printing across subnets browseRelay odd device ipp://
carl mason
carlm at demog.berkeley.edu
Wed Jan 26 15:08:10 PST 2011
I am trying to allow hosts on a different subnet to print via a cups server on our local subnet. I have configured the firewall to pass tcp packets coming in on port 631 to the cups server.
BrowseRelay 192.168.1.* 136.152.182.41
to cupsd.conf
I added a
BrowsePoll cupshost.ip.address (outside interface of firewall)
to the machine that has 136.152.182.41
At this point *almost* everything works.
from the client machine (136.152..) I can see the cups administrative website on the server. And lpstat -tv on the client shows all of the printers.
The problem is that the device designations show the unroutable ipaddress of the cupst server e.g.
device for age: ipp://192.168.1.18:631/printers/age
attempts to print invariably time out (since the client machine is on the 136.152... subnet).
Thanks for any suggestions.
Here is cupsd.conf
MaxLogSize 2000000000
# Show troubleshooting information in error_log.
LogLevel debug
SystemGroup sys root
# Allow remote access
Port 631
Listen /var/run/cups/cups.sock
## the next line should hurt nothing but it does not solve
## the problem of printing throught he firewall either
##ServerName cupshost.demog.berkeley.edu
# Enable printer sharing and shared printers.
Browsing On
BrowseOrder allow,deny
# (Change '@LOCAL' to 'ALL' if using directed broadcasts from another subnet.)
BrowseAllow @LOCAL
BrowseAddress @LOCAL
Allow from @LOCAL
DefaultAuthType Basic
<Location />
Encryption Never
# Allow shared printing and remote administration...
Order allow,deny
# Allow from 192.168.1.*
Allow all
</Location>
<Location /admin>
Encryption Never
# Allow remote administration...
Order allow,deny
# Allow all
Allow from 192.168.1.*
</Location>
<Location /admin/conf>
AuthType Basic
Require user @SYSTEM
Encryption Never
# Allow all
Allow from 192.168.1.*
# Allow remote access to the configuration files...
Order allow,deny
Allow all
Allow from 192.168.1.*
</Location>
<Policy default>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job>
Encryption Never
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit Pause-Printer Resume-Printer Set-Printer-Attributes Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Add-Printer CUPS-Delete-Printer CUPS-Add-Class CUPS-Delete-Class CUPS-Accept-Jobs CUPS-Reject-Jobs CUPS-Set-Default>
AuthType None
Encryption Never
Order deny,allow
</Limit>
<Limit CUPS-Authenticate-Job>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
## cupshost.ournet.edu resolves to the outside interface of our firewall
ServerName cupshost.ournet.edu
BrowseRelay 192.168.1.* 136.152.132.*
More information about the cups
mailing list