LPR ephemeral port problem (below port 1024!)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I just updated a server from FC1 to FC3 over the weekend. Everything went fine, except that I can no longer communicate with my Netgear PS110 print servers, because the LPR protocol is being blocked. This is happening because the firewall (iptables built by Guarddog) on my server is set to block communications that do not use ports 1024-5999 as the ephemeral ports. For some reason, ports below 1024 are being used when attempting to print, as /var/log/messages shows:

Nov 29 09:50:39 server2 kernel: DROPPED IN=eth0 OUT= MAC=00:c0:9f:11:12:da:00:c0:02:de:f7:0d:08:00 SRC=192.168.0.13 DST=192.168.0.3 LEN=44 TOS=0x00 PREC=0x00 TTL=30 ID=1018 PROTO=TCP SPT=515 DPT=1002 SEQ=668236 ACK=3290477864 WINDOW=1514 RES=0x00 ACK PSH SYN URGP=0 OPT (020405EA)

(Here, 192.168.0.3 = FC3, 192.168.0.13 = Netgear, 515 = LPR port, 1002 = dynamic port below 1024!)

cat /proc/sys/net/ipv4/ip_local_port_range gives:
1024    5999
which seems OK.

So the question is - what is causing the use of ports below 1024 for LPR? (Disabling the firewall makes the problems go away.)

Any help much appreciated!


- Mike

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux