HPE Community
Operating System - Linux
1822728 Members
3764 Online
109644 Solutions
New Discussion юеВ

tcp/ip printing through Linux firewall (iptables)

 
Eddy Chan_1
Occasional Advisor

тАО06-09-2002 11:16 PM

тАО06-09-2002 11:16 PM

tcp/ip printing through Linux firewall (iptables)

I have a external hosts which located in Data Centre protected by Checkpoint firewall, I am examine this external host can print to my printer inside my company firewall (use iptables) , I open port 515 of Checkpoint can print to my HP jetdirect with real IP address ,but can't print when the printer is inside my firewall, I do with post-route and preroute rule and open port 515 as well, but still can't print, Do you know any echo port or others port need to be open when external host printing through firwall (iptables)??

Thanks in advance
Eddy Chan
0 Kudos
Reply
4 REPLIES 4
U.SivaKumar_2
Honored Contributor

тАО06-10-2002 01:34 AM

тАО06-10-2002 01:34 AM

Re: tcp/ip printing through Linux firewall (iptables)

Hi,
Try opening ICMP ports for printer. There may
be some status polling of the printer through
ICMP .

regards,
U.SivaKumar
Innovations are made when conventions are broken
0 Kudos
Reply
sven verhaegen
Respected Contributor

тАО06-11-2002 04:24 AM

тАО06-11-2002 04:24 AM

Re: tcp/ip printing through Linux firewall (iptables)

Hi

jetdirect card at hp use sockets in the 9000 range , depending on the type of jetdirect card :

port 515 in /etc/services as TPS/spooler for remote printers , but jetdirect printers are network printers not remote printer.

running jetadmin ---> port 9100 is used for printing. That is on the printer side, Printers use port 9100= and jetadmin uses SMNP to communicate with them. Looks like snmp is port 161 Check the status should be port 161. The Unix spooler listens on 515 to be a printserver and the printer listens on 9100,9101,9102 for print request.

For more information see the documentation that can be found on the HP websites and normally in the product guides on the Jetdirect product ,

pay attention to your attachment because sending out rules for you firewall on the open dicussion board leave opportunity for attack as everyone can scan them and find any possible loopholes !!!

you are putting your firewall at risk of attack
by providing your ruleset
...knowing one ignores a greath many things is the first step to wisdom...
0 Kudos
Reply
petr jaeger
Honored Contributor

тАО06-12-2002 04:49 AM

тАО06-12-2002 04:49 AM

Re: tcp/ip printing through Linux firewall (iptables)

the jetdirect accepts print jobs on LPR , FTP (a bit tricky, but you can print that way too), IPP and the 9100 (9101 and 02 on the external 3 parallel port cards) ports..


Petr
0 Kudos
Reply
Eddy Chan_1
Occasional Advisor

тАО06-13-2002 11:12 PM

тАО06-13-2002 11:12 PM

Re: tcp/ip printing through Linux firewall (iptables)

My firewall script havn't show any real ip of my company so not worry about security, I don't know which ICMP port need to be open, now I installed a CUPS on remote client of Linux, is it need open port 631 and need config CUPS deamon?? use ipp in CUPS?? Pls help

Eddy Chan
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.