Hello, I’m trying to use my Epson XP-200 printer/scanner with OpenSUSE Tumblweed.

  • /etc/sane.d/dll.conf has the “epson2” line uncommented.
  • /etc/sane.d/epson2.conf has “net autodiscovery” as its last line
  • My user is part of the “lp” group, which seems to be required for finding printers/scanners

If I disable the firewall completely (using YaST2 firewall program), it works – the Skanlite software detects my scanner and connects to it. With the firewall enabled, however, Skanlite says SANE cannot find any scanners. I have tried allowing TCP and UDP ports 8610, 8612 (based on suggestions from https://wiki.debian.org/SaneOverNetwork), and 631 (for CUPS) in the “public” zone, and added the “sane” service to “Allowed” services (didn’t see a “cups” service option), but Skanlite still says SANE cannot find the scanner.

Is there a way for “net autodiscovery” to work without completely disabling my firewall? What ports/services should I allow? It seems the alternative is to manually specify the printer’s IP address in /etc/sane.d/epson2.conf instead of “net autodiscovery”, but I would prefer to not hardcode this.

Thank you in advance for any suggestions!

EDIT: Based on suggestions below, I turned on firewall logging with the instructions https://www.cyberciti.biz/faq/enable-firewalld-logging-for-denied-packets-on-linux/):

  • sudo vi /etc/firewalld/firewalld.conf
  • Set LogDenied=all
  • sudo firewall-cmd --reload

To find lines related to my printer (known to be at 192.168.1.57):

  • dmseg | grep 192.168.1.57

Here is a sample of the output (192.168.1.105 is my OpenSUSE computer):

[30974.673679] filter_IN_public_REJECT: IN=wlp0s20f0u3 OUT= MAC= SRC=192.168.1.57 DST=192.168.1.105 LEN=104 TOS=0x00 PREC=0x00 TTL=30 ID=37923 PROTO=UDP SPT=3289 DPT=48375 LEN=84 MARK=0x3214

[30976.299712] filter_IN_public_REJECT: IN=wlp0s20f0u3 OUT= MAC= SRC=192.168.1.57 DST=192.168.1.105 LEN=104 TOS=0x00 PREC=0x00 TTL=30 ID=37924 PROTO=UDP SPT=3289 DPT=52415 LEN=84 MARK=0x3214

[31139.093164] filter_IN_public_REJECT: IN=wlp0s20f0u3 OUT= MAC= SRC=192.168.1.57 DST=192.168.1.105 LEN=104 TOS=0x00 PREC=0x00 TTL=30 ID=38084 PROTO=UDP SPT=3289 DPT=46833 LEN=84 MARK=0x3214

Looks like 3289 UDP is the port of interest, and it shows up on an EPSON website (https://epson.com/faq/SPT_C11CG18201~faq-0000525-shared?faq_cat=faq-8796127635532). I tried adding it to “public” and “home” zones and it still doesn’t work. Is there a different zone I should be using?

  • lemmyvore@feddit.nl
    link
    fedilink
    English
    arrow-up
    0
    ·
    9 months ago

    Are you using Avahi for the auto discovery? If so you need to open port 5353 UDP.

    • iggames@lemmy.worldOP
      link
      fedilink
      arrow-up
      0
      ·
      9 months ago

      No change with allowing 5353 UDP through the firewall, unfortunately. But thank you for the suggestion!

      • lemmyvore@feddit.nl
        link
        fedilink
        English
        arrow-up
        0
        ·
        9 months ago

        You may also need to allow multicast. Look into it a bit more.

        You can also enable debugging on the firewall and see what exactly gets blocked.