Once upon a time, Tim Waugh <twaugh(a)redhat.com> said:
When I ask CUPS for a list of network printers, it runs the backends
in /usr/lib/cups/backend. One of those is /usr/lib/cups/backend/snmp,
which:
a) binds to a local unprivileged UDP port
b) sends a broadcast SNMP request
c) listens for (unicast) responses to that request
We don't hear any of those responses because they are not recognised as
"related" by the kernel. The iptables rules drop them.
If the CUPS snmp backend could say to "the firewall", "hey, please allow
responses on this port I've got for the next few seconds" -- which can
be controlled using PolicyKit -- then this network discovery would
finally work.
Congrats, you have re-invented UPnP, although a local-only version
maybe (not that I think that is necessarily a bad thing).
--
Chris Adams <cmadams(a)hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.