Zogbench

Installing the OS

After installing all of the hardware, I began installing the OS. This being my first AMD 64 bit CPU, I needed to download all of the 64bit versions for CentOS. After doing this and burning them to a DVD, I popped it into my new box and started it up. (BTW, I had already booted up my box a few times to get all the BIOS settings in order e.g. ACPI, device boot order, turn off the PXE boot from network setting, etc..)

I initially configured both my drives for RAID 0 (striping) to obtain the fastest drive speeds. After a few seconds the CentOS loader appeared and Continue Reading »

No Comments »

Being the control freak I am, I wanted to have absolute control over the firewall settings on my Ubuntu box. There are many tools out there such as fwbuilder and firestarter, but I wanted to get a solid understanding of what it would take to reconfigure my Ubuntu settings manually.

The easy answer is to build a script which is launched as part of the boot sequence, which rebuilds your rules from scratch. This way, if you wish to control what computers can connect to your computer and how they connect, you can.

Here is the basic script I put together:


#!/bin/sh
#

# Variables

LAN_IP="192.168.1.111"
LAN_IP_RANGE="192.168.1.0/24"
LAN_IFACE="eth0"

LO_IFACE="lo"
LO_IP="127.0.0.1"

IPTABLES="/sbin/iptables"

$IPTABLES -F
$IPTABLES -X

# Policies

$IPTABLES -P INPUT DROP
$IPTABLES -P OUTPUT DROP
$IPTABLES -P FORWARD DROP

# Rules

$IPTABLES -A INPUT -p tcp --tcp-flags ACK SYN,ACK -m state --state NEW -j REJECT --reject-with tcp-reset
$IPTABLES -A INPUT -p tcp ! --syn -m state --state NEW -j LOG --log-prefix "FIREWALL: Invalid SYN:"
$IPTABLES -A INPUT -p tcp ! --syn -m state --state NEW -j DROP

$IPTABLES -A INPUT -p ALL -i $LAN_IFACE -s $LAN_IP_RANGE -j ACCEPT
$IPTABLES -A INPUT -p ALL -i $LO_IFACE -s $LO_IP -j ACCEPT
$IPTABLES -A INPUT -p ALL -i $LO_IFACE -s $LAN_IP -j ACCEPT

$IPTABLES -A INPUT -p ALL -m state --state ESTABLISHED,RELATED -j ACCEPT

$IPTABLES -A INPUT -p TCP -i $LAN_IFACE --dport 22 -j ACCEPT
$IPTABLES -A INPUT -p TCP -i $LAN_IFACE --dport 177 -j ACCEPT

$IPTABLES -A INPUT -p UDP -i $LAN_IFACE --dport 53 -j ACCEPT

$IPTABLES -A INPUT -p ICMP -i $LAN_IFACE --icmp-type 8 -j ACCEPT
$IPTABLES -A INPUT -p ICMP -i $LAN_IFACE --icmp-type 11 -j ACCEPT

# Log weird packets that don't match the above.

$IPTABLES -A INPUT -m limit --limit 10/minute --limit-burst 3 -j LOG \
--log-level DEBUG --log-prefix "FIREWALL: Abnormal INPUT packet "

$IPTABLES -A OUTPUT -p tcp -j ACCEPT

$IPTABLES -A OUTPUT -p ALL -s $LO_IP -j ACCEPT
$IPTABLES -A OUTPUT -p ALL -s $LAN_IP -j ACCEPT

# Log weird packets that don't match the above.

$IPTABLES -A OUTPUT -m limit --limit 10/minute --limit-burst 3 -j LOG \
--log-level DEBUG --log-prefix "FIREWALL: Abnormal OUTPUT packet "


You may need to change some of the variables at the start of the script as well as some of the ports you want to have open. Port 22 is used for SSH and 177 for XDMCP (X11).

I then saved this in the /etc/init.d folder. Change the execution bit by typing:

sudo chmod +x

Using the filename you saved this file as. Now, using the update-rc.d command make this launch at boot time.


sudo ln -s /etc/init.d/firewall.iptables /etc/rc2.d/S13firewall


Then…


sudo update-rc.d /etc/init.d/firewall.iptables defaults 13


I suggest reading up on the iptables command to get a better feeling for the power you have over your firewall.

-Zog

Comments Off

Assembly
Well, I have been receiving all of the parts in multiple shipments over the last week. The final parts to arrive were the motherboard and the CPU, which came in yesterday…uh…well, sort of.

You see I opened the box fully expecting to see an AMD 64 3700+ CPU and a Gigabit K8NF-9 mobo…instead, sat there slightly dumbfounded staring at an MSI RD480 Neo2. Crap! What the hell is this? Up until now my experiences with internet ordered parts has been flawless.

I quickly assessed the situation. They did send me the correct processor. Would this mobo at least be compatible with the CPU? It appeared so… Here are the stats on the mobo:

Motherboard: MSI RD490 Neo2 (full specs)
(Image)

• This board has 2 PCI x16 and 2 PCI slots.
• There are still four SATA connectors on this board.
• And four RAM slots…this was good too.
• Other notable features for this new board:
  • Onboard firewire (IEEE 1394) connectors (x2). One extra beyond the previous board.
  • Built-in gigabit ethernet, same as the last one…
  • Two PCI x1 slots…seems fairly comparable..
  • Even the integrated 8 channel audio for that surround sound output is there.

Overall, this board is comparable to the Gigabit board I was expecting. My anticipation had grown over the week, so I was not too sure I could simply wait another couple weeks for the part to get swapped out. I mulled it over, while I played with the kids for a bit.

I concluded that I had best try to use this board at least. I was unsure about my expansion needs beyond 2 PCI slots anyway. Unpacking all the parts, I began to assemble them. The case was fiarly easy to work with. The mobo went in fairly well, with no issues. The power supply went in next and I began to attach all of the cables. The manuals were straight forward in explaining the connections and each of the cables from the chassis were clearly labelled.

After I installed the video card is when the first problem occurred. The MSI mobo contains two PCIe x16 slots, a master and a slave. The master is located right next to the two PCI slots. Due to the size of both the video card and the PVR-500 capture cards, I would not be able to fit more than one PCI tuner card on the board. Argh!

After taking a couple shots of crown, I settled back in. I was determined to make this thing work, so I reasoned away the need to eventually buy a second tuner card….bah! Who would need a quad tuner?! (My first concession — Not my last)

The next issue occurred when I tried to install the two hard drives in the chassis’s internal drive slots. I had them all screwed in and went to place the frame support, to which they are attached, back into place…thunk!. The tuner card (PVR-500) was too large and extended into some of the space the drives were supposed to occupy. Bugger!

After moving the hard drives over to the floppy slots, I began to see light at the end of the tunnel. With all the cables tucked neatly away, I finished the assembly by inspecting all the pieces and finally installing the memory.

In summary:

The Thermaltake Tenor case may have issues with the type of mobo you install if you plan on installing multiple hard drives. Check the PCI slot locations in relation to the right hand side of the case. This would be a problem regardless of whether I had received the original Gigabit mobo or not.

Stay tuned for part 3, where I get into the installation of the OS…

2 Comments »

Well, my brother (thanks for the use of your server bro!) has helped nudge me towards building a MythTV box, by touting all it’s many virtues. So, as I do with any expenditure of the deniero, I began to research what it would take to get one up and running. Now mind you, I currently have a ReplayTV and am very happy with it. It’s just that, well you know, “the grass is always greener..“.

After much thought over about a 2 month time period, I came up with a number of goals for the hardware.

• The system has to be really quiet. This is VERY important to me.
• It has to look like a stereo component, or at least not like a PC.
• I need enough room to store all of my movies …I have a lot of movies, so I may need more disk space…
• All of my music needs to be stored on this box with the ability to play it on my stereo
• I want to be able to record mutliple channels..eventually 4 (probably overkill, so I am starting with 2 tuners for now…)
• I want to use this system eventually as a backend for additional units.
• Eventually, I will want to upgrade to HDTV (not until we get a little more standardization!!), so the system needs to accommodate this

With these goals in mind, I then went about looking into which O/S I should use. Obviously Linux! I just wasn’t sure which flavor.

After loading and playing with a number of O/S’s, I landed on CentOS, which is a branch off of the Redhat source line. Here is a great visual representation of the linux family tree.

I am not, by any stretch of the imagination, any where close to being what you would call an expert on Linux. I do have many years of programming experience, and I am very capable when it comes to the PC, but nothing too much on the Linux “side of the fence..”.

So, about a week ago, I began shopping online (using one of my favorite sites www.pricewatch.com) for the parts to build my MythTV media center.

Here is what I ordered:
Motherboard: Gigabyte K8NF-9 (full specs) $132.00 USD

• To meet my goals, I wanted at least 3 PCI slots for future expansion. Fortunately, this board has 3 PCI slots..
• It had to provide SATA support as I intend to expand this to include 4 tuners and also act as a server for various other sundry tasks. There are four SATA connections on this one!
• I wanted the ability to expand memory as needed without throwing away my initial investment. There are 4 memory slots on this puppy…
• Other notable features, which are a good bonus:
  • Onboard firewire (IEEE 1394) connectors. I do not use firewire..yet..
  • Built-in gigabit ethernet.
  • PCI-Express x16 slot for my video card. I was a little nervous about this after reading a couple of posts about possible issues using PCIe with Linux. My brother asures me this should not be a problem. We shall see I guess…
  • Integrated 8 channel audio for that surround sound output. I am not sure how this will work with my stereo…not worried at this point. This is something I can adjust to on the fly.

CPU: AMD Athlon 64 3700+ (full specs) Price included with the Motherboard — bought a combo

• I wanted to explore the AMD world as all of my prior PCs I have built are Intel based. This CPU also has a generally lower running temperature than comparable entries on the Intel side. This allows me to reduce the dependency on additional fans to maintain the correct temperature in the case and not overheat (and keep the noise down!).

Case: Thermaltake Tenor (full specs) $109.30 USD

• This case does not look like a PC. It is built specifically for home media centers like the one I am building.
• There is plenty of space in this box to house the number of hard drives I intend to add in.
• It has a pretty neat look to the front. At least I think so…

Power Supply: Seasonic S12-430 (full specs) $94.99 USD

• While this power supply is a bit on the expensive side, it is listed as one of the quietest available. Check out the Silent PC Review. This is a good place to start, although much of the material is a bit dated.
• 430W should provide enough power for my current needs and future needs.

Hard Drives: Samsung Spinpoint 250GB (x2 to start) (full specs) $133.90 USD

• These drives are listed as some of the quieter drives available, according to a number of sites I checked out (including Silent PC Review). I wanted something economical (around $67 per unit) which would allow me to expand later.
• Starting at only 500GB of storage should allow me to house many of my favorite movies. My ultimate goal is to have ALL my movies stored in one box. To maintain a decent quality, each movie will need about 2GB of space. With over 200 movies, this is going to eat up most of what I am starting out with. I will need to expand my HD’s sooner rather than later. Let’s see how this goes…
• I have debated about the need for RAID. Striping provides you with an increase in data throughput, so I will probably do something along the lines of a RAID 0+1 and double up the two drives later for the reduncancy.

Video Card (output): eVGA nVidia 7100GS (full specs) $41.72 USD

• I had two drivers in picking my video card. I did not want an ATI card and I wanted a passively cooled card.
• I have continually had problems getting ATI cards to work on my Windows PCs. After two different cards which both caused problems I am making the switch to nVidia to see if I can get any better results. “Once bitten…uh..twice bitten…uh..”
• Again, one of the biggest goals was to keep the noise down, so passive cooling was the way to go.

Video Tuner (TV Capture input): Hauppauge PVR-500 MCE (http://www.hauppauge.com/pages/products/data_pvr500mce.html) $139.99 USD

• This is a dual tuner 125 channel analog TV capture card. MythTV has good support for the Hauppauge line of cards, so this was an influence in my decision. As well, getting 2 tuners to fit in a single PCI slot, freeing up that slot for future expansion, was a good add.
• An FM tuner is built-in on this card. Not sure if this will be used, but a nice addition.

Optical Drive: Sony 18x DVD +RW/-RW Blk $33.73 USD

• I think this is the first mistake I made so far. Dangerous Brothers provides a flash upgrade for many DVD’s to allow you to take advantage of the full speed of the drive, which in many cases has been crippled due to DRM. Read more at DefectiveByDesign.org. I should have bought a Pioneer model..oh well, perhaps next time…

Memory: 1 GB RAM $68.50 USD

• 2 sticks of DDR400 RAM @ 512MB each. Just the generic stuff.

Total Cost (including additional shipping and taxes not included above): $774 USD

Well, there you have it. I have received most of the parts and I am just waiting for the motherboard and CPU to arrive. I will provide more details in the next part which will cover the assembly of the hardware. Following that, stay tuned for details on the operating system and software installation.

Have a good one!

Zogbench

No Comments »