Home / server / Questions / 518619
Accepted
sebastian nielsen
Asked: 2013-06-26 22:46:35 +0800 CST

Spoof IPP response in firewall?

  • 772

How I do to spoof a IPP "Unauthorized" response? Have read the IPP specification documents but cannot find exactly how a IPP response should look like. Any examples?

Basically, I have a IPP printer with a firewall in-between, that authenticates printer users, and when a unauthenticated user or a incorrect authenticated user prints, I want the user to get a more meaningful error message than "Cannot Contact the printer, please verify that the printer adress is correct and the printer is turned on". Simply rejecting with a HTTP 403 in the firewall on the IPP port just gives that error message.

Basically, I want to respond with application/ipp and a response code of 0x0403 as a response when the firewall deems the user as unauthenticated. I have the possibility to read and decode things from the request in the firewall (seems I need that to copy over the request ID?).

firewall

1 Answers

  1. Best Answer

    Solved it, I simply redirect the user (IPP client) to this page when auth fails. The user correctly gets a error message that tells that the user is not authorized to print on most operating systems:

    #!PATH TO PERL INTEPRETER
$file = <STDIN>;
$file =~ s/(.)/sprintf("%02x",ord($1))/seg;

$response = "";
$response = $response.chr("01").chr("00").chr("04").chr("03");
$response =$response.chr(hex(substr($file, 6, 2))).chr(hex(substr($file, 8, 2)));
$response=$response.chr(hex(substr($file, 10, 2))).chr(hex(substr($file,12, 2)));
$response = $response.chr("01").chr(hex("47")).chr("00").chr(hex("12"));
$response = $response."attributes-charset".chr("00").chr("05")."utf-8".chr(hex("48"));
$response = $response . chr("00").chr(hex("1B"))."attributes-natural-language".chr("00");
$response =$response . chr("05")."en-us".chr(hex("41")).chr("00").chr(hex("0E"));
$response = $response . "status-message".chr("00").chr(hex("1B"))."client-error-not-authorized";
$response = $response . chr("03");
$clen = length($response);
print "Content-Length: ".$clen."\nContent-Type: application/ipp\n\n$response";
    • 0