RE: Iptable rule required to block youtube
Content filtering would be the way to go. For an interim solution, if you control your DNS servers, block it at the DNS level. From: owner-scientific-linux-us...@listserv.fnal.gov [mailto:owner-scientific-linux-us...@listserv.fnal.gov] On Behalf Of Trenton Ray Sent: Thursday, October 04, 2012 4:29 AM To: vivekat...@gmail.com Cc: scientific-linux-us...@fnal.gov Subject: Re: Iptable rule required to block youtube Have you looked into setting up a Squid proxy/filter? Much less of a headache than doing it at the iptables level. On 10/04/2012 08:26 AM, Michael Tiernan wrote: On 10/4/12 3:27 AM, vivek chalotra wrote: And now i want to block youtube on my network. It can be done with iptables however it's not for the faint of heart. I did some reading about it on a dd-wrt website and it wasn't something I found as an easy solution to a single problem such as this. However, blocking by name string leaves open the ipaddress approach so you have to do both things and this isn't something easily maintained. May I respectfully suggest that the problem isn't at the iptables level but at the user level? A simple You do it, you're cut off. rule is more effective and would move the responsibility from you and the system software to those managing the users. -- MCTMichael C Tiernan xmpp:mtier...@mit.edu +1 (617) 324-9173 MIT - Laboratory for Nuclear Science - http://www.lns.mit.edu High Perf Research Computing Facility at The Bates Linear Accelerator Please avoid sending me MS-Word or MS-PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html
Re: Smart card manager
Fedora 16 did not work. Fedora 17 beta did not work. LPS (http://www.spi.dod.mil/lipose.htm) DOES work. At least I now know it is not a hardware/firmware problem and it is possible. Now to figure out which versions of what they are using.
RE: Smart card manager
Tried to post this yesterday, guess it never went. Latest update, Found this in dmesg gdm-smartcard-w[2393]: segfault at 7fbd5f4bae40 ip 7fbd5f4bae40 sp 7fbd5f4addd8 error 14 in locale-archive[7fbd5f8f9000+5e91000] running openct-control status shows: No. Name Info === 0 CCID Compatible slot0: card present esd diagnostics shows: SMART CARD DIAGNOSTICS REPORT ***Software Version Information*** Smart Card Manager Version: 1.1.0-24.el6.2 System Versions: mozilla/5.0 (x11; linux x86_64; rv:10.0.3) gecko/20120314 esc/1.1.0-24.2 ***Active Smart Card Details*** Number of Smart Cards Detected: 0 ***Smart Card Activity*** [Wed 11 Apr 2012 01:44:28 PM EDT] NSS system intialized successfully! [Thu 12 Apr 2012 11:07:32 AM EDT] NSS system intialized successfully! [Thu 12 Apr 2012 11:13:28 AM EDT] NSS system intialized successfully! Firefox with either OpenCT or coolkey drivers loaded still cannot see the card. -Original Message- From: owner-scientific-linux-us...@listserv.fnal.gov [mailto:owner-scientific-linux-us...@listserv.fnal.gov] On Behalf Of Novick, Jeffrey L CTR (US) Sent: Wednesday, April 11, 2012 2:09 PM To: SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV Subject: Re: Smart card manager Thank you, still no luck. I managed to get esc-1.1.0-24.el6_2.2.src.rpm and rpmbuild --rebuild esc-1.1.0-24.el6_2.2.src.rpm yum upgrade esc-1.1.0-24.el6_2.x86_64.rpm esc now starts but does not detect my reader. I've tried with the built-in reader, a Dell usb keyboard with a reader and a stand alone usb reader. all with the same results. The only hint of what's wrong now is /var/log/messages shows: pam: gdm-smartcard[2460]: argument card_only is not supported by this module This is with the built in reader: pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: pcscdaemon.c:581:signal_trap() Preparing for suicide pcscd: readerfactory.c:1267:RFCleanupReaders() entering cleaning function pcscd: pcscdaemon.c:531:at_exit() cleaning /var/run pcscd: utils.c:123:StatSynchronize() Can't open /var/run/pcscd.events/event.2412.17011478: Bad file descriptor pcscd: utils.c:123:StatSynchronize() Can't open /var/run/pcscd.events/event.4825.16998508: Bad file descriptor pcscd: utils.c:123:StatSynchronize() Can't open /var/run/pcscd.events/event.3144.17025878: Bad file descriptor pcscd: pcscdaemon.c:506:main() pcsc-lite 1.5.2 daemon ready. pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found This is with the usb keyboard: kernel: usb 6-1: Product: Dell Smart Card Reader Keyboard kernel: input: Dell Dell Smart Card Reader Keyboard as /devices/pci:00/:00:1d.0/usb6/6-1/6-1:1.0/input/input13 kernel: generic-usb 0003:413C:2101.0002: input,hidraw0: USB HID v1.11 Keyboard [Dell Dell Smart Card Reader Keyboard] on usb-:00:1d.0-1/input0 readerfactory.c:1024:RFInitializeReader() Attempting startup of Dell smart card reader keyboard 00 00 using /usr/lib64/pcsc/drivers/ifd- ccid.bundle/Contents/Linux/libccid.so readerfactory.c:233:RFAddReader() Dell smart card reader keyboard init failed.
Re: Smart card manager
I won't have time to mess with it for at least a few days (maybe a week?) but bother me about it early next week and I'll give it another look. Hopefully the build can be simplified. All I can say and do is thank you and I'll poke around to see if I can get esc rebuilt. If I'm successful, I'll post results, otherwise, no update = no success. And anyway I'm impressed that you went so far as setting up a build environment and really getting under the problem before posting to the list. If only more bug reports and help requests were submitted by such motivated people! This alone is what interests me in giving you a hand. I'm glad you said this, I was afraid that I didn't provide enough info. If I'm asking for help, I'll do what I can to help someone help me.
Re: Smart card manager
Thank you, still no luck. I managed to get esc-1.1.0-24.el6_2.2.src.rpm and rpmbuild --rebuild esc-1.1.0-24.el6_2.2.src.rpm yum upgrade esc-1.1.0-24.el6_2.x86_64.rpm esc now starts but does not detect my reader. I've tried with the built-in reader, a Dell usb keyboard with a reader and a stand alone usb reader. all with the same results. The only hint of what's wrong now is /var/log/messages shows: pam: gdm-smartcard[2460]: argument card_only is not supported by this module This is with the built in reader: pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: pcscdaemon.c:581:signal_trap() Preparing for suicide pcscd: readerfactory.c:1267:RFCleanupReaders() entering cleaning function pcscd: pcscdaemon.c:531:at_exit() cleaning /var/run pcscd: utils.c:123:StatSynchronize() Can't open /var/run/pcscd.events/event.2412.17011478: Bad file descriptor pcscd: utils.c:123:StatSynchronize() Can't open /var/run/pcscd.events/event.4825.16998508: Bad file descriptor pcscd: utils.c:123:StatSynchronize() Can't open /var/run/pcscd.events/event.3144.17025878: Bad file descriptor pcscd: pcscdaemon.c:506:main() pcsc-lite 1.5.2 daemon ready. pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found This is with the usb keyboard: kernel: usb 6-1: Product: Dell Smart Card Reader Keyboard kernel: input: Dell Dell Smart Card Reader Keyboard as /devices/pci:00/:00:1d.0/usb6/6-1/6-1:1.0/input/input13 kernel: generic-usb 0003:413C:2101.0002: input,hidraw0: USB HID v1.11 Keyboard [Dell Dell Smart Card Reader Keyboard] on usb-:00:1d.0-1/input0 readerfactory.c:1024:RFInitializeReader() Attempting startup of Dell smart card reader keyboard 00 00 using /usr/lib64/pcsc/drivers/ifd- ccid.bundle/Contents/Linux/libccid.so readerfactory.c:233:RFAddReader() Dell smart card reader keyboard init failed.
Smart card manager
Hi, I am having some issues getting my CAC to work in my Dell E6500 with SL 6.2 64 bit. I followed the instructions at http://zxq9.com/dodcac/F13-32/Fedora13.html The only difference was that yum install dogtag* did not work, yum search dogtag returned a bunch of pki packages. I installed each and every one of them and set up certificates and coolkey in Firefox. The card didn't seem to be recognized, so I ran the smart card manager (Applications-System Tools-Smart Card Manager) and got nothing. I ran esc from the command line and got Could not find compatible GRE between version 1.9 and 1.99 xulrunner --gre-version returns 10.0.3 Googled for awhile, only came up with some reinstallation stuff and changing the version in /usr/lib64/application.ini. Even tried an external reader with no luck. This machine dual boots between Win 7 and SL 6.2, so I know the hardware works. Nothing worked and I'm at a loss now. What can I try next? Thanks! Jeff Novick
Re: Smart card manager
First thank you for original work, that must have made you crazy and for your reply. I also found that this laptop supposedly needed a firmware upgrade, but that didn't work either. Meanwhile, I have disabled selinux completely and that had no effect. I will leave it this way until this is resolved. Tried to rebuild esc-1.1.0-14.fc15 from the src.rpm, that failed with: make[3]: Leaving directory `/home/mockbuild/rpmbuild/BUILD/esc- 1.1.0/esc/src/lib/coolkey' make[2]: Leaving directory `/home/mockbuild/rpmbuild/BUILD/esc- 1.1.0/esc/src/lib/coolkey' cd lib/notifytray; make libs make[2]: Entering directory `/home/mockbuild/rpmbuild/BUILD/esc- 1.1.0/esc/src/lib/notifytray' gcc -o Linux2.6_x86_glibc_PTH_64_OPT.OBJ/notifytray.o -c -O2 -fPIC - DLINUX1_2 -Di386 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall -pipe -DLINUX - Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR -DXP_UNIX - I/usr/include/gtk-2.0 -I/usr/lib64/gtk-2.0/include -I/usr/include/atk-1.0 - I/usr/include/cairo -I/usr/include/pango-1.0 -I/usr/include/glib-2.0 - I/usr/lib64/glib-2.0/include -I/usr/include/pixman-1 - I/usr/include/freetype2 -I/usr/include/libpng12 -UDEBUG -DNDEBUG - D_REENTRANT -DDLL_PREFIX=\lib\ -DDLL_SUFFIX=\so\ - I../../../dist/Linux2.6_x86_glibc_PTH_64_OPT.OBJ/include - I../../../dist/public/traynotify -I../../../dist/private/traynotify - I../../../dist/public/libnotify -DHAVE_LIB_NOTIFY notifytray.c notifytray.c: In function 'notify_icon_send_tooltip_msg': notifytray.c:227: warning: assignment discards qualifiers from pointer target type notifytray.c:242: error: too few arguments to function 'notify_notification_new' make[2]: *** [Linux2.6_x86_glibc_PTH_64_OPT.OBJ/notifytray.o] Error 1 make[2]: Leaving directory `/home/mockbuild/rpmbuild/BUILD/esc- 1.1.0/esc/src/lib/notifytray' make[1]: *** [libs] Error 2 make[1]: Leaving directory `/home/mockbuild/rpmbuild/BUILD/esc- 1.1.0/esc/src' make: *** [libs] Error 2 error: Bad exit status from /var/tmp/rpm-tmp.nG02bt (%build) Removed coolkey from Firefox, installed OpenSC and still had no luck. I did it all again with reboots in between every step, and still no good. Under Firefox, Edit-Preferences-Encyption-Security Devices, status says Not Present with or without my cac inserted.
