No firewall, but port 631 still blocked??? - Redhat

This is a discussion on No firewall, but port 631 still blocked??? - Redhat ; I've got an FC3 box with CUPS running happily, and I've just tried to print to it from another machine. However, port 631 is completely invisible via the LAN. This doesn't seem to be a CUPS issue, but I haven't ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: No firewall, but port 631 still blocked???

  1. No firewall, but port 631 still blocked???

    I've got an FC3 box with CUPS running happily, and I've just tried to
    print to it from another machine. However, port 631 is completely
    invisible via the LAN.

    This doesn't seem to be a CUPS issue, but I haven't (knowingly!) got any
    firewall rules that would block it. "iptables -L -t " shows
    "policy ACCEPT" for absolutely everything.

    Moreover, if I do an nmap scan, I get different results depending on
    whether I do "nmap localhost" or "nmap ". The former shows
    all the ports, the latter excludes 631 and 953 (rndc). Scanning from
    another machine gives the same results as a local scan via the IP address.

    My workaround for the moment is simply to tell CUPS to use a different
    port - several others I tried at random all worked perfectly - but I'd
    really like to know what is stopping it working as it should.

    Is there some secret level 2 firewall? Is iptables lying to me?

    All suggestions gratefully received.

    TIA,

    Steve Rencontre

  2. Re: No firewall, but port 631 still blocked???

    Steve Rencontre posted:

    > I've got an FC3 box with CUPS running happily, and I've just tried to
    > print to it from another machine. However, port 631 is completely
    > invisible via the LAN.


    Probably the service isn't listening to port 631 on the other interfaces,
    just the local one (itself). Which to be honest, is far better than
    relying on the firewall (if the firewall fails, you still want CUPs to
    ignore outsiders), the firewall just being a second level of defense.

    Show us the output from: netstat -ntua

    That'll show us all the UDP (u) and TCP (t) ports that are currently active
    (a) (in use and listening for connections), but not (n) resolve the IP
    addresses to named addresses.

    --
    If you insist on e-mailing me, use the reply-to address (it's real but
    temporary). But please reply to the group, like you're supposed to.

    This message was sent without a virus, please delete some files yourself.

  3. Re: No firewall, but port 631 still blocked???

    Tim wrote:
    > Steve Rencontre posted:
    >
    >
    >>I've got an FC3 box with CUPS running happily, and I've just tried to
    >>print to it from another machine. However, port 631 is completely
    >>invisible via the LAN.

    >
    >
    > Probably the service isn't listening to port 631 on the other interfaces,
    > just the local one (itself).


    Brilliant! That's exactly it. It was, of course, staring me in the face
    all the time :-(

    Many thanks, I am now a happy bunny :-)

    --
    Steve Rencontre
    (When I think of something witty, I'll put it here)

  4. Re: No firewall, but port 631 still blocked???

    Tim wrote:

    >> Probably the service isn't listening to port 631 on the other interfaces,
    >> just the local one (itself).


    Steve Rencontre posted:

    > Brilliant! That's exactly it. It was, of course, staring me in the face
    > all the time :-(
    >
    > Many thanks, I am now a happy bunny :-)


    Just be sure that you don't expose it to your WWW interface. You could
    find all your next door neighbours homework being printed on your printer.
    ;-)

    --
    If you insist on e-mailing me, use the reply-to address (it's real but
    temporary). But please reply to the group, like you're supposed to.

    This message was sent without a virus, please delete some files yourself.