Sometime on or about 4/25 the google print services quite working at the school. What the print services do is allow sharing printers through chrome, either the browser or OS. At the beginning I tested this functionality by sharing out printers from chrome on my own desktop. This worked alright, but it wasn’t a long term solution. I saw that google has a “print service beta” application available, the downside for our environment is that it only runs on a windows box. I spun up a win7 virtual machine and installed this app.
Out of the gate it seemed to work pretty slick. There were a couple of small obstacles related to running a VM on the mac host but I’ve been able to work those out and I was satisfied with the functionality. Suddenly on 4/25, a Monday, the print services quit working. I would get the cloud service to add the printers, but they all showed offline. I reasonably assumed this was related to something on the windows box. I reinstalled this and that, updated thing, etc…no dice. I used time machine to install a version of the VM from the previous week when things were working..nothing. I spun up a vm on another mac host…no dice. I assumed it was the vm part that was suddenly causing problems. I installed win7 on bare metal…same issue. I’d contacted the state to see if anything changed in the firewall, nope. We setup a static ip for the windows box and opened up 5222 both ways…nada, same results. The printers will add to the cloud but they show offline.
I contacted google and ran through all of their suggestions, nothing worked. They had me run several connectivity tests, install an experimental beta version of chrome, send them logs…nothing was standing out. The dude even called me from dublin or something. We could not get it rolling.
Finally I opened up a “bypass” window to go around the state’s content filter. Blamo! Suddenly everything was working properly. Ta hell? I tested a few times, rebooted machines…it wouldn’t work properly unless I had this bypass open to go around the content filter.
At this point I opened up a ticket to the state to address why the content filter was suddenly eating this traffic. That got passed from the people that handle the filter over to the networking team. The network people would say that things were open for 5222 and they could see a little bit of traffic passing. Clearly there looked to be no problem from their perspective. I repeated that it works when I bypass the content filter…it seems reasonable to think there should be something there causing a problem. After a little back and forth they told me they were going to put in a case with iBoss and see if they could look in to it.
It was at that point that I decided I had to dig in to it further. If you go back to the vendor of a piece of software deployed state wide for 1000’s of users with only 1 guy having problems…yeah they aren’t looking at it.
I had never really dug in to the content filter at all. I would log in and add a site to the white list, but that’s it. I saw there was a section for “applications”. Looking in there you can see that they block specific chat applications. One of the chat apps blocked was jabber, nothing specific for google talk…but iirc jabber used the same ports. First I unblocked all the chat apps and tested. Things showed available like they should. I then blocked everything. It seems to take about 5min for the filter to refresh, but after a short amount of time the printers were showing unavailable again. This confirms where the problem lies. I opened up jabber…things work, closed it…doesn’t work. Seems pretty clear jabber needs to be opened up.
As of now, the printers are all working and we are once again burning through a forrest of paper and whatever the hell toner is made from…whoo hoo!