Hello all,
I used MDK 7.2, and since I had a little "problem" with it, I thought it
might be usefull to change the behaviour of CUPS for MDK 8.0
In fact, by default, cupds.conf braodcast on port 631 UDP to find other
machines using the same protocol to shared printers.
Unfortunately, we have a firewall (and I think that many company have this
nowadays) on the same LAN (which is quite normal...) ; the problem is that
this firewall runs some program to prevent/detect intrusion or DOS attack.
So, after a few minutes, since the firewall machine received many
unsollicited UDP packets on port 631, he decided my machine was trying to
attack it and add a "route reject" to block outgoing packet.
I was then unable to reach the firewall (or in fact, he was unable to
reach me), and I couldn't acces internet anymore.
Hopefully, I'm rather familiar with admin. and this kind of things, so I
was able to track the faulty application (cups) and change its config file
to top this behaviour.
in cupsd.conf, I simply replaced
#Browsing On
by
Browsing Off
Could it be possible to include this in the MDK 8 Cups config file by
default ?
On a more general thought, many firewall don't really like broadcast on
their ports, and I think having some packages which by default use
broadcasting on 255.255.255.255 without warning the user is not a good
thing. I don't think a beginner user would have been able to solve this
problem easily.
Moreover, the most commons case today when you want to print are :
- you have your own printer on parallel port -> browsing not required
- you use a LAN printer with its own IP addr -> browsing not required
In a heterogeous company's environment, with many Windows PC and
(unfortunately for now) not many Linuxes, I don't think the possibility to
share printer by UDP port 631 is often used, so turning Browsing OFF by
default shouldn't harm many users (novice or not). Once the printer works
with LAN or parallel port, it should always be possible for the user to
read cups doc and to turn browsing ON on his LAN.
Any thought ?
bye
----------------
Nicolas Pomarede e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED]
"It said uses Windows 95 or better, so I loaded Linux!"
"In a world without walls and fences, who needs windows and gates ?"
