[Lancaster] Firewall problem

Andrew Baxter highfellow at gmail.com
Sat Jul 23 15:40:38 UTC 2016


Hi ken.

It sounds like one way forward, as you suggested, would be to install
wireshark on your desktop machine, and use this to log traffic between your
desktop and the printer when you try to print. Do this with the firewall
disabled so the print goes through okay. Filter the logged session for
traffic between your desktop and the printer using their IP addresses. This
should tell you which ports are actually used for the print job. Then
enable those ports with the firewall on and see if you can print then. This
would get you a result quicker than trial and error with port ranges.

Andy

On Jul 23, 2016 8:52 AM, "Ken Hough via Lancaster" <
lancaster at mailman.lug.org.uk> wrote:

> Wayne,
>
> Thanks for response.
>
> Have just installed/tried angry ip scanner. It seems to work, but I haven't
> managed to get it to show me open ports on remote host.
>
> Had better results with nmap. This reported that 80/tcp, 515/tcp, and
> 631/tcp
> were open. My firewall already allows these ports and correctly allows
> other
> services such as FTP, HTTP, HTTPS, POP3, SSH, etc.
>
> I've also opened other ports that are mentioned on the Canon page:
> <https://support.usa.canon.com/kb/index?page=content&id=ART109227>
>
> but still without success.
>
> I guess the best way to follow this up will be to open various ranges of
> ports
> and progressively narrow down to discover the problem, but gufw doesn't
> allow
> this. Could do this via ufw, but for now, I'm going to go back to using a
> USB
> connection into the printer/scanner. That works and doesn't incur the 5 to
> 10
> second delay that happens via network/wifi.
>
> Life can be a b***h!   ;)
>
> Thanks again.
>
> Regards
>
> Ken
>
> On Saturday 23 Jul 2016 00:04:16 Wayne Ward via Lancaster wrote:
> > Try angry ip scanner
> > Put your network range
> > This will scan the whole network and show the hosts
> > When you see your printer in the list
> > Select it this will query the host and indicate which ports are open
> > There the ones id open on firewall so it can talk to the printer through
> > them ports
> > Or nmap will do this :)
> >
> > Cam server either zoneminder goes on the raspian or snappy and install
> cam
> > server snap ;)
> > Zoneminder has so good walk throughs fir debian and this will take usb
> and
> > ip cameras ;)
> >
> > Wayne
> >
> > Wayne
> > n Friday, 22 July 2016 21:53:14 BST, Ken Hough via Lancaster
> >
> > <lancaster at mailman.lug.org.uk> wrote:
> > > Wayne, Mark, Andy,
> > >
> > > Hi all! Good to learn that you are all alive and active.
> > >
> > > I've been trying to make progress with my original query wrt
> > > firewall settings
> > > for my wi-fi enabled Printer/scanner, but still with no
> > > success. I discovered a
> > > web page by Canon which gave port settings for their printers, but
> still
> > > no
> > > success. Puzzling!
> > >
> > > If I drop the firewall, it works OK.
> > >
> > > Maybe I should learn a bit more about networking diagnostics. Perhaps
> > > wireshark could help me.
> > >
> > > Re Linux chat, etc, that could be good although I'm a bit long in the
> > > tooth
> > > compared with you guys. My hearing isn't what it used to be so
> > > that I find it
> > > hard to pick out voices in the general background noise of a pub.
> > >
> > > My computer activities mostly involve boring stuff like email,
> > > buying selling
> > > via Internet, photo image processing. I used to use Gimp (with
> > > UFRaw plug-in)
> > > for all of my DSLR image processing, but am finding darktable
> > > (v2.0.4 which I
> > > had to compile from source code) to be much better  --  well
> > > worth the effort.
> > >
> > > I get to try new distros including Win 10 and Ubuntu 16.04 via
> > > VirtualBox. Was
> > > distinctly unimpressed with the former and not keen on the latter. I
> guess
> > > that I've got used to Debian stable releases plus my own tweeks.
> > >
> > > Have been helping a friend to update his Linux PC from Linux
> > > Mint v14 to v17
> > > and was very impressed with this distro. It has to be the best distro
> that
> > > I've seen for encouraging Windoze users to jump ship. Very neat!
> > >
> > > My two main desktop PCs use 120GB SSDs for the OS and 1TB
> > > spinners for /home
> > > and data. I've also fitted an SSD into my trusty little ASUS netbook.
> The
> > > increase in bootup and app loading speeds via SSD is stunning. Highly
> > > recomended!
> > >
> > > I have three Raspberry Pis, including a Pi 3 which has enough clout to
> be
> > > quite useful  --  it's even capable of playing DVDs via a USB
> > > CD/DVD player
> > > without any significant jitter (needs libdvdcss2 to be compiled from
> > > source
> > > code).
> > >
> > > Am presently experimenting with a Pi B+ running a Pi camera streaming
> > > video
> > > via a static IP address on wi-fi.
> > >
> > > Being familiar with Debian means that Raspian isn't difficult
> > > to manage although
> > > there are enough differences to be a niusance  --  until I figure them
> > > out.
> > >
> > > Regards
> > >
> > > Ken
> > >
> > > On Thursday 21 Jul 2016 08:54:22 Wayne Ward via Lancaster wrote:
> > >> Hi ken hope all is well yes i keep my eye on here and its quite
> > >> been meaning to getting round to creating my new lug in morecambe for
> a
> > >> while but ive never managed to get it geared in !
> > >> im always up for a meet and linux chat!
> > >>
> > >> do you know what ports are required to be open
> > >> i see 8612 needs to be open am i correct
> > >> also is this UDP or TCP or both
> > >>
> > >> what command are you using to open that port?
> > >>
> > >> in the Gufw gui are you stating that this port is open tcp/udp and
> > >> allowed?
> > >> and have you looked at the logs
> > >>
> > >>
> > >> Regards
> > >> Wayne Ward :)
> > >>
> > >> PS how are the others guys out there are you all still with us!?
> > >>
> > >> On Wed, 2016-07-20 at 16:32 +0100, Ken Hough via Lancaster wrote:
> > >> > Hi guys, long time no meet/talk.
> > >> >
> > >> > I need some help wrt firewall settings.
> > >> >
> > >> > My main PC (Core 2 Quad Q9550 with 8GB RAM) runs Debian Jessie, I
> use
> > >> > Firefox,
> > >> > KMail, etc with iptables configued via gufw. No problems.
> > >> >
> > >> > I recently set up my Canon Pixma MG5650 printer/scanner to operate
> > >> > via wifi
> > >> > which it does correctly provided that the firewall is disabled. I've
> > >> > tried
> > >> > various firewall settings that I've seen recommended via the
> > >> > Internet, but
> > >> > without success.
> > >> >
> > >> > Can any of you gurus help me?
> > >> >
> > >> > Ken Hough
> > >> > Kendal
> > >> >
> > >> >
> > >> > _______________________________________________
> > >> > Lancaster mailing list
> > >> > Lancaster at mailman.lug.org.uk
> > >> > https://mailman.lug.org.uk/mailman/listinfo/lancaster
> > >>
> > >> _______________________________________________
> > >> Lancaster mailing list
> > >> Lancaster at mailman.lug.org.uk
> > >> https://mailman.lug.org.uk/mailman/listinfo/lancaster
>
>
>
> _______________________________________________
> Lancaster mailing list
> Lancaster at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/lancaster
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/lancaster/attachments/20160723/d5d16a26/attachment.html>


More information about the Lancaster mailing list