead_diaeresis
    o degree-dead_abovering
    A doubleacute-dead_doubleacute
    r caron-dead_caron
    e cedilla-dead_cedilla

    If you just want a subset use the first letter
    label, e.g. "-remap DEAD=ga" to get the first two.
    Additional remaps may also be supplied via commas,
    e.g. "-remap DEAD=ga,Super_R-Button2". Finally,
    "DEAD=missing" means to apply all of the above as
    long as the left hand member is not already in the
    X11 keymap.

    -norepeat Option -norepeat disables X server key auto repeat when
    -repeat VNC clients are connected and VNC keyboard input is
    not idle for more than 5 minutes. This works around a
    repeating keystrokes bug (triggered by long processing
    delays between key down and key up client events: either
    from large screen changes or high latency).
    Default: -norepeat

    Note: your VNC viewer side will likely do autorepeating,
    so this is no loss unless someone is simultaneously at
    the real X display.

    Use "-norepeat N" to set how many times norepeat will
    be reset if something else (e.g. X session manager)
    undoes it. The default is 2. Use a negative value
    for unlimited resets.

    -nofb Ignore video framebuffer: only process keyboard and
    pointer. Intended for use with Win2VNC and x2vnc
    dual-monitor setups.
    -nobell Do not watch for XBell events. (no beeps will be heard)
    Note: XBell monitoring requires the XKEYBOARD extension.
    -nosel Do not manage exchange of X selection/cutbuffer between
    VNC viewers and the X server at all.
    -noprimary Do not poll the PRIMARY selection for changes to send
    back to clients. (PRIMARY is still set on received
    changes, however).
    -nosetprimary Do not set the PRIMARY selection for changes received
    from VNC clients.
    -noclipboard Do not poll the CLIPBOARD selection for changes to send
    back to clients. (CLIPBOARD is still set on received
    changes, however).
    -nosetclipboard Do not set the CLIPBOARD selection for changes
    received from VNC clients.
    -seldir string If direction string is "send", only send the selection
    to viewers, and if it is "recv" only receive it from
    viewers. To work around apps setting the selection
    too frequently and messing up the other end. You can
    actually supply a comma separated list of directions,
    including "debug" to turn on debugging output.

    -cursor [mode] Sets how the pointer cursor shape (little icon at the
    -nocursor mouse pointer) should be handled. The "mode" string
    is optional and is described below. The default
    is to show some sort of cursor shape(s). How this
    is done depends on the VNC viewer and the X server.
    Use -nocursor to disable cursor shapes completely.

    Some VNC viewers support the TightVNC CursorPosUpdates
    and CursorShapeUpdates extensions (cuts down on
    network traffic by not having to send the cursor image
    every time the pointer is moved), in which case these
    extensions are used (see -nocursorshape and -nocursorpos
    below to disable). For other viewers the cursor shape
    is written directly to the framebuffer every time the
    pointer is moved or changed and gets sent along with
    the other framebuffer updates. In this case, there
    will be some lag between the vnc viewer pointer and
    the remote cursor position.

    If the X display supports retrieving the cursor shape
    information from the X server, then the default is
    to use that mode. On Solaris this can be done with
    the SUN_OVL extension using -overlay (see also the
    -overlay_nocursor option). A similar overlay scheme
    is used on IRIX. Xorg (e.g. Linux) and recent Solaris
    Xsun servers support the XFIXES extension to retrieve
    the exact cursor shape from the X server. If XFIXES
    is present it is preferred over Overlay and is used by
    default (see -noxfixes below). This can be disabled
    with -nocursor, and also some values of the "mode"
    option below.

    Note that under XFIXES cursors with transparency (alpha
    channel) will usually not be exactly represented and one
    may find Overlay preferable. See also the -alphacut
    and -alphafrac options below as fudge factors to try
    to improve the situation for cursors with transparency
    for a given theme.

    The "mode" string can be used to fine-tune the
    displaying of cursor shapes. It can be used the
    following ways:

    "-cursor arrow" - just show the standard arrow
    nothing more or nothing less.

    "-cursor none" - same as "-nocursor"

    "-cursor X" - when the cursor appears to be on the
    root window, draw the familiar X shape. Some desktops
    such as GNOME cover up the root window completely,
    and so this will not work, try "X1", etc, to try to
    shift the tree depth. On high latency links or slow
    machines there will be a time lag between expected and
    the actual cursor shape.

    "-cursor some" - like "X" but use additional
    heuristics to try to guess if the window should have
    a windowmanager-like resizer cursor or a text input
    I-beam cursor. This is a complete hack, but may be
    useful in some situations because it provides a little
    more feedback about the cursor shape.

    "-cursor most" - try to show as many cursors as
    possible. Often this will only be the same as "some"
    unless the display has overlay visuals or XFIXES
    extensions available. On Solaris and IRIX if XFIXES
    is not available, -overlay mode will be attempted.

    -arrow n Choose an alternate "arrow" cursor from a set of
    some common ones. n can be 1 to 6. Default is: 1
    Ignored when in XFIXES cursor-grabbing mode.

    -noxfixes Do not use the XFIXES extension to draw the exact cursor
    shape even if it is available.
    -alphacut n When using the XFIXES extension for the cursor shape,
    cursors with transparency will not usually be displayed
    exactly (but opaque ones will). This option sets n as
    a cutoff for cursors that have transparency ("alpha
    channel" with values ranging from 0 to 255) Any cursor
    pixel with alpha value less than n becomes completely
    transparent. Otherwise the pixel is completely opaque.
    Default 240

    -alphafrac fraction With the threshold in -alphacut some cursors will become
    almost completely transparent because their alpha values
    are not high enough. For those cursors adjust the
    alpha threshold until fraction of the non-zero alpha
    channel pixels become opaque. Default 0.33
    -alpharemove By default, XFIXES cursors pixels with transparency have
    the alpha factor multiplied into the RGB color values
    (i.e. that corresponding to blending the cursor with a
    black background). Specify this option to remove the
    alpha factor. (useful for light colored semi-transparent
    cursors).
    -noalphablend In XFIXES mode do not send cursor alpha channel data
    to libvncserver. The default is to send it. The
    alphablend effect will only be visible in -nocursorshape
    mode or for clients with cursorshapeupdates turned
    off. (However there is a hack for 32bpp with depth 24,
    it uses the extra 8 bits to store cursor transparency
    for use with a hacked vncviewer that applies the
    transparency locally. See the FAQ for more info).

    -nocursorshape Do not use the TightVNC CursorShapeUpdates extension
    even if clients support it. See -cursor above.
    -cursorpos Option -cursorpos enables sending the X cursor position
    -nocursorpos back to all vnc clients that support the TightVNC
    CursorPosUpdates extension. Other clients will be able
    to see the pointer motions. Default: -cursorpos
    -xwarppointer Move the pointer with XWarpPointer(3X) instead of
    the XTEST extension. Use this as a workaround
    if the pointer motion behaves incorrectly, e.g.
    on touchscreens or other non-standard setups.
    Also sometimes needed on XINERAMA displays.

    -buttonmap string String to remap mouse buttons. Format: IJK-LMN, this
    maps buttons I -> L, etc., e.g. -buttonmap 13-31

    Button presses can also be mapped to keystrokes: replace
    a button digit on the right of the dash with :<sym>:
    or :<sym1>+<sym2>: etc. for multiple keys. For example,
    if the viewing machine has a mouse-wheel (buttons 4 5)
    but the x11vnc side does not, these will do scrolls:
    -buttonmap 12345-123:Prior::Next:
    -buttonmap 12345-123:Up+Up+Up::Down+Down+Down:

    See <X11/keysymdef.h> header file for a list of Keysyms,
    or use the xev(1) program. Note: mapping of button
    clicks to Keysyms may not work if -modtweak or -xkb is
    needed for the Keysym.

    If you include a modifier like "Shift_L" the
    modifier's up/down state is toggled, e.g. to send
    "The" use :Shift_L+t+Shift_L+h+e: (the 1st one is
    shift down and the 2nd one is shift up). (note: the
    initial state of the modifier is ignored and not reset)
    To include button events use "Button1", ... etc.

    -nodragging Do not update the display during mouse dragging events
    (mouse button held down). Greatly improves response on
    slow setups, but you lose all visual feedback for drags,
    text selection, and some menu traversals. It overrides
    any -pointer_mode setting.

    -wireframe [str] Try to detect window moves or resizes when a mouse
    -nowireframe button is held down and show a wireframe instead of
    the full opaque window. This is based completely on
    heuristics and may not always work: it depends on your
    window manager and even how you move things around.
    See -pointer_mode below for discussion of the "bogging
    down" problem this tries to avoid.
    Default: -wireframe

    Shorter aliases: -wf [str] and -nowf

    The value "str" is optional and, of course, is
    packed with many tunable parameters for this scheme:

    Format: shade,linewidth,percent,T+B+L+R,mod,t1+t2+t3+t4
    Default: 0xff,3,0,32+8+8+8,all,0.15+0.30+5.0+0.125

    If you leave nothing between commas: ",," the default
    value is used. If you don't specify enough commas,
    the trailing parameters are set to their defaults.

    "shade" indicate the "color" for the wireframe,
    usually a greyscale: 0-255, however for 16 and 32bpp you
    can specify an rgb.txt X color (e.g. "dodgerblue") or
    a value > 255 is treated as RGB (e.g. red is 0xff0000).
    "linewidth" sets the width of the wireframe in pixels.
    "percent" indicates to not apply the wireframe scheme
    to windows with area less than this percent of the
    full screen.

    "T+B+L+R" indicates four integers for how close in
    pixels the pointer has to be from the Top, Bottom, Left,
    or Right edges of the window to consider wireframing.
    This is a speedup to quickly exclude a window from being
    wireframed: set them all to zero to not try the speedup
    (scrolling and selecting text will likely be slower).

    "mod" specifies if a button down event in the
    interior of the window with a modifier key (Alt, Shift,
    etc.) down should indicate a wireframe opportunity.
    It can be "0" or "none" to skip it, "1" or "all"
    to apply it to any modifier, or "Shift", "Alt",
    "Control", "Meta", "Super", or "Hyper" to only
    apply for that type of modifier key.

    "t1+t2+t3+t4" specify four floating point times in
    seconds: t1 is how long to wait for the pointer to move,
    t2 is how long to wait for the window to start moving
    or being resized (for some window managers this can be
    rather long), t3 is how long to keep a wireframe moving
    before repainting the window. t4 is the minimum time
    between sending wireframe "animations". If a slow
    link is detected, these values may be automatically
    changed to something better for a slow link.

    -wirecopyrect mode Since the -wireframe mechanism evidently tracks moving
    -nowirecopyrect windows accurately, a speedup can be obtained by
    telling the VNC viewers to locally copy the translated
    window region. This is the VNC CopyRect encoding:
    the framebuffer update doesn't need to send the actual
    new image data.

    Shorter aliases: -wcr [mode] and -nowcr

    "mode" can be "never" (same as -nowirecopyrect)
    to never try the copyrect, "top" means only do it if
    the window was not covered by any other windows, and
    "always" means to translate the orginally unobscured
    region (this may look odd as the remaining pieces come
    in, but helps on a slow link). Default: "always"

    Note: there can be painting errors or slow response
    when using -scale so you may want to disable CopyRect
    in this case "-wirecopyrect never" on the command
    line or by remote-control. Or you can also use the
    "-scale xxx:nocr" scale option.

    -debug_wireframe Turn on debugging info printout for the wireframe
    heuristics. "-dwf" is an alias. Specify multiple
    times for more output.

    -scrollcopyrect mode Like -wirecopyrect, but use heuristics to try to guess
    -noscrollcopyrect if a window has scrolled its contents (either vertically
    or horizontally). This requires the RECORD X extension
    to "snoop" on X applications (currently for certain
    XCopyArea and XConfigureWindow X protocol requests).
    Examples: Hitting <Return> in a terminal window when the
    cursor was at the bottom, the text scrolls up one line.
    Hitting <Down> arrow in a web browser window, the web
    page scrolls up a small amount. Or scrolling with a
    scrollbar or mouse wheel.

    Shorter aliases: -scr [mode] and -noscr

    This scheme will not always detect scrolls, but when
    it does there is a nice speedup from using the VNC
    CopyRect encoding (see -wirecopyrect). The speedup
    is both in reduced network traffic and reduced X
    framebuffer polling/copying. On the other hand, it may
    induce undesired transients (e.g. a terminal cursor
    being scrolled up when it should not be) or other
    painting errors (window tearing, bunching-up, etc).
    These are automatically repaired in a short period
    of time. If this is unacceptable disable the feature
    with -noscrollcopyrect.

    Screen clearing kludges: for testing at least, there
    are some "magic key sequences" (must be done in less
    than 1 second) to aid repairing painting errors that
    may be seen when using this mode:

    3 Alt_L's in a row: resend whole screen,
    4 Alt_L's in a row: reread and resend whole screen,
    3 Super_L's in a row: mark whole screen for polling,
    4 Super_L's in a row: reset RECORD context,
    5 Super_L's in a row: try to push a black screen

    note: Alt_L is the Left "Alt" key (a single key)
    Super_L is the Left "Super" key (Windows flag).
    Both of these are modifier keys, and so should not
    generate characters when pressed by themselves. Also,
    your VNC viewer may have its own refresh hot-key
    or button.

    "mode" can be "never" (same as -noscrollcopyrect)
    to never try the copyrect, "keys" means to try it
    in response to keystrokes only, "mouse" means to
    try it in response to mouse events only, "always"
    means to do both. Default: "always"

    Note: there can be painting errors or slow response
    when using -scale so you may want to disable CopyRect
    in this case "-scrollcopyrect never" on the command
    line or by remote-control. Or you can also use the
    "-scale xxx:nocr" scale option.

    -scr_area n Set the minimum area in pixels for a rectangle
    to be considered for the -scrollcopyrect detection
    scheme. This is to avoid wasting the effort on small
    rectangles that would be quickly updated the normal way.
    E.g. suppose an app updated the position of its skinny
    scrollbar first and then shifted the large panel
    it controlled. We want to be sure to skip the small
    scrollbar and get the large panel. Default: 60000

    -scr_skip list Skip scroll detection for applications matching
    the comma separated list of strings in "list".
    Some applications implement their scrolling in
    strange ways where the XCopyArea, etc, also applies
    to invisible portions of the window: if we CopyRect
    those areas it looks awful during the scroll and
    there may be painting errors left after the scroll.
    Soffice.bin is the worst known offender.

    Use "##" to denote the start of the application class
    (e.g. "##XTerm") and "++" to denote the start
    of the application instance name (e.g. "++xterm").
    The string your list is matched against is of the form
    "^^WM_NAME##Class++Instance<same-for-any-subwindows>"
    The "xlsclients -la" command will provide this info.

    If a pattern is prefixed with "KEY:" it only applies
    to Keystroke generated scrolls (e.g. Up arrow). If it
    is prefixed with "MOUSE:" it only applies to Mouse
    induced scrolls (e.g. dragging on a scrollbar).
    Default: ##Soffice.bin,##StarOffice

    -scr_inc list Opposite of -scr_skip: this list is consulted first
    and if there is a match the window will be monitored
    via RECORD for scrolls irrespective of -scr_skip.
    Use -scr_skip '*' to skip anything that does not match
    your -scr_inc. Use -scr_inc '*' to include everything.

    -scr_keys list For keystroke scroll detection, only apply the RECORD
    heuristics to the comma separated list of keysyms in
    "list". You may find the RECORD overhead for every
    one of your keystrokes disrupts typing too much, but you
    don't want to turn it off completely with "-scr mouse"
    and -scr_parms does not work or is too confusing.

    The listed keysyms can be numeric or the keysym
    names in the <X11/keysymdef.h> header file or from the
    xev(1) program. Example: "-scr_keys Up,Down,Return".
    One probably wants to have application specific lists
    (e.g. for terminals, etc) but that is too icky to think
    about for now...

    If "list" begins with the "-" character the list
    is taken as an exclude list: all keysyms except those
    list will be considered. The special string "builtin"
    expands to an internal list of keysyms that are likely
    to cause scrolls. BTW, by default modifier keys,
    Shift_L, Control_R, etc, are skipped since they almost
    never induce scrolling by themselves.

    -scr_term list Yet another cosmetic kludge. Apply shell/terminal
    heuristics to applications matching comma separated
    list (same as for -scr_skip/-scr_inc). For example an
    annoying transient under scroll detection is if you
    hit Enter in a terminal shell with full text window,
    the solid text cursor block will be scrolled up.
    So for a short time there are two (or more) block
    cursors on the screen. There are similar scenarios,
    (e.g. an output line is duplicated).

    These transients are induced by the approximation of
    scroll detection (e.g. it detects the scroll, but not
    the fact that the block cursor was cleared just before
    the scroll). In nearly all cases these transient errors
    are repaired when the true X framebuffer is consulted
    by the normal polling. But they are distracting, so
    what this option provides is extra "padding" near the
    bottom of the terminal window: a few extra lines near
    the bottom will not be scrolled, but rather updated
    from the actual X framebuffer. This usually reduces
    the annoying artifacts. Use "none" to disable.
    Default: "term"

    -scr_keyrepeat lo-hi If a key is held down (or otherwise repeats rapidly) and
    this induces a rapid sequence of scrolls (e.g. holding
    down an Arrow key) the "scrollcopyrect" detection
    and overhead may not be able to keep up. A time per
    single scroll estimate is performed and if that estimate
    predicts a sustainable scrollrate of keys per second
    between "lo" and "hi" then repeated keys will be
    DISCARDED to maintain the scrollrate. For example your
    key autorepeat may be 25 keys/sec, but for a large
    window or slow link only 8 scrolls per second can be
    sustained, then roughly 2 out of every 3 repeated keys
    will be discarded during this period. Default: "4-20"

    -scr_parms string Set various parameters for the scrollcopyrect mode.
    The format is similar to that for -wireframe and packed
    with lots of parameters:

    Format: T+B+L+R,t1+t2+t3,s1+s2+s3+s4+s5
    Default: 0+64+32+32,0.02+0.10+0.9,0.03+0.06+0.5+0.1+5.0

    If you leave nothing between commas: ",," the default
    value is used. If you don't specify enough commas,
    the trailing parameters are set to their defaults.

    "T+B+L+R" indicates four integers for how close in
    pixels the pointer has to be from the Top, Bottom, Left,
    or Right edges of the window to consider scrollcopyrect.
    If -wireframe overlaps it takes precedence. This is a
    speedup to quickly exclude a window from being watched
    for scrollcopyrect: set them all to zero to not try
    the speedup (things like selecting text will likely
    be slower).

    "t1+t2+t3" specify three floating point times in
    seconds that apply to scrollcopyrect detection with
    *Keystroke* input: t1 is how long to wait after a key
    is pressed for the first scroll, t2 is how long to keep
    looking after a Keystroke scroll for more scrolls.
    t3 is how frequently to try to update surrounding
    scrollbars outside of the scrolling area (0.0 to
    disable)

    "s1+s2+s3+s4+s5" specify five floating point times
    in seconds that apply to scrollcopyrect detection with
    *Mouse* input: s1 is how long to wait after a mouse
    button is pressed for the first scroll, s2 is how long
    to keep waiting for additional scrolls after the first
    Mouse scroll was detected. s3 is how frequently to
    try to update surrounding scrollbars outside of the
    scrolling area (0.0 to disable). s4 is how long to
    buffer pointer motion (to try to get fewer, bigger
    mouse scrolls). s5 is the maximum time to spend just
    updating the scroll window without updating the rest
    of the screen.

    -fixscreen string Periodically "repair" the screen based on settings
    in "string". Hopefully you won't need this option,
    it is intended for cases when the -scrollcopyrect or
    -wirecopyrect features leave too many painting errors,
    but it can be used for any scenario. This option
    periodically performs costly operations and so
    interactive response may be reduced when it is on.
    You can use 3 Alt_L's (the Left "Alt" key) taps in
    a row (as described under -scrollcopyrect) instead to
    manually request a screen repaint when it is needed.

    "string" is a comma separated list of one or more of
    the following: "V=t", "C=t", "X=t", and "8=t".
    In these "t" stands for a time in seconds (it is
    a floating point even though one should usually use
    values > 2 to avoid wasting resources). V sets how
    frequently the entire screen should be sent to viewers
    (it is like the 3 Alt_L's). C sets how long to wait
    after a CopyRect to repaint the full screen. X sets
    how frequently to reread the full X11 framebuffer from
    the X server and push it out to connected viewers.
    Use of X should be rare, please report a bug if you
    find you need it. 8= applies only for -8to24 mode: it
    sets how often the non-default visual regions of the
    screen (e.g. 8bpp windows) are refreshed. Examples:
    -fixscreen V=10 -fixscreen C=10

    -debug_scroll Turn on debugging info printout for the scroll
    heuristics. "-ds" is an alias. Specify it multiple
    times for more output.

    -noxrecord Disable any use of the RECORD extension. This is
    currently used by the -scrollcopyrect scheme and to
    monitor X server grabs.

    -grab_buster Some of the use of the RECORD extension can leave a
    -nograb_buster tiny window for XGrabServer deadlock. This is only if
    the whole-server grabbing application expects mouse or
    keyboard input before releasing the grab. It is usually
    a window manager that does this. x11vnc takes care to
    avoid the the problem, but if caught x11vnc will freeze.
    Without -grab_buster, the only solution is to go the
    physical display and give it some input to satisfy the
    grabbing app. Or manually kill and restart the window
    manager if that is feasible. With -grab_buster, x11vnc
    will fork a helper thread and if x11vnc appears to be
    stuck in a grab after a period of time (20-30 sec) then
    it will inject some user input: button clicks, Escape,
    mouse motion, etc to try to break the grab. If you
    experience a lot of grab deadlock, please report a bug.

    -debug_grabs Turn on debugging info printout with respect to
    XGrabServer() deadlock for -scrollcopyrect mode.

    -debug_sel Turn on debugging info printout with respect to
    PRIMARY, CLIPBOARD, and CUTBUFFER0 selections.

    -pointer_mode n Various pointer motion update schemes. "-pm" is
    an alias. The problem is pointer motion can cause
    rapid changes on the screen: consider the rapid
    changes when you drag a large window around opaquely.
    Neither x11vnc's screen polling and vnc compression
    routines nor the bandwidth to the vncviewers can keep
    up these rapid screen changes: everything will bog down
    when dragging or scrolling. So a scheme has to be used
    to "eat" much of that pointer input before re-polling
    the screen and sending out framebuffer updates. The
    mode number "n" can be 0 to 4 and selects one of
    the schemes desribed below.

    Note that the -wireframe and -scrollcopyrect modes
    complement -pointer_mode by detecting (and improving)
    certain periods of "rapid screen change".

    n=0: does the same as -nodragging. (all screen polling
    is suspended if a mouse button is pressed.)

    n=1: was the original scheme used to about Jan 2004:
    it basically just skips -input_skip keyboard or pointer
    events before repolling the screen.

    n=2 is an improved scheme: by watching the current rate
    of input events it tries to detect if it should try to
    "eat" additional pointer events before continuing.

    n=3 is basically a dynamic -nodragging mode: it detects
    when the mouse motion has paused and then refreshes
    the display.

    n=4 attempts to measures network rates and latency,
    the video card read rate, and how many tiles have been
    changed on the screen. From this, it aggressively tries
    to push screen "frames" when it decides it has enough
    resources to do so. NOT FINISHED.

    The default n is 2. Note that modes 2, 3, 4 will skip
    -input_skip keyboard events (but it will not count
    pointer events). Also note that these modes are not
    available in -threads mode which has its own pointer
    event handling mechanism.

    To try out the different pointer modes to see which
    one gives the best response for your usage, it is
    convenient to use the remote control function, for
    example "x11vnc -R pm:4" or the tcl/tk gui (Tuning ->
    pointer_mode -> n).

    -input_skip n For the pointer handling when non-threaded: try to
    read n user input events before scanning display. n < 0
    means to act as though there is always user input.
    Default: 10

    -speeds rd,bw,lat x11vnc tries to estimate some speed parameters that
    are used to optimize scheduling (e.g. -pointer_mode
    4, -wireframe, -scrollcopyrect) and other things.
    Use the -speeds option to set these manually.
    The triple "rd,bw,lat" corresponds to video h/w
    read rate in MB/sec, network bandwidth to clients in
    KB/sec, and network latency to clients in milliseconds,
    respectively. If a value is left blank, e.g. "-speeds
    ,100,15", then the internal scheme is used to estimate
    the empty value(s).

    Typical PC video cards have read rates of 5-10 MB/sec.
    If the framebuffer is in main memory instead of video
    h/w (e.g. SunRay, shadowfb, dummy driver, Xvfb), the
    read rate may be much faster. "x11perf -getimage500"
    can be used to get a lower bound (remember to factor
    in the bytes per pixel). It is up to you to estimate
    the network bandwith and latency to clients. For the
    latency the ping(1) command can be used.

    For convenience there are some aliases provided,
    e.g. "-speeds modem". The aliases are: "modem" for
    6,4,200; "dsl" for 6,100,50; and "lan" for 6,5000,1

    -wmdt string For some features, e.g. -wireframe and -scrollcopyrect,
    x11vnc has to work around issues for certain window
    managers or desktops (currently kde and xfce).
    By default it tries to guess which one, but it can
    guess incorrectly. Use this option to indicate which
    wm/dt. "string" can be "gnome", "kde", "cde",
    "xfce", or "root" (classic X wm). Anything else
    is interpreted as "root".

    -debug_pointer Print debugging output for every pointer event.
    -debug_keyboard Print debugging output for every keyboard event.
    Same as -dp and -dk, respectively. Use multiple
    times for more output.

    -defer time Time in ms to wait for updates before sending to client
    (deferUpdateTime) Default: 30
    -wait time Time in ms to pause between screen polls. Used to cut
    down on load. Default: 30
    -wait_ui factor Factor by which to cut the -wait time if there
    has been recent user input (pointer or keyboard).
    Improves response, but increases the load whenever you
    are moving the mouse or typing. Default: 2.00
    -nowait_bog Do not detect if the screen polling is "bogging down"
    and sleep more. Some activities with no user input can
    slow things down a lot: consider a large terminal window
    with a long build running in it continously streaming
    text output. By default x11vnc will try to detect this
    (3 screen polls in a row each longer than 0.25 sec with
    no user input), and sleep up to 1.5 secs to let things
    "catch up". Use this option to disable that detection.
    -slow_fb time Floating point time in seconds delay all screen polling.
    For special purpose usage where a low frame rate is
    acceptable and desirable, but you want the user input
    processed at the normal rate so you cannot use -wait.
    -readtimeout n Set libvncserver rfbMaxClientWait to n seconds. On
    slow links that take a long time to paint the first
    screen libvncserver may hit the timeout and drop the
    connection. Default: 20 seconds.
    -nap Monitor activity and if it is low take longer naps
    -nonap between screen polls to really cut down load when idle.
    Default: take naps
    -sb time Time in seconds after NO activity (e.g. screen blank)
    to really throttle down the screen polls (i.e. sleep
    for about 1.5 secs). Use 0 to disable. Default: 60

    -nofbpm If the system supports the FBPM (Frame Buffer Power
    -fbpm Management) extension (i.e. some Sun systems), then
    prevent the video h/w from going into a reduced power
    state when VNC clients are connected.

    FBPM capable video h/w save energy when the workstation
    is idle by going into low power states (similar to DPMS
    for monitors). This interferes with x11vnc's polling
    of the framebuffer data.

    "-nofbpm" means prevent FBPM low power states whenever
    VNC clients are connected, while "-fbpm" means to not
    monitor the FBPM state at all. See the xset(1) manpage
    for details. -nofbpm is basically the same as running
    "xset fbpm force on" periodically. Default: -fbpm

    -noxdamage Do not use the X DAMAGE extension to detect framebuffer
    changes even if it is available. Use -xdamage if your
    default is to have it off.

    x11vnc's use of the DAMAGE extension: 1) significantly
    reduces the load when the screen is not changing much,
    and 2) detects changed areas (small ones by default)
    more quickly.

    Currently the DAMAGE extension is overly conservative
    and often reports large areas (e.g. a whole terminal
    or browser window) as damaged even though the actual
    changed region is much smaller (sometimes just a few
    pixels). So heuristics were introduced to skip large
    areas and use the damage rectangles only as "hints"
    for the traditional scanline polling. The following
    tuning parameters are introduced to adjust this
    behavior:

    -xd_area A Set the largest DAMAGE rectangle area "A" (in
    pixels: width * height) to trust as truly damaged:
    the rectangle will be copied from the framebuffer
    (slow) no matter what. Set to zero to trust *all*
    rectangles. Default: 20000
    -xd_mem f Set how long DAMAGE rectangles should be "remembered",
    "f" is a floating point number and is in units of the
    scanline repeat cycle time (32 iterations). The default
    (1.0) should give no painting problems. Increase it if
    there are problems or decrease it to live on the edge
    (perhaps useful on a slow machine).

    -sigpipe string Broken pipe (SIGPIPE) handling. "string" can be
    "ignore" or "exit". For "ignore" libvncserver
    will handle the abrupt loss of a client and continue,
    for "exit" x11vnc will cleanup and exit at the 1st
    broken connection. Default: "ignore". This option
    is obsolete.
    -threads Whether or not to use the threaded libvncserver
    -nothreads algorithm [rfbRunEventLoop] if libpthread is available
    Default: -nothreads

    -fs f If the fraction of changed tiles in a poll is greater
    than f, the whole screen is updated. Default: 0.75
    -gaps n Heuristic to fill in gaps in rows or cols of n or
    less tiles. Used to improve text paging. Default: 4
    -grow n Heuristic to grow islands of changed tiles n or wider
    by checking the tile near the boundary. Default: 3
    -fuzz n Tolerance in pixels to mark a tiles edges as changed.
    Default: 2
    -debug_tiles Print debugging output for tiles, fb updates, etc.

    -snapfb Instead of polling the X display framebuffer (fb) for
    changes, periodically copy all of X display fb into main
    memory and examine that copy for changes. Under some
    circumstances this will improve interactive response,
    or at least make things look smoother, but in others
    (most!) it will make the response worse. If the video
    h/w fb is such that reading small tiles is very slow
    this mode could help. To keep the "framerate" up
    the screen size x bpp cannot be too large. Note that
    this mode is very wasteful of memory I/O resources
    (it makes full screen copies even if nothing changes).
    It may be of use in video capture-like applications,
    or where window tearing is a problem.

    -rawfb string Experimental option, instead of polling X, poll the
    memory object specified in "string".

    For shared memory segments string is of the
    form: "shm:N@WxHxB" which specifies a shmid
    N and framebuffer Width, Height, and Bits
    per pixel. To memory map mmap(2) a file use:
    "map:/path/to/a/file@WxHxB". If there is trouble
    with mmap, use "file:/..." for slower lseek(2) based
    reading. Use "snap:..." to imply -snapfb mode and the
    "file:" access (this is for devices that only provide
    the fb all at once). If you do not supply a type "map"
    is assumed if the file exists.

    If string is "setup:cmd", then the command "cmd"
    is run and the first line from it is read and used
    as "string". This allows initializing the device,
    determining WxHxB, etc. These are often done as root
    so take care.

    If the string begins with "video", see the video4linux
    discusion below where the device may be queried for
    (and possibly set) the framebuffer parameters.

    If the strings begins with "cons", see the linux
    console discussion below where the framebuffer device
    is opened and keystrokes are inserted into the console.

    Optional suffixes are ":R/G/B" and "+O" to specify
    red, green, and blue masks and an offset into the
    memory object. If the masks are not provided x11vnc
    guesses them based on the bpp.

    Examples:
    -rawfb shm:210337933@800x600x32:ff/ff00/ff0000
    -rawfb map:/dev/fb0@1024x768x32
    -rawfb map:/tmp/Xvfb_screen0@640x480x8+3232
    -rawfb file:/tmp/my.pnm@250x200x24+37
    -rawfb file:/dev/urandom@128x128x8
    -rawfb snap:/dev/video0@320x240x24 -24to32
    -rawfb video0
    -rawfb video -pipeinput VID
    -rawfb console

    (see ipcs(1) and fbset(1) for the first two examples)

    All user input is discarded by default (but see the
    -pipeinput option). Most of the X11 (screen, keyboard,
    mouse) options do not make sense and many will cause
    this mode to crash, so please think twice before
    setting or changing them in a running x11vnc.

    If you DO NOT want x11vnc to close the X DISPLAY in
    rawfb mode, prepend a "+" e.g. +file:/dev/fb0...
    Keeping the display open enables the default
    remote-control channel, which could be useful.
    Alternatively, if you specify -noviewonly, then the
    mouse and keyboard input are STILL sent to the X
    display, this usage should be very rare, i.e. doing
    something strange with /dev/fb0.

    If the device is not "seekable" try reading it all
    at once in full snaps via the "snap:" mode (note:
    this is a resource hog). If you are using file: or
    map: and the device needs to be reopened for *every*
    snapfb snapshot, set the environment variable:
    SNAPFB_RAWFB_RESET=1 as well.

    If you want x11vnc to dynamically transform a 24bpp
    rawfb to 32bpp (note that this will be slower) use
    the -24to32 option. This would be useful for, say,
    for a video camera that delivers the pixel data as
    24bpp packed RGB. This is the default under "video"
    mode if the bpp is 24.

    video4linux: on Linux some attempt is made to handle
    video devices (webcams or TV tuners) automatically.
    The idea is the WxHxB will be extracted from the
    device itself. So if you do not supply "@WxHxB...
    parameters x11vnc will try to determine them. It first
    tries the v4l API if that support has been compiled in.
    Otherwise it will run the v4l-info(1) external program
    if it is available.

    The simplest examples are "-rawfb video" and "-rawfb
    video1" which imply the device file /dev/video and
    /dev/video1, respectively. You can also supply the
    /dev if you like, e.g. "-rawfb /dev/video0"

    Since the video capture device framebuffer usually
    changes continuously (e.g. brightness fluctuations),
    you may want to use the -wait, -slow_fb, or -defer
    options to lower the "framerate" to cut down on
    network VNC traffic.

    A more sophisticated video device scheme allows
    initializing the device's settings using:

    -rawfb video:<settings>

    The prefix could also be, as above, e.g. "video1:" to
    specify the device file. The v4l API must be available
    for this to work. Otherwise, you will need to try
    to initialize the device with an external program,
    e.g. xawtv, spcaview, and hope they persist when x11vnc
    re-opens the device.

    <settings> is a comma separated list of key=value pairs.
    The device's brightness, color, contrast, and hue can
    be set to percentages, e.g. br=80,co=50,cn=44,hu=60.

    The device filename can be set too if needed (if it
    does not start with "video"), e.g. fn=/dev/qcam.

    The width, height and bpp of the framebuffer can be
    set via, e.g., w=160,h=120,bpp=16.

    Related to the bpp above, the pixel format can be set
    via the fmt=XXX, where XXX can be one of: GREY, HI240,
    RGB555, RGB565, RGB24, and RGB32 (with bpp 8, 8, 16, 16,
    24, and 32 respectively). Seehttp://www.linuxtv.org
    for more info (V4L api).

    For TV/rf tuner cards one can set the tuning mode
    via tun=XXX where XXX can be one of PAL, NTSC, SECAM,
    or AUTO.

    One can switch the input channel by the inp=XXX setting,
    where XXX is the name of the input channel (Television,
    Composite1, S-Video, etc). Use the name that is in the
    information about the device that is printed at startup.

    For input channels with tuners (e.g. Television) one
    can change which station is selected by the sta=XXX
    setting. XXX is the station number. Currently only
    the ntsc-cable-us (US cable) channels are built into
    x11vnc. See the -freqtab option below to supply one
    from xawtv. If XXX is greater than 500, then it is
    interpreted as a raw frequency in KHz.

    Example:

    -rawfb video:br=80,w=320,h=240,fmt=RGB32,tun=NTSC,sta=47

    one might need to add inp=Television too for the input
    channel to be TV if the card doesn't come up by default
    in that one.

    Note that not all video capture devices will support
    all of the above settings.

    See the -pipeinput VID option below for a way to control
    the settings through the VNC Viewer via keystrokes.

    As above, if you specify a "@WxHxB..." after the
    <settings> string they are used verbatim: the device
    is not queried for the current values. Otherwise the
    device will be queried.

    Linux console: If the libvncserver LinuxVNC command is
    on your system use that instead of the following method
    because it will be faster and more accurate for Linux
    text console.

    If the rawfb string begins with "cons" the framebuffer
    device /dev/fb0 is opened (this requires the appropriate
    kernel modules) and so is /dev/tty0. The latter is
    used to inject keystrokes (not all are supported,
    but the basic ones are). You will need to be root to
    inject keystrokes. /dev/tty0 refers to the active VT,
    to indicate one explicitly, use "cons2", etc. using
    the VT number. Note you can change VT remotely using
    the chvt(1) command. Sometimes switching out and back
    corrects the framebuffer. To skip injecting entirely
    use "consx".

    The strings "console", or "/dev/fb0" can be used
    instead of "cons". The latter can be used to specify
    a different framebuffer device, e.g. /dev/fb1. If the
    name is something nonstandard, use "cons:/dev/foofb"

    If you do not want x11vnc to guess the framebuffer's
    WxHxB and masks automatically, specify them with a
    @WxHxB at the end of the string.

    Examples:
    -rawfb cons (same as -rawfb console)
    -rawfb /dev/fb0 (same)
    -rawfb cons3 (force /dev/tty3)
    -rawfb consx (no keystrokes)
    -rawfb console:/dev/nonstd

    -freqtab file For use with "-rawfb video" for TV tuner devices to
    specify station frequencies. Instead of using the built
    in ntsc-cable-us mapping of station number to frequency,
    use the data in file. For stations that are not
    numeric, e.g. SE20, they are placed above the highest
    numbered station in the order they are found. Example:
    "-freqtab /usr/X11R6/share/xawtv/europe-west.list"
    You can make your own freqtab by copying the xawtv
    format.

    -pipeinput cmd Another experimental option: it lets you supply an
    external command in "cmd" that x11vnc will pipe
    all of the user input events to in a simple format.
    In -pipeinput mode by default x11vnc will not process
    any of the user input events. If you prefix "cmd"
    with "tee:" it will both send them to the pipe
    command and process them. For a description of the
    format run "-pipeinput tee:/bin/cat". Another prefix
    is "reopen" which means to reopen pipe if it exits.
    Separate multiple prefixes with commas.

    In combination with -rawfb one might be able to
    do amusing things (e.g. control non-X devices).
    To facilitate this, if -rawfb is in effect then the
    value is stored in X11VNC_RAWFB_STR for the pipe command
    to use if it wants. Do 'env | grep X11VNC' for more.

    If cmd is "VID" and you are using the -rawfb for a
    video capture device, then an internal list of keyboard
    mappings is used to set parameters of the video.
    The mappings are:

    "B" and "b" adjust the brightness up and down.
    "H" and "h" adjust the hue.
    "C" and "c" adjust the colour.
    "N" and "n" adjust the contrast.
    "S" and "s" adjust the size of the capture screen.
    "I" and "i" cycle through input channels.
    Up and Down arrows adjust the station (if a tuner)
    F1, F2, ..., F6 will switch the video capture pixel
    format to HI240, RGB565, RGB24, RGB32, RGB555, and
    GREY respectively. See -rawfb video for details.

    If cmd is "CONS" or "CONSn" where n is a Linux
    console number, then the linux console keystroke
    insertion (see -rawfb cons) is performed.

    -gui [gui-opts] Start up a simple tcl/tk gui based on the the remote
    control options -remote/-query described below.
    Requires the "wish" program to be installed on the
    machine. "gui-opts" is not required: the default
    is to start up both the full gui and x11vnc with the
    gui showing up on the X display in the environment
    variable DISPLAY.

    "gui-opts" can be a comma separated list of items.
    Currently there are these types of items: 1) a gui
    mode, a 2) gui "simplicity", 3) the X display the
    gui should display on, 4) a "tray" or "icon" mode,
    and 5) a gui geometry.

    1) The gui mode can be "start", "conn", or "wait"
    "start" is the default mode above and is not required.
    "conn" means do not automatically start up x11vnc,
    but instead just try to connect to an existing x11vnc
    process. "wait" means just start the gui and nothing
    else (you will later instruct the gui to start x11vnc
    or connect to an existing one.)

    2) The gui simplicity is off by default (a power-user
    gui with all options is presented) To start with
    something less daunting supply the string "simple"
    ("ez" is an alias for this). Once the gui is
    started you can toggle between the two with "Misc ->
    simple_gui".

    3) Note the possible confusion regarding the potentially
    two different X displays: x11vnc polls one, but you
    may want the gui to appear on another. For example, if
    you ssh in and x11vnc is not running yet you may want
    the gui to come back to you via your ssh redirected X
    display (e.g. localhost:10).

    If you do not specify a gui X display in "gui-opts"
    then the DISPLAY environment variable and -display
    option are tried (in that order). Regarding the x11vnc
    X display the gui will try to communication with, it
    first tries -display and then DISPLAY. For example,
    "x11vnc -display :0 -gui otherhost:0", will remote
    control an x11vnc polling :0 and display the gui on
    otherhost:0 The "tray/icon" mode below reverses this
    preference, preferring to display on the x11vnc display.

    4) When "tray" or "icon" is specified, the gui
    presents itself as a small icon with behavior typical
    of a "system tray" or "dock applet". The color
    of the icon indicates status (connected clients) and
    there is also a balloon status. Clicking on the icon
    gives a menu from which properties, etc, can be set and
    the full gui is available under "Advanced". To be
    fully functional, the gui mode should be "start"
    (the default).

    For "icon" the gui just a small standalone window.
    For "tray" it will attempt to embed itself in the
    "system tray" if possible. If "=setpass" is appended then
    at startup the X11 user will be prompted to set the
    VNC session password. If =<hexnumber> is appended
    that icon will attempt to embed itself in the window
    given by hexnumber. Use =noadvanced to disable the
    full gui. (To supply more than one, use "+" sign).
    E.g. -gui tray=setpass and -gui icon=0x3600028

    Other modes: "full", the default and need not be
    specified. "-gui none", do not show a gui, useful
    to override a ~/.x11vncrc setting, etc.

    5) When "geom=+X+Y" is specified, that geometry
    is passed to the gui toplevel. This is the icon in
    icon/tray mode, or the full gui otherwise. You can
    also specify width and height, i.e. WxH+X+Y, but it
    is not recommended. In "tray" mode the geometry is
    ignored unless the system tray manager does not seem
    to be running. One could imagine using something like
    "-gui tray,geom=+4000+4000" with a display manager
    to keep the gui invisible until someone logs in...

    More icon tricks, "icon=minimal" gives an icon just
    with the VNC display number. You can also set the font
    with "iconfont=...". The following could be useful:
    "-gui icon=minimal,iconfont=5x8,geom=24x10+0-0"

    General examples of the -gui option: "x11vnc -gui",
    "x11vnc -gui ez" "x11vnc -gui localhost:10",
    "x11vnc -gui conn,host:0", "x11vnc -gui tray,ez"
    "x11vnc -gui tray=setpass"

    If you do not intend to start x11vnc from the gui
    (i.e. just remote control an existing one), then the
    gui process can run on a different machine from the
    x11vnc server as long as X permissions, etc. permit
    communication between the two.

    -remote command Remotely control some aspects of an already running
    x11vnc server. "-R" and "-r" are aliases for
    "-remote". After the remote control command is
    sent to the running server the 'x11vnc -remote ...'
    command exits. You can often use the -query command
    (see below) to see if the x11vnc server processed your
    -remote command.

    The default communication channel is that of X
    properties (specifically X11VNC_REMOTE), and so this
    command must be run with correct settings for DISPLAY
    and possibly XAUTHORITY to connect to the X server
    and set the property. Alternatively, use the -display
    and -auth options to set them to the correct values.
    The running server cannot use the -novncconnect option
    because that disables the communication channel.
    See below for alternate channels.

    For example: 'x11vnc -remote stop' (which is the same as
    'x11vnc -R stop') will close down the x11vnc server.
    'x11vnc -R shared' will enable shared connections, and
    'x11vnc -R scale:3/4' will rescale the desktop.

    The following -remote/-R commands are supported:

    stop terminate the server, same as "quit"
    "exit" or "shutdown".
    ping see if the x11vnc server responds.
    Return is: ans=ping:<xdisplay>
    blacken try to push a black fb update to all
    clients (due to timings a client
    could miss it). Same as "zero", also
    "zero:x1,y1,x2,y2" for a rectangle.
    refresh send the entire fb to all clients.
    reset recreate the fb, polling memory, etc.
    id:windowid set -id window to "windowid". empty
    or "root" to go back to root window
    sid:windowid set -sid window to "windowid"
    waitmapped wait until subwin is mapped.
    nowaitmapped do not wait until subwin is mapped.
    clip:WxH+X+Y set -clip mode to "WxH+X+Y"
    flashcmap enable -flashcmap mode.
    noflashcmap disable -flashcmap mode.
    shiftcmap:n set -shiftcmap to n.
    notruecolor enable -notruecolor mode.
    truecolor disable -notruecolor mode.
    overlay enable -overlay mode (if applicable).
    nooverlay disable -overlay mode.
    overlay_cursor in -overlay mode, enable cursor drawing.
    overlay_nocursor disable cursor drawing. same as
    nooverlay_cursor.
    8to24 enable -8to24 mode (if applicable).
    no8to24 disable -8to24 mode.
    8to24_opts:str set the -8to24 opts to "str".
    24to32 enable -24to32 mode (if applicable).
    no24to32 disable -24to32 mode.
    visual:vis set -visual to "vis"
    scale:frac set -scale to "frac"
    scale_cursor:f set -scale_cursor to "f"
    viewonly enable -viewonly mode.
    noviewonly disable -viewonly mode.
    shared enable -shared mode.
    noshared disable -shared mode.
    forever enable -forever mode.
    noforever disable -forever mode.
    timeout:n reset -timeout to n, if there are
    currently no clients, exit unless one
    connects in the next n secs.
    filexfer enable filetransfer for new clients.
    nofilexfer disable filetransfer for new clients.
    http enable http client connections.
    nohttp disable http client connections.
    deny deny any new connections, same as "lock"
    nodeny allow new connections, same as "unlock"
    connect:host do reverse connection to host, "host"
    may be a comma separated list of hosts
    or host:ports. See -connect. Passwords
    required as with fwd connections.
    See X11VNC_REVERSE_CONNECTION_NO_AUTH=1
    disconnect:host disconnect any clients from "host"
    same as "close:host". Use host
    "all" to close all current clients.
    If you know the client internal hex ID,
    e.g. 0x3 (returned by "-query clients"
    and RFB_CLIENT_ID) you can use that too.
    allowonce:host For the next connection only, allow
    connection from "host".
    allow:hostlist set -allow list to (comma separated)
    "hostlist". See -allow and -localhost.
    Do not use with -allow /path/to/file
    Use "+host" to add a single host, and
    use "-host" to delete a single host
    localhost enable -localhost mode
    nolocalhost disable -localhost mode
    listen:str set -listen to str, empty to disable.
    nolookup enable -nolookup mode.
    lookup disable -nolookup mode.
    input:str set -input to "str", empty to disable.
    client_input:str set the K, M, B -input on a per-client
    basis. select which client as for
    disconnect, e.g. client_input:host:MB
    or client_input:0x2:K
    accept:cmd set -accept "cmd" (empty to disable).
    afteraccept:cmd set -afteraccept (empty to disable).
    gone:cmd set -gone "cmd" (empty to disable).
    noshm enable -noshm mode.
    shm disable -noshm mode (i.e. use shm).
    flipbyteorder enable -flipbyteorder mode, you may need
    to set noshm for this to do something.
    noflipbyteorder disable -flipbyteorder mode.
    onetile enable -onetile mode. (you may need to
    set shm for this to do something)
    noonetile disable -onetile mode.
    solid enable -solid mode
    nosolid disable -solid mode.
    solid_color:color set -solid color (and apply it).
    blackout:str set -blackout "str" (empty to disable).
    See -blackout for the form of "str"
    (basically: WxH+X+Y,...)
    Use "+WxH+X+Y" to append a single
    rectangle use "-WxH+X+Y" to delete one
    xinerama enable -xinerama mode. (if applicable)
    noxinerama disable -xinerama mode.
    xtrap enable -xtrap input mode(if applicable)
    noxtrap disable -xtrap input mode.
    xrandr enable -xrandr mode. (if applicable)
    noxrandr disable -xrandr mode.
    xrandr_mode:mode set the -xrandr mode to "mode".
    padgeom:WxH set -padgeom to WxH (empty to disable)
    If WxH is "force" or "do" the padded
    geometry fb is immediately applied.
    quiet enable -quiet mode.
    noquiet disable -quiet mode.
    modtweak enable -modtweak mode.
    nomodtweak enable -nomodtweak mode.
    xkb enable -xkb modtweak mode.
    noxkb disable -xkb modtweak mode.
    capslock enable -capslock mode.
    nocapslock disable -capslock mode.
    skip_lockkeys enable -skip_lockkeys mode.
    noskip_lockkeys disable -skip_lockkeys mode.
    skip_keycodes:str enable -xkb -skip_keycodes "str".
    sloppy_keys enable -sloppy_keys mode.
    nosloppy_keys disable -sloppy_keys mode.
    skip_dups enable -skip_dups mode.
    noskip_dups disable -skip_dups mode.
    add_keysyms enable -add_keysyms mode.
    noadd_keysyms stop adding keysyms. those added will
    still be removed at exit.
    clear_mods enable -clear_mods mode and clear them.
    noclear_mods disable -clear_mods mode.
    clear_keys enable -clear_keys mode and clear them.
    noclear_keys disable -clear_keys mode.
    remap:str set -remap "str" (empty to disable).
    See -remap for the form of "str"
    (basically: key1-key2,key3-key4,...)
    Use "+key1-key2" to append a single
    keymapping, use "-key1-key2" to delete.
    norepeat enable -norepeat mode.
    repeat disable -norepeat mode.
    nofb enable -nofb mode.
    fb disable -nofb mode.
    bell enable bell (if supported).
    nobell disable bell.
    nosel enable -nosel mode.
    sel disable -nosel mode.
    noprimary enable -noprimary mode.
    primary disable -noprimary mode.
    nosetprimary enable -nosetprimary mode.
    setprimary disable -nosetprimary mode.
    noclipboard enable -noclipboard mode.
    clipboard disable -noclipboard mode.
    nosetclipboard enable -nosetclipboard mode.
    setclipboard disable -nosetclipboard mode.
    seldir:str set -seldir to "str"
    cursor:mode enable -cursor "mode".
    show_cursor enable showing a cursor.
    noshow_cursor disable showing a cursor. (same as
    "nocursor")
    arrow:n set -arrow to alternate n.
    xfixes enable xfixes cursor shape mode.
    noxfixes disable xfixes cursor shape mode.
    alphacut:n set -alphacut to n.
    alphafrac:f set -alphafrac to f.
    alpharemove enable -alpharemove mode.
    noalpharemove disable -alpharemove mode.
    alphablend disable -noalphablend mode.
    noalphablend enable -noalphablend mode.
    cursorshape disable -nocursorshape mode.
    nocursorshape enable -nocursorshape mode.
    cursorpos disable -nocursorpos mode.
    nocursorpos enable -nocursorpos mode.
    xwarp enable -xwarppointer mode.
    noxwarp disable -xwarppointer mode.
    buttonmap:str set -buttonmap "str", empty to disable
    dragging disable -nodragging mode.
    nodragging enable -nodragging mode.
    wireframe enable -wireframe mode. same as "wf"
    nowireframe disable -wireframe mode. same as "nowf"
    wireframe:str enable -wireframe mode string.
    wireframe_mode:str enable -wireframe mode string.
    wirecopyrect:str set -wirecopyrect string. same as "wcr:"
    scrollcopyrect:str set -scrollcopyrect string. same "scr"
    noscrollcopyrect disable -scrollcopyrect mode. "noscr"
    scr_area:n set -scr_area to n
    scr_skip:list set -scr_skip to "list"
    scr_inc:list set -scr_inc to "list"
    scr_keys:list set -scr_keys to "list"
    scr_term:list set -scr_term to "list"
    scr_keyrepeat:str set -scr_keyrepeat to "str"
    scr_parms:str set -scr_parms parameters.
    fixscreen:str set -fixscreen to "str".
    noxrecord disable all use of RECORD extension.
    xrecord enable use of RECORD extension.
    reset_record reset RECORD extension (if avail.)
    pointer_mode:n set -pointer_mode to n. same as "pm"
    input_skip:n set -input_skip to n.
    speeds:str set -speeds to str.
    wmdt:str set -wmdt to str.
    debug_pointer enable -debug_pointer, same as "dp"
    nodebug_pointer disable -debug_pointer, same as "nodp"
    debug_keyboard enable -debug_keyboard, same as "dk"
    nodebug_keyboard disable -debug_keyboard, same as "nodk"
    defer:n set -defer to n ms,same as deferupdate:n
    wait:n set -wait to n ms.
    wait_ui:f set -wait_ui factor to f.
    wait_bog disable -nowait_bog mode.
    nowait_bog enable -nowait_bog mode.
    slow_fb:f set -slow_fb to f seconds.
    readtimeout:n set read timeout to n seconds.
    nap enable -nap mode.
    nonap disable -nap mode.
    sb:n set -sb to n s, same as screen_blank:n
    fbpm disable -nofbpm mode.
    nofbpm enable -nofbpm mode.
    xdamage enable xdamage polling hints.
    noxdamage disable xdamage polling hints.
    xd_area:A set -xd_area max pixel area to "A"
    xd_mem:f set -xd_mem remembrance to "f"
    fs:frac set -fs fraction to "frac", e.g. 0.5
    gaps:n set -gaps to n.
    grow:n set -grow to n.
    fuzz:n set -fuzz to n.
    snapfb enable -snapfb mode.
    nosnapfb disable -snapfb mode.
    rawfb:str set -rawfb mode to "str".
    progressive:n set libvncserver -progressive slice
    height parameter to n.
    desktop:str set -desktop name to str for new clients.
    rfbport:n set -rfbport to n.
    httpport:n set -httpport to n.
    httpdir:dir set -httpdir to dir (and enable http).
    enablehttpproxy enable -enablehttpproxy mode.
    noenablehttpproxy disable -enablehttpproxy mode.
    alwaysshared enable -alwaysshared mode.
    noalwaysshared disable -alwaysshared mode.
    (may interfere with other options)
    nevershared enable -nevershared mode.
    nonevershared disable -nevershared mode.
    (may interfere with other options)
    dontdisconnect enable -dontdisconnect mode.
    nodontdisconnect disable -dontdisconnect mode.
    (may interfere with other options)
    debug_xevents enable debugging X events.
    nodebug_xevents disable debugging X events.
    debug_xdamage enable debugging X DAMAGE mechanism.
    nodebug_xdamage disable debugging X DAMAGE mechanism.
    debug_wireframe enable debugging wireframe mechanism.
    nodebug_wireframe disable debugging wireframe mechanism.
    debug_scroll enable debugging scrollcopy mechanism.
    nodebug_scroll disable debugging scrollcopy mechanism.
    debug_tiles enable -debug_tiles
    nodebug_tiles disable -debug_tiles
    debug_grabs enable -debug_grabs
    nodebug_grabs disable -debug_grabs
    debug_sel enable -debug_sel
    nodebug_sel disable -debug_sel
    dbg enable -dbg crash shell
    nodbg disable -dbg crash shell

    noremote disable the -remote command processing,
    it cannot be turned back on.

    The vncconnect(1) command from standard VNC
    distributions may also be used if string is prefixed
    with "cmd=" E.g. 'vncconnect cmd=stop'. Under some
    circumstances xprop(1) can used if it supports -set
    (see the FAQ).

    If "-connect /path/to/file" has been supplied to the
    running x11vnc server then that file can be used as a
    communication channel (this is the only way to remote
    control one of many x11vnc's polling the same X display)
    Simply run: 'x11vnc -connect /path/to/file -remote ...'
    or you can directly write to the file via something
    like: "echo cmd=stop > /path/to/file", etc.

    -query variable Like -remote, except just query the value of
    "variable". "-Q" is an alias for "-query".
    Multiple queries can be done by separating variables
    by commas, e.g. -query var1,var2. The results come
    back in the form ans=var1:value1,ans=var2:value2,...
    to the standard output. If a variable is read-only,
    it comes back with prefix "aro=" instead of "ans=".

    Some -remote commands are pure actions that do not make
    sense as variables, e.g. "stop" or "disconnect", in
    these cases the value returned is "N/A". To direct a
    query straight to the X11VNC_REMOTE property or connect
    file use "qry=..." instead of "cmd=..."

    Here is the current list of "variables" that can
    be supplied to the -query command. This includes the
    "N/A" ones that return no useful info. For variables
    names that do not correspond to an x11vnc option or
    remote command, we hope the name makes it obvious what
    the returned value corresponds to (hint: the ext_*
    variables correspond to the presence of X extensions):

    ans= stop quit exit shutdown ping blacken zero
    refresh reset close disconnect id sid waitmapped
    nowaitmapped clip flashcmap noflashcmap shiftcmap
    truecolor notruecolor overlay nooverlay overlay_cursor
    overlay_yescursor nooverlay_nocursor nooverlay_cursor
    nooverlay_yescursor overlay_nocursor 8to24 no8to24
    8to24_opts 24to32 no24to32 visual scale scale_cursor
    viewonly noviewonly shared noshared forever noforever
    once timeout filexfer nofilexfer deny lock nodeny
    unlock connect allowonce allow localhost nolocalhost
    listen lookup nolookup accept afteraccept gone shm
    noshm flipbyteorder noflipbyteorder onetile noonetile
    solid_color solid nosolid blackout xinerama noxinerama
    xtrap noxtrap xrandr noxrandr xrandr_mode padgeom
    quiet q noquiet modtweak nomodtweak xkb noxkb capslock
    nocapslock skip_lockkeys noskip_lockkeys skip_keycodes
    sloppy_keys nosloppy_keys skip_dups noskip_dups
    add_keysyms noadd_keysyms clear_mods noclear_mods
    clear_keys noclear_keys remap repeat norepeat fb nofb
    bell nobell sel nosel primary noprimary setprimary
    nosetprimary clipboard noclipboard setclipboard
    nosetclipboard seldir cursorshape nocursorshape
    cursorpos nocursorpos cursor show_cursor noshow_cursor
    nocursor arrow xfixes noxfixes xdamage noxdamage
    xd_area xd_mem alphacut alphafrac alpharemove
    noalpharemove alphablend noalphablend xwarppointer
    xwarp noxwarppointer noxwarp buttonmap dragging
    nodragging wireframe_mode wireframe wf nowireframe
    nowf wirecopyrect wcr nowirecopyrect nowcr scr_area
    scr_skip scr_inc scr_keys scr_term scr_keyrepeat
    scr_parms scrollcopyrect scr noscrollcopyrect noscr
    fixscreen noxrecord xrecord reset_record pointer_mode
    pm input_skip input client_input speeds wmdt
    debug_pointer dp nodebug_pointer nodp debug_keyboard
    dk nodebug_keyboard nodk deferupdate defer wait_ui
    wait_bog nowait_bog slow_fb wait readtimeout nap nonap
    sb screen_blank fbpm nofbpm fs gaps grow fuzz snapfb
    nosnapfb rawfb progressive rfbport http nohttp httpport
    httpdir enablehttpproxy noenablehttpproxy alwaysshared
    noalwaysshared nevershared noalwaysshared dontdisconnect
    nodontdisconnect desktop debug_xevents nodebug_xevents
    debug_xevents debug_xdamage nodebug_xdamage
    debug_xdamage debug_wireframe nodebug_wireframe
    debug_wireframe debug_scroll nodebug_scroll debug_scroll
    debug_tiles dbt nodebug_tiles nodbt debug_tiles
    debug_grabs nodebug_grabs debug_sel nodebug_sel dbg
    nodbg noremote

    aro= noop display vncdisplay desktopname guess_desktop
    http_url auth xauth users rootshift clipshift
    scale_str scaled_x scaled_y scale_numer scale_denom
    scale_fac scaling_blend scaling_nomult4 scaling_pad
    scaling_interpolate inetd privremote unsafe safer nocmds
    passwdfile unixpw unixpw_nis unixpw_list ssl ssl_pem
    sslverify stunnel stunnel_pem https usepw using_shm
    logfile o flag rc norc h help V version lastmod bg
    sigpipe threads readrate netrate netlatency pipeinput
    clients client_count pid ext_xtest ext_xtrap ext_xrecord
    ext_xkb ext_xshm ext_xinerama ext_overlay ext_xfixes
    ext_xdamage ext_xrandr rootwin num_buttons button_mask
    mouse_x mouse_y bpp depth indexed_color dpy_x dpy_y
    wdpy_x wdpy_y off_x off_y cdpy_x cdpy_y coff_x coff_y
    rfbauth passwd viewpasswd

    -QD variable Just like -query variable, but returns the default
    value for that parameter (no running x11vnc server
    is consulted)

    -sync By default -remote commands are run asynchronously, that
    is, the request is posted and the program immediately
    exits. Use -sync to have the program wait for an
    acknowledgement from the x11vnc server that command was
    processed (somehow). On the other hand -query requests
    are always processed synchronously because they have
    to wait for the answer.

    Also note that if both -remote and -query requests are
    supplied on the command line, the -remote is processed
    first (synchronously: no need for -sync), and then
    the -query request is processed in the normal way.
    This allows for a reliable way to see if the -remote
    command was processed by querying for any new settings.
    Note however that there is timeout of a few seconds so
    if the x11vnc takes longer than that to process the
    requests the requestor will think that a failure has
    taken place.

    -noremote Do not process any remote control commands or queries.
    -yesremote Do process remote control commands or queries.
    Default: -yesremote

    A note about security wrt remote control commands.
    If someone can connect to the X display and change
    the property X11VNC_REMOTE, then they can remotely
    control x11vnc. Normally access to the X display is
    protected. Note that if they can modify X11VNC_REMOTE
    on the X server, they have enough permissions to also
    run their own x11vnc and thus have complete control
    of the desktop. If the "-connect /path/to/file"
    channel is being used, obviously anyone who can write
    to /path/to/file can remotely control x11vnc. So be
    sure to protect the X display and that file's write
    permissions. See -privremote below.

    If you are paranoid and do not think -noremote is
    enough, to disable the X11VNC_REMOTE property channel
    completely use -novncconnect, or use the -safer option
    that shuts many things off.

    -unsafe A few remote commands are disabled by default
    (currently: id:pick, accept:<cmd>, gone:<cmd>, and
    rawfb:setup:<cmd>) because they are associated with
    running external programs. If you specify -unsafe, then
    these remote-control commands are allowed. Note that
    you can still specify these parameters on the command
    line, they just cannot be invoked via remote-control.
    -safer Equivalent to: -novncconnect -noremote and prohibiting
    -gui and the -connect file. Shuts off communcation
    channels.
    -privremote Perform some sanity checks and disable remote-control
    commands if it appears that the X DISPLAY and/or
    connectfile can be accessed by other users. Once
    remote-control is disabled it cannot be turned back on.
    -nocmds No external commands (e.g. system(3), popen(3), exec(3))
    will be run.

    -deny_all For use with -remote nodeny: start out denying all
    incoming clients until "-remote nodeny" is used to
    let them in.


    These options are passed to libvncserver:

    -rfbport port TCP port for RFB protocol
    -rfbwait time max time in ms to wait for RFB client
    -rfbauth passwd-file use authentication on RFB protocol
    (use 'storepasswd' to create a password file)
    -rfbversion 3.x Set the version of the RFB we choose to advertise
    -permitfiletransfer permit file transfer support
    -passwd plain-password use authentication
    (use plain-password as password, USE AT YOUR RISK)
    -deferupdate time time in ms to defer updates (default 40)
    -deferptrupdate time time in ms to defer pointer updates (default none)
    -desktop name VNC desktop name (default "LibVNCServer")
    -alwaysshared always treat new clients as shared
    -nevershared never treat new clients as shared
    -dontdisconnect don't disconnect existing clients when a new non-shared
    connection comes in (refuse new connection instead)
    -httpdir dir-path enable http server using dir-path home
    -httpport portnum use portnum for http connection
    -enablehttpproxy enable http proxy support
    -progressive height enable progressive updating for slow links
    -listen ipaddr listen for connections only on network interface with
    addr ipaddr. '-listen localhost' and hostname work too.

    libvncserver-tight-extension options:
    -disablefiletransfer disable file transfer
    -ftproot string set ftp root



    iki programı da kaynak kodları ile derlemiştim.
    ./configure --prefix=/usr --with-x ;make ;make install gibi yanii.

    önce x11vnc çalıştıracaksın. Sonrada vnc2swf ile x11vnc den görüntü alıp kaydedeceksin...

    örnekhttp://muratsplat.sitemynet.com/deneme.html

    linkler ...


    http://www.unixuser.org/~euske/vnc2swf/
    http://www.karlrunge.com/x11vnc/



    < Bu mesaj bu kişi tarafından değiştirildi MURATSPLAT -- 12 Haziran 2006; 11:09:34 >




  • Cok sagolasın.. ben denıyeyım..
  • 
Sayfa: 1
- x
Bildirim
mesajınız kopyalandı (ctrl+v) yapıştırmak istediğiniz yere yapıştırabilirsiniz.