Firewall - OUTPUT rule
Kevin J. Cummings
cummings at kjchome.homeip.net
Fri Sep 24 03:20:12 UTC 2010
On 09/23/2010 10:34 PM, JD wrote:
> The firewall is belching these messages:
>
> Sep 23 19:22:39 vger kernel: Dropped by firewall: IN=wlan0 OUT= MAC=
> SRC=192.168.0.8 DST=192.168.0.255 LEN=223 TOS=0x00 PREC=0x00 TTL=64 ID=0
> DF PROTO=UDP SPT=631 DPT=631 LEN=203
>
> Thing is, 192.168.0.8 is my wlan0 ip address.
>
> Since port 631 is the internet printing protocol, the packet must be
> getting sent by the cups daemon
> because I configured to print on a network wireless printer.
192.168.0.255 looks like a BROADCAST address. The packet in question is
being sent to every machine on the 192.168.0/24 network.
Port 631 is indeed the CUPS port. It looks like CUPS to CUPS communication.
CUPS is probably looking to "discover" other printers on your network.
> What should an OUTPUT rule look like to allow these packets to be sent?
> Or is it a problem with my INPUT filters?
Probably a problem with your INPUT filters. Is there any information in
/var/log/secure? Something in your firewall rules is not allowing the
packet to be accepted by vger.
Is cupsd running on vger? Did you open up port 631 in your firewall on
vger? (ISTR that it is closed by default.)
--
Kevin J. Cummings
kjchome at rcn.com
cummings at kjchome.homeip.net
cummings at kjc386.framingham.ma.us
Registered Linux User #1232 (http://counter.li.org)
More information about the users
mailing list