[Lancaster] Firewall problem

Ken Hough kenhough at kencomp.net
Sun Jul 24 06:45:27 UTC 2016 

Andy,

Thanks for suggestions. I was thinking along those lines, but having spent 
some time on this problem, for now I want to get on with other stuff.

Regards

Ken

On Saturday 23 Jul 2016 16:40:13 you wrote:
> Hi ken.
> 
> It sounds like one way forward, as you suggested, would be to install
> wireshark on your desktop machine, and use this to log traffic between your
> desktop and the printer when you try to print. Do this with the firewall
> disabled so the print goes through okay. Filter the logged session for
> traffic between your desktop and the printer using their IP addresses. This
> should tell you which ports are actually used for the print job. Then
> enable those ports with the firewall on and see if you can print then. This
> would get you a result quicker than trial and error with port ranges.
> 
> Andy
> 
> On Jul 23, 2016 8:52 AM, "Ken Hough via Lancaster" <
> 
> lancaster at mailman.lug.org.uk> wrote:
> > Wayne,
> > 
> > Thanks for response.
> > 
> > Have just installed/tried angry ip scanner. It seems to work, but I
> > haven't
> > managed to get it to show me open ports on remote host.
> > 
> > Had better results with nmap. This reported that 80/tcp, 515/tcp, and
> > 631/tcp
> > were open. My firewall already allows these ports and correctly allows
> > other
> > services such as FTP, HTTP, HTTPS, POP3, SSH, etc.
> > 
> > I've also opened other ports that are mentioned on the Canon page:
> > <https://support.usa.canon.com/kb/index?page=content&id=ART109227>
> > 
> > but still without success.
> > 
> > I guess the best way to follow this up will be to open various ranges of
> > ports
> > and progressively narrow down to discover the problem, but gufw doesn't
> > allow
> > this. Could do this via ufw, but for now, I'm going to go back to using a
> > USB
> > connection into the printer/scanner. That works and doesn't incur the 5 to
> > 10
> > second delay that happens via network/wifi.
> > 
> > Life can be a b***h!   ;)
> > 
> > Thanks again.
> > 
> > Regards
> > 
> > Ken
> > 
> > On Saturday 23 Jul 2016 00:04:16 Wayne Ward via Lancaster wrote:
> > > Try angry ip scanner
> > > Put your network range
> > > This will scan the whole network and show the hosts
> > > When you see your printer in the list
> > > Select it this will query the host and indicate which ports are open
> > > There the ones id open on firewall so it can talk to the printer through
> > > them ports
> > > Or nmap will do this :)
> > > 
> > > Cam server either zoneminder goes on the raspian or snappy and install
> > 
> > cam
> > 
> > > server snap ;)
> > > Zoneminder has so good walk throughs fir debian and this will take usb
> > 
> > and
> > 
> > > ip cameras ;)
> > > 
> > > Wayne
> > > 
> > > Wayne
> > > n Friday, 22 July 2016 21:53:14 BST, Ken Hough via Lancaster
> > > 
> > > <lancaster at mailman.lug.org.uk> wrote:
> > > > Wayne, Mark, Andy,
> > > > 
> > > > Hi all! Good to learn that you are all alive and active.
> > > > 
> > > > I've been trying to make progress with my original query wrt
> > > > firewall settings
> > > > for my wi-fi enabled Printer/scanner, but still with no
> > > > success. I discovered a
> > > > web page by Canon which gave port settings for their printers, but
> > 
> > still
> > 
> > > > no
> > > > success. Puzzling!
> > > > 
> > > > If I drop the firewall, it works OK.
> > > > 
> > > > Maybe I should learn a bit more about networking diagnostics. Perhaps
> > > > wireshark could help me.
> > > > 
> > > > Re Linux chat, etc, that could be good although I'm a bit long in the
> > > > tooth
> > > > compared with you guys. My hearing isn't what it used to be so
> > > > that I find it
> > > > hard to pick out voices in the general background noise of a pub.
> > > > 
> > > > My computer activities mostly involve boring stuff like email,
> > > > buying selling
> > > > via Internet, photo image processing. I used to use Gimp (with
> > > > UFRaw plug-in)
> > > > for all of my DSLR image processing, but am finding darktable
> > > > (v2.0.4 which I
> > > > had to compile from source code) to be much better  --  well
> > > > worth the effort.
> > > > 
> > > > I get to try new distros including Win 10 and Ubuntu 16.04 via
> > > > VirtualBox. Was
> > > > distinctly unimpressed with the former and not keen on the latter. I
> > 
> > guess
> > 
> > > > that I've got used to Debian stable releases plus my own tweeks.
> > > > 
> > > > Have been helping a friend to update his Linux PC from Linux
> > > > Mint v14 to v17
> > > > and was very impressed with this distro. It has to be the best distro
> > 
> > that
> > 
> > > > I've seen for encouraging Windoze users to jump ship. Very neat!
> > > > 
> > > > My two main desktop PCs use 120GB SSDs for the OS and 1TB
> > > > spinners for /home
> > > > and data. I've also fitted an SSD into my trusty little ASUS netbook.
> > 
> > The
> > 
> > > > increase in bootup and app loading speeds via SSD is stunning. Highly
> > > > recomended!
> > > > 
> > > > I have three Raspberry Pis, including a Pi 3 which has enough clout to
> > 
> > be
> > 
> > > > quite useful  --  it's even capable of playing DVDs via a USB
> > > > CD/DVD player
> > > > without any significant jitter (needs libdvdcss2 to be compiled from
> > > > source
> > > > code).
> > > > 
> > > > Am presently experimenting with a Pi B+ running a Pi camera streaming
> > > > video
> > > > via a static IP address on wi-fi.
> > > > 
> > > > Being familiar with Debian means that Raspian isn't difficult
> > > > to manage although
> > > > there are enough differences to be a niusance  --  until I figure them
> > > > out.
> > > > 
> > > > Regards
> > > > 
> > > > Ken
> > > > 
> > > > On Thursday 21 Jul 2016 08:54:22 Wayne Ward via Lancaster wrote:
> > > >> Hi ken hope all is well yes i keep my eye on here and its quite
> > > >> been meaning to getting round to creating my new lug in morecambe for
> > 
> > a
> > 
> > > >> while but ive never managed to get it geared in !
> > > >> im always up for a meet and linux chat!
> > > >> 
> > > >> do you know what ports are required to be open
> > > >> i see 8612 needs to be open am i correct
> > > >> also is this UDP or TCP or both
> > > >> 
> > > >> what command are you using to open that port?
> > > >> 
> > > >> in the Gufw gui are you stating that this port is open tcp/udp and
> > > >> allowed?
> > > >> and have you looked at the logs
> > > >> 
> > > >> 
> > > >> Regards
> > > >> Wayne Ward :)
> > > >> 
> > > >> PS how are the others guys out there are you all still with us!?
> > > >> 
> > > >> On Wed, 2016-07-20 at 16:32 +0100, Ken Hough via Lancaster wrote:
> > > >> > Hi guys, long time no meet/talk.
> > > >> > 
> > > >> > I need some help wrt firewall settings.
> > > >> > 
> > > >> > My main PC (Core 2 Quad Q9550 with 8GB RAM) runs Debian Jessie, I
> > 
> > use
> > 
> > > >> > Firefox,
> > > >> > KMail, etc with iptables configued via gufw. No problems.
> > > >> > 
> > > >> > I recently set up my Canon Pixma MG5650 printer/scanner to operate
> > > >> > via wifi
> > > >> > which it does correctly provided that the firewall is disabled.
> > > >> > I've
> > > >> > tried
> > > >> > various firewall settings that I've seen recommended via the
> > > >> > Internet, but
> > > >> > without success.
> > > >> > 
> > > >> > Can any of you gurus help me?
> > > >> > 
> > > >> > Ken Hough
> > > >> > Kendal
> > > >> > 
> > > >> > 
> > > >> > _______________________________________________
> > > >> > Lancaster mailing list
> > > >> > Lancaster at mailman.lug.org.uk
> > > >> > https://mailman.lug.org.uk/mailman/listinfo/lancaster
> > > >> 
> > > >> _______________________________________________
> > > >> Lancaster mailing list
> > > >> Lancaster at mailman.lug.org.uk
> > > >> https://mailman.lug.org.uk/mailman/listinfo/lancaster
> > 
> > _______________________________________________
> > Lancaster mailing list
> > Lancaster at mailman.lug.org.uk
> > https://mailman.lug.org.uk/mailman/listinfo/lancaster

More information about the Lancaster mailing list