Colord is sending broadcast traffic in my network to UDP ports 1124, 3289, 8610, 8612
Here is an extract of the logs generated by iptables. The UID 128 is the UID of colord user in my system.
2018-01-01T21:26:26.701302+01:00 mycomputer kernel: [37224.888854] iptables output IN= OUT=eth0 SRC=192.168.10.6 DST=192.168.10.255 LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=24104 DF PROTO=UDP SPT=8612 DPT=8612 LEN=24 UID=128 GID=128
2018-01-01T21:26:26.701310+01:00 mycomputer kernel: [37224.888859] iptables output IN= OUT=eth0 SRC=192.168.10.6 DST=192.168.10.255 LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=24105 DF PROTO=UDP SPT=8612 DPT=8610 LEN=24 UID=128 GID=128
2018-01-01T21:26:26.709360+01:00 mycomputer kernel: [37224.899051] iptables output IN= OUT=eth0 SRC=192.168.10.6 DST=192.168.10.255 LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=24106 DF PROTO=UDP SPT=8612 DPT=8612 LEN=24 UID=128 GID=128
2018-01-01T21:26:26.709363+01:00 mycomputer kernel: [37224.899057] iptables output IN= OUT=eth0 SRC=192.168.10.6 DST=192.168.10.255 LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=24107 DF PROTO=UDP SPT=8612 DPT=8610 LEN=24 UID=128 GID=128
2018-01-01T21:26:27.261253+01:00 mycomputer kernel: [37225.450013] iptables output IN= OUT=eth0 SRC=192.168.10.6 DST=255.255.255.255 LEN=43 TOS=0x00 PREC=0x00 TTL=64 ID=26769 DF PROTO=UDP SPT=53188 DPT=3289 LEN=23 UID=128 GID=128
2018-01-01T21:26:28.269226+01:00 mycomputer kernel: [37226.456026] iptables output IN= OUT=eth0 SRC=192.168.10.6 DST=255.255.255.255 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=26925 DF PROTO=UDP SPT=53520 DPT=1124 LEN=45 UID=128 GID=128
This is colord as shipped in Debian GNU/Linux 9. No special options used.
As far as I know, there is no configuration file, nothing, where one can disable this behaviour.
This is a very inefficient use of network resources. With a few desktops in the network sending this broadcast traffic, the network can be become saturated.
Please offer an option to enable/disable this behaviour, or allow the user to specify the IP address of the targeted resources.
Although I have a multifunction printer in the network, I don't know if colord is accessing it or not. I cannot find any configuration.
I too was seeing this traffic in my logs and it turns out it's libsane, used by colord, which sends broadcast traffic looking for network scanners.
So just allow/drop this traffic or try to configure sane not to "scan" the network.
You can see (some?) of the drivers that look for network scanners with the following command:
$ grep -r -E "(1124|3289|8610|8612|autodiscovery)" /etc/sane.d/*
Or by looking at the code.
It looks like some of them allow to disable the feature by commenting the line "net autodiscovery".
However /etc/sane.d/pixma.conf does not seem to be able to toggle autodiscovery, maybe this can be reported to sane developers.
I reported an issue with SANE:
Global option to disable network broadcast traffic from backend drivers