Cups listen on 0.0.0.0
Helge Blischke
h.blischke at acm.org
Fri Apr 30 04:07:12 PDT 2010
Markus Feldmann wrote:
> Hi All,
>
> my printer service cups on my debian lenny server (with kernel
> 2.6.32.11) ist listen to some addresses i do not want and do not set up
> i think. :-) Especially the address 0.0.0.0:631 is misterious for me.
>
> Here comes my output from netstat -apn:
> Proto Recv-Q Send-Q Local Address Foreign Address
> State PID/Program name
> tcp 0 0 127.0.0.1:3306 0.0.0.0:*
> LISTEN 2573/mysqld
> tcp 0 0 0.0.0.0:21 0.0.0.0:*
> LISTEN 5740/pure-ftpd (SER
> tcp 0 0 192.168.0.186:53 0.0.0.0:*
> LISTEN 2461/named
> tcp 0 0 127.0.0.1:53 0.0.0.0:*
> LISTEN 2461/named
> tcp 0 0 192.168.0.186:22 0.0.0.0:*
> LISTEN 3035/sshd
> tcp 0 0 192.168.0.186:631 0.0.0.0:*
> LISTEN 2653/cupsd
> tcp 0 0 127.0.0.1:631 0.0.0.0:*
> LISTEN 2653/cupsd
> tcp 0 0 127.0.0.1:25 0.0.0.0:*
> LISTEN 2951/exim4
> tcp 0 0 127.0.0.1:953 0.0.0.0:*
> LISTEN 2461/named
> tcp 0 0 192.168.0.186:22 192.168.0.197:39608
> VERBUNDEN 4952/0
> tcp 0 0 192.168.0.186:22 192.168.0.197:46878
> VERBUNDEN 5241/3
> tcp 0 0 192.168.0.186:22 192.168.0.197:53508
> VERBUNDEN 5019/1
> tcp 0 0 192.168.0.186:631 192.168.0.197:35639
> VERBUNDEN 2653/cupsd
> tcp 0 0 192.168.0.186:22 192.168.0.197:37468
> VERBUNDEN 5152/sshd: markus [
> tcp6 0 0 :::80 :::*
> LISTEN 5622/apache2
> tcp6 0 0 :::21 :::*
> LISTEN 5740/pure-ftpd (SER
> tcp6 0 0 ::1:953 :::*
> LISTEN 2476/lwresd
> tcp6 0 0 :::443 :::*
> LISTEN 5622/apache2
> udp 0 0 127.0.0.1:921 0.0.0.0:*
> 2476/lwresd
> udp 0 0 192.168.0.186:53 0.0.0.0:*
> 2461/named
> udp 0 0 127.0.0.1:53 0.0.0.0:*
> 2461/named
> udp 0 0 0.0.0.0:67 0.0.0.0:*
> 5791/dhcpd3
> udp 0 0 0.0.0.0:631 0.0.0.0:*
> 2653/cupsd
> raw 0 0 0.0.0.0:1 0.0.0.0:* 7
> 5791/dhcpd3
>
> My cups.conf looks like this:
> http://nopaste.debianforum.de/34569
>
> Where is my problem? As i can see i did only allow access from my local
> net and inside my server. Any idea?
>
> regards Markus
Lookk at your listing! Note that the line you complained ab out lists udp as
the protocol, which cupsd uses only for standard browsing; the default is to
allow browing from all interfaces.
Use the directives BrowseAllow and BrowseDeny to restrict browsing datagrams
to specific sources.
Helge
More information about the cups
mailing list