Ubuntu
firestarter package

Firestarter prevents LAN Printers from being detected by CUPS

  1. Hoary (5.04)
  2. Bug #1492
Bug #1492 reported by JasonCohen
6
Affects Status Importance Assigned to Milestone
firestarter (Ubuntu)
Invalid
Medium
MOTU
Hoary
Invalid
Medium
MOTU

Bug Description

When Firestarter is enabled, gnome-cups-manager does not show my Epson C86 connected to my Debian Sarge server. My firestarter policy allows connections on port 631 by everyone and allows connections from 192.168.0.4 which is the IP of the print server. I see nothing in the events tab that would suggest packets are being blocked. The only solution is to stop the firewall. After doing so the Epson Stylus C86 is shown in gome-cups-manager in a matter of seconds. This problem appears to only affect automatic detection of LAN printers. I can add the LAN Printer manually and print to it with the firewall enabled.

I have used both Hoary's firestarter (1.0.1) and backports (1.0.3). I see the same problem in both.

ii firestarter 1.0.1-1ubuntu2 gtk program for managing and observing your

/etc/firestarter/inbound/allow-from

192.168.0.4,

/etc/firestarter/inbound/allow-service

AOL IM, 5190, everyone,
Auth, 113, everyone,
VNC, 5900-5903, 192.168.0.4,
SSH, 22, 192.168.0.4,
eDonkey, 4662-4672, everyone,
Gnutella, 6346, everyone,
Ipp, 631, everyone,

See original description
JasonCohen (jcohen07)
description: updated
Daniel Holbach (dholbach)
Changed in firestarter:
assignee: nobody → motu
assignee: nobody → motu
Matthew Paul Thomas (mpt)
Changed in launchpad:
status: New → Rejected
Revision history for this message
Trent Lloyd (lathiat) wrote :

You'll probably find this is the result of blocking some broadcasts or something, its really a matter of policy i guess, i don't think we should change this in our package, marking as rejected, please let us know if you violently disagree :) Might be worth chasing upstream to see what rules need to be added to "fix" this

Changed in firestarter:
status: New → Rejected
status: New → Rejected
Revision history for this message
JasonCohen (jcohen07) wrote : Re: [Bug 1492] Firestarter prevents LAN Printers from being detected by CUPS

I don't think this is the problem. No ports need be open on the client
to print to the print server. So long as the CUPS server has port 631
open, printing should work. The problem also only seems to happen with
the use of Firestarter. I used iptables with the Webmin tool and didn't
have to open any ports to allow remote CUPS printing. I also tried
opening port 631 on the client which did not resolve the problem. I
wasn't able to find any instances of this problem on other firewalls,
nor did I find any information about what other ports would need to be
open on the client to enable printing to remote CUPS server.

Trent Lloyd via Malone wrote:

>Public bug report changed:
>https://launchpad.net/malone/bugs/1492
>
>Comment:
>You'll probably find this is the result of blocking some broadcasts or
>something, its really a matter of policy i guess, i don't think we should change
>this in our package, marking as rejected, please let us know if you violently
>disagree :) Might be worth chasing upstream to see what rules need to be added
>to "fix" this
>
>

Revision history for this message
Trent Lloyd (lathiat) wrote :

As I said this is probably a result of some broadcast blockign rule which may be allowed by these firewalls, you would really need to give me an explicit iptables -nvL with firestarter and with some other restrictive firewall

Note that firestarter is really restrictive, and blocks *alot* by default.

Curtis Hovey (sinzui)
no longer affects: launchpad
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.