[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: CUPS and network interfaces



On Sun, Oct 07, 2007 at 09:18:27PM +0200, Markus Maria Miedaner wrote:
> On Sun, Oct 07, 2007 at 02:47:32PM -0400, you (Celejar) wrote:
> > Hi,
> > 
> > I have a pretty standard (default) CUPS installation.  cupsd.conf
> > contains the lines:
> > 
> > > # Only listen for connections from the local machine.
> > > Listen localhost:631
> > > Listen /var/run/cups/cups.sock
> > 
> > Yet tiger complains:
> > 
> > > --WARN-- [lin002i] The process `cupsd' is listening on socket 631 (UDP) on every interface.

> depending on the level of security you'd like you may be continue thinking about it.
> If you receive this "complain" on your desktop box and you don't have highly important
> data on it that may be wanted by someone else.... I would not worry about it. 

I think the original poster is asking about the inconsistency between
the cups config and the warning message, not complaining about the
message.

On to the real issue:
Listen is poorly documented.  It affects the port for print connections
only.  If you do netstat -anlp, you'll see that the tcp port 631 is
listening only on the listed (local) interface.

udp port 631 is for a nearly unrelated activity of browsing.  Nothing
stands out to me in the docs on limiting this port to certain
interfaces, but there are several cupsd.conf Browse* directives to look
at.  You may need IPTables to address the problem (though that won't
make the message go away).
-- 
Rob

Attachment: signature.asc
Description: Digital signature


Reply to: