what else is blocking this communication?

Question

Running opensuse tumbleweed here. I've stoped the firewalld and configured successfully a epson network printer/scanner (XP-241). Both printing and scanning (using skanlite) works just fine. Then I started the firewall again and add the following rule:

firewall-cmd --permanent --zone=public --add-source=192.168.1.47/32

but it didn't work. When I open skanlite it says it can't find a scanner on the network. If I stop the firewall, and then I press the button to re scan the network, this time the scanner is found. What more could be blocking the communication ?

I came from Ubuntu and I am just configuring the new system. On ubuntu, the following rule was enough to allow the communication with the scanner:

-A ufw-user-input -i enp3s0 -s 192.168.1.47  -j accept

What else I have to do on firewalld?

    kimera:~ # firewall-cmd --zone=public --list-all 
    public (active)
      target: default
      icmp-block-inversion: no
      interfaces: enp3s0
      sources: 192.168.1.47/32
      services: dhcpv6-client ssh transmission-client
      ports: 
      protocols: 
      masquerade: no
      forward-ports: 
      source-ports: 
      icmp-blocks: 
      rich rules: 

Answer 1

Using the --add-source option only selects connections from that source to be added to the specified zone. The packets from that source are then processed based on the other rules associated with that zone (like allowed ports, for example).

If you instead added this IP to a different zone, like trusted, it would be processed according to the rules in that zone (by default: allow all traffic).