Remove the ‘xxx’ bits and put in the real network address from your
network. Perhaps you meant to hide something, but there’s no point since
you’re on a private network anyway and most of us probably use the same IP
ranges, and none of us could reach eachother no matter which private
networking is used.
Also note that in that article you cited:
Note that FW_TRUSTED_NETS does not allow incomming UDP broadcast packages.
To accept also UDP broadcast packages specify the matching UDP port(s)
where UDP broadcast packages should be accepted via
FW_ALLOW_FW_BROADCAST_EXT in the firewall configuration.
Perhaps you need to add the FW_ALLOW_FW_BROADCAST_EXT parameter as mentioned.
If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below…
I can’t fix port of the caller (192.168.130.80).
It is always upper 50000
192.168.130.80.60045 > LINUX-TEST-123.hathor-nwk.sane-port:
On the server side :
Firewall is configured as :==================
FW_SERVICES_EXT_TCP=“14245” (for ssh )
** should I add 30000:30100** ?
What about : FW_SERVICES_ACCEPT_EXT=""
Network scan stuff is configured as
1°) Server settings :
Permitted client and port range is set (port 30000-30100; client ip adress 192.168.130.0/24)
2°) Client settings
On the client side (192.168.130.80) :
Options of yast2/scanner/scan_via_network
1°) Client settings
IMO the referenced SDB article might have been a bit mis-leading.
By including excerpts in the article from the firewall config file, it suggests those are the settings that should be manually configured.
But, if you <read> the article in its entirety, it does describe the steps that should be configured <using the YAST FW applet> and IMO should be followed accordingly. The fw configs should be referenced <only> if you want to verify but isn’t likely necessary.
The bottom line is that if you use the YAST FW applet, it’s easy to visualize what you’re doing in each of the fw zones. You might be able to do the same editing the config files manually, but could also make a serious error that would have been apparent using the applet.
OK but there is still one problem :
In the following :
192.168.130.104 is a laser printer which is offline
60:a4:4c:7d:b9:28 ( 192.168.130.80 ) is the client
00:24:1d:c1:99:ba ( 192.168.130.100 LINUX-TEST-123 ) is the server where the scanner is attached to.