Articles

Adventures in Red Hat Enterprise Linux, CentOS, Fedora, OpenBSD and other open source solutions.

Configure soekris as a OpenBSD wireless NAT router.

I use a Soekris device, bought mine for € 70,- with a wireless network interface. (wi0)
Besides that interface, this "machine" has two other ports; sis0 going to the modem and sis1 is not used, but any computer may be connected.

How difficult would it be to use this machine as a router using OpenBSD? Not difficult at all!

First install your Soekris with OpenBSD.

Now login and configure a few things.

# vi /etc/rc.conf.local
# Start NTP, it syncs time and requires very little maintenance.
ntpd_flags="-s"
# Start a DNS server.
named_flags=
# Clients should receive an IP-address. DHCP will only listen on sis1 and wi0, the network
# interfaces where computers will connect on. Don't start DHCP on your "modem-port".
dhcpd_flags="sis1 wi0"
# Enable Packet Filter.
pf=
# Here are the rules for PF.
pf_rules=/etc/pf.conf

Configure named, the DNS server.

# cat /var/named/etc/named.conf                                                                                      
// $OpenBSD: named-simple.conf,v 1.9 2008/08/29 11:47:49 jakob Exp $
//
// Example file for a simple named configuration, processing both
// recursive and authoritative queries using one cache.


// Update this list to include only the networks for which you want
// to execute recursive queries. The default setting allows all hosts
// on any IPv4 networks for which the system has an interface, and
// the IPv6 localhost address.
//
acl clients {
        localnets;
        ::1;
};

options {
        version "";     // remove this to allow version queries

        listen-on    { any; };
        listen-on-v6 { any; };

        empty-zones-enable yes;

        allow-recursion { clients; };
};

logging {
        category lame-servers { null; };
};

// Standard zones
//
zone "." {
        type hint;
        file "etc/root.hint";
};

zone "localhost" {
        type master;
        file "standard/localhost";
        allow-transfer { localhost; };
};

zone "127.in-addr.arpa" {
        type master;
        file "standard/loopback";
        allow-transfer { localhost; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" {
        type master;
        file "standard/loopback6.arpa";
        allow-transfer { localhost; };
};

zone "lan.meinit.nl" {
        type master;
        file "master/lan.meinit.nl";
};

zone "wifi.meinit.nl" {
        type master;
        file "master/wifi.meinit.nl";
};

zone "1.168.192.in-addr.arpa" {
        type master;
        file "master/1.168.192.in-addr.arpa";
};

zone "2.168.192.in-addr.arpa" {
        type master;
        file "master/2.168.192.in-addr.arpa";
};

Now add all zones.

# cat lan.meinit.nl                                                                                                            
$ORIGIN lan.meinit.nl.
$TTL 6h

@       IN      SOA     lan.meinit.nl. root.meinit.nl. (
                        1       ; serial
                        1h      ; refresh
                        30m     ; retry
                        7d      ; expiration
                        1h )    ; minimum

                        NS      soekris.lan.meinit.nl.
soekris                 A       192.168.1.1
32                      A       192.168.1.32
33                      A       192.168.1.33
34                      A       192.168.1.34
35                      A       192.168.1.35
36                      A       192.168.1.36
37                      A       192.168.1.37
38                      A       192.168.1.38
39                      A       192.168.1.39
40                      A       192.168.1.40
41                      A       192.168.1.41
42                      A       192.168.1.42
43                      A       192.168.1.43
44                      A       192.168.1.44
45                      A       192.168.1.45
46                      A       192.168.1.46
47                      A       192.168.1.47
48                      A       192.168.1.48
49                      A       192.168.1.49
50                      A       192.168.1.50
51                      A       192.168.1.51
52                      A       192.168.1.52
53                      A       192.168.1.53
54                      A       192.168.1.54
55                      A       192.168.1.55
56                      A       192.168.1.56
57                      A       192.168.1.57
58                      A       192.168.1.58
59                      A       192.168.1.59
60                      A       192.168.1.60
61                      A       192.168.1.61
62                      A       192.168.1.62
63                      A       192.168.1.63
64                      A       192.168.1.64
65                      A       192.168.1.65
66                      A       192.168.1.66
67                      A       192.168.1.67
68                      A       192.168.1.68
69                      A       192.168.1.69
70                      A       192.168.1.70
71                      A       192.168.1.71
72                      A       192.168.1.72
73                      A       192.168.1.73
74                      A       192.168.1.74
75                      A       192.168.1.75
76                      A       192.168.1.76
77                      A       192.168.1.77
78                      A       192.168.1.78
79                      A       192.168.1.79
80                      A       192.168.1.80
81                      A       192.168.1.81
82                      A       192.168.1.82
83                      A       192.168.1.83
84                      A       192.168.1.84
85                      A       192.168.1.85
86                      A       192.168.1.86
87                      A       192.168.1.87
88                      A       192.168.1.88
89                      A       192.168.1.89
90                      A       192.168.1.90
91                      A       192.168.1.91
92                      A       192.168.1.92
93                      A       192.168.1.93
94                      A       192.168.1.94
95                      A       192.168.1.95
96                      A       192.168.1.96
97                      A       192.168.1.97
98                      A       192.168.1.98
99                      A       192.168.1.99
100                     A       192.168.1.100
101                     A       192.168.1.101
102                     A       192.168.1.102
103                     A       192.168.1.103
104                     A       192.168.1.104
105                     A       192.168.1.105
106                     A       192.168.1.106
107                     A       192.168.1.107
108                     A       192.168.1.108
109                     A       192.168.1.109
110                     A       192.168.1.110
111                     A       192.168.1.111
112                     A       192.168.1.112
113                     A       192.168.1.113
114                     A       192.168.1.114
115                     A       192.168.1.115
116                     A       192.168.1.116
117                     A       192.168.1.117
118                     A       192.168.1.118
119                     A       192.168.1.119
120                     A       192.168.1.120
121                     A       192.168.1.121
122                     A       192.168.1.122
123                     A       192.168.1.123
124                     A       192.168.1.124
125                     A       192.168.1.125
126                     A       192.168.1.126
127                     A       192.168.1.127

# cat wifi.meinit.nl                                                                                                           
$ORIGIN wifi.meinit.nl.
$TTL 6h

@       IN      SOA     wifi.meinit.nl. root.meinit.nl. (
                        1       ; serial
                        1h      ; refresh
                        30m     ; retry
                        7d      ; expiration
                        1h )    ; minimum

                        NS      soekris.wifi.meinit.nl.
soekris                 A       192.168.2.1
32                      A       192.168.2.32
33                      A       192.168.2.33
34                      A       192.168.2.34
35                      A       192.168.2.35
36                      A       192.168.2.36
37                      A       192.168.2.37
38                      A       192.168.2.38
39                      A       192.168.2.39
40                      A       192.168.2.40
41                      A       192.168.2.41
42                      A       192.168.2.42
43                      A       192.168.2.43
44                      A       192.168.2.44
45                      A       192.168.2.45
46                      A       192.168.2.46
47                      A       192.168.2.47
48                      A       192.168.2.48
49                      A       192.168.2.49
50                      A       192.168.2.50
51                      A       192.168.2.51
52                      A       192.168.2.52
53                      A       192.168.2.53
54                      A       192.168.2.54
55                      A       192.168.2.55
56                      A       192.168.2.56
57                      A       192.168.2.57
58                      A       192.168.2.58
59                      A       192.168.2.59
60                      A       192.168.2.60
61                      A       192.168.2.61
62                      A       192.168.2.62
63                      A       192.168.2.63
64                      A       192.168.2.64
65                      A       192.168.2.65
66                      A       192.168.2.66
67                      A       192.168.2.67
68                      A       192.168.2.68
69                      A       192.168.2.69
70                      A       192.168.2.70
71                      A       192.168.2.71
72                      A       192.168.2.72
73                      A       192.168.2.73
74                      A       192.168.2.74
75                      A       192.168.2.75
76                      A       192.168.2.76
77                      A       192.168.2.77
78                      A       192.168.2.78
79                      A       192.168.2.79
80                      A       192.168.2.80
81                      A       192.168.2.81
82                      A       192.168.2.82
83                      A       192.168.2.83
84                      A       192.168.2.84
85                      A       192.168.2.85
86                      A       192.168.2.86
87                      A       192.168.2.87
88                      A       192.168.2.88
89                      A       192.168.2.89
90                      A       192.168.2.90
91                      A       192.168.2.91
92                      A       192.168.2.92
93                      A       192.168.2.93
94                      A       192.168.2.94
95                      A       192.168.2.95
96                      A       192.168.2.96
97                      A       192.168.2.97
98                      A       192.168.2.98
99                      A       192.168.2.99
100                     A       192.168.2.100
101                     A       192.168.2.101
102                     A       192.168.2.102
103                     A       192.168.2.103
104                     A       192.168.2.104
105                     A       192.168.2.105
106                     A       192.168.2.106
107                     A       192.168.2.107
108                     A       192.168.2.108
109                     A       192.168.2.109
110                     A       192.168.2.110
111                     A       192.168.2.111
112                     A       192.168.2.112
113                     A       192.168.2.113
114                     A       192.168.2.114
115                     A       192.168.2.115
116                     A       192.168.2.116
117                     A       192.168.2.117
118                     A       192.168.2.118
119                     A       192.168.2.119
120                     A       192.168.2.120
121                     A       192.168.2.121
122                     A       192.168.2.122
123                     A       192.168.2.123
124                     A       192.168.2.124
125                     A       192.168.2.125
126                     A       192.168.2.126
127                     A       192.168.2.127

# cat 1.168.192.in-addr.arpa                                                                                                   
$ORIGIN 1.168.192.in-addr.arpa.
$TTL 6h

@       IN      SOA     lan.home.meinit.nl. root.meinit.nl. (
                        1       ; serial
                        1h      ; refresh
                        30m     ; retry
                        7d      ; expiration
                        1h )    ; minimum

                        NS      soekris.lan.meinit.nl.
1                       PTR     soekris.lan.meinit.nl.
$GENERATE       32-127  $       PTR     $.lan.meinit.nl.

# cat 2.168.192.in-addr.arpa                                                                                                   
$ORIGIN 2.168.192.in-addr.arpa.
$TTL 6h

@       IN      SOA     wifi.meinit.nl. root.meinit.nl. (
                        1       ; serial
                        1h      ; refresh
                        30m     ; retry
                        7d      ; expiration
                        1h )    ; minimum

                        NS      soekris.home.meinit.nl.
1                       PTR     soekris.wifi.meinit.nl.
$GENERATE       32-127  $       PTR     $.wifi.meinit.nl.

And setup the DHCP server.

# cat /etc/dhcpd.conf                                                                                                          
subnet 192.168.1.0 netmask 255.255.255.0 {
        option domain-name "lan.meinit.nl";
        option domain-name-servers 192.168.1.1;
        option routers 192.168.1.1;
        range 192.168.1.32 192.168.1.127;
}
subnet 192.168.2.0 netmask 255.255.255.0 {
        option domain-name "wifi.meinit.nl";
        option domain-name-servers 192.168.2.1;
        option routers 192.168.2.1;
        range 192.168.2.32 192.168.2.127;
}

Finally configure your PF in /etc/pf.conf:

# wan is the interface to which the modem is connected.
wan = sis0
# This is an extra interface, not in use right now, but you could connect a cable.
lan = sis1
# This is the (Prism 2) wireless network card. Clients will connect to this interface mostly.
wifi = wi0

scrub in all

nat on $wan from !($wan) to any -> ($wan)

Now beter reboot to activate all changes. (Sure you could start every daemon by hand...)

Using Virtualbox on Mac OS X

Virtualbox is a open source virtualization tool that runs on many operating systems, including Mac OS X It's free, simple and it works, but you'll need to be aware of how to use it. Here are my experiences with different settings.

The default network driver makes an airport interface (en1) on Mac OS X unstable. So; either map the virtual interface to a wired network interface (en0) or use another driver. The Intel PRO/1000 MT Desktop (8254OEM) works fine for me, the PCnet-FAST II (Am78C973) does not work well for me.

For FreeBSD guest operating systems, the default IDE disk causes timeouts. Better use a SATA emulation, IDE emulation causes errors during the install.

Have fun using Virtualbox, after all, its free!

Update Soekris bios firmware from your Apple Mac OS X machine

When you are using a Soekris, a new bios is published every now and then. Because I had to search-copy-try-paste quite some time to get my Apple Mac OS X to upload the most recent Soekris (net4521) bios.

Here is what you need:

I downloaded b4501_133.bin.

The driver for the IOGear USB-to-serial cable creates a device called /dev/tty.PL2303-00002006. The Soekris will most likely run on 19200 bps. If your Soekris spits out unreadable text, try a speed like 9600. If you are able to access the Soekris bios, you can always change the serial speed using "set ConSpeed=19200" for example.

# cu -l /dev/tty.PL2303-00002006 -s 19200
POST: 012345689bcefghipsajklnopqr,,,tvwxy

comBIOS ver. 1.33  20080103  Copyright (C) 2000-2007 Soekris Engineering.

net45xx

0064 Mbyte Memory                        CPU Elan SC520 133 Mhz

Pri Mas  LEXAR ATA FLASH                 LBA Xlt 999-32-63  1007 Mbyte

Slot   Vend Dev  ClassRev Cmd  Stat CL LT HT  Base1    Base2   Int
-------------------------------------------------------------------
0:00:0 1022 3000 06000000 0006 2280 00 00 00 00000000 00000000
0:17:0 104C AC51 06070000 0107 0210 10 3F 82 A0000000 020000A0 10
0:17:1 104C AC51 06070000 0107 0210 10 3F 82 A0001000 020000A0 10
0:18:0 100B 0020 02000000 0107 0290 00 3F 00 0000E101 A0002000 11
0:19:0 100B 0020 02000000 0107 0290 00 3F 00 0000E201 A0003000 05

1 Seconds to automatic boot.   Press Ctrl-P for entering Monitor.

> download -

Start sending file using XMODEM/CRC protocol.
~+./lsz -X b4501_133.bin
Sending b4501_133.bin, 608 blocks: Give your local XMODEM receive command now.
Bytes Sent:  77824   BPS:1745                           

Transfer complete

File downloaded succesfully, size 608 Blocks.

> flashupdate
Updating BIOS Flash ,,,,,,,,,,,,..,,,,.. Done.

> reboot

Good, you are done!

Install your Soekris (or any other machine) with OpenBSD using OpenBSD

To install OpenBSD on your Soekris machine, (or any other machine) take these steps to create an OpenBSD installation server. This instruction help you setup a DHCP, TFTP and HTTP server required for a network installation of OpenBSD.

This setup creates an autonomous install server, that can be disconnected from the internet. During the setup this machine is connected to the internet to install all required software.

First; install an OpenBSD machine. This may either be virtual or physical. Just install the default set of software and make sure it's connected to the internet. (It does not matter if you are using DHCP or a static IP configuration.)

This instruction is based on OpenBSD 4.5, but will likely work for future releases.

Install a DHCP server.

# export PKG_PATH=http://mirror.roothell.org/pub/OpenBSD/4.5/packages/i386/
# pkg_add isc-dhcp-server
isc-dhcp-server-3.1.1: complete

Configure the DHCP server. This step is very dependent of your network configuration, so don't just copy paste everything, but try to understand (using man pages) what's configured.
My /etc/dhcpd.conf looks like this now:

option  domain-name "home.meinit.nl";
option  domain-name-servers 192.168.1.1;

subnet 192.168.1.0 netmask 255.255.255.0 {
        range 192.168.1.32 192.168.1.127;
        host pxe-client {
                hardware ethernet 02:03:04:05:06:07;
                filename "pxeboot";
                next-server 192.168.1.1;
        }
}

Be aware; the "hardware ethernet" address mentioned above is not correct. It needs to be set to what the MAC address is of the machine you would like to install.

Make sure it start by modifying /etc/rc.conf.local, like this:

# echo "dhcpd_flags=" >> /etc/rc.conf.local

Enable the TFTP server in /etc/inetd.conf: (It's installed by default on an OpenBSD installation!)

tftp            dgram   udp     wait    root    /usr/libexec/tftpd      tftpd -s /tftpboot

Create some directories and restart inetd:
# pkill -HUP inetd

Now get the kernel that is being used when booting over the network and retreive the PXE boot code.

# cd /tftpboot
# ftp http://mirror.roothell.org/pub/OpenBSD/4.5/i386/bsd.rd
Trying 88.198.153.75...
Requesting http://mirror.roothell.org/pub/OpenBSD/4.5/i386/bsd
100% |*******************************************************************************|  5461 KB    00:06
Successfully retrieved file.
# echo "set tty com0
stty com0 19200
boot bsd.rd" > etc/boot.conf
# ftp http://mirror.roothell.org/pub/OpenBSD/4.5/i386/pxeboot
Trying 88.198.153.75...
Requesting http://mirror.roothell.org/pub/OpenBSD/4.5/i386/pxeboot
100% |*******************************************************************************| 53276       00:00   
Successfully retrieved file.

Enable a HTTP server.

# echo "httpd_flags=" >> /etc/rc.conf.local

Now get all required software sets you'd like to offer.

# ftp http://mirror.roothell.org/pub/OpenBSD/4.5/i386/index.txt
Trying 88.198.153.75...
Requesting http://mirror.roothell.org/pub/OpenBSD/4.5/i386/index.txt
100% |*******************************************************************************|   266       00:00   
Successfully retrieved file.
# cat index.txt | grep -v '.iso' | tee index.txt | while read file ; do
>  ftp http://mirror.roothell.org/pub/OpenBSD/4.5/i386/"$file"         
> done
100% |********************************************************************************|   106 KB    00:00   
100% |********************************************************************************| 22356       00:00   
100% |********************************************************************************|  1022       00:00   
100% |********************************************************************************| 46941 KB    00:27   
100% |********************************************************************************|  6539 KB    00:02   
100% |********************************************************************************|  6558 KB    00:03   
100% |********************************************************************************|  5461 KB    00:02   
100% |********************************************************************************| 44724       00:00   
100% |********************************************************************************|  2048       00:00   
100% |********************************************************************************| 87874 KB    00:59   
100% |********************************************************************************|   501 KB    00:00   
100% |********************************************************************************|  1440 KB    00:00   
100% |********************************************************************************|  1440 KB    00:00   
100% |********************************************************************************|  1440 KB    00:00   
100% |********************************************************************************|  2555 KB    00:00   
100% |********************************************************************************|  8032 KB    00:03   
100% |********************************************************************************|  2866 KB    00:02   
100% |********************************************************************************| 53276       00:00   
100% |********************************************************************************|  9761 KB    00:07   
100% |********************************************************************************| 75214       00:01   
100% |********************************************************************************| 34745 KB    00:26   
100% |********************************************************************************| 19478 KB    00:11   
100% |********************************************************************************|  2698 KB    00:06   

Now that everything is ready, reconfigure your network to use a static IP which is usable in the network you are planning this installation server.

NOTA BENE: you have enabled a DHCP server, if your network already uses a DHCP server, clients might get an IP address from your DHCP server, which is likely incorrect and/or conflicting with the exiting DHCP server. Normally you'd like to use one DHCP server per network.

# echo "inet 192.168.1.1 255.255.255.0 192.168.1.255" > /etc/hostname.em0
# echo "lookup file" > /etc/resolv.conf
# reboot

Now in the freshly installed client, modify/create /etc/boot.conf with this content:

set tty com0
stty com0 19200

The Soekris uses these setting to be able to access the serial console.

Okay, after your install server has been rebooted, go and boot an uninstalled client.

For soekris users; connect your console cable, see the machine boot.

You will see that it's first getting the pxeboot code, then the kernel (bsd). When the kernel has booted, select your bootservers IP address to install software from and enter "/" at the server directory question.

Add a permanent static route to Mac OS X

As a reminder for myself, but likely useful for you! If you are in a situation where you'd like to add a static route to you Mac OS X machine, you could issue:

$ sudo route add 10.0.0.0/8 192.168.1.1

This commands tells the TCP/IP stack to sent traffic with the destination 10.*.*.* via 192.168.1.1. But, this command is only active after issuing it and before the next reboot. To "save" this command, make it permanent, you can take these simple steps.
$ sudo mkdir /Library/StartupItems/AddRoute
# cd /Library/StartupItems/AddRoute
$ echo "{
        Description     = \"Add static routing tables\";
        Provides        = (\"AddRoutes\");
        Requires        = (\"Network\");
        OrderPreference = \"None\";
}" > StartupParameters.plist
$ echo "#!/bin/sh

# Set up static routing tables
# Roark Holz, Thursday, April 6, 2006

. /etc/rc.common

StartService ()
{
        ConsoleMessage "Adding Static Routing Tables"
sudo route add 10.0.0.0/8 192.168.200.15
}

StopService ()
{
        return 0
}

RestartService ()
{
        return 0
}

RunService "$1"" > AddRoutes
$ sudo chmod 755 AddRoutes

Now you should be prepared. After a reboot, the route will be visible. (netstat -rnf inet)

Nagios check for Centreon to create CPU graphs for Linux

Centreon is a great front-end for Nagios, the well known monitoring tool.

Nagios only performs "up" and "down" checks, Centreon adds performance graph capabilities.

Centreon comes with many checks to measure values, like traffic on eth0, a ping response time check, an ntp check and so on. Many checks are based on SNMP, so for Linux machines net-snmp should be installed.

What Centreon is missing, is an SNMP check that reports CPU usage and graphs the information. Here is a shell script to get the values for a specified host and return the CPU-idle percentage, CPU-system percentage and CPU-user percentage.

The script depends on a binary snmpget found in the package net-snmp-utils. Install it on the Nagios pollers that perform this check.

This script implements Performance Data as described by Nagios, which is very short means that besides outputting readable data, it also outputs performance data after the pipe ("|") mark, separated by a comma.
The script has been designed to incorporate all described requirements by Nagios plugins.

#!/bin/sh

# Nagios plugin to report CPU usage on Linux boxes.

usage() {
# This function is called when a user enters impossible values.
echo "Usage: $0 -H HOSTADDRESS [-C COMMUNITY] [-w WARNING] [-c CRITICAL] [-v VERSION]"
echo
echo " -H HOSTADDRESS"
echo "     The host to check, either IP address or a resolvable hostname."
echo " -w WARNING"
echo "     The percentage of cpu-idle to start warning, defaults to 15."
echo " -c CRITICAL"
echo "     The percentage op cpu-idle to reflect a critical state, defaults to 5."
echo " -C COMMUNITY"
echo "     The SNMP community to use, defaults to public."
echo " -v VERSION"
echo "     The SNMTP version to use, defaults to 2c."
exit 3
}

readargs() {
# This function reads what options and arguments were given on the
# command line.
while [ "$#" -gt 0 ] ; do
  case "$1" in
   -H)
    if [ "$2" ] ; then
     host="$2"
     shift ; shift
    else
     echo "Missing a value for $1."
     echo
     shift
     usage
    fi
   ;;
   -w)
    if [ "$2" ] ; then
     warning="$2"
     shift ; shift
    else
     echo "Missing a value for $1."
     echo
     shift
     usage
    fi
   ;;
   -c)
    if [ "$2" ] ; then
     critical="$2"
     shift ; shift
    else
     echo "Missing a value for $1."
     echo
     shift
     usage
    fi
   ;;
   -C)
    if [ "$2" ] ; then
     community="$2"
     shift ; shift
    else
     echo "Missing a value for $1."
     echo
     shift
     usage
    fi
   ;;
   -v)
    if [ "$2" ] ; then
     version="$2"
     shift ; shift
    else
     echo "Missing a value for $1."
     echo
     shift
     usage
    fi
   ;;
   *)
    echo "Unknown option $1."
    echo
    shift
    usage
   ;;
  esac
done
}

setvariables() {
# Here is a function to set some default values.
cpurawidle="UCD-SNMP-MIB::ssCpuRawIdle.0"
cpurawuser="UCD-SNMP-MIB::ssCpuRawUser.0"
cpurawsystem="UCD-SNMP-MIB::ssCpuRawSystem.0"
if [ ! "$warning" ] ; then warning="15" ; fi
if [ ! "$critical" ] ; then critical="5" ; fi
tmpdir="/tmp/nagios"
}

checkvariables() {
# This function checks if all collected input is correct.
if [ ! "$host" ] ; then
  echo "Please specify a hostname or IP address."
  echo
  usage
fi
if [ "$warning" -lt "$critical" ] ; then
  echo "Critical may not be higher than warning. Please modify your critical an warning values."
  echo
  usage
fi
if [ ! "$community" ] ; then
  # The public community is used when a user did not enter a community.
  community="public"
fi
if [ ! "$version" ] ; then
  # Version 2c is used when a user did not enter a version.
  version="2c"
fi
if [ ! -d "$tmpdir" ] ; then
  mkdir "$tmpdir"
  if [ $? -gt 0 ] ; then
   echo "Unknown cannot create $tmpdir!"
   exit 3
  fi
fi
}

getandprintresults() {
# First, get all values in one snmpget session. I think this is lighter for
# the machine that is queried compared to three separated snmpgets.
snmpget -c "$community" -v "$version" -t 3 "$host" "$cpurawidle" "$cpurawuser" "$cpurawsystem" | while read mib equals type digit ; do
case "$mib" in
  # This output is returned for the cpuidle value.
  UCD-SNMP-MIB::ssCpuRawIdle.0)
   cpuidlevalue="$digit"
  ;;
  # This output is returned for the cpuuser value.
  UCD-SNMP-MIB::ssCpuRawUser.0)
   cpuuservalue="$digit"
  ;;
  # This output is returned for the cpusystem value.
  UCD-SNMP-MIB::ssCpuRawSystem.0)
   cpusystemvalue="$digit"

   if [ -f "$tmpdir"/"$host".cpuidle ] ; then
    cpuidlediff=$(($cpuidlevalue - $(cat "$tmpdir"/"$host".cpuidle)))
   fi
   echo "$cpuidlevalue" > "$tmpdir"/"$host".cpuidle

   if [ -f "$tmpdir"/"$host".cpuuser ] ; then
    cpuuserdiff=$(($cpuuservalue - $(cat "$tmpdir"/"$host".cpuuser)))
   fi
   echo "$cpuuservalue" > "$tmpdir"/"$host".cpuuser

   if [ ! -f "$tmpdir"/"$host".cpusystem ] ; then
    echo "$cpusystemvalue" > "$tmpdir"/"$host".cpusystem
    echo "First run, gathering data."
    exit 3
   else
    cpusystemdiff=$(($cpusystemvalue - $(cat "$tmpdir"/"$host".cpusystem)))
    echo "$cpusystemvalue" > "$tmpdir"/"$host".cpusystem
   fi

   # Add all differences, so a calculation of the percentage can be made later.
   allcpu=$(($cpuidlediff + $cpuuserdiff + $cpusystemdiff))

   # Now calculate how many percent each value represents.
   cpuidlevalue=$((($cpuidlediff*100)/$allcpu))
   cpuuservalue=$((($cpuuserdiff*100)/$allcpu))
   cpusystemvalue=$((($cpusystemdiff*100)/$allcpu))

   # Now see if any of these percentages is over a threshold.
   if [ "$cpuidlevalue" -lt "$critical" ] ; then
    # First see if it's in a critical state.
    echo "CPU CRITICAL idle value: $cpuidlevalue%|cpuidle=$cpuidlevalue% cpuuservalue=$cpuuservalue% cpusystemvalue=$cpusystemvalue%"
    exit 2
   elif [ "$cpuidlevalue" -lt "$warning" ] ; then
    # Now see if warning applies.
    echo "CPU WARNING idle value: $cpuidlevalue%|cpuidle=$cpuidlevalue% cpuuservalue=$cpuuservalue% cpusystemvalue=$cpusystemvalue%"
    exit 1
   else
    # If neither critical, nor warning apply, it must be OK!
    echo "CPU OK idle value: $cpuidlevalue%|cpuidle=$cpuidlevalue% cpuuservalue=$cpuuservalue% cpusystemvalue=$cpusystemvalue%"
    exit 0
   fi
  ;;
  esac
done
}

# The calls to the different functions.
readargs "$@"
setvariables
checkvariables
getandprintresults

Don't forget to chmod (755) the script on the Poller(s).

Now go into the Centreon web front end and add a command at:
Configuration - Commands - Add.
I named the check "check_cpu" where the command line is:

$USER1$/check_snmp_cpu -H $HOSTADDRESS$ -C $ARG1$

Bind this check to a service template and bind a hostgroup to the service template. Remember Centreon does not use $USER2$, but $_HOSTSNMPCOMMUNITY$.

Pasting shell scripts from Microsoft Word into Putty

As a Linux/UNIX engineer you will have to cope with the strange behaviour of Microsofts products. Microsoft Word replaces a simple double quote (") for an angled quote. Now when you paste that code into Putty, your (angled) quotes are replaced for dots.

To correct this behaviour open Microsoft Word, click Tools then Autocorrection options and on the unselect Smart Quotes. (You may want to disable other "handy" features as well.

Finally, I am able to paste documented code into Putty!

Simple AWK script to show filesystems that are almost full

Here is a simple oneliner to show filesystems that are nearly full:

df -k | awk '$4 > 85 {print $7,$4}'

What it does;

  1. df -k - This displays the filesystems and how full they are.
  2. awk '$4 > 85 {print $7,$4}' - This prints the 7th and 4th column, when the 4th column is greater than 85.

An alternative to top for AIX

Almost everybody loves the GNU command top. Top displays information about what's going on at your system. Some systems don't provide top, this script can be used as an alternative for top:

#!/bin/sh

# If the shell script is stopped with CTRL+C, the screen
# might need to be sized correctly.
trap 'eval $(resize); exit 2' 2

# A loop to display activity.
while [ 1 ] ; do
eval $(resize)
output=$(ps -eF "pcpu time pid user comm" | grep -v TIME | sort -rn | head -$(("$LINES"-2)))
echo ' %CPU      TIME    PID     USER    COMMAND'
echo "$output"
sleep 3
done

Running an Open Source Phone Part 1

Introduction - Why do we need an Free Software phone?

As we all know, when purchasing a new phone, it often has a slew of restrictions. On the telephony side, you are usually only allowed to use an authorised type of SIM card in the phone but there are far greater restrictions as to what you can do with the software on the phone. Almost all phones out there use proprietary software and, in the cases where a Free Software kernel is used, it is always hidden away and you can't modify your phone by installing a free GNU/Linux distribution on it since only authorised, signed operating systems will be booted.

Besides the software in the phone not being Free (as in freedom) software, there are often arbitrary restrictions on how you can use the phone. For example, DRM to restrict how you can play the music you have legally purchased, you cannot install you own applications but only applications approved by the Telco and/or phone vendor - think of the iPhone.

I am writing a series of articles in order to share my experiences and hopefully help people get familiar with Free Software on mobile devices, specifically cellular telephones. This first article will focus on a high level introduction to some of the hardware and software available for open source/free software phones. For those interested - I am using a Neo Freerunner running QTextended as my daily phone.

The Hardware

All this Free Software is no good if there is no phone you can install it on so I will now give a non-exhaustive list of the mobile devices I know about on which you can install free software.

The Neo Freerunner

The Neo Freerunner is designed to be an open phone from the ground up - the manufacturing diagrams are published as CAD files which anyone can use as a basis for another phone. The Neo Freerunner is the most promising, truly open phone that I am aware of and has a highly active community developing software for the Neo Freerunner and future phones from Openmoko.

The software on this phone (covered in Part 2) is not quite ready for end-user use but can be used as a daily phone by enthusiasts. That said, I expect that basic functionality will be stable in half a year.

Google G1

The Google G1 is a Linux based phone brought out by Google, it seems they want to compete with the Apple iPhone. The retail G1 is a locked phone that will only run authorised images so no change there. However, you can gain access to the full functionality of your phone in two ways; rooting the phone or buying the developer G1 called the "Android Dev Phone 1". Once this has been done you can proceed to experiment to your hearts content with the underlying Linux system making up the G1 - with some limitations.

The Trolltech Greenphone

The now discontinued Green phone used a software stack called Qtopia created by Trolltech (now owned by Nokia) - the same people who develop the QT toolkit in use by such projects as KDE and countless other, smaller applications.

The idea behind the Greenphone was to promote Qtopia as a mobile development platform and not as an end-user telephone. Trolltech no longer ships the Greenphone and the Qtopia software stack as been renamed to QTextended. QTextended has just released version 4.4.3, which will be the last release of the QTextended platform as this too is being discontinued but a community maintained version will still be available and may even become better than the Trolltech version.

Nokia Internet Tablet

The Nokia N810 supports the running of Open Source software - the main software stack target at this device is the Maemo plaform but it also supports QTextended and Debian GNU/Linux. By installing Debian on the N810 you can access to the vast software repositories available to Debian systems.

iPhone

Yes, you read correctly, you can now run Linux on your iPhone. This project is still in its very early stages and already seems to be laying the groundwork quite well. Definitely worth keeping an eye on. Also, I suspect you will need a jail-broken phone in order to install Linux on your iPhone and Apple may release updates to their boot loader ROM that will make it difficult to install Linux on the iPhone.
Netbooks

And, let's not forget, the ever popular Netbooks being made by seemingly all major computer manufacturers. While not strictly speaking a phone or a "tablet", they are nevertheless very mobile and so I will cover them here. The recent Netbook trend all started with the Asus Eee PC which made people realise that they just need "good enough" computing rather than a super computer on their lap.

One can easily install any Linux distribution on these devices and, when combined with a mobile broadband device (aka "dongle"), you have a powerful, mobile Internet device. Especially useful for those of us that are on call!

A very good history of the Netbook can be found at Arstechnica.

Next Article

In the next article I will be taking a deeper look at the various Free Software stacks that are available for running on your mobile device. Stay tuned!

About Consultancy Articles Contact




References Red Hat Certified Architect By Robert de Bock Robert de Bock
Curriculum Vitae By Fred Clausen +31 6 14 39 58 72
By Nelson Manning [email protected]
Syndicate content