Firewall

[Bill Nottingham]

Chris Adams (cmadams at hiwaay.net) said: 
> > a) binds to a local unprivileged UDP port
> > b) sends a broadcast SNMP request
> > c) listens for (unicast) responses to that request
> > 
> > We don't hear any of those responses because they are not recognised as
> > "related" by the kernel.  The iptables rules drop them.
> > 
> > If the CUPS snmp backend could say to "the firewall", "hey, please allow
> > responses on this port I've got for the next few seconds" -- which can
> > be controlled using PolicyKit -- then this network discovery would
> > finally work.
> 
> Congrats, you have re-invented UPnP, although a local-only version
> maybe (not that I think that is necessarily a bad thing).

I could be wrong, but I'd guess that any SNMP implementation probably
predates UPnP by a good bit.

Bill