David, Our old /etc/init.d/mdns support might perform the discovery, not sure if it is too old. There is an example for the HP JetDirect (TCP 9100) protocol.
As far as a custom-rule, add "-j ACCEPT" rules to the POST_FORWARD_CHAIN , something like: -- iptables -A POST_FORWARD_CHAIN -s $shost -d $dhost -p tcp --dport $port -j ACCEPT -- Lonnie On May 29, 2016, at 3:41 PM, David Kerr <da...@kerr.net> wrote: > The answer for bonjour/airprint across networks seems to be avahi-daemon > (https://community.spiceworks.com/how_to/38251-build-your-own-bonjour-gateway) > which is conveniently available if I do a custom build of astlinux. So I > will try that. But first I need to get traffic going between the subnets. I > don't want all-or-nothing, just access to the printers, so I'll try custom > rules. I think a route from vlan->specific printer IP in one direction and > printer IP -> any subnet IP in the other direction will do it. > > David. > > On Sun, May 29, 2016 at 4:27 PM, Lonnie Abelbeck <li...@lonnie.abelbeck.com> > wrote: > David, > > If you configured your guest VLAN network on the DMZ interface you could add > a "Pass DMZ->LAN" rule to pass IPP to your printer. You would also want to > "Pass DMZ->Local" for DHCP and DNS (UDP 53,67,68). > > By default LAN interfaces are isolated from each other, or check "Allow LAN > to LAN for the ..." to allow any traffic between the selected LAN's. All or > nothing. Without creating a custom-rule, there does not seem an easy way to > allow only certain packets between LAN's other then using the DMZ. > > Regardless, they would be in different link-level broadcast domains, > definitely a security feature, but less convenient. Classic security vs. > convenience. > > > For extra credit it would ideally be discoverable (bonjour / AirPrint) for > > iPads. > > Purchase a second printer. :-) > > Lonnie > > > On May 29, 2016, at 12:23 PM, David Kerr <da...@kerr.net> wrote: > > > So, lets say I have a guest network on a vlan, and I have my regular > > network. On that regular network I have a printer attached which I would > > like my guests to have access to. For extra credit it would ideally be > > discoverable (bonjour / AirPrint) for iPads. > > > > Any suggestion as to how this could be setup? My best guess at the moment > > is to use IPP and just access the printer through external IP address, port > > 631, which I then route to the printer. But that is certainly not > > discoverable by iPads, and is there a way to route between a vLan and a > > regular Lan? > > > > Thanks > > David > > > > ------------------------------------------------------------------------------ > What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic > patterns at an interface-level. Reveals which users, apps, and protocols are > consuming the most bandwidth. Provides multi-vendor support for NetFlow, > J-Flow, sFlow and other flows. Make informed decisions using capacity > planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e > _______________________________________________ > Astlinux-users mailing list > Astlinux-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > pay...@krisk.org. > > ------------------------------------------------------------------------------ > What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic > patterns at an interface-level. Reveals which users, apps, and protocols are > consuming the most bandwidth. Provides multi-vendor support for NetFlow, > J-Flow, sFlow and other flows. Make informed decisions using capacity > planning reports. > https://ad.doubleclick.net/ddm/clk/305295220;132659582;e_______________________________________________ > Astlinux-users mailing list > Astlinux-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > pay...@krisk.org. ------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
