SUSE / openSUSEThis Forum is for the discussion of Suse Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
printer via cups, but will only work if firewall turned off.
the printer is at lpd://192.168.1.100:515/L1
what must I do to suse firewall to let the printing work please?
this worked fine with the previous versions, (8.2, 9.0, 9.1)so they must have changed some setting
Originally posted by thegreatgatsby upgraded to suse 9.2
printer via cups, but will only work if firewall turned off.
the printer is at lpd://192.168.1.100:515/L1
what must I do to suse firewall to let the printing work please?
this worked fine with the previous versions, (8.2, 9.0, 9.1)so they must have changed some setting
thank you very much
Now I don't have 9.2, but if the interface is the same as 9.1, I think I can help.
Open YaST-> Security and Users -> Firewall. There will be several pages in a row. One of them will deal with the ports that are to be left open (not firewalled: http, ftp, ssh, smtp, and more). If lpd is not an option, then type 515 in the box provided. That SHOULD do it. That is what it is designed for. My machine has problems with this for some unexplained reason. Good luck.
Enter any number of ports, known port names (from /etc/services), and port ranges, separated by spaces.
Port ranges are separated by a colon. For example, to allow port 21 to 23, write "21:23"
This is what it says in mine. It should be easy. If it doesn't work in yours, then it sounds as if something is broken. For a more direct access to these settings, you can try looking in /etc/sysconfig/SuSEfirewall2. This file can also be manipulated in YaST-> System-> /etc/sysconfig Editor-> Network-> firewall.
If all else fails, turn off the SuSEfirewall2 and install another firewall program (or learn iptables yourself). Warning: you might have trouble doing this if you have more than one network card. They will sometimes detect in a different order and be assigned different names. You wont have this issue with just one card.
515 probably isn't the port, add these:
631 <- either the printer or the cups server
139 <- samba, network protocol for linux to and from windows
445 <- I forgot
in my /etc/cups/client.conf I add
# OVP
ServerName 192.168.1.10
# BXL
#ServerName 192.168.0.146
I change if my laptop is on an other place(OVP,BXL)in (not yet multi profile implemented, but I do in few time)
in my /etc/cups/cupsd.conf I add my 192.168 local network
<Location />
Encryption IfRequested
Satisfy All
Order deny,allow
Deny From All
Allow From 127.0.0.1
Allow From 127.0.0.2
Allow From 192.168.*.*
</Location>
<Location /admin>
AuthType Basic
AuthClass System
Encryption IfRequested
Satisfy All
Order deny,allow
Deny From All
Allow From 127.0.0.1
Allow From 192.168.*.*
</Location>
PORT STATE SERVICE
23/tcp open telnet
80/tcp open http
139/tcp open netbios-ssn
515/tcp open printer
631/tcp open ipp
however with firewall on (and the above ports kept open in "expert" settings & cups conf allowing as you suggested)
Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2004-12-29 12:37 GMT
Note: Host seems down. If it is really up, but blocking our ping probes, try -P0
Nmap run completed -- 1 IP address (0 hosts up) scanned in 4.005 seconds
So it appears that the "expert settings" in the Suse Firewall are not doing their job.
any other ideas anyone????
thanks
Last edited by thegreatgatsby; 12-29-2004 at 06:36 AM.
Distribution: suse, opensuse, debian, others for testing
Posts: 307
Rep:
well, as far as I have used suse's firewall it appears to me they only block traffic between the internal and the external interface.
that is if your computers and printers and what not are internal and internet (e.g. dsl with dsl0) is external the firewall should not even see what is going on.
if you want to have different subnets you might try ip aliasing to use one network card in 2 subnets.
lets say your computers are within the 192.168.0.xxx subnet
and the printers + router and so on are 192.168.1.xxx
you could set up something like this
Code:
ifconfig eth0:0 192.168.1.5 up
this will give you an additional network interface eth0:0
so your pc connets to a switch, so does the router.
the pc is 192.168.0.1 and lets say 192.168.1.5 at the same time. via the switch it can access both the 192.168.0.xxx (directly) and via the router the 192.168.1.xxx machines.
you'd still have to take care of the routing table though...
and keeping it all inside just one subnet is easier anyway.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
