Hi all,
I’m so close but seemingly stuck.
Linux box can see and access all shares on Windows box.
Windows box can see and access all shares on Linux box.
Have defined an lpd printer in cups pointing to the Windows printer.
The printer is marked “shared” in Windows.
When printing from Linux box, the test page DOES print at the Windows printer ONLY IF I drop the firewall on the Windows side. Firewall on the Linux side can be up or down. Printing Linux=>Windows works only if the Windows Firewall is down.
I’ve reviewed swerna’s tutorials which definitely helped me get to the point I’m at. And also checked out lots of other stuff online, but somehow I’m not finding the final answer regarding this Windows firewall issue.
In the Windows Firewall settings I have File and Printer Sharing enabled, which shows ports TCP 139, 445 open Scope Subnet and UDP 137, 138 open Scope Subnet, but that hasn’t helped me being able to print with the firewall in place.
So I manually Added Ports… I named them CUPS printing, one for 631 TCP and one for 631 UDP with the Scope of Any Computer (including those on the Internet) in the process of trying to get it working, but still only can print when the Firewall is down.
I have added some data below in case it helps.
NOTE that in the cups config I manually changed one thing. In the section below:
Restrict access to the server…
I added the line
Allow 192.168.5.*
thinking this would perhaps fix the problem but it didn’t.
Thanks in advance!
****** Windows ipconfig ********
Windows IP Configuration
Host Name . . . . . . . . . . . . : Olive_Oil
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VIA PCI 10/100Mb Fast Ethernet Adapt
er
Physical Address. . . . . . . . . : 00-50-2C-A6-2B-9D
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.5.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.5.100
DNS Servers . . . . . . . . . . . : 68.87.72.134
68.87.77.134
******* cups config file ********
Administrator user group…
SystemGroup sys root
Only listen for connections from the local machine.
Listen *:631
Listen localhost:631
Listen /var/run/cups/cups.sock
Show shared printers on the local network.
Browsing On
BrowseOrder allow,deny
BrowseAllow all
BrowseAddress @LOCAL
Default authentication type, when authentication is required…
DefaultAuthType Basic
Restrict access to the server…
<Location />
Allow @LOCAL
Order allow,deny
Allow 127.0.0.2
Allow 192.168.5.*
</Location>
Restrict access to the admin pages…
<Location /admin>
Encryption Required
Order allow,deny
</Location>
Restrict access to configuration files…
<Location /admin/conf>
AuthType Default
Require user @SYSTEM
Order allow,deny
</Location>
Set the default printer/job policies…
<Policy default>
Job-related operations must be done by the owner or an administrator…
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
All administration operations require an administrator to authenticate…
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
All printer operations require a printer operator to authenticate…
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
Only the owner or an administrator can cancel or authenticate a job…
<Limit Cancel-Job CUPS-Authenticate-Job>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
DefaultPolicy default
easy is a very relaxed policy
<Policy easy>
Job-related operations must be done by the owner or an administrator…
<Limit All>
Satisfy any
Order allow,deny
</Limit>
</Policy>
paranoid is a very restricted policy
<Policy paranoid>
Job-related operations must be done by the owner
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job>
Require user @OWNER
Allow from 127.0.0.0/8
Order deny,allow
</Limit>
All administration operations require an administrator to authenticate…
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
AuthType Default
Require user @SYSTEM
Allow from 127.0.0.0/8
Order deny,allow
</Limit>
All printer operations require a printer operator to authenticate…
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Allow from 127.0.0.0/8
Order deny,allow
</Limit>
Only the owner or an administrator can cancel or authenticate a job…
<Limit Cancel-Job CUPS-Authenticate-Job>
Require user @OWNER
Allow from 127.0.0.0/8
Order deny,allow
</Limit>
<Limit All>
Require user @OWNER @SYSTEM
Allow from 127.0.0.0/8
Order deny,allow
</Limit>
</Policy>