SULDR Forums Supported Printers Printing Questions Scanning Questions General Questions Samsung Installer

Author Topic: How do I configure my UFW firewall for the SCX-3400W?  (Read 1171 times)

detly

  • Testing the water
  • *
  • Posts: 1
    • View Profile
  • Linux Distribution: Ubuntu 12.10
  • Printer: Samsung SCX-3405W
How do I configure my UFW firewall for the SCX-3400W?
« on: April 07, 2013, 06:51:05 AM »
I have a Samsung SCX-3400W that is connected to my wireless router and available over the network. It works too if I run the configurator tool on my Ubuntu 12.10 machine, it's detected and I can scan things in from it.

But I can only do this with the firewall off (UFW, managed with GUFW). If I turn it on, it's not detected.

Here's the output of netdiscovery with the firewall off:

# /opt/Samsung/mfp/bin/netdiscovery -s --snmp
# Mode snmp
# Network printers discovery utility
# Legend: ip: address slp: detected,ipp,lpr,raw_tcp snmp: detected,devtype,description
ip: 192.168.1.106   slp: 0,0,0,0 snmp: 1,1,0 vendor: Samsung dsc: "SCX-3400 Series"
# Total 1 printers found, 2s elapsed

And with it on:

# /opt/Samsung/mfp/bin/netdiscovery -s --snmp
# Mode snmp
# Network printers discovery utility
# Legend: ip: address slp: detected,ipp,lpr,raw_tcp snmp: detected,devtype,description
# Total 0 printers found, 4s elapsed

(It's not just netdiscovery, the configurator won't find it if the firewall is on either.)

I've tried opening these ports for both TCP and UDP: 161, 162, 10161, 10162, 5353, 9100. No difference. So do I have to disable the firewall every time, or is there some combination of ports I can open for scanning on the SCX-3400W?

bchemnet

  • Administrator
  • *****
  • Posts: 351
    • View Profile
  • Linux Distribution: Debian Testing
  • Printer: CLP-550N
Re: How do I configure my UFW firewall for the SCX-3400W?
« Reply #1 on: April 07, 2013, 07:44:23 AM »
You need to allow all incoming UDP packets on all ports (or at least > 1024) from the printer.  The netdiscovery tool uses UDP on a variable port.  The iptables rule is something like this:
iptables -A INPUT -p udp -s PRINTER -j ACCEPT

Where PRINTER is the network name or IP address of the printer.  (If the printer is on a static IP, that is more reliable because network names do not always resolve when the firewall first loads upon boot.  If it isn't static and the name isn't resolving correctly,  you can use a range of IP addresses, such as 192.168.1.0/24, to ensure that whatever dynamic IP address it has is in the allowed range.)

I have never used UFW or GUFW, and from the available documentation it is not obvious to me how one could set up this rule using that interface.  Because GUFW is 2 steps removed from the actual firewall (iptables -> ufw -> gufw), you may give up a lot of flexibility using it.

 

Repository Information Legal Contact Alternative Drivers