|
Home > Archive > Red Hat Topics > October 2004 > Hosting company blocking port 1023/LPD fails
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Hosting company blocking port 1023/LPD fails
|
|
| John V. Kjellman 2004-10-15, 8:46 pm |
| My server hosting company (skynetweb.com/Affinity Internet) just started
blocking port 1023 on its network. Now LPD fails when sending files to
remote printers using port 515, because it defaults to port 1023 for its
source port number. Thus, replies from the remote printer never get back
to LPD and it hangs.
Is there any way that I can prevent LPD from trying to use port 1023 in
the first place (when 1023 is busy, it uses 1022, then 1021, etc).
I'm on RedHat 6.2 using lpr-0.50.5.-1.
Thanks,
My skynetweb.com just says, "sorry for the inconvenience."
John V. Kjellman
Henniker NH
| |
| Ivan Marsh 2004-10-15, 8:46 pm |
| On Tue, 12 Oct 2004 18:54:22 +0000, John V. Kjellman wrote:
> My skynetweb.com just says, "sorry for the inconvenience."
Then tell them Bite Me and Goodbye.
--
i.m.
The USA Patriot Act is the most unpatriotic act in American history.
| |
| Scott Lurndal 2004-10-15, 8:46 pm |
| "John V. Kjellman" <johnk@victorex.com> writes:
>My server hosting company (skynetweb.com/Affinity Internet) just started
>blocking port 1023 on its network. Now LPD fails when sending files to
>remote printers using port 515, because it defaults to port 1023 for its
>source port number. Thus, replies from the remote printer never get back
>to LPD and it hangs.
>
>Is there any way that I can prevent LPD from trying to use port 1023 in
>the first place (when 1023 is busy, it uses 1022, then 1021, etc).
LPD uses the fact that the source port is < 1024 to verify that
the client should be trusted (yeah, foolish now, but that was
prior to windows and affordable single-user unix systems).
If the remote printer requires a privileged source port, you are out of
luck. If not, you can load the lpr source RPM, find the 'bind' call
which sets the source port and do what you want with it.
# rpm -i lpr-0.50.5-1.src.rpm
# cd /usr/src/redhat/SPECS
# rpmbuild -bp lpr.spec
# cd ../BUILD/lpr-0.50.5-1
# Edit the appropriate source file
# either (1) make a patch and install in ../SOURCES and modify lpr.spec
to apply the patch or
(2) tar up BUILD/lpr-0.50.5-1 and replace the tarball in
../SOURCES with the one you just created
# rpmbuild -bb lpr.spec
and install the rpm from RPMS/i386
scott
>
>I'm on RedHat 6.2 using lpr-0.50.5.-1.
>
>Thanks,
> My skynetweb.com just says, "sorry for the inconvenience."
>
>John V. Kjellman
>Henniker NH
>
| |
| John V. Kjellman 2004-10-15, 8:46 pm |
| Dear Scott:
Thanks for the hints. I may get there yet, but I don't have rpmbuild
on my system, and when I installed it, it didn't like my version of rpm,
and when I updated it, it says I've got a missing library libdb-3.1.so),
and on it goes.....
Nothing's easy. I'm going to lean on my hosting company a bit more.
Regards,
John Kjellman
Scott Lurndal wrote:[vbcol=seagreen]
>
> "John V. Kjellman" <johnk@victorex.com> writes:
>
> LPD uses the fact that the source port is < 1024 to verify that
> the client should be trusted (yeah, foolish now, but that was
> prior to windows and affordable single-user unix systems).
>
> If the remote printer requires a privileged source port, you are out of
> luck. If not, you can load the lpr source RPM, find the 'bind' call
> which sets the source port and do what you want with it.
>
> # rpm -i lpr-0.50.5-1.src.rpm
> # cd /usr/src/redhat/SPECS
> # rpmbuild -bp lpr.spec
>
> # cd ../BUILD/lpr-0.50.5-1
> # Edit the appropriate source file
> # either (1) make a patch and install in ../SOURCES and modify lpr.spec
> to apply the patch or
> (2) tar up BUILD/lpr-0.50.5-1 and replace the tarball in
> ../SOURCES with the one you just created
> # rpmbuild -bb lpr.spec
>
> and install the rpm from RPMS/i386
>
> scott
>
--
Victorex, Inc. Internet and computer reservations
51 Rush Road, Suite V systems for Timeshare Resort and
P.O. Box 730 Vacation Rental Managers.
Henniker, New Hampshire 03242-0730
(603) 428-8200, (603) 428-8090 (FAX)
E-mail: johnk@victorex.com
| |
| Scott Lurndal 2004-10-15, 8:46 pm |
| "John V. Kjellman" <johnk@victorex.com> writes:
>Dear Scott:
>
> Thanks for the hints. I may get there yet, but I don't have rpmbuild
>on my system, and when I installed it, it didn't like my version of rpm,
>and when I updated it, it says I've got a missing library libdb-3.1.so),
>and on it goes.....
Ah. 6.2 was when they split rpm into two pieces. If you still have
the original rpm command, you can substitute 'rpm' for 'rpmbuild' in the
instructions below. IIRC there was an rpm update available from ftp.redhat.com
that installed the new (4.0?) rpm rpm's for 6.2.
My last 6.2 system was retired two months ago, finally.
scott
[vbcol=seagreen]
| |
| John V. Kjellman 2004-10-15, 8:46 pm |
| Dear Scott:
Thanks again for the hints. I have pretty much figured out an
approach to the issue, but the good news is -- following a FAXed letter
to skynetweb.com corporate office -- that my hosting company admits to a
mistake re blocking of port 1023, and will remove the block shortly.
Now if somebody would pay me for the time invested in this issue, I
could take the rest of the week off.
Regards,
John Kjellman
Scott Lurndal wrote:[vbcol=seagreen]
>
> "John V. Kjellman" <johnk@victorex.com> writes:
>
> Ah. 6.2 was when they split rpm into two pieces. If you still have
> the original rpm command, you can substitute 'rpm' for 'rpmbuild' in the
> instructions below. IIRC there was an rpm update available from ftp.redhat.com
> that installed the new (4.0?) rpm rpm's for 6.2.
>
> My last 6.2 system was retired two months ago, finally.
>
> scott
>
--
Victorex, Inc. Internet and computer reservations
51 Rush Road, Suite V systems for Timeshare Resort and
P.O. Box 730 Vacation Rental Managers.
Henniker, New Hampshire 03242-0730
(603) 428-8200, (603) 428-8090 (FAX)
E-mail: johnk@victorex.com
|
|
|
|
|