Cleaning up OpenNMS Assets

I've had OpenNMS running on the network for awhile, and here's a problem I ran into: my network is too dynamic. Specifically, it doesn't play nice with DHCP clients. Every time the IP address changes, OpenNMS considers it a new node.

What's screwed up is if you delete the old nodes, the asset info sticks around, even if you didn't add any actual asset information.

I got things straightened up enough that OpenNMS and I are getting along fairly well. There was still all this old asset information gumming up the works. I didn't see anything in the UI or help to get rid of them, so I did it the hard way.

Log into the postgres box hosting the database, and don't forget to use it. Then run the following:

delete from assets 
using node
where node.nodeid = assets.nodeid
and node.nodetype = 'D'

That should clear it up, and it doesn't appear to break anything. If you have any trouble after running this, please let me know in the comments, and I'll look into it (since it will probably be a problem for me, too).

Hope this helps.

Untangle, the DIY Network Gateway Software

I like building my own home routers. The ones you can pick up from NewEgg are nice, and they do their job admirably. Sometime back, though, I developed a taste for building my own.

Until just recently (we'll get to that), I was running pf on FreeBSD. Love it. Best damn firewall software out there, and if you need something really custom, but don't want to spend a lot of money, that's the way to go.

My old firewall was a little Epia mini-itx (that's small and low-powered), but it handled three network segments just fine, as well as a couple of ancillary tasks. It's been dying for awhile, though. Since it's my house, and that's the only place I get to really play fast-and-loose, I kept it going.

Well, it died, as these things do, last weekend.

I found an old box - another Epia, as it happens - with only two network ports (no wireless segment, for now), and set up Untangle, the "Open Source Network Gateway". There wasn't much to it, put in the CD, answer some questions, do a lot of waiting (the temporary machine is really slow).

It can be set up as a router or a bridge, the latter permitting easy integration into an existing network. There's no need to set up anything on the clients; everything happens transparently. Some of the niftier free modules include an ad blocker, virus blocker (http, smtp, pop3, imap - again, with no configuration), web filters, and so on.

It also provides the typical soho services: DHCP, DNS, port forwarding, etc.

All of that is open source, and free to download. They also have additional modules, on a subscription basis.

So far, it works well for the two segments it is handling. Performance is fine, as long as I don't get crazy with the various modules. There's also a bunch of administration functions I haven't delved into, so I may not be giving it the credit it deserves.

The new hardware should be in this week - it's looking like four network ports, maybe a wifi card, and a nice little Atom processor. It should be faster, in general, but it is going to have a lot more to do. I'll update when I've got a stronger opinion about it.