network printer and firewall

user · October 28, 2012, 8:10pm

Hello,

I have an HP network printer (photosmart) and openSUSE 12.2.

looks like I can’t print if I have the (suse) firewall started…

I have the hplip blue HP icon in the task bar (but no result if I try to open it from there), it gives me reports of the printer activity… but the printer do not print.

Notice that the printer is on my home network and my 12.2 is one of the network member (client side, no server).

The print was an image from genview. The message from hplip are:

“the printer is starting printing”
" the printer finished printing" (no print at all on the printer)

cups say:

for job:
pending since
Sun 28 Oct 2012 07:58:34 PM CET
"/usr/lib/cups/backend/hp failed

for printer:
Paused - “/usr/lib/cups/backend/hp failed”

then SuSEfirewall2 stop

in cups, resume printer and the photo prints ok.

however I have lot of


[37397.135624] SFW2-INext-DROP-DEFLT IN=eth0 OUT= MAC=00:12:79:ab:74:f4:f4:ca:e5:5b:9c:82:08:00 SRC=75.156.175.127 DST=192.168.0.150 LEN=58 TOS=0x00 PREC=0x00 TTL=108 ID=17212 PROTO=UDP SPT=32519 DPT=23481 LEN=38 
[37412.578991] SFW2-INext-DROP-DEFLT IN=eth0 OUT= MAC=00:12:79:ab:74:f4:f4:ca:e5:5b:9c:82:08:00 SRC=86.100.73.148 DST=192.168.0.150 LEN=134 TOS=0x00 PREC=0x00 TTL=109 ID=13544 PROTO=UDP SPT=12023 DPT=23481 LEN=114 
linux-w7ld:/home/jdd #

in dmesg, so I would like better have the firewall up

what do I need? thanks
jdd

brunomcl · October 28, 2012, 8:21pm

In a 11.4 CPU, to print from external network, I have to open cups tcp port 631 in firewall.

Yast>Firewall>Services allowed>Advanced> type 631 in TPC port field for external zone - that’s how my network is set, as the same network card accesses both the internal (my home network) and external (internet) network.

robin_listas · October 28, 2012, 9:10pm

On 2012-10-28 20:16, jdd wrote:
> looks like I can’t print if I have the (suse) firewall started…

With the firewall up you should get messages of the blocking when you print. If not, check the log
statements in the firewall config. But it probably is what brunomcl says.

–
Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” (Minas Tirith))

user · October 28, 2012, 9:38pm

this page SDB:CUPS and SANE Firewall settings - openSUSE clearly say not to open this port. As I understand it’s only necessary if you own a print server

my computer is not a gateway, so I have only one (external) interface

opening 631 port is necessary to detect the printer but AFAIK should not be necessary to print to the printer??

I never openned this port in the past

jdd

deano_ferrari · October 28, 2012, 10:38pm

Maybe this is relevant:

Troubleshooting my network attached printer | HPLIP Knowledge Base

Make sure that port 161 (udp and tcp), port 162 (udp and tcp) and port 9100 (udp and tcp) are open through your firewall. If these are not open then HPLIP will not function.

user · October 29, 2012, 9:15am

well…

May be some YaST problem, because I could delete the printer in cups (web based, localhost:631), reinstall it, still in cups, same driver as before, and now it works perfectly, without opening anything in the firewall (no port open at all)

thanks
jdd