USB Printer



  • Guys

    I have a 800 Mhtz dual wan+squit+trafficshaping pfsense 2.x setup at home and it rocks. My VOIP work great and internet is snappy. The machine has 2GB of ram and 4GB of nano+vga on a USB.

    There are 4 other USB 2.0 ports empty. I wonder if there is a recipe out there to add a USB printer here so that all the machines can print to it directly.

    Much appreciate the response.

    Anil


  • Rebel Alliance Developer Netgate

    Many here would caution against that (and I would agree with them, rightly so), but that said there are some tutorials around the forum for that, search for "CUPS" - whether or not it will work with your printer is hard to say, but it's possible.

    Not recommended, but possible.



  • @jimp:

    ..
    Not recommended, but possible.

    Thanks Jiimp. Can u point me to some place to understand why this is not recommended? I have a laser HL-5240 printer that supports postscript (BR-Script3) and thought this may be a good way to share a USB printer among three of us…
    Thanks again.

    Anil


  • Netgate Administrator

    Running services on your firewall that aren't required for it's operation is just opening up possible attack vectors unnecessarily. On top of that it's far more likely any exploitable security hole will go unnoticed since you will be the only person (or among very few) who are running it.
    It depends how familiar you are with patching security holes. Are you confident of keeping up to date with new FreeBSD exploits because the pfSense team won't be patching CUPS? In reality it's unlikely to be exploitable as long as you have your firewall rules set correctly.
    It's a trade off between security and functionality. Since the purpose of pfSense is security most people see that as a risk not worth taking, however small.

    Steve



  • @stephenw10:

    Running services on your firewall that aren't required for it's operation is just opening up possible attack vectors unnecessarily. On top of that it's far more likely any exploitable security hole will go unnoticed since you will be the only person (or among very few) who are running it.
    It depends how familiar you are with patching security holes. Are you confident of keeping up to date with new FreeBSD exploits because the pfSense team won't be patching CUPS? In reality it's unlikely to be exploitable as long as you have your firewall rules set correctly.
    It's a trade off between security and functionality. Since the purpose of pfSense is security most people see that as a risk not worth taking, however small.

    Steve

    Thanks Steve. It does make sense. In as much as pfSense is serious business application, it has many enthusiastic die hard fans like me who use it at home. And, I have recommended pfSense (with subscription) over fortigate at work last year (not that fortigate is a poor product).

    Perhaps some enthusiastic developer can turn this type of feature into a CUPS package. That would be fun.

    Best
    Anil


Locked