The firewall blocks connections initiated from low-numbered TCP ports (port numbers less than 1024). This blocks CUPS outgoing LPD (Line Printer Deamon) protocol connections to the printers.
Modify the Device URI that connects to the LPD printers to include the option “reserve=none”. That is, change The Device URI from something like:
lpd://10.1.2.3/aux1to
lpd://10.1.2.3/aux1?reserve=none To find the current Device URI for a print queue, use the lpstat command. For example. # lpstat -v lpdauxpr1 device for lpdauxpr1 is lpd://10.1.2.3/aux1 To add reserve=none to the Device URI, use the lpadmin command. For example: # lpadmin -p lpdauxpr1 -v lpd://10.1.2.3/aux1?reserve=noneThe LPD protocol specified in RFC 1179 will not be followed by CUPS if reserve=none is added to the Device URI. Most print devices will accept this deviation, but some may not accept connections whose source ports are higher than 1023.
As a result, conduct enough testing to ensure that specifying reserve=none in the LPD printer’s Device URI does not result in any issues in your printing environment.
