Bug 1285504 - LAN scan of Epson scanners does not play well with firewalld
Summary: LAN scan of Epson scanners does not play well with firewalld
Keywords:
Status: CLOSED EOL
Alias: None
Product: Fedora
Classification: Fedora
Component: sane-backends
Version: 22
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Nils Philippsen
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-11-25 19:17 UTC by Lorenzo Pistone
Modified: 2016-07-19 18:32 UTC (History)
1 user (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2016-07-19 18:32:00 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)
Network dump of scan failure (393 bytes, application/octet-stream)
2015-11-25 19:17 UTC, Lorenzo Pistone
no flags Details

Description Lorenzo Pistone 2015-11-25 19:17:01 UTC
Created attachment 1098940 [details]
Network dump of scan failure

Description of problem:
sane-backends-drivers-scanners pings the LAN with broadcast UDP packets port 3289 to look for EPSON scanners, then a TCP connection to port 1865 is initiated. Replies cannot get through because there is no rule in firewalld that can allow the incoming reply to discovery. I believe that writing a rule for such pattern is problematic, as it is not just as "opening" a port. Probably a conntrack helper is needed. The impact of this issue is that scanning with epson does not work out of the box, unlike other OSes.

Version-Release number of selected component (if applicable):
firewalld 0.3.14.2, sane-backends-drivers-scanners 1.0.25

How reproducible:
Always

Steps to Reproduce:
1. Open wireshark, attach an epson scanner, filter for LAN traffic && (icmp || udp.port == 3289 || tcp.port == 1865)
2. Execute scanimage -L

Actual results:
scanimage -L fails with timeout

Expected results:
scanimage -L prints scanner info.

Additional info:
disabling firewalld fixes the issue.

Comment 1 Fedora End Of Life 2016-07-19 18:32:00 UTC
Fedora 22 changed to end-of-life (EOL) status on 2016-07-19. Fedora 22 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.


Note You need to log in before you can comment on or make changes to this bug.