[cups.bugs] [MOD] STR #1992: 'BrowseAllow @LOCAL' not working as documented

twaugh.redhat twaugh at redhat.com
Thu Sep 28 08:58:48 PDT 2006


[STR New]

Hi,

This is re-visiting STR #1854 I'm afraid.

The problem again in brief:
* browse packets are arriving at an interface, say eth0, whose source
address does not match the interface's network address and mask.
* this can happen just by having a bridge router, with server and client
on different subnets, and the server having explicit 'BrowseAddress'
directives
* with 'BrowseOrder deny,allow' and 'BrowseAllow @LOCAL' or 'BrowseAllow
@IF(eth0)' these packets are rejected

My reading of the documentation suggests that the packets should not get
rejected, as they have arrived through an allowed interface.

If this cannot technically be achieved, the documentation needs to reflect
that.  As it stands,

  "The @LOCAL name will allow browse data from all local
   interfaces. The @IF(name) name will allow browse data
   from the named interface."

tells me that it's the receiving interface that matters, not the source IP
address.

The specific problem I'm looking at involves two subnets linked by a
bridge router.  The CUPS server network is 172.16.20.0/24; the CUPS client
is on a 10.32.50.0/24 network.  The server's cupsd.conf contains:

  BrowseAddress 10.32.50.255

and the browse packets arrive at the client like this:

17:34:41.321948 IP 172.16.20.12.ipp > 255.255.255.255.ipp: UDP, length 160

Link: http://www.cups.org/str.php?L1992
Version: 1.2.4





More information about the cups mailing list