Bug 1285504
| Summary: | LAN scan of Epson scanners does not play well with firewalld | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Lorenzo Pistone <blaffablaffa> | ||||
| Component: | sane-backends | Assignee: | Nils Philippsen <nphilipp> | ||||
| Status: | CLOSED EOL | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 22 | CC: | nphilipp | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2016-07-19 18:32:00 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Fedora 22 changed to end-of-life (EOL) status on 2016-07-19. Fedora 22 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed. |
Created attachment 1098940 [details] Network dump of scan failure Description of problem: sane-backends-drivers-scanners pings the LAN with broadcast UDP packets port 3289 to look for EPSON scanners, then a TCP connection to port 1865 is initiated. Replies cannot get through because there is no rule in firewalld that can allow the incoming reply to discovery. I believe that writing a rule for such pattern is problematic, as it is not just as "opening" a port. Probably a conntrack helper is needed. The impact of this issue is that scanning with epson does not work out of the box, unlike other OSes. Version-Release number of selected component (if applicable): firewalld 0.3.14.2, sane-backends-drivers-scanners 1.0.25 How reproducible: Always Steps to Reproduce: 1. Open wireshark, attach an epson scanner, filter for LAN traffic && (icmp || udp.port == 3289 || tcp.port == 1865) 2. Execute scanimage -L Actual results: scanimage -L fails with timeout Expected results: scanimage -L prints scanner info. Additional info: disabling firewalld fixes the issue.