2.1.5 -> 2.2 Printer is not working

w0w

Ok, I have downloaded and configured to load ulpt.ko from 10.0 release. Printer is now detected. Updated CUPS, CUPS is running, but not printing, this should be CUPS issue that not this thread problem.
I request to include the ulpt back into pfsense kernel if it possible.

KOM

I can't remember too many times when I need a printer attached to my firewall.

w0w

Is there any reason not to do it? :)

kejianshi

I'm not sure if running a samba share there is a security issue or not.  I'd have to let people test it to death.

heper

@kejianshi:

I'm not sure if running a samba share there is a security issue or not.  I'd have to let people test it to death.

everything you add to a firewall is a potential additional attack target where you'd need to keep up with the security advisories /updates / ….
every addon package pfsense has a risk of being less secure then a "stock" bsd release.

charliem

@kejianshi:

I'm not sure if running a samba share there is a security issue or not.  I'd have to let people test it to death.

Samba?  Not sure what that has to do with CUPS.  I agree it's poor form to 'accessorize' your firewall, but not everyone has the luxury of that, or some may prefer to learn from personal experience.

The question of including the ulpt module has come up before: https://forum.pfsense.org/index.php?topic=78498.msg428605#msg428605 but I guess it never went any further.  Including it as a loadable module would seem to be a pretty low risk.

w0w

I don't see any risks if ulpt is compiled into kernel also, I don't ask you to compile CUPS or samba-tumba into kernel. What risks could be caused by ulpt, theoretically? If you don't connect any printer it is not executing any code. Including module instead of compiling into, would be great also for paranoids.  ;D

w0w

https://redmine.pfsense.org/issues/4108

cmb

@w0w:

https://redmine.pfsense.org/issues/4108

No. It's a firewall, not a print server.

w0w

I did not asked you to compile a print server into pfsense is not it? :) And a print server is not the same as usb printer driver support, not even close.
If you just will add ulpt.ko module into pfsense distribution, this is not changing the main concept and do not adding any security holes if firewall user itself don't bring them up. But as I answered on bug tracker… No means no.