latest posts

Saturday morning after resolving my Realtek RTL8111-GR Issues on my new ClearOS box, I ran into yet another error:

nommu_map_single

Knowing the AM1 Platform that my AMD Athlon 5350 APU/ASUS AM1I-A motherboard run on more than likely does not support IOMMU like my desktop's 990FX does I figured it was a detection issue with the Linux kernel that ClearOS 6.5 utlizes.

Doing some research into the issue there are a couple adjustments to your GRUB configuration that may or may not resolve the issue. In my case adjusting my GRUB arguments upon boot to include iommu=soft resolved the issue. I'm hoping down the road with newer Linux kernels the detection (if that even is the issue) gets better, but for those running an AMD "Kabini" APU and ran into this issue you'll at least be able to boot into your Linux distribution without any issues.

Continuing down the path of securing my home network, I wanted to get some sort of automated reporting of traffic and other statistics. Looking around I came upon Monitorix, which offered everything I was looking for. Unfortunately, adding Monitorix to my ClearOS 6.5 install wasn't as trivial as a yum install. In addition, there seems to be a huge gap between the version all of the online guides include (2.5.2-1) and the current as of this writing, version 3.5.1-1. With some work I was able to get the latest installed and running with 1 caveat.

Installing 2.5.2-1

To get started execute the following commands:
[bash] yum-config-manager --enable clearos-core clearos-developer yum upgrade yum --enablerepo=clearos-core,clearos-developer,clearos-epel install clearos-devel app-devel yum install app-web-server rrdtool rrdtool-perl perl-libwww-perl perl-MailTools perl-MIME-Lite perl-CGI perl-DBI perl-XML-Simple perl-Config-General perl-HTTP-Server-Simple rpm -ivh http://pkgs.repoforge.org/monitorix/monitorix-2.5.2-1.el6.rf.noarch.rpm [/bash] Edit /etc/httpd/conf.d/monitorix.conf and update the line that has "127.0.0.1" to "all".

In addition depending on your setup, you may want to configure Monitorix itself in the /etc/monitorix.conf file for an eth1 or other devices that aren't "standard".

Once statisfied with the configuration execute the following commands:
[bash] service httpd start service monitorix start [/bash] Now you should be able to access Monitorix from http://localhost/monitorix.

Installing 3.5.1-1

Not content to be running a 2 year old version of the software if only for the principle of it, I started to deep dive into getting the latest version up and running. I tried my best to document the steps, though there was some trial and error in doing the upgrade. Going from a fresh install you may need to execute some of the yum commands above, in particular the first 2 commands.

First off execute the following commands:
[bash] yum --enablerepo=rpmforge install perl-HTTP-Server-Simple yum install perl-IO-Socket-SSL perl-XML-Simple perl-Config-General perl-HTTP-Server-Simple wget ftp://195.220.108.108/linux/Mandriva/devel/cooker/x86_64/media/contrib/release/perl- HTTP-Server-Simple-0.440.0-3-mdv2011.0.noarch.rpm [/bash] These will download the neccessary prequisites for the newer version of Monitorix. Next you'll download and install the new rpm:
[bash] wget http://www.monitorix.org/monitorix-3.5.1-1.noarch.rpm rpm -U monitorix-3.5.1-1.noarch.rpm [/bash] Then restart httpd and monitorix:
[bash] service httpd restart service monitorix restart [/bash] After restarting you may notice an error:
[bash] Starting monitorix: Can't locate HTTP/Server/Simple/CGI.pm in @INC (@INC contains: /usr/bin/lib /usr/lib/monitorix /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /usr/lib/monitorix/HTTPServer.pm line 27. BEGIN failed--compilation aborted at /usr/lib/monitorix/HTTPServer.pm line 27. Compilation failed in require at /usr/bin/monitorix line 30. BEGIN failed--compilation aborted at /usr/bin/monitorix line 30. [/bash] Doing some research, for Perl to adjust the @INC path permenantly, it requires a recompile, so in order to fix the problem permenantly for Monitorix simply copy /usr/lib/perl5/vendor_perl/5.X.X/HTTP to the /usr/lib/monitorix/.

After copying the folder, you may also need to verify the path changes for the new version in the /etc/monitorix/monitorix.conf to match the following:
[bash] base_dir = /var/lib/monitorix/www/ base_lib = /var/lib/monitorix/ base_url = /monitorix base_cgi = /monitorix-cgi [/bash] Also verify the first few lines match the following in the /etc/httpd/conf.d/monitorix.conf:
[bash] Alias /monitorix /usr/share/monitorix Alias /monitorix /var/lib/monitorix/www [/bash] After restarting httpd and monitorix (same commands as above), I was presented with a "500 Internal Error". Knowing the errors are logged in the /var/log/httpd/error_log file I immediately scrolled to the end to find out the root cause of the internal error:
[bash] Sat May 10 23:12:04 2014] [error] [client 192.168.1.230] Undefined subroutine &main::param called at /var/lib/monitorix/www/cgi/monitorix.cgi line 268., referer: http://192.168.1.1/monitorix/ [Sat May 10 23:12:04 2014] [error] [client 192.168.1.230] Premature end of script headers: monitorix.cgi, referer: http://192.168.1.1/monitorix/ [/bash] Having not done Perl in nearly 12 years, I simply went to line 268:
[bash] our $mode = defined(param('mode')) ? param('mode') : ''; [/bash] Looking at the error, it looks to have stemmed from the param calls. Knowing for myself this would always be localhost, I simply updated the line to the following:
[bash] our $mode = 'localhost'; [/bash] Attempting to restart monitorix again I received the same error on the next line, so for the time being I "hard coded" the values like so:
[bash] our $mode = 'localhost'; #defined(param('mode')) ? param('mode') : ''; our $graph = 'all'; #param('graph'); our $when = '1day'; #param('when'); our $color = 'black'; #param('color'); our $val = ''; # defined(param('val')) ? param('val') : ''; our $silent = ''; # defined(param('silent')) ? param('silent') : ''; [/bash] After saving, restarting Monitorix I was presented with the Monitorix 3.5.1-1 landing page:

Monitorix 3.5.1-1

Clicking on Ok I was presented with all of the graphs I was expecting. To give a sample of a few graphs:
Monitorix Network Graph

Monitorix System Graph

In the coming days I will revisit the error and dig up my old Perl books to remove the hard coded values. Hopefully this helps someone out there with ClearOS wanting to get some neat graphs with Monitorix.

As some maybe aware, I recently purchased an Asus AM1I-A for a new ClearOS machine to run as a firewall. The installation for ClearOS 6 went extremely smoothly, but upon restarting I kept receiving kernel panic errors from eth1 (the onboard Realtek RTL8111-GR). After doing some investigating, it turns out RHEL and thereby ClearOS have an issue with loading the r8169 kernel module when it detects the RTL8111 (and the 8111 variants).

Sure enough after doing an lspci -k:
[bash] 02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 11) Subsystem: ASUSTeK Computer Inc. Device 859e Kernel driver in use: r8169 Kernel modules: r8169 [/bash] The dreadful r8169 kernel module is the only module installed and in use. Thankfully you can download the r8168 x64-rpm here or wget http://www.jarredcapellman.com/pub/linux-x64/kmod-r8168-8.037.00-2.clearos.x86_64.rpm.

After downloading, simply run:
[bash] wget -i kmod-r8168-8.037.00-2.clearos.x86_64.rpm [/bash] and then:
[bash] modprobe r8168 [/bash] Then add Blacklist r8169 to the /etc/modprobe.d/anything.conf and then restart your machine.

Once your machine is backup, you can verify the correct r8168 module is loaded by re-running lspci -k:
[bash] 02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 11) Subsystem: ASUSTeK Computer Inc. Device 859e Kernel driver in use: r8168 Kernel modules: r8168, r8169 [/bash] After installing and using the r8168 module I no longer received kernel panic errors and was able to utilize the onboard RTL8111-GR without issue. Hopefully this helps someone else who ran into the same issue I did.

Call me crazy, but I simply couldn't stand having an Intel running in the house.  I had bought a Dual Core Atom (D510) CPU/Motherboard a few years ago, originally to run Mac OS X on.  It bounced around between my NAS, HTPC, Windows Media Center 7 Extender and finally a Firewall/Gateway a month or so ago running ClearOS. Over the last weekend I realized I had a new AMD Sempron 140 still sealed, checked prices on the new 5 series Asus motherboards, saw it was only $60 on Amazon and picked up a 2gb G.skill DDR3-1333 stick.  As fate would have it, NewEgg sent over a Norco RPC-270 2U case.  Took about an hour but I got everything installed and up and running again on the new AMD platform.  Below are the build pictures. [caption id="attachment_3981" align="aligncenter" width="225" caption="Empty Norco RPC-270 Case"][/caption] [caption id="attachment_3982" align="aligncenter" width="225" caption="Asus M5A78L AM3+ Motherboard Installed"][/caption] [caption id="attachment_3983" align="aligncenter" width="225" caption="Everything Installed"][/caption] [caption id="attachment_3984" align="aligncenter" width="300" caption="Gotta love AMD CPUs, unlocked the 2nd core without a blink of an eye"][/caption] [caption id="attachment_3985" align="aligncenter" width="300" caption="The stack continues to get bigger"][/caption]