Re: Firewall - OUTPUT rule

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 09/23/2010 10:34 PM, JD wrote:
>   The firewall is belching these messages:
> 
> Sep 23 19:22:39 vger kernel: Dropped by firewall: IN=wlan0 OUT= MAC= 
> SRC=192.168.0.8 DST=192.168.0.255 LEN=223 TOS=0x00 PREC=0x00 TTL=64 ID=0 
> DF PROTO=UDP SPT=631 DPT=631 LEN=203
> 
> Thing is, 192.168.0.8 is my wlan0 ip address.
> 
> Since port 631 is the internet printing protocol, the packet must be 
> getting sent by the cups daemon
> because I configured to print on a network wireless printer.

192.168.0.255 looks like a BROADCAST address.  The packet in question is
being sent to every machine on the 192.168.0/24 network.

Port 631 is indeed the CUPS port.  It looks like CUPS to CUPS communication.

CUPS is probably looking to "discover" other printers on your network.

> What should an OUTPUT rule look like to allow these packets to be sent?
> Or is it a problem with  my INPUT filters?

Probably a problem with your INPUT filters.  Is there any information in
/var/log/secure?  Something in your firewall rules is not allowing the
packet to be accepted by vger.

Is cupsd running on vger?  Did you open up port 631 in your firewall on
vger? (ISTR that it is closed by default.)

-- 
Kevin J. Cummings
kjchome@xxxxxxx
cummings@xxxxxxxxxxxxxxxxxx
cummings@xxxxxxxxxxxxxxxxxxxxxxx
Registered Linux User #1232 (http://counter.li.org)
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux