Hello....nOOb here. 3 months on suse linux and 3 days on ubuntu hoary. I Love it and am so close from getting away from M$, BUT......

I have a samsung ml1430 printer attached to a linksys wireless print server. I use a laptop that connects wirelessly. No problem printing in xp.

in ubuntu, I went to system, administration, printing and configured my printer via lpd at abc.def.g.hij where the abc's are my local ip address for the print server. I could print in suse 9.2 without problems (including with the firewall on). In ubuntu, I can ply print with the firewall (firestarter gui) off.

i do not have a network per se. I have a wireless router that i use with a laptop and wireless print servers. the print servers have static ip addresses. with the firewall on, ubuntu cannot see them. with the ifrewall off, no problem.

I searched the ubuntu forums and linuxquestions.org for hours without success. I know I need to set rules (policy) in firestarter, but I havent had any success.

Please help this nOOb!

Howzit

Before printing open console and do a netstat -an to see what ports are in LISTEN mode.

Then place an entry in the FW with the ip addr that your printers have with the port address that the local machine is LISTEN on

cheers

I hope I'm not mistaking, but you should add a rule such asto be able to connect to your IPP port.

aqoliveira,

i did the command and here is the output:

bennettg@ubuntu:~$ netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 127.0.0.1:32768 ESTABLISHED
tcp 0 0 192.168.1.101:32953 64.233.187.99:80 ESTABLISHED
tcp 0 0 127.0.0.1:631 127.0.0.1:32877 ESTABLISHED
tcp 0 0 127.0.0.1:32877 127.0.0.1:631 ESTABLISHED
tcp 1 0 127.0.0.1:32875 127.0.0.1:631 CLOSE_WAIT
tcp 0 0 127.0.0.1:32768 127.0.0.1:631 ESTABLISHED
tcp6 0 0 ::1:25 :::* LISTEN
udp 0 0 0.0.0.0:68 0.0.0.0:*
udp 0 0 0.0.0.0:631 0.0.0.0:*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 12374 @/tmp/dbus-Ra9GqlrWkr
unix 2 [ ACC ] STREAM LISTENING 9474 /tmp/.gdm_socket
unix 2 [ ACC ] STREAM LISTENING 9782 /tmp/.X11-unix/X0
unix 2 [ ACC ] STREAM LISTENING 12365 /tmp/gpg-EGjSqp/S.gpg-agent
unix 2 [ ACC ] STREAM LISTENING 12369 /tmp/ssh-doKNhy8201/agent.8201
unix 2 [ ACC ] STREAM LISTENING 12391 /tmp/orbit-bennettg/linc-2040-0-431812aaef89
unix 2 [ ACC ] STREAM LISTENING 10285 /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 12401 /tmp/orbit-bennettg/linc-2009-0-44736020bb51d
unix 2 [ ACC ] STREAM LISTENING 12587 /tmp/.ICE-unix/8201
unix 2 [ ACC ] STREAM LISTENING 12596 /tmp/keyring-nFnfgI/socket
unix 2 [ ACC ] STREAM LISTENING 12605 /tmp/orbit-bennettg/linc-2045-0-4bc57399c89a6
unix 2 [ ACC ] STREAM LISTENING 12625 /tmp/orbit-bennettg/linc-2047-0-4c69e63a3c8be
unix 2 [ ACC ] STREAM LISTENING 12769 /tmp/orbit-bennettg/linc-206c-0-f7f55fe2f6ec
unix 2 [ ACC ] STREAM LISTENING 12798 /tmp/orbit-bennettg/linc-2074-0-1a69e8fc952d6
unix 2 [ ACC ] STREAM LISTENING 12834 /tmp/orbit-bennettg/linc-2078-0-1a69e8fce9490
unix 2 [ ACC ] STREAM LISTENING 12838 /tmp/orbit-bennettg/linc-2076-0-1a69e8fce9aa2
unix 2 [ ACC ] STREAM LISTENING 12860 /tmp/orbit-bennettg/linc-207e-0-47a08a0727fd8
unix 2 [ ACC ] STREAM LISTENING 13054 /tmp/mapping-bennettg
unix 2 [ ACC ] STREAM LISTENING 12909 /tmp/orbit-bennettg/linc-2082-0-71baa9f433a4c
unix 2 [ ACC ] STREAM LISTENING 12937 /tmp/orbit-bennettg/linc-2087-0-63d9e31c35047
unix 2 [ ACC ] STREAM LISTENING 12983 /tmp/orbit-bennettg/linc-208a-0-1dedf932e208b
unix 2 [ ACC ] STREAM LISTENING 13003 /tmp/orbit-bennettg/linc-208c-0-dd095fb66d6
unix 2 [ ACC ] STREAM LISTENING 13083 /tmp/orbit-bennettg/linc-2099-0-5b2ffa19a24d3
unix 2 [ ACC ] STREAM LISTENING 13108 /tmp/orbit-bennettg/linc-209d-0-5b2ffa19d28c6
unix 2 [ ACC ] STREAM LISTENING 13125 /tmp/orbit-bennettg/linc-209f-0-5b2ffa19e0096
unix 2 [ ACC ] STREAM LISTENING 13166 /tmp/orbit-bennettg/linc-20a3-0-4482c66b5641a
unix 2 [ ACC ] STREAM LISTENING 13181 /tmp/orbit-bennettg/linc-20a1-0-4482c66b6242d
unix 2 [ ACC ] STREAM LISTENING 14464 /tmp/orbit-bennettg/linc-20ae-0-581af815abfcf
unix 2 [ ] DGRAM 10325 @/var/run/hal/hotplug_socket
unix 2 [ ACC ] STREAM LISTENING 14663 /tmp/orbit-root/linc-2104-0-d3b651953a23
unix 2 [ ACC ] STREAM LISTENING 14670 /tmp/orbit-root/linc-2102-0-21c49c5459a5a
unix 2 [ ACC ] STREAM LISTENING 15345 /tmp/orbit-bennettg/linc-2209-0-bf517dfe9fc9
unix 2 [ ACC ] STREAM LISTENING 16961 /tmp/orbit-bennettg/linc-2a5a-0-41595d42e007
unix 2 [ ACC ] STREAM LISTENING 10203 /var/run/acpid.socket
unix 2 [ ACC ] STREAM LISTENING 11687 public/cleanup
unix 2 [ ACC ] STREAM LISTENING 11694 private/rewrite
unix 2 [ ACC ] STREAM LISTENING 11702 private/bounce
unix 2 [ ACC ] STREAM LISTENING 11706 private/defer
unix 2 [ ACC ] STREAM LISTENING 11710 private/trace
unix 2 [ ] DGRAM 1190 @udevd
unix 2 [ ACC ] STREAM LISTENING 11714 private/verify
unix 2 [ ACC ] STREAM LISTENING 11718 public/flush
unix 2 [ ACC ] STREAM LISTENING 11722 private/proxymap
unix 9 [ ] DGRAM 9392 /dev/log
unix 2 [ ACC ] STREAM LISTENING 11726 private/smtp
unix 2 [ ACC ] STREAM LISTENING 11730 private/relay
unix 2 [ ACC ] STREAM LISTENING 11734 public/showq
unix 2 [ ACC ] STREAM LISTENING 11738 private/error
unix 2 [ ACC ] STREAM LISTENING 11742 private/local
unix 2 [ ACC ] STREAM LISTENING 11746 private/virtual
unix 2 [ ACC ] STREAM LISTENING 11750 private/lmtp
unix 2 [ ACC ] STREAM LISTENING 11754 private/anvil
unix 2 [ ACC ] STREAM LISTENING 11758 private/maildrop
unix 2 [ ACC ] STREAM LISTENING 11762 private/uucp
unix 2 [ ACC ] STREAM LISTENING 11766 private/ifmail
unix 2 [ ACC ] STREAM LISTENING 11770 private/bsmtp
unix 2 [ ACC ] STREAM LISTENING 11774 private/scalemail-backend
unix 2 [ ACC ] STREAM LISTENING 12662 @/tmp/fam-bennettg-

bennettg@ubuntu:~$




Since I am such a nOOb I do not know how to lace an entry in the FW with the ip addr that your printers have with the port address that the local machine is LISTEN on. Can I gently ask for a step by step guide?

Thanks in advance

harken,

i tried this in the terminal, but got the following:

bennettg@ubuntu:~$ -A INPUT -p tcp --dport 631 -s 127.0.0.1 -j ACCEPT
bash: -A: command not found
bennettg@ubuntu:~$



Can you tell me how I should be doing this? the firewall gui is firestarter

thanks in advance

HELP!

First you will need to be root to execute the command, second you need to add the iptables command at the beginning:

iptables -A INPUT -p tcp --dport 631 -s 127.0.0.1 -j ACCEPT

You can do it in firestarter too. Just open the config page and edit your policy to allow inbound traffic on that port.

That wasn't supposed to be a command to type in the command line. Instead you should add that to firestarter's configuration file (the actuall firewall script). Of course, you can execute the command the way Capt_Caveman said, but that will alter the firewall's behaviour only until the next reboot.

harken,

i am sorry i am a dumb nOOb, but I do not know which file I should edit. Could you please tell me? Will I put it at the end of the file?

harken,

I added the line to the /etc/firestarter/configuration file by using the terminal and entering sudo gedit and then opening the file, entering the line and the end of the file saving the file and then restratring. Upon restart I could not print, when I stopped the firewall I had no problems.

I used firestarter quite a while ago, so I don't remember exactly which file holds the firewall rules. It may not be the same with the configuration file. It is probably called something like firewall.rc or similar. Its contents should have many lines like the one I wrote in my first reply (post#3).
Yet, if you say it has a GUI of some sort, use that instead to edit the rules. Still, if the modification is made by hand, add that rule somewhere after the beginning of the file (after the variables such as IFACE, IP or similar are declared, and before it starts dropping packets).
Because I can't tell you more unless I see the actual file, I can only point you further to see how a firewall is implemented at http://www.faqs.org/docs/iptables/index.html You'll also see here how a firewall configuration file should look like: http://iptables-tutorial.frozentux.n...c.firewall.txt In such a file you should add the rule that permits local connections to your IPP port.