On Tue, Oct 09, hg9627 wrote:

> Limit access to your printer via lpd.conf, there's some ways to restrict
> hosts by subnet and ip-addresses. tcp-wrappers should be mandatory
> nowadays.

A while back I made a patch for LPRng (3.6.26) to use
tcp_wrappers. AFAIK the patch still applies to more recent LPRng
versions (it's possible to use lpd.perms, but LPRng still accepts the
connection before determining that the client is not allowed to
connect/print). The patch is available from:
http://www.uku.fi/~jhuuskon/Patches/
(I have used the patch on my homenet, but I would appreciate if more
people could have a look at it before using in production).

I've also made a patch for LPRng to only listen on specified interface
(eg. 127.0.0.1). More recent LPRng (3.7.x??) already has similar option.
Using this might be worthwhile if you'll only need to allow local (from
the same machine) clients to print (i.e not on a central print server).

Any feedback/discussion is welcome.

-Jarno

-- 
Jarno Huuskonen - System Administrator   |  Jarno.Huuskonenuku.fi
University of Kuopio - Computer Center   |  Work:   +358 17 162822
PO BOX 1627, 70211 Kuopio, Finland       |  Mobile: +358 40 5388169

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]