LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Suse/Novell
User Name
Password
Suse/Novell This Forum is for the discussion of Suse Linux.

Notices

Reply
 
Search this Thread
Old 12-12-2004, 04:52 PM   #1
thegreatgatsby
Member
 
Registered: Aug 2003
Location: England
Distribution: SuSE 9.3 pro
Posts: 332

Rep: Reputation: 30
firewall blocks network printer suse 9.2 cups


upgraded to suse 9.2

printer via cups, but will only work if firewall turned off.

the printer is at lpd://192.168.1.100:515/L1

what must I do to suse firewall to let the printing work please?
this worked fine with the previous versions, (8.2, 9.0, 9.1)so they must have changed some setting

thank you very much
 
Old 12-20-2004, 11:36 AM   #2
thegreatgatsby
Member
 
Registered: Aug 2003
Location: England
Distribution: SuSE 9.3 pro
Posts: 332

Original Poster
Rep: Reputation: 30
I would really appreciate an answer, as I have to turn the firewall off each time I want to print

thank you
 
Old 12-21-2004, 01:58 AM   #3
gd2shoe
Member
 
Registered: Jun 2004
Location: Northern CA
Distribution: Debian
Posts: 835

Rep: Reputation: 49
Re: firewall blocks network printer suse 9.2 cups

Quote:
Originally posted by thegreatgatsby
upgraded to suse 9.2

printer via cups, but will only work if firewall turned off.

the printer is at lpd://192.168.1.100:515/L1

what must I do to suse firewall to let the printing work please?
this worked fine with the previous versions, (8.2, 9.0, 9.1)so they must have changed some setting

thank you very much
Now I don't have 9.2, but if the interface is the same as 9.1, I think I can help.

Open YaST-> Security and Users -> Firewall. There will be several pages in a row. One of them will deal with the ports that are to be left open (not firewalled: http, ftp, ssh, smtp, and more). If lpd is not an option, then type 515 in the box provided. That SHOULD do it. That is what it is designed for. My machine has problems with this for some unexplained reason. Good luck.
 
Old 12-21-2004, 03:56 AM   #4
thegreatgatsby
Member
 
Registered: Aug 2003
Location: England
Distribution: SuSE 9.3 pro
Posts: 332

Original Poster
Rep: Reputation: 30
the interface appears to be the same as on 9.1, but the way it works is different.

I have typed 515 into both the "additional TCP services" and/or the "additional UDP services" box with out any success.

If I switch the firewall off it prints fine.

the SUSE site appears to have no information about this.

Thanks,
 
Old 12-21-2004, 12:41 PM   #5
gd2shoe
Member
 
Registered: Jun 2004
Location: Northern CA
Distribution: Debian
Posts: 835

Rep: Reputation: 49
Quote:
Enter any number of ports, known port names (from /etc/services), and port ranges, separated by spaces.
Port ranges are separated by a colon. For example, to allow port 21 to 23, write "21:23"
This is what it says in mine. It should be easy. If it doesn't work in yours, then it sounds as if something is broken. For a more direct access to these settings, you can try looking in /etc/sysconfig/SuSEfirewall2. This file can also be manipulated in YaST-> System-> /etc/sysconfig Editor-> Network-> firewall.

If all else fails, turn off the SuSEfirewall2 and install another firewall program (or learn iptables yourself). Warning: you might have trouble doing this if you have more than one network card. They will sometimes detect in a different order and be assigned different names. You wont have this issue with just one card.
 
Old 12-23-2004, 12:01 AM   #6
jdblick
Member
 
Registered: Sep 2004
Distribution: SUSE 10.0 OSS
Posts: 261

Rep: Reputation: 30
515 probably isn't the port, add these:
631 <- either the printer or the cups server
139 <- samba, network protocol for linux to and from windows
445 <- I forgot

you might need just 631
 
Old 12-23-2004, 12:23 PM   #7
jdblick
Member
 
Registered: Sep 2004
Distribution: SUSE 10.0 OSS
Posts: 261

Rep: Reputation: 30
did this work?
 
Old 12-24-2004, 03:10 AM   #8
thegreatgatsby
Member
 
Registered: Aug 2003
Location: England
Distribution: SuSE 9.3 pro
Posts: 332

Original Poster
Rep: Reputation: 30
no
 
Old 12-24-2004, 09:39 AM   #9
coureyv
LQ Newbie
 
Registered: Feb 2003
Posts: 18

Rep: Reputation: 0
http://localhost:631 works ?
 
Old 12-25-2004, 03:37 AM   #10
thegreatgatsby
Member
 
Registered: Aug 2003
Location: England
Distribution: SuSE 9.3 pro
Posts: 332

Original Poster
Rep: Reputation: 30
yes, it works (i.e. in a browser window)
 
Old 12-25-2004, 08:32 AM   #11
coureyv
LQ Newbie
 
Registered: Feb 2003
Posts: 18

Rep: Reputation: 0
check /etc/cups/cupsd.conf (server side) and /etc/cups/client.conf (linux client side) yast recognize your cups printers?
 
Old 12-25-2004, 09:01 AM   #12
coureyv
LQ Newbie
 
Registered: Feb 2003
Posts: 18

Rep: Reputation: 0
in my /etc/cups/client.conf I add
# OVP
ServerName 192.168.1.10
# BXL
#ServerName 192.168.0.146
I change if my laptop is on an other place(OVP,BXL)in (not yet multi profile implemented, but I do in few time)
in my /etc/cups/cupsd.conf I add my 192.168 local network
<Location />
Encryption IfRequested
Satisfy All
Order deny,allow
Deny From All
Allow From 127.0.0.1
Allow From 127.0.0.2
Allow From 192.168.*.*
</Location>
<Location /admin>
AuthType Basic
AuthClass System
Encryption IfRequested
Satisfy All
Order deny,allow
Deny From All
Allow From 127.0.0.1
Allow From 192.168.*.*
</Location>
 
Old 12-26-2004, 03:12 PM   #13
thegreatgatsby
Member
 
Registered: Aug 2003
Location: England
Distribution: SuSE 9.3 pro
Posts: 332

Original Poster
Rep: Reputation: 30
yes, yast does see the cups printers, & even if I reconfigure the printers through yast, it still won't print unless the firewall is turned off....
 
Old 12-29-2004, 06:32 AM   #14
thegreatgatsby
Member
 
Registered: Aug 2003
Location: England
Distribution: SuSE 9.3 pro
Posts: 332

Original Poster
Rep: Reputation: 30
have altered my cups conf as you suggested.

if firewall is off

nmap 192.168.1.100 gives

PORT STATE SERVICE
23/tcp open telnet
80/tcp open http
139/tcp open netbios-ssn
515/tcp open printer
631/tcp open ipp

however with firewall on (and the above ports kept open in "expert" settings & cups conf allowing as you suggested)

Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2004-12-29 12:37 GMT
Note: Host seems down. If it is really up, but blocking our ping probes, try -P0
Nmap run completed -- 1 IP address (0 hosts up) scanned in 4.005 seconds

So it appears that the "expert settings" in the Suse Firewall are not doing their job.

any other ideas anyone????

thanks







Last edited by thegreatgatsby; 12-29-2004 at 06:36 AM.
 
Old 01-17-2005, 04:05 PM   #15
rtspitz
Member
 
Registered: Jan 2005
Location: germany
Distribution: suse, opensuse, debian, others for testing
Posts: 307

Rep: Reputation: 32
well, as far as I have used suse's firewall it appears to me they only block traffic between the internal and the external interface.

that is if your computers and printers and what not are internal and internet (e.g. dsl with dsl0) is external the firewall should not even see what is going on.

if you want to have different subnets you might try ip aliasing to use one network card in 2 subnets.

lets say your computers are within the 192.168.0.xxx subnet
and the printers + router and so on are 192.168.1.xxx

you could set up something like this

Code:
ifconfig eth0:0 192.168.1.5 up
this will give you an additional network interface eth0:0

so your pc connets to a switch, so does the router.
the pc is 192.168.0.1 and lets say 192.168.1.5 at the same time. via the switch it can access both the 192.168.0.xxx (directly) and via the router the 192.168.1.xxx machines.

you'd still have to take care of the routing table though...
and keeping it all inside just one subnet is easier anyway.

my config:

pc 192.168.0.4
printserver 192.168.0.2

works just fine with suse 9.2
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
firestarter blocks ldp (cups) printer bennettg Linux - Security 10 04-13-2005 02:10 AM
firestarter blocks ldp (cups) printer bennettg Ubuntu 1 04-11-2005 06:46 AM
SuSE 9.2 - firewall blocks internal network cannabuz Linux - Networking 0 01-17-2005 08:34 AM
how to use network cups printer snoble Linux - Newbie 1 10-18-2004 12:31 PM
suse 9.1 printing to cups ipp network printer sichen Linux - General 0 08-09-2004 06:30 PM


All times are GMT -5. The time now is 07:07 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration