Details on opening udp port in firewall


I need to open udp ports in my openSUSE 12.1 filrewall. Could someone give me the DETAILS on how to do that please?

I read many posts that say “go to Yast” or “just open port xxxxx” but they don’t say how to do it specifically. I’ve explored the Yast firewall options and I’ve tried to do it, but nothing seems to work. The first options are Start-Up, Interfaces…, Custom Rules" I’ve tried custom rules (with external, internal, and demilitarized options), but I still don’t know what to choose from there. I know my source network ip and the UDP to choose, but do I choose destination or source or both or something else? I’ve tried several ways and they don’t work.

I’m trying to open a port for my printer (hooked up directly to my router via ethernet) and my hdhomerun (also directly to router) so that I and other people in the house can use them without me disabling the firewall.

Finally, I would eventually like to know how to do it from command line, so if someone knows how to do both, please tell me that too. But first, I’ll try Yast.

Thank you for taking the time to help me.


All you have to do, is go to YaST / Security / Firewall / Allowed Services / Advanced, where you can enter a UDP port number. Let us know if that was what you were looking for.

Thank You,


Do I need to “Add” a service? If so, what kind? (DHCP, Samba Client, Sambe Server, Netbios Server?) Should anything be in the “Allowed Service” list? Do I just add UDP ports (separated by spaces? can I enter a ranger with “-”?) or do I need to enter the IP they’re coming from (? going to) as well?

Also, how do I choose the correct port to list for my printer? (I know its IP address, but not its port.)

Thank you.

Can you ping your printer okay? What does your printer URI look like?

lpstat -t

I use a network printer at work. No port adjustments required. Your router might be a different story.

Yes, I can ping it fine.

lpstat -t returns:

scheduler is running
no system default destination
device for Brother_HL-2700CN_series: usb://Brother/HL-2700CN%20series
device for brotherhl2070nseries: usb://Brother/HL-2070N%20series
device for HL2070N: lpd://
Brother_HL-2700CN_series accepting requests since Fri 21 Sep 2012 09:34:59 AM PDT
brotherhl2070nseries accepting requests since Mon 24 Sep 2012 03:38:47 PM PDT
HL2070N accepting requests since Fri 21 Sep 2012 11:29:32 AM PDT
printer Brother_HL-2700CN_series is idle.  enabled since Fri 21 Sep 2012 09:34:59 AM PDT
printer brotherhl2070nseries is idle.  enabled since Mon 24 Sep 2012 03:38:47 PM PDT
        Printer is now connected.
printer HL2070N is idle.  enabled since Fri 21 Sep 2012 11:29:32 AM PDT

I think I got it to work yesterday, but I still don’t really understand how to use the firewall interface or how to do things in the future. (I’ve looked through much of the documentation and don’t find anything at the right level of detail–it’s all too general or involves more complicated aspects of networking.)

What I did was go to “Allowed Services” and added Netbios Server, Samba Client, and Samba Server. Then I also clicked on Advanced (bottom right corner) and put down 3 udp ports (with spaces between) and 2 IP Protocols (also with spaces). I don’t know which ports I really need, nor which IP Protocols, but somehow it works. Doubtless I made unnecessary additions. I wish I could learn how to use it better, but I suppose I at least “figured out” how to solve my particular problem. This doesn’t seem to really constitute “understanding” how to open a port in my firewall though because I don’t really understand what I did. I just stabbed in the dark until something worked.

Services are pre-configured port configurations. if a Service does what you want, select that option.

For many connections though, a common “Service” may not be available. For those, you need to open custom ports individually or create a custom Service with the ports and protocols you specify.

Assuming you’re configuring your openSUSE as a client to your Printer (or Printer Server), “Source” is the port to be opened on your machine, not usually necessary. “Destination” is the port on the remote device (Printer or Print Server) you’re connecting to… Again, not usually necessary unless your FW is locked down very tightly.

If you’re having problems connecting to a remote printer, regardless whether the printer is an HP or not I highly recommend installing the HP Device utilities (hplip) which can help with auto-discovery and troubleshooting.

As for your “hdhomerun” you’ll have to describe exactly what that is… whether it’s a Network Share, if it’s a Network Share what type of Sharing it’s using (most likely Samba/Windows Shares, but can be something else, too). If you don’t know what type of Network Share it is but some machine somewhere is connecting, then describe that (eg Windows XP finding it in Network Places).


My network printer at work is a HL-2150N configured as

device for HL-2150N: socket://

As you can see, I’m using the The AppSocket (TCP/IP) protocol. The LPD protocol is an older protocol, and not recommended if the printer can support the newer TCP/IP protocols. LPD uses port 515 for printing.

Using Network Printers - Documentation - CUPS

My printer works with the firewall up now. But my hdhomerun still doesn’t. I’m guessing the printer works because I put the samba service and client services added to the firewall.

Hdhomerun: HDHR3-US | Welcome to SiliconDust
(Also, it doesn’t seem to address this issue, but here are the linux (ubuntu) setup instructions for hdhomerun:

The hdhomerun doesn’t work even if I add all the possible options under allowed services. It is at ip Depending on where I read about it, it either uses port 65000 or 5000. I’ve tried adding custom rules for both with udp 5000 as source, and also udp 5000 as destination. I’ve also tried both with udp port 65000 (all at Also, when I run it, it says it is sending the video stream to VLC at, so I’ve tried opening that also (also with source, also with detination 5000). None of these works. Any thoughts?

Any info I can gather to help someone give me advice? (And please explain how to gather that data.)