[CentOS] Cannot open port 631 for Cups printer sharing

Mon Mar 2 17:27:17 UTC 2009
JohnS <jses27 at gmail.com>

On Mon, 2009-03-02 at 11:50 -0500, Roger Wells wrote:
> JohnS wrote:
> > On Mon, 2009-03-02 at 11:20 -0500, b.j. mcclure wrote:
> >   
> >> I have been trying to set up printer sharing on the LAN.All machines are
> >> CentOS 5.2 fully updated. The problem server is a fresh build.  The box
> >> it is replacing worked fine for many months.
> >> The problem appears to be a closed port 631 on the new box.  iptables
> >> and ip6tables are stopped as shown by the output below.  To confirm I
> >> was using nmap correctly I ran it against the old server first which
> >> shows 631 open.  No matter what I do to the new box (192.168.2.205) 631
> >> remains closed.  I was running it on the new box via ssh which I think
> >> eleminates any swithc/router issues.
> >>
> >> Any thoughts gladly accepted.  This must be something simple/stupid I
> >> have overlooked.  Not much hair left to pull out. ;-/
> >>     
> >
> > Do you have the Cups Service running? service cups status and service
> > hplip status.
> >
> >   
> I don't have an answer but I have to believe that your problem
> is related to mine (thread: cups & hp-toolbox)
> my machine: Linux rwells-rh 2.6.18-92.1.22.el5 #1 SMP Tue Dec 16 
> 12:03:43 EST 2008 i686 i686 i386 GNU/Linux
> [root at rwells-rh legacydp]# /sbin/service hplip status
> hpiod (pid 6422) is running...
> hpssd (pid 6427) is running...
> 
> [root at rwells-rh legacydp]# /sbin/service cups status
> cupsd (pid 6453) is running...
> 
>Interesting that when the local host address is used the port is open:
>[root at rwells-rh legacydp]# nmap -sT -p 631 -PT 127.0.0.1
It is configured by default to it has to be changed

See below working config. You will need to have iptables to allow access
from remote connections. /etc  cups and hp dirs.
cupsd.conf:

MaxLogSize 2000000000
# Show general information in error_log.
LogLevel info
SystemGroup sys root
# Allow remote access
Port 631
Listen /var/run/cups/cups.sock
# Enable printer sharing and shared printers.
Browsing On
BrowseOrder allow,deny
# (Change '@LOCAL' to 'ALL' if using directed broadcasts from another
subnet.)
BrowseAllow @LOCAL
BrowseAddress @LOCAL
DefaultAuthType Basic
------
hplip.conf:

# hplip.conf

[hpiod]
# port=0 (dynamic IP port)
port=2208
[hpssd]
# port=0 (dynamic IP port)
port=2207

[hplip]
version=1.7.2
jdprobe=0

Iptables needs:
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT