Hi, I maintain the printing stack for Fedora and Red Hat Enterprise Linux, and I've become aware of a need for another conntrack module very similar to nf_conntrack_netbios_ns. When CUPS searches for network printers it issues an SNMP broadcast query from a random source port and to the SNMP destination port, and waits for (unicast) replies from printers, following up each reply with a set of unicast SNMP queries. The problem is that the iptables rules discard the replies to the initial broadcast query. It looks like a conntrack module is what's needed to fix the problem, and the netbios_ns module very nearly solves it: the only changes I can see would be needed are the port number and the maximum number of expected replies. Is this something that warrants a more generic module so that code can be shared between them, or would it be better to just copy the code and make the changes? Thanks, Tim. */
Attachment:
signature.asc
Description: This is a digitally signed message part
