I know that manually, I'd do it as such: /sbin/iptables -I INPUT -p tcp --dport 515 -j ACCEPT /sbin/iptables -I INPUT -p udp --dport 515 -j ACCEPT For more security add "-i ethX" to allow this just on your localnet if that's what you want. -m is for extended matches (like -m multiport), you don't need that in your rules. Are you using some tool to save the rules? you could do the ones I mentioned and iptables-save should save it. I write separate firewall.sh scripts and load them through /etc/rc.local. When I still have trouble getting some traffic through, I open the firewall (-I INPUT -j ACCEPT, only locally of course), and run tcpdump to see what's happening, you'll get an idea what you need to do. Logging in iptables might be helpful too. Cheers On Wed, 2004-02-25 at 11:06, Andrew Robinson wrote: > I want to enable lpr printing (from an Apple Powerbook running MacOS X > 10.2) for printers on my Fedora Core 1 box. According to the > /etc/services file, printing services are given as: > > printer 515/tcp spooler # line printer spooler > printer 515/udp spooler # line printer spooler > > So based on previous information from this list about iptables, I added > these two entries: > > # Printer Access > -A RH-Firewall-1-INPUT -m tcp -p tcp --dport 515 -j ACCEPT > -A RH-Firewall-1-INPUT -m udp -p udp --dport 515 -j ACCEPT > > My question is, is this what I want to do? > > Thanks! > > Andrew Robinson >
