Skip to main content

Posts about technology (old posts, page 2)

Munin plugin for Shorewall accounting

I wrote this little script to monitor traffic on various machines at work. We use Shorewall to set up all the netfilter rules, traffic shaping, etc. It also makes it easy to set up rules to monitor traffic for different types of traffic.

We use Munin to track all sorts of things over time. The script below is a Munin plugin that will create a graph with one data series for each of the chains defined in your shorewall accounting file.

Put this script into /etc/munin/plugins and call it something like shorewall_accounting, and then add this in /etc/munin/plugin-conf.d/munin-node:


user root

The name in between the square brackets should match the name of the file you saved the script in. The script needs to run as root in order to get access to iptables.

Edit Jan 20, 2006: Some minor bugfixes to the script have now been included. The shorewall accounting chains are now output in alphabetical order, and the regexp has been fixed to catch very large numbers.


# shorewall_accounting

# A munin plugin for tracking traffic as recorded by shorewall accounting rules

# Written by Chris AtLee 

# Released under the GPL v2

import sys, commands, re

accountingLineExp = re.compile(r"^\s*\d+\s+(\d+)\s+(\w+).*$")

def getBytesByChain():
    status, output = commands.getstatusoutput("shorewall -x show accounting")
    if status != 0:
        raise OSError("Error running command (%s)[%i]: %s" % (trafficCmd, status, output))
    chains = {}
    for line in output.split("\n"):
        m = accountingLineExp.match(line)
        if m is not None:
            target =
            bytes = int(
            if target in chains:
                chains[target] += bytes
                chains[target] = bytes
    retval = []
    chainNames = chains.keys()
    for name in chainNames:
        retval.append((name, chains[name]))
    return retval

if len(sys.argv) > 1:
    if sys.argv[1] == "autoconf":
        print "yes"
    elif sys.argv[1] == "config":
        print "graph_title Shorewall accounting"
        print "graph_category network"
        print "graph_vlabel bits per ${graph_period}"
        for chain,bytes in getBytesByChain():
            print "%s.min 0" % chain
            print "%s.type DERIVE" % chain
            print "%s.label %s" % (chain, chain)
            print "%s.cdef %s,8,*" % (chain, chain)

for chain, bytes in getBytesByChain():
    print "%s.value %i" % (chain, bytes)

Printing in Linux?

This post on Christopher Blizzard's blog gives me some hope of improved printing on linux. While my new Epson CX4200 seems to work well for text, there are still some niggling issues like printing beyond the paper area, or clipping around margins, that make me worried about trying to print photos under linux.

It also makes me think I should change my blog's theme to distinguish it from the other million default wordpress installations out there :)

Getting Thunderbird to open links in Firefox (not Mozilla!)

I got sick of Thunderbird opening up links in Mozilla instead of Firefox. A friend mentioned that the preference responsible for opening up links was ''. I searched around in the Thunderbird pref files for what it was currently using. On my machine it was set to launch 'x-www-browser'. This is actually a symlink into Debian's alternatives directory, so a simple

update-alternatives --set x-www-browser /usr/bin/firefox

did the trick.

Epson CX4200 gets my two thumbs up

I've written before about my experiences with printing under Linux...Initial frustration, brief elation, and then final disappointment while attempting to set up my Lexmark Z42. Eventually I gave up and either printed everything at work, or from my wife's laptop.

A recent sales flyer from a local computer store, combined with some mail-in-rebate programs by the manufacturors convinced me that the time had come to try another printer. My in-laws purchased an all-in-one multifunction printer / scanner / copier last year and were very happy with it, and actually made good use of the copying functionality of the machine.

So the question was, which model would I buy? I knew for sure that I wouldn't get Lexmark after my horrible experience with the Z42 last time. My instinct was justified after reading's page on suggested printers for free software users:

There are few good free software drivers for Canon and Lexmark inkjets. Do not buy one and expect success.

The same page recommended either an Epson or HP printer, and as there was a sale on Epson printers I decided to go with Epson.

Now, which model to get? It really came down to the choice between the Epson CX4200 and the Epson CX4800. The CX4800 has the ability to put in a memory card and print directly from the card. However, since I don't expect to be printing pictures at home at all, this feature really isn't necessary for me. CX4200 it is then!

Setting up this printer was a snap in Linux. Actually even easier than setting it up in Windows, which is a nice change! I simply used the Gnome CUPS Manager to add a new printer, and selected mine from the list. I already had the Gutenprint v5 drivers installed, so I guess that's where a lot of the credit for ease of installation is due.

Setting up scanning was a bit trickier. I had to manually edit some of the sane configuration files, and there seemed to be an issue where the printer module would claim exclusive access to the usb device, preventing the scanner module from working. This is apparently fixed in later versions of the drivers, but I haven't had a chance to test it out.

The CX4200's print quality is good for what I use it for, which is mostly just printing out e-mails, directions, recipes and things of that sort which would be time consuming to copy to paper by hand. The standalone copying functionality is very handy, I've used it quite a bit so far. Almost as much as printing from my computer!

So far I'm very happy with the CX4200, and at $70 (CAD) after a mail-in-rebate, the price can't be beat.

Addicted to podcasts

I started listening to some podcasts back in December...The funniest thing got me started: a post on comp.lang.python was adversiting a podcast of the newsgroup as read by pyTTS.

Since I started listening to podcasts back in December I have subscribed to a number of podcasts, and have been falling behind listening to them...Travis warned me that would happen! As I write this I have 780 MB of podcasts that have been downloaded but never listened to. Right now I'm listening to these podcasts:

I'm using iPodder to download all the podcasts, and a custom python script to move them onto my MP3 player so I can listen to them on the subway. I'd really love to be able to use bloglines or to manage my podcast subscriptions instead of iPodder. Nothing against iPodder, but I don't like being tied down to one application. What would be even cooler would be some system where I could mark certain episodes as having been listened to instead of just deleting them from my hard drive when I'm done listening to one :)

    More random linux ramblings

    I was setting up a machine to handle some of our backups at work. It's not a critical system, so instead of setting up a RAID across 3 250GB drives, I just set up LVM so I could take advantage of all 750GB. This were going along fine, but then I wanted to see what the status of LVM was...So I ran 'lvdisplay' and got this very disturbing message:

    Couldn't find device with uuid 'tcRo2m-XJ1W-JFUh-FuYP-dbbW-RHSx-FFnQ4r'.

    Couldn't find all physical volumes for volume group ide_drives.

    Couldn't find device with uuid 'tcRo2m-XJ1W-JFUh-FuYP-dbbW-RHSx-FFnQ4r'.

    Couldn't find all physical volumes for volume group ide_drives.

    Volume group "ide_drives" not found

    Uh oh...Did one of the drives fail already? 'pvscan', etc. didn't yield any better results.

    But then I notice the device that isn't found is '/dev/hdb', which does have the correct uuid. But it also happens that '/dev/cdrom' is a symlink to '/dev/hdb', so lvm was ignoring that device because it thought it was a cdrom device! AAARGH. Only took me 2 hours to figure that one out. I'm hoping this post can save somebody else some time.

    On that same machine, I wanted to set up rsync to handle the backups since it's well suited for that purpose. I had just discovered rsync's filter rule syntax so I wanted to play around with that to specify which directories on which machines should be backed up. Lets say my directory structure looks like this:



    /home -> /mnt/raid/home







    and I want to back up both /etc and /home. So I tried this set of rsync filter rules:

    • /etc/

    • /etc/**

    • /home/

    • /home/**

    • *

    No luck at all. rsync refused to copy over the home directories.

    Again, several hours were lost figuring this out. I think what was happening was that rsync was happily copying the /home symlink and not looking deeper into the directory structure. So when it came to the '- *' rule, the actual home directories were being excluded. I solved this by adding

    • /mnt/

    • /mnt/raid/

    • /mnt/raid/home/

    • /mnt/raid/home/**

    to my filter rules instead of the '/home' stuff.

    Best. Tip. Ever.

    A co-worker of mine recently posted the following tip to an internal wiki:

    Many people go to extraordinary lengths to escape slashes for use in the sed-style s/foo/bar/g command found in VIM, perl, sed, and many other tools. What's not widely known is that you can, in fact, use any character in place of those slashes. I regularly do something like this:

    sed -e 's,/usr/bin,/home/bin,g'

    I blame gnu info for me not knowing this. I only use 'man', but lots of content is only available in 'info' pages. I never really understood why.