Firewall - OUTPUT rule
JD
jd1008 at gmail.com
Fri Sep 24 03:41:38 UTC 2010
On 09/23/2010 08:20 PM, Kevin J. Cummings wrote:
> On 09/23/2010 10:34 PM, JD wrote:
>> The firewall is belching these messages:
>>
>> Sep 23 19:22:39 vger kernel: Dropped by firewall: IN=wlan0 OUT= MAC=
>> SRC=192.168.0.8 DST=192.168.0.255 LEN=223 TOS=0x00 PREC=0x00 TTL=64 ID=0
>> DF PROTO=UDP SPT=631 DPT=631 LEN=203
>>
>> Thing is, 192.168.0.8 is my wlan0 ip address.
>>
>> Since port 631 is the internet printing protocol, the packet must be
>> getting sent by the cups daemon
>> because I configured to print on a network wireless printer.
> 192.168.0.255 looks like a BROADCAST address. The packet in question is
> being sent to every machine on the 192.168.0/24 network.
>
> Port 631 is indeed the CUPS port. It looks like CUPS to CUPS communication.
>
> CUPS is probably looking to "discover" other printers on your network.
>
>> What should an OUTPUT rule look like to allow these packets to be sent?
>> Or is it a problem with my INPUT filters?
> Probably a problem with your INPUT filters.
I have this input rule:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 631 -s
192.168.0.0/24 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 631 -s
192.168.0.0/24 -j ACCEPT
> Is there any information in
> /var/log/secure?
Nop! Nothing at all
> Something in your firewall rules is not allowing the
> packet to be accepted by vger.
>
> Is cupsd running on vger?
Yes!
> Did you open up port 631 in your firewall on
> vger? (ISTR that it is closed by default.)
>
Do the above INPUT filters open it up for my lan?
If not, then how?
More information about the users
mailing list