Am 31.10.2014 um 10:34 schrieb Jarmo Hurri:
So I must be doing something wrong. My questions are:
1. Have I diagnosed the situation correctly? Is port 631 really open to
the outside world?
Probably.
2. If port 631 is open, why can I not close it using firewalld?
You're very likely doing something wrong. But since I don't use
firewalld and I am not familiar with it, I can't tell you what that
might be.
3. What is the best way to deny connections to the port from any
other
computer than that of my own? Is it the approach I have taken now?
Others will probably tell you, how to use firewalld to deny access to
some open port.
OTOH: First, you tell cups to listen to the network and then you try to
use firewalld to make sure it won't succeed in doing so.
In this case, I'd consider it a much better idea to tell cups to listen
only to the loopback interface and ignore the external network
altogether - by setting "Listen" appropriately in cupsd.conf. For example:
# Only listen for connections from the local machine.
Listen localhost:631
Listen /var/run/cups/cups.sock
--
Regards
mks