Note: This howto requires a patch to your FreeBSD ports tree. The patch has been submitted to the FreeBSD port maintainers. I hope that it will eventually end up in the ports tree.

My initial readings about this was on the official Icinga docs covering installing Icinga on FreeBSD with IDOUtils.
However, as it turned out, the docs our a bit outdated, and yet do not reflect a way of doing the install using ports.

So here’s just a short primer on what I did do install Icinga from ports, imposing as little additional work four you, my fellow reader, as well

Now let’s turn to Icinga, which has a port on it’s own, which you’ll find it at /usr/ports/net-mgtm/icinga. First change to that directory.

cd /usr/ports/net-mgtm/icinga

Now download the patch file I made into your ports directory.
The patch will inject a new rc-script for ido2db and enable your port to build IDOutils.

[root@localhost /usr/ports/net-mgmt/icinga]# fetch http://phaq.phunsites.net/files/2012/01/patch_icinga_1.5.1_idoutils_fbs_port.txt

Then apply the patch like this:

[root@localhost /usr/ports/net-mgmt/icinga]# patch -p0 < patch_icinga_1.5.1_idoutils_fbs_port.txt
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|--- Makefile.org	2012-01-28 16:36:46.000000000 +0000
|+++ Makefile	2012-01-28 17:51:38.000000000 +0000
--------------------------
Patching file Makefile using Plan A...
Hunk #1 succeeded at 27.
Hunk #2 succeeded at 109.
Hmm...  The next patch looks like a unified diff to me...
The text leading up to this was:
--------------------------
|--- /dev/null	2012-01-28 18:00:51.000000000 +0000
|+++ files/ido2db.in	2012-01-28 18:00:30.000000000 +0000
--------------------------
(Creating file files/ido2db.in...)
Patching file files/ido2db.in using Plan A...
Hunk #1 succeeded at 1.
Hmm...  The next patch looks like a unified diff to me...
The text leading up to this was:
--------------------------
|--- files/pkg-message.in.org	2012-01-28 17:48:37.000000000 +0000
|+++ files/pkg-message.in	2012-01-28 17:49:38.000000000 +0000
--------------------------
Patching file files/pkg-message.in using Plan A...
Hunk #1 succeeded at 4.
done

Now you’re ready to configure the port:

[root@localhost /usr/ports/net-mgmt/icinga]# make config

Note the now IDOUtils option that now has appeared. Check it to enable IDOUtils.

Then compile and install as usual. The port will install also all required dependies, two of them being mysql55-client and libdbi-drivers, both to be found at /usr/ports/databases.

[root@localhost /usr/ports/net-mgmt/icinga]# make install clean

Afterwards, you should end up with a few additional files, which would not be installed with the stock FreeBSD port.

[root@localhost /usr/ports/net-mgmt/icinga]# ls -l /usr/local/bin/ido*
-rwxrwxr--  1 root  wheel  238326 Jan 28 16:53 /usr/local/bin/ido2db
-rwxrwxr--  1 root  wheel   80419 Jan 28 16:53 /usr/local/bin/idomod.o

[root@mgmp-bs01 /usr/ports/net-mgmt/icinga]# ls -l /usr/local/etc/rc.d/ido2db
-r-xr-xr-x  1 root  wheel  738 Jan 28 18:00 /usr/local/etc/rc.d/ido2db

Now you can enable Icinage and IDO2DB in /etc/rc.conf by adding these lines:

icinga_enable="YES"
ido2db_enable="YES"

Of course, you still need to perform the usual Icinga configuration steps, which are not covered in this post.
Please check with the official docs for this procedure.

If your configuration is proper, you should notice this in your logs indicating that IDOMOD (IDOUtils) is really working.

[1327773651] Icinga 1.5.1 starting... (PID=95448)
[1327773651] Local time is Sat Jan 28 18:00:51 UTC 2012
[1327773651] LOG VERSION: 2.0
[1327773651] idomod: IDOMOD 1.5.1 (09-09-2011) Copyright (c) 2005-2008 Ethan Galstad (nagios@nagios.org), Copyright (c) 2009-2011 Icinga Development Team (http://www.icinga.org))
[1327773651] idomod: Successfully connected to data sink.  26 queued items to flush.
[1327773651] idomod: Successfully flushed 26 queued items to data sink.
[1327773651] Event broker module '/usr/local/bin/idomod.o' initialized successfully.
[1327773651] Finished daemonizing... (New PID=95450)

That’s it, you conquered the beast!

Well, the ID has to be generated on-the-fly and out of nowhere. Still easy?

One might think about using MySQL user variables to accomplish this, sure. But what if your framework does not allow injecting chained queries because of SQL injection countermeasures?

The framework I used, WordPress’ wpdb API to be exact, has such a restriction, which caused my to find an alternate way.

To illustrate the problem, I start with the date retrieved, which would normally look as shown below.

mysql> SELECT value1, value2 FROM sample_table;
+-----------------+-----------------+
| value1          | value2          |
+-----------------+-----------------+
| sample_value_1  | sample_value_2  |
| sample_value_a  | sample_value_b  |
+-----------------+-----------------+
2 rows in set (0.00 sec)

Now, I need a line number for each record. When talking abut the line number, I’m strictly talking about a representation of “this is the first line”, “this is the second line”, etc.
This particular line number must therefore not be identical to the tupel ID, if that even would exist.
So this is what I would expect:

+------------+-----------------+-----------------+
| line_num   | value1          | value2          |
+------------+-----------------+-----------------+
| 1          | sample_value_1  | sample_value_2  |
| 2          | sample_value_a  | sample_value_b  |
+------------+-----------------+-----------------+

To generate this by the means of a query, one would usually use a MySQL user variable, that would be dynamically increased for each data row.
In SQL speech the query would then look like this:

SELECT @line:=0;
SELECT @line:=@line+1 AS line_num, value1, value2 FROM sample_table;
+------------+-----------------+-----------------+
| line_num   | value1          | value2          |
+------------+-----------------+-----------------+
| 1          | sample_value_1  | sample_value_2  |
| 2          | sample_value_a  | sample_value_b  |
+------------+-----------------+-----------------+

It’s actually easy and conventient, and you get real, dynamically calculated “line numbers”. But this technique requires to actually run two statements to be run in a series.
If you’re using your own database routines, this may not be a problem at all. But if you rely on a given framework, you may trip into SQL injection counter measures which will simply throw away a query constructed like this:

$my_query = "SELECT @line:=0; SELECT @line:=@line+1 AS line_num, value1, value2 FROM sample_table;";

$my_result = $pseudo_call_to_my_db_framework->execute( $my_query );

This was ecactly what I was trying to do with WordPress’ wpdb API. However, as I found, SQL injection filters kicked in. This is absolutely not to blame the WordPress folks, of course. The filters in place serve a good purpose and thus forced me in taking a different approach.

After some searching on the net I found that I seemed to be the only one to be using users vars with wpdb :-/
Of course, while this may not be widely used, I insisted in this approach. Suggestions in adding a loop or an extra-query where inappropriate to me, because it had to fit within the existing code base. That again required me to specifically do it in one SQL query, because I simply did not want to bloat the code by adding another loop in there.

So, the question is: Can the procedure described above be performed within ONE single query.

The answer is: Yes, but you’re required to invole a sub-query to achive this.

At first, leave the initial variable assignment away, so you end up with this query:

SELECT @line:=@line+1 AS line_num, value1, value2 FROM sample_table;

This would of course not yet work, because the user variable @line wouldn’t yet be defined at runtime.
Since you can’t prepend the declaration, you need to embed it using a sub-query. This is needed to have the variable declaration ready at the earliest stage possible, namely while parsing the query, and not during result processing.

Let’s look at the final query and the comments:

SELECT
        @line:=@line+1 AS line_num,                     # increase the @line user variable for each row retrieved
        sample_table.value1,                            # include column 'value1' from table 'sample_table'
        sample_table.value2                             # include column 'value2' from table 'sample_table'
FROM
        (SELECT @line:=0) AS tmp_line,                  # this will fire during parsing: initialize the user var by selecting it into a dummy table
        sample_table;                                   # now add our actual data table as well

This way, you end up getting the same result as shown earlier. And yet, this query can be performed with WordPress’ wpdb API and maybe other frameworks as well.

While sticking together my framework, I found that forking a process into background from PHP requires some additional steps if you don’t want to break AJAX functionality.

Here’s a sketch of the basic concept. It involves a Dispatcher, which creates a workqueue item in a database, and then forks a background process, which will perform various tasks. The latter will then report back the states of the tasks performed to the workqueue item in the database.
On the other end, a Tracker will check the database for the running states and push progress information into the browser.

While it was working to some extent, my initial attempts at forking a background process from PHP failed terribly, because PHP always kept waiting for the command to complete.
This behaviour had the side effect that the Dispatcher couldn’t immediately return the workqueue id to the AJAX client (the browser). But since the workqueue id was required by the AJAX-client to subsequently fire the Tracker, the initial request to the Dispatcher had to be synchronous instead of asynchronous.
The blocking behaviour did however screw everything, so I had to find a way around.

Of course, I was thinking about the various methods in calling external commands from PHP, starting with simple backticks, exec(), passthru() and even popen(), despite some others as well.

People familiar to Unix/Linux environments would of course say, that a background task can be started easily by appending an ampersand to the end, making it look like this:


exec( '/path/to/my/command &' );
system( '/path/to/my/command &' );


But that does not work in PHP, because all calls are always waiting for the command to return.
PHP effectively binds the STDERR and STDOUT I/O streams during execution, which is why a simple ampersand doesn’t work out.
To get this to work, one must really detach the to-be-backgrounded program from the controlling terminal to trick PHP into returning from exec.

This can be done easily by redirecting STDOUT and STDERR to a logfile or /dev/null before background the program, and just return the pid.
That would then look similar to this:


exec( '/path/to/some/program > /dev/null 2>&1 & echo $!' );


The above example would detach the programm into background while returning control to your PHP application at once.

Consider the output destination being required in any case, otherwise the I/O streams won’t get detached.
So this syntax, while being perfectly valid, will definitely run your command, but won’t place it into background at all:


exec( '/path/to/some/program 2>&1 & echo $!' );


That’s it

True, this is a good feature for most. But if you can spare some backups, because you – let’s say – store your files to a dropbox folder, which is synchronized to a cloud service, then you may not need the mobile backup feature of OS X.
In fact, you may notice running out of disk space, that you could use otherwise.

So to see the difference, let’s check out the available free disk space in Termin us the ‘df’ (disk free) utility:

gianpaolo-del-mattos-macbook-pro:~ Gianpaolo$ df -h
Filesystem                          Size   Used  Avail Capacity  Mounted on
/dev/disk0s2                        79Gi   69Gi  9.1Gi    89%    /
devfs                              129Ki  129Ki    0Bi   100%    /dev
map -hosts                           0Bi    0Bi    0Bi   100%    /net
map auto_home                        0Bi    0Bi    0Bi   100%    /home
localhost:/SkA_FxsNwtVofJZZOc308I   79Gi   79Gi    0Bi   100%    /Volumes/MobileBackups

Gosh, I’m almost out of space, having only 9 Gigs left :-/

So let’s get rid of the mobile backups using this command:


sudo tmutil disablelocal


Now check back at the disk space:

gianpaolo-del-mattos-macbook-pro:~ Gianpaolo$ df -h
Filesystem      Size   Used  Avail Capacity  Mounted on
/dev/disk0s2    79Gi   60Gi   18Gi    77%    /
devfs          129Ki  129Ki    0Bi   100%    /dev
map -hosts       0Bi    0Bi    0Bi   100%    /net
map auto_home    0Bi    0Bi    0Bi   100%    /home

You notice, that the ‘/Volumes/MobileBackups’ mount point is gone?
I’m having 18 Gigs free now as well.

So, depending on how long you didn’t have your backup drive connected, the amount used may well increase to a multiple of that.

It may not be best choice for most people to have mobile backups disabled. But if you DO know what you’re doing, then go for it

The simple solution to this is to use the XML::Dumper module.

Let’s suppose your data structure looks like this:

%hash_of_hashes = {
    item1 => {
                item1_1       => 'value1_1',
                item1_2       => 'value1_2',
    },
    item2 => {
                item2_1       => 'value2_1',
                item2_2       => 'value2_2',
    },
  };

You can easily convert this into an XML representation using this command:


my $xml_output = XML::Dumper::pl2xml( \%hash_of_hashes );


So you’ll end up with this output:

<perldata>
 <hashref memory_address="0x878e784">
 <item key="item1">
 <hashref memory_address="0x87a8c58">
 <item key="item1_1">value1_1</item>
 <item key="item1_2">value1_2</item>
 </hashref>
 </item>
 <item key="item2">
 <hashref memory_address="0x87a8c61">
 <item key="item2_1">value2_1</item>
 <item key="item2_2">value2_2</item>
 </hashref>
 </item>
 </hashref>
</perldata>

But be aware: You need to pass the hash by reference, imposing the \%hash_of_hashes notation, otherwise you end up with something like this:

<perldata>
 <scalar>item_1</scalar>
 <scalar>item_2</scalar>
</perldata>

It’s so obvious, but I had overlooked that as well in the first attempts

Great visual debugging aid if you’re doing automation stuff with CLI dbedit.

Use ‘cpconfig’ on the CLI (may need ‘expert’ mode)

Now, I made up a similar script to do the same on OS X.

The basic idea, now and then, was that I would not want to send all traffic through the VPN.
Thus the script will assist in restoring your local default route after the VPN connection is established.
Furthermore, it’ll add some specific routes directed to the VPN.

This way, all your usual traffic (internet, surfing, skype, whatever) is sent through your default gateway, while more specific routes (your business stuff) is sent through the VPN.

Below’s the code for the initial release. It may lack some details yet, like auto-detecting the tunnel device name, but it does the job already.

Just copy the code into Apple Script Editor and save it to a convenient location. Make sure you save it as “Application” and not as “Script” (which is the default). You you don’t, double-clicking the script will open the Script Editor instead of executing the script. Surely, not what you want.

Pay attention to the variables on the top, which need to be edited before you save the Script: _vpn_name, _default_gw, _networks, and _sudo_password (optional).
I hope directions are clear enough from the comments sections.

# VpnInit
# ---
# an AppleScript utility to connect your vpn,
# restore local default route and add selected
# routes directed to the VPN only
# thus you'll end up sending only selected
# traffic through the VPN, while the rest
# goes through your local default gateway
# as usual
# ---
# released "as is" under the terms of GPL v2.
# Copyright © 2011 Gianpaolo Del Matto
# 
# r0.1 initial release 2011/12/29
#
# ToDo:
# - hardcoding the "sudo" password is a bad idea, maybe
#	need a better way to get away with it
# - vpn tunnel (utun0) is still hardcoded,
#	should be auto-detected
#

# the name of your vpn connection
#
set _vpn_name to "My VPN"

# your local default gateway
#
set _default_gw to "192.168.1.1"

# your remote networks to pass via VPN, separate multiple with comma
# like so: {"1.2.3.4/30", "5.6.7.8/30"}
#
set _networks to {"192.168.2.1/24"}

# your super-user (root) password
# actually needed to bypass the prompts
# leave empty to get prompted
#
set _sudo_password to ""

# ##################################################################
# DO NOT CHANGE ANYTHING BELOW
# ##################################################################

# kindly borrowed from
# http://www.macosxautomation.com/applescript/uiscripting/index.html
# make sure that support for assistive devices is enabled
#
tell application "System Events"
	if UI elements enabled is false then
		tell application "System Preferences"
			activate
			set current pane to pane id "com.apple.preference.universalaccess"
			display dialog "This script requires access for assistive devices be enabled." & return & return & "To continue, click the OK button and enter an administrative password in the forthcoming security dialog." with icon 1
		end tell
		set UI elements enabled to true
		if UI elements enabled is false then
			display dialog "This script cannot run while access for assistive devices is disabled." & return & "Exiting now." buttons {"OK"} with icon 2
			return "user cancelled"
		end if
	end if
end tell

# now dive into the VPN setup part
#
tell application "System Events"
	set _if_tunnel to "utun0" #	do not change, will be auto-detected, just giving a reasonable default
	tell current location of network preferences
		if exists service _vpn_name then
			# try to connect the VPN service if it's disconnected
			#
			if current configuration of service _vpn_name is not connected then
				connect service _vpn_name
			end if

			# give it some time to settle
			#
			set _retval to false
			repeat until (_retval) is true
				set counter to 0
				repeat while counter is less than 16
					# exit if we get connected
					#
					if current configuration of service _vpn_name is connected then
						set _retval to true
						exit repeat
					end if

					# opt for exit if still not connected after 15 seconds
					#
					if counter is equal to 15 then
						display dialog "VPN '" & _vpn_name & "' is still not connected after 15 seconds. Do you want to keep waiting?" with title "VPN still not connected" buttons {"Yes", "No"}
						if button returned of result is "No" then
							# bail out if user decided not to wait any longer
							#
							set _retval to true
							return
						else
							# otherwise reset the counter so we can trigger again
							#
							set counter to 0
						end if
					end if

					set counter to counter + 1
					delay 1
				end repeat
			end repeat

			# now go to post processing and to the following:
			# - delete default route via vpn
			# - restore original default route
			# - add specific routes to vpn
			#
			if current configuration of service _vpn_name is connected then
				# restore local default route
				#
				do shell script "route delete default" password _sudo_password with administrator privileges
				do shell script "route add default " & _default_gw password _sudo_password with administrator privileges

				# inject custom routes via VPN
				#
				repeat with _network in _networks
					do shell script "route add -interface " & _network & " utun0" password _sudo_password with administrator privileges
				end repeat
			end if
		else
			# bail out if the VPN service does not exist
			#
			display dialog "Given VPN '" & _vpn_name & "' does not exist. Please check the name"
		end if
	end tell
end tell

Now I was digging around if I could do some automation on the GUI part, which indeed turned out to work … at least to a certain degree.

Let’s face it: Ripping DVDs with MakeMKV is simple and easy, however its scripting abilities s***

There is actually some limited CLI support available. If you dive into the application package, you’ll find the /Applications/MakeMKV.app/Contents/MacOS/makemkvcon program, which can be scripted somehow.

In the first place, I was perfectly able to rip off a complete DVD using the CLI command. But that was not what I had in mind, because I wanted to select only the main movies, and there only a limited set of audio streams and subtitles.
As I seemed to be unable to figure out, how that would be possible (some rare comments on the MakeMKV forums mentioned, that it would NOT be possible), I ended up using the GUI.

Well, after I wrote the auto-selector script, I started thinking on how to make this a bit more practical.
I know Apple released support for GUI (graphical user interface) scripting already years ago, but I had never really looked into until today

After some reading over there at macosxautomation.com I started on extending my script.
Please consider that you need to enable support for assistive devices, as mentioned on macosxautomation.com — otherwise the script will simply fail.

With help of UI Browser, a utility to explore GUI elements of any application, I was able to identify the relevant items.

So with the latest additions, the script does the following:

• Runs whenever a DVD is inserted
• Automatically run DVD Player if no action is taken – or -
• run MakeMKV if requested to do so
• Wait for the DVD TOC (table of contents) to be read initially
• As soon as the TOC is read, open the DVD in MakeMKV
• Wait until the tracks selected were ripped and try to eject the DVD afterwards

And here’s the code:

# dvd-action
# ---
# an AppleScript utility to select DVD Player or MakeMKV
# upon inserting a DVD
# ---
# released "as is" under the terms of GPL v2.
# Copyright © 2011 Gianpaolo Del Matto 
# 
# r0.1 initial release 2011/12/09
# - simple selector with default action after timeout
#
# r0.2 2011/12/15
# - added limited GUI scripting functionality for MakeMKV
#
# r0.3 2011/12/16
# - added support to check for assistive device access
#	(code borrowed from http://www.macosxautomation.com)
# - added simple progress indicator while waiting for drive
#	do become available for access
#

# initialization
#
# true : show progress dialogs, false: hide progress dialogs
set verbose to true

# kindly borrowed from
# http://www.macosxautomation.com/applescript/uiscripting/index.html
# make sure that support for assistive devices is enabled
#
tell application "System Events"
	if UI elements enabled is false then
		tell application "System Preferences"
			activate
			set current pane to pane id "com.apple.preference.universalaccess"
			display dialog "This script requires access for assistive devices be enabled." & return & return & "To continue, click the OK button and enter an administrative password in the forthcoming security dialog." with icon 1
		end tell
		set UI elements enabled to true
		if UI elements enabled is false then
			display dialog "This script cannot run while access for assistive devices is disabled." & return & "Exiting now." buttons {"OK"} with icon 2
			return "user cancelled"
		end if
	end if
end tell

# check if DVD Player or MakeMKV are already running
# if not, present a little menu, that allows to select
# which application should be run
#
if not appIsRunning("DVD Player") and not appIsRunning("MakeMKV") then

	with timeout of 3600 seconds
		display dialog "Please choose your desired action:" with title "Action for DVD" buttons {"Cancel", "play DVD", "rip DVD"} cancel button "Cancel" giving up after (5)
	end timeout
	if button returned of result is "rip DVD" then
		if verbose then display dialog "Starting MakeMKV" buttons {"OK"} giving up after 2
		tell application "MakeMKV" to activate
		repeat
			if application "MakeMKV" is running then exit repeat
			delay 5
		end repeat

	else if button returned of result is "Cancel" then
		return
	else
		if verbose then display dialog "Starting DVD Player" buttons {"OK"} giving up after 2
		tell application "DVD Player" to activate
		return
	end if

end if

# check again if MakeMKV is running
# this time, attempt to automate these steps:
# - automatically open the DVD as soon as the drive is ready for access
#
if appIsRunning("MakeMKV") then
	# now tell MakeMKV what to do
	tell application "System Events"
		tell process "MakeMKV"
			# in some rare cases, the menu bar items will stay "greyed out"
			# even if a DVD was inserted
			# the culprit: "AXEnabled" property of the menu will be TRUE even then,
			# although the menu items are not clickable
			# There seems to be no way to check, if they're actually active or inactive
			# However, as a workaround, sending CMD+O to fire up the "File - Open" dialog
			# seems to work, and yet: just opening and closing it will enable the menu bar
			#
			set _retval to false
			repeat until (_retval) is true
				try
					tell application "MakeMKV" to activate
					keystroke "o" using {command down}
					delay 1

					if (exists window 1) and (exists window 2) and (value of attribute "AXRoleDescription" of window 1) = "dialog" then
						click button "Cancel" of window 1
						set _retval to true
					end if
				end try
				delay 1
			end repeat

			# note on the dvd drive selection and menu handling:
			#
			# because we don't know the name of the DVD device,
			# we simply address it by the id of 'menu item 1'
			# so we're just selecting the first device found there.
			# we might have more than one DVD drive, but this is out of scope for now
			#
			# this script was initially triggered by inserting a new disc
			# thus we need to wait until the disc is initially read
			# while this is in progress, our 'Open disc' menu item will be disabled
			#
			set _retval to false
			repeat until (_retval) is true
				try
					repeat while (value of attribute "AXEnabled" of menu "Open disc" of menu item "Open disc" of menu "File" of menu bar item "File" of menu bar 1) is false
						get value of attribute "AXEnabled" of menu "Open disc" of menu item "Open disc" of menu "File" of menu bar item "File" of menu bar 1
						set counter to 5
						repeat while counter is greater than 0
							if verbose then display dialog "Waiting for dvd drive to become ready for use ..." with title "Please wait …" buttons {"" & counter & ""} giving up after 1
							set counter to counter - 1
						end repeat
					end repeat
					set _retval to true
				on error
					display dialog "error"
				end try
				delay 1
			end repeat

			# seems that the dvd drive is now ready for use, now try to load the disc
			#
			if verbose then display dialog "Trying to load DVD in MakeMKV now …" giving up after 1

			# now load the drive
			#
			tell application "MakeMKV" to activate
			click menu item 1 of menu 1 of menu item "Open disc" of menu 1 of menu bar item "File" of menu bar 1

			# now stay and wait until another window appears
			# this should be "completed" dialog at the end
			#
			repeat until ((exists window 1) and (exists window 2))
				delay 15
			end repeat

			# check the type of window 1, which should be a dialog
			# if so, let's close it and try to eject the disk
			#
			if (exists window 1) and (exists window 2) and ((value of attribute "AXRoleDescription" of window 1) = "dialog" or (value of attribute "AXRoleDescription" of window 1) = "standard window") then
				click button 1 of window 1

				click menu item "Eject disc" of menu 1 of menu bar item "File" of menu bar 1
			end if

		end tell
	end tell
end if

# func:appIsRunning
#	appName	: string : name of application (e.g. "DVD Player")
#
# helper to check if application is running or not
#
on appIsRunning(appName)
	tell application "System Events" to (name of processes) contains appName
end appIsRunning

This, as far as it goes, saves at least the additional button click to load the DVD in MakeMKV.
However, there is one drawback after all …

While examining the MakeMKV GUI, I figured that the main panel was not recognized by UI Browser. It was just reported as unknown (UI element #4). Unfortunately there was no obvious way to get access to the elements within that panel.
This – as of today – effectively limits the use of GUI scripting, as it is not possible to interact with the elements within that panel.
Otherwise, I’d be happy to sit down and write the part, which does auto-selection of the track elements according to some given criteria.

Auch wenn der CentroGrande als Consumer-Gerät positioniert ist, wäre für mich – und wohl auch einige andere – SNMP das Mittel der Wahl zur Überwachung des Geräts wie auch des Netzwerks.

Wenn man die normalerweise deaktivierte Pirelli Management Console auf dem Router aktiviert, gelangt man zwar an einige offiziel nicht zugängliche Funktionen, SNMP ist da aber definitiv nicht dabei. Zwar kann man über die Pirelli Console die Konfigurationsdatei einsehen – und findet dort auch Hinweise auf SNMP – doch selbst wer des SNMP-Feature in der Konfiguration manuell aktiviert, wird nach einem Neustart bitter enttäuscht: Weit und breit kein SNMP aktiv

Glücklicherweise kann man aber auch für den CentroGrande Interface-Statistiken erzeugen, auch wenn man dafür gewissermassen mit der Kirche ums Dorf herum gehen muss.

Der Trick liegt im Command Line Interface, welches per Telnet und SSH erreichbar ist. Hier kann mit dem Befehl “net ifcnt all” für jede Schnittstelle des Routers eine Statistik ausgegeben werden.
Ersetzt man das Schlüsselwort “all” durch die Interface-Bezeichnung, bspw. “wl0″, erhält man die jeweiligen Einzelstatistiken.

Im folgenden Beispiel werden die Statistiken zur WAN-Schnittstelle angezeigt:


[~] # ssh admin@192.168.100.254
OpenRG> net ifcnt eth5.10
---- Driver statistics: port "LAN Fiber VLAN 10" ----
Device name: eth5.10 - Type: 48, Ethernet
Network = WAN
Port status = Connected
Counters
Rx Packets: 2006090
Tx Packets: 2477100
Rx Bytes: 835058499
Tx Bytes: 2356068887
Rx Pkts Errors: 0
Tx Pkts Problems: 0
Rx Dropped Pkts: 0
Tx Dropped Pkts: 0
Rx Multicast Pkts: NA
Tx Multicast Pkts: NA
Rx Broadcast Pkts: NA
Tx Broadcast Pkts: NA
Collisions: NA

Returned 0
OpenRG>


Wer sich in der Pirelli Console schon umgesehen hat, ist vielleicht angesichts der vielen Schnittstellen etwas überfordert.
Die gute Nachricht: Die meisten davon braucht’s nur für interne Zwecke und sind für die Überwachung kaum relevant. Daher hier eine Auflistung der notwendigen Schnittstellen und deren Funktion:

eth0         Switchport 1
eth1         Switchport 2
eth2         Switchport 3
eth3         Switchport 4
wl0          WLAN Access Point
eth5.10      WAN Schnittstelle (Fiber oder DSL)

Damit diese Daten nun für Cacti nutzbar werden, bedarf es eines Hilfsprogramms, welches folgende Schritte durchführt:

• Login auf den Router
• Abrufen der Interface-Ststistiken
• Ausgabe der bereinigten Informationen

Gerade letzterem kommt eine grosse Bedeutung zu, da die Ausgabe wiederum scriptbasiert verarbeitet werden soll und somit normalisiert werden muss.
Wie dies im Detail aussieht, beschreibt die Cacti-Dokumentation.

Basierend auf einem Beispiel-Script aus dem py-expect Package habe ich eine stark abgewandelte Version erstellt, welche allein dem Auslesen des CentroGrande dient und vollständig parametrisierbar ist.
Damit das Script ausführbar wird, sind zum Beispiel unter Debian die Packages python2.5 und python-pexpect erforderlich.

Das ganze sieht beim Ausführen dann wie folgt aus:

[~] # /opt/sbin/cg_ifstats.py -u admin -p password -h 192.168.100.254 -i wl0
RxBytes:4230422745 TxBytes:3249795610

Damit steht bereits der erste Baustein bereit. Nun muss Cacti noch entsprechend eingerichtet werden, damit die Script-Ausgabe zur Erstellung von Statistiken verwendet werden.

Anweisungen dazu finden sich ebenfalls in der Cacti-Dokumentation.

Die nachfolgenden Schritte verdeutlichen dies anhand einiger Screenshoots.
Man kann – und darf – es sich aber auch ein bisschen einfacher machen und einfach das Data Template mit den Abhängigkeiten direkt importieren.
Das Data Template kann zusammen mit dem Python Script hier heruntergeladen werden.

Wer die erforderlichen Schritte selbst durchführen möchte, erstellt zuerst eine sogenannte Date Input Method nach dem gezeigten Vorbild.
Dabei müssen insbesonders die Input wie auch die Output Fields erfasst werden (auf Schreibweise achten).
Die Data Input Method wird unter der Bezeichnung “CentroGrande – IFSTATS” gespeichert.

Anschliessend wird ein neues Data Template mit der Bezeichnung “CentroGrande – Traffic” erzeugt.
Unter Data Input Method wird die zuvor erstellte Datenquelle “CentroGrande – IFSTATS” verwendet.

Weiterhin benötigt das Data Template die Quelldatensätze, “traffic_in” und “traffic_out”. Diese werden mit den einzelnen Zählern der Data Input Method “CentroGrande – IFSTATS” verbunden, also “traffic_in” mit “RxBytes” und “traffic_out” mit “TxBytes”.
Wichtig ist, dass als “Data Source Type” der Typ “COUNTER” verwendet wird.

Unter “Custom Data” wird bei allen Feldern die Checkbox “User Per-Data Source Value” markiert.
Dies ist erforderlich, damit beim folgenden Erzeugen der Graphen die Werte pro Host und Datenquelle einzeln definiert werden können.

Nun fehlt das Graph Template. Hierfür klont man am einfachsten eines der bestehenden Graph Templates, beispielsweise “Interface – Traffic (bits/sec, Total Bandwidth)”.
Das geklonte Graph Template bedarf noch einiger Anpassungen, insbesonders bei den Graph Template Items und Graph Item Inputs.
Als Letztere dienen die bereits zuvor definierten Datenquellen “traffic_in” und “traffic_out”.

Die Datenquell muss auch bei den Graph Template Items noch entsprechend zu “traffic_in” und “traffic_out” angepasst werden.

Damit wäre soweit alles vorbereit, dass nun ein Host-Objekt für den Centro Grande erfasst werden kann.
Anschliessend werden dem Host-Objekt neue Graphs hinzugefügt.

Je nach Bedarf werden für einzelne oder alle Schnittstelle (wl0, eth5.10, eth0, usw) die Graphen erzeugt.
Dazu muss man zur besseren Unterscheidung unter Title auch die jeweilige Schnittstellenbezeichnung ergänzt werden.
Ferner sind in den Feldern für Username, Passwort, Hostname und Interface die erforderlichen Daten einzutragen.

Nach Abschluss aller Schritte lassen sich fortan die erzeugten Graphs in Cacti bewundern.