Hello, I’m trying to use my Epson XP-200 printer/scanner with OpenSUSE Tumblweed.

  • /etc/sane.d/dll.conf has the “epson2” line uncommented.
  • /etc/sane.d/epson2.conf has “net autodiscovery” as its last line
  • My user is part of the “lp” group, which seems to be required for finding printers/scanners

If I disable the firewall completely (using YaST2 firewall program), it works – the Skanlite software detects my scanner and connects to it. With the firewall enabled, however, Skanlite says SANE cannot find any scanners. I have tried allowing TCP and UDP ports 8610, 8612 (based on suggestions from https://wiki.debian.org/SaneOverNetwork), and 631 (for CUPS) in the “public” zone, and added the “sane” service to “Allowed” services (didn’t see a “cups” service option), but Skanlite still says SANE cannot find the scanner.

Is there a way for “net autodiscovery” to work without completely disabling my firewall? What ports/services should I allow? It seems the alternative is to manually specify the printer’s IP address in /etc/sane.d/epson2.conf instead of “net autodiscovery”, but I would prefer to not hardcode this.

Thank you in advance for any suggestions!

EDIT: Based on suggestions below, I turned on firewall logging with the instructions https://www.cyberciti.biz/faq/enable-firewalld-logging-for-denied-packets-on-linux/):

  • sudo vi /etc/firewalld/firewalld.conf
  • Set LogDenied=all
  • sudo firewall-cmd --reload

To find lines related to my printer (known to be at 192.168.1.57):

  • dmseg | grep 192.168.1.57

Here is a sample of the output (192.168.1.105 is my OpenSUSE computer):

[30974.673679] filter_IN_public_REJECT: IN=wlp0s20f0u3 OUT= MAC= SRC=192.168.1.57 DST=192.168.1.105 LEN=104 TOS=0x00 PREC=0x00 TTL=30 ID=37923 PROTO=UDP SPT=3289 DPT=48375 LEN=84 MARK=0x3214

[30976.299712] filter_IN_public_REJECT: IN=wlp0s20f0u3 OUT= MAC= SRC=192.168.1.57 DST=192.168.1.105 LEN=104 TOS=0x00 PREC=0x00 TTL=30 ID=37924 PROTO=UDP SPT=3289 DPT=52415 LEN=84 MARK=0x3214

[31139.093164] filter_IN_public_REJECT: IN=wlp0s20f0u3 OUT= MAC= SRC=192.168.1.57 DST=192.168.1.105 LEN=104 TOS=0x00 PREC=0x00 TTL=30 ID=38084 PROTO=UDP SPT=3289 DPT=46833 LEN=84 MARK=0x3214

Looks like 3289 UDP is the port of interest, and it shows up on an EPSON website (https://epson.com/faq/SPT_C11CG18201~faq-0000525-shared?faq_cat=faq-8796127635532). I tried adding it to “public” and “home” zones and it still doesn’t work. Is there a different zone I should be using?

  • iggames@lemmy.worldOP
    link
    fedilink
    arrow-up
    0
    ·
    9 months ago

    No change with allowing 5353 UDP through the firewall, unfortunately. But thank you for the suggestion!

    • lemmyvore@feddit.nl
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 months ago

      You may also need to allow multicast. Look into it a bit more.

      You can also enable debugging on the firewall and see what exactly gets blocked.