[CentOS] Cannot open port 631 for Cups printer sharing

Mon Mar 2 17:43:23 UTC 2009
b.j. mcclure <keepertoad at bellsouth.net>

On Mon, 2009-03-02 at 12:27 -0500, JohnS wrote:
> On Mon, 2009-03-02 at 11:50 -0500, Roger Wells wrote:
> > JohnS wrote:
> > > On Mon, 2009-03-02 at 11:20 -0500, b.j. mcclure wrote:
> > >   
> > >> I have been trying to set up printer sharing on the LAN.All machines are
> > >> CentOS 5.2 fully updated. The problem server is a fresh build.  The box
> > >> it is replacing worked fine for many months.
> > >> The problem appears to be a closed port 631 on the new box.  iptables
> > >> and ip6tables are stopped as shown by the output below.  To confirm I
> > >> was using nmap correctly I ran it against the old server first which
> > >> shows 631 open.  No matter what I do to the new box (192.168.2.205) 631
> > >> remains closed.  I was running it on the new box via ssh which I think
> > >> eleminates any swithc/router issues.
> > >>
> > >> Any thoughts gladly accepted.  This must be something simple/stupid I
> > >> have overlooked.  Not much hair left to pull out. ;-/
> > >>     
> > >
> > > Do you have the Cups Service running? service cups status and service
> > > hplip status.
> > >
> > >   
> > I don't have an answer but I have to believe that your problem
> > is related to mine (thread: cups & hp-toolbox)
> > my machine: Linux rwells-rh 2.6.18-92.1.22.el5 #1 SMP Tue Dec 16 
> > 12:03:43 EST 2008 i686 i686 i386 GNU/Linux
> > [root at rwells-rh legacydp]# /sbin/service hplip status
> > hpiod (pid 6422) is running...
> > hpssd (pid 6427) is running...
> > 
> > [root at rwells-rh legacydp]# /sbin/service cups status
> > cupsd (pid 6453) is running...
> > 
> >Interesting that when the local host address is used the port is open:
> >[root at rwells-rh legacydp]# nmap -sT -p 631 -PT 127.0.0.1
> It is configured by default to it has to be changed
> 
> See below working config. You will need to have iptables to allow access
> from remote connections. /etc  cups and hp dirs.
> cupsd.conf:
> 
> MaxLogSize 2000000000
> # Show general information in error_log.
> LogLevel info
> SystemGroup sys root
> # Allow remote access
> Port 631
> Listen /var/run/cups/cups.sock
> # Enable printer sharing and shared printers.
> Browsing On
> BrowseOrder allow,deny
> # (Change '@LOCAL' to 'ALL' if using directed broadcasts from another
> subnet.)
> BrowseAllow @LOCAL
> BrowseAddress @LOCAL
> DefaultAuthType Basic
> ------
> hplip.conf:
> 
> # hplip.conf
> 
> [hpiod]
> # port=0 (dynamic IP port)
> port=2208
> [hpssd]
> # port=0 (dynamic IP port)
> port=2207
> 
> [hplip]
> version=1.7.2
> jdprobe=0
> 
> Iptables needs:
> -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
> -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT

My config files agree with yours except hplip is version 1.6.7.

Firewall is completely down, i.e., iptables and ip6tables are stopped.

Thanks for the input.
B.J.

CentOS 5.2, Linux 2.6.18-92.1.22.el5 x86_64 12:37:10 up 19:31, 3 users,
load average: 0.06, 0.07, 0.02