------------------------------------------------------------------------

http://www.linux.com/feature/57798
http://www.linux.com/feature/59138
http://www.linuxplanet.com/linuxplanet/tutorials/6412/3/
http://penguin-breeder.org/sane/saned/

apt-get install sane-utils libsane-extras
whereis saned
    saned: /usr/sbin/saned
man saned

cp --verbose /etc/sane.d/saned.conf /etc/sane.d/saned.conf.backup

echo "192.168.1.0/24" | tee /etc/sane.d/saned.conf

cat /etc/sane.d/saned.conf
    192.168.1.0/24

# echo "sane-port 6566/tcp # SANE network scanner daemon" | tee -a /etc/services
grep sane /etc/services
    sane-port   6566/tcp    sane saned  # SANE network scanner daemon

dpkg -S inetd
dpkg -S xinetd

groups saned
    saned

apt-cache search xinetd
apt-get install xinetd
cat /etc/xinetd.d/saned

echo '# default: off
# description: The sane server accepts requests
# for network access to a local scanner via the
# network.
service sane-port
{
   port        = 6566
   socket_type = stream
   protocol    = tcp
   wait        = no
   user        = saned
   group       = saned
   server      = /usr/sbin/saned
   disable     = no
}' > /etc/xinetd.d/saned
cat /etc/xinetd.d/saned

chown root:root /etc/xinetd.d/saned
chmod 644 /etc/xinetd.d/saned
ls -hal /etc/xinetd.d/

echo "sane-port  stream  tcp  nowait  saned.saned  /usr/sbin/saned saned" | tee -a /etc/inetd.conf
cat /etc/inetd.conf

/etc/init.d/xinetd restart


hp-check
HP Device 0x5b11 at 001:005:
    Device URI: hp:/usb/Officejet_J5700_series?serial=CN7BOCF3HP04TC
    Device node: /dev/bus/usb/001/005
    Mode: 0660

ls -hal /dev/bus/usb/001/005
    crw-rw---- 1 lp scanner 189, 4 2008-09-23 14:17 /dev/bus/usb/001/005

adduser saned scanner
sudo -u saned scanimage -L
    device `hpaio:/usb/Officejet_J5700_series?serial=CN7BOCF3HP04TC' is a Hewlett-Packard Officejet_J5700_series all-in-one

telnet localhost 6566
    Trying 127.0.0.1...
    Connected to localhost.
    Escape character is '^]'.

ps aux | grep saned
    root     16154  0.0  0.0   5164   828 pts/0    R+   14:33   0:00 grep saned

# on client:
echo "192.168.1.1" | sudo tee -a /etc/sane.d/net.conf

telnet 192.168.1.1 6566
    Trying 192.168.1.1...
    Connected to 192.168.1.1.
    Escape character is '^]'.

scanimage -L
    No scanners were identified. If you were expecting something different,
    check that the scanner is plugged in, turned on and detected by the
    sane-find-scanner tool (if appropriate). Please read the documentation
    which came with this software (README, FAQ, manpages).

# on server:
tail --line=100 --follow /var/log/syslog
    saned[17186]: saned (AF-indep+IPv6) from sane-backends 1.0.19 ready
    saned[17186]: check_host: access by remote host: 192.168.1.239
    saned[17186]: init: access granted to jelle@192.168.1.239
    kernel: [885131.648358] IN= OUT=eth1 SRC=84.245.3.195 DST=255.255.255.255 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=38311 DPT=1124 LEN=45
    saned[17186]: quit: exiting
# how to fix the iptable rules in a secure way

------------------------------------------------------------------------