I’ve been forced to turn off the firewall (which I’m not all that sure is necessary on a home network anyways) to use Vuescan. (The firewall blocks Vuescan’s discovery of scanners.) There’s a long post on it here:
But the information seems out of date—directing users toward firewall features which no longer exist? Has anyone set up firewall rules such that Vuescan can discover ones scanner?
Yeah, I saw that. The advice comes down to this: “You might also check that your firewall or router between your computer and scanner isn’t blocking mDNS responses from the scanner from being returned to VueScan (UDP port 5353). The computer and scanner also need to be on the same subnet.”
All of which I’ve done, but the YAST Firewalld GUI is incredibly opaque and poorly designed. I’ve set the “home zone” to default via the command line. MDNS is enabled. I’ve entered 5353 under UDP Port but have no idea whether that “allows” UDP port 5353. At any rate, none of that has made Vuescan functional.
**Edit: **Also, this isn’t a hardware problem, but a problem with Firewalld configuration.
home (active)
target: default
icmp-block-inversion: no
interfaces: wlp58s0
sources: 192.168.1.22
services: dhcpv6-client mdns samba-client ssh
ports: 5353/udp
protocols:
forward: yes
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
The IP address is the scanner.
**
EDIT:** Just installed firewall-config. Far, far, far superior to what YAST offers. I mean, I like YAST, am using it, but the YAST firewall configuration tool is really too limited to be useful.
…and does vuescan find the scanner with this configuration?
EDIT: Just installed firewall-config. Far, far, far superior to what YAST offers. I mean, I like YAST, am using it, but the YAST firewall configuration tool is really too limited to be useful.
Yes, the native firewalld GUI offers superior configuration capabilities. YaST is ok for minimal (basic) configuration, but since openSUSE moved to using firewalld, I don’t use the YaST firewall utility at all.
I’m not sure how Vuescan discovers scanners, but hp-setup has its own implementation of the Multicast DNS protocol (mDNS aka Zeroconf/Bonjour, port 5353), as well as being able to use Avahi. The former involves the use of non-standard (ephemeral ports) and so incoming traffic is blocked by firewalld (by default).
Thanks for the link. I had already tried that. Followed the guide to a ‘T’, but it doesn’t work. The firewall is still blocking Vuescan. Soon as I turn off the firewall, Vuescan works like a charm. Makes me wonder if I should switch to UFW—Ubuntu’s Firewall?
SOLVED! By a great, magnificent and wise contributor in Reddit. Turns out, UDP port 5353 had to be added to “Source Ports”, an option that isn’t available in YAST. Was able to add the port via the firewall-config tool. Edit: How do I mark this as solved?
Glad to read of your success with this. FWIW, I had to do something similar to allow traffic using source port 3702 (UDP) for WS-Discovery to work with Dolphin. We don’t mark as solved, but you can always reflect that in the title when replying.
Apologies for reviving this old topic but I am having exactly the same problem with VueScan on Leap 15.4. I tried Yast and downloaded firewall-config but it is all new to me and don’t want to compromise the security of the whole system. Could you please give some pointers on how/where to add UDP port 5353 ?. Thank you
