Bug 104465

Summary: Colord produces network broadcast traffic
Product: colord Reporter: Ramón García <ramon.garcia.f+freedesktop>
Component: daemonAssignee: Richard Hughes <richard>
Status: NEW --- QA Contact:
Severity: normal    
Priority: medium CC: ao2, peter
Version: unspecified   
Hardware: Other   
OS: Linux (All)   
Whiteboard:
i915 platform: i915 features:

Description Ramón García 2018-01-02 22:05:20 UTC 
Colord is sending broadcast traffic in my network to UDP ports 1124, 3289, 8610, 8612

Here is an extract of the logs generated by iptables. The UID 128 is the UID of colord user in my system.

2018-01-01T21:26:26.701302+01:00 mycomputer kernel: [37224.888854] iptables output IN= OUT=eth0 SRC=192.168.10.6 DST=192.168.10.255 LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=24104 DF PROTO=UDP SPT=8612 DPT=8612 LEN=24 UID=128 GID=128 
2018-01-01T21:26:26.701310+01:00 mycomputer kernel: [37224.888859] iptables output IN= OUT=eth0 SRC=192.168.10.6 DST=192.168.10.255 LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=24105 DF PROTO=UDP SPT=8612 DPT=8610 LEN=24 UID=128 GID=128 
2018-01-01T21:26:26.709360+01:00 mycomputer kernel: [37224.899051] iptables output IN= OUT=eth0 SRC=192.168.10.6 DST=192.168.10.255 LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=24106 DF PROTO=UDP SPT=8612 DPT=8612 LEN=24 UID=128 GID=128 
2018-01-01T21:26:26.709363+01:00 mycomputer kernel: [37224.899057] iptables output IN= OUT=eth0 SRC=192.168.10.6 DST=192.168.10.255 LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=24107 DF PROTO=UDP SPT=8612 DPT=8610 LEN=24 UID=128 GID=128 
2018-01-01T21:26:27.261253+01:00 mycomputer kernel: [37225.450013] iptables output IN= OUT=eth0 SRC=192.168.10.6 DST=255.255.255.255 LEN=43 TOS=0x00 PREC=0x00 TTL=64 ID=26769 DF PROTO=UDP SPT=53188 DPT=3289 LEN=23 UID=128 GID=128 
2018-01-01T21:26:28.269226+01:00 mycomputer kernel: [37226.456026] iptables output IN= OUT=eth0 SRC=192.168.10.6 DST=255.255.255.255 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=26925 DF PROTO=UDP SPT=53520 DPT=1124 LEN=45 UID=128 GID=128 

This is colord as shipped in Debian GNU/Linux 9. No special options used.

As far as I know, there is no configuration file, nothing, where one can disable this behaviour.

This is a very inefficient use of network resources. With a few desktops in the network sending this broadcast traffic, the network can be become saturated.

Please offer an option to enable/disable this behaviour, or allow the user to specify the IP address of the targeted resources.

Although I have a multifunction printer in the network, I don't know if colord is accessing it or not. I cannot find any configuration.
Comment 1 Antonio Ospite 2018-04-21 16:59:20 UTC 
Hi,

I too was seeing this traffic in my logs and it turns out it's libsane, used by colord, which sends broadcast traffic looking for network scanners.

So just allow/drop this traffic or try to configure sane not to "scan" the network.

You can see (some?) of the drivers that look for network scanners with the following command:

$ grep -r -E "(1124|3289|8610|8612|autodiscovery)" /etc/sane.d/*

Or by looking at the code.

It looks like some of them allow to disable the feature by commenting the line "net autodiscovery".

However /etc/sane.d/pixma.conf does not seem to be able to toggle autodiscovery, maybe this can be reported to sane developers.

Ciao,
   Antonio
Comment 2 Peter Nowee 2019-09-04 14:48:30 UTC 
I reported an issue with SANE:

Global option to disable network broadcast traffic from backend drivers
https://gitlab.com/sane-project/backends/issues/130
Comment 3 Antonio Ospite 2019-09-04 19:54:47 UTC 
Thanks Peter!

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.