Bug 137259
Summary: | firewall and printing | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Nathan Fredrickson <nathan> |
Component: | system-config-securitylevel | Assignee: | Paul Nasrat <nobody+pnasrat> |
Status: | CLOSED DUPLICATE | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-02-21 19:06:38 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Nathan Fredrickson
2004-10-27 00:07:03 UTC
The system-config-printer tool does not alter iptables. Does not the related rule for tcp:631 not just work - it's browsing that we can't use related with? By "related rule", I assume you mean: -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT This related rule works on the printer client system which makes an outgoing connection to tcp:631 on the print server. However the printer server system needs tcp:631 opened. In a typical home or small office, the "print server" is just the workstation that happens to have the printer connected. Ideally a rule to allow tcp:631 would be added when printer sharing is enabled in s-c-printer. At least, CUPS should be included in the list of "Trusted services" in s-c-securitylevel. As for browsing, yes that requires the udp:631 rule on the client: -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT Screen freeze meant a better trusted service ui didn't make FC3, it's high on my list when we unfreeze. You can add tcp:631 through the gui currently for the print server as an additional port, this should mean that clients should work out of the box - server slight manual config. Better UI for selection will follow. Closing as duplicate of generic improvement bug. *** This bug has been marked as a duplicate of 124161 *** Changed to 'CLOSED' state since 'RESOLVED' has been deprecated. |