Hi, all. I attempt to create rules for pf to use xsane on the lan network, for my laptop station, and my MFP Espon, connected on red by ethernet, too.
If pf is disabled, i've no problem to use xsane and communicate with my
MFP. But, i cant if i activate pf.
Xsane official port is 6566.
1865 seems to need to contact the Espon MFP.
(i'm using this port on Debian, with "official" software...).
My rules:
# $OpenBSD: pf.conf,v 1.54 2014/08/23 05:49:42 deraadt Exp $
#
# See pf.conf(5) and /etc/examples/pf.conf
xsane_ports = "{ 1865 6566 }"
set block-policy return
set loginterface egress
set optimization normal
set reassemble yes
set ruleset-optimization none
set skip on lo
match in all scrub (max-mss 1440 no-df random-id reassemble tcp)
antispoof for egress
# By default, do not permit remote connections to X11
block in on ! lo0 proto tcp to port 6000:6010
block # block stateless traffic
pass log # establish keep-state
pass proto udp from any to egress port mdns allow-opts
pass on egress proto { tcp udp } from egress to egress:network port
$xsane_ports modulate state
----
After enable pf and load thoses rules, i view this log:
Nov 29 22:25:57.868904 rule 12/(match) pass out on axe0:
192.168.xyz.222.8612 > 192.168.xyz.255.8612: udp 16
Nov 29 22:25:57.868929 rule 12/(match) pass in on axe0:
192.168.xyz.222.8612 > 192.168.xyz.255.8612: udp 16
Nov 29 22:25:57.868945 rule 12/(match) pass out on axe0:
192.168.xyz.222.8612 > 192.168.xyz.255.8610: udp 16
Nov 29 22:25:57.868958 rule 12/(match) pass in on axe0:
192.168.xyz.222.8612 > 192.168.xyz.255.8610: udp 16
And, after xsane inform the fail of detection: "Aucun périphérique
disponible".
An idea?!
--
~ " Fully Basic System Distinguish Life! " ~ " Libre as a BSD " +=<<<
----
<me>Stephane HUC as PengouinPdt or CIOTBSD</me>
<mail>b...@stephane-huc.net</mail>
signature.asc
Description: OpenPGP digital signature
