[ previous ] [ next ] [ threads ]
 From:  Kendrick Vargas <ken at hudat dot com>
 To:  m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall-dev] Re: [m0n0wall] Re: [m0n0wall-dev] SUGGESTION: M0n0wall flashsize and Recommendedmemory
 Date:  Fri, 15 Sep 2006 17:08:06 -0400
Dan Bond wrote:
> Which is, if i'm not mistaken, how pfSense works. I tried it once but
> there are things that m0n0wall just does better due to everything
> running off a flash disk. For instance, when you want to turn off your
> m0n0wall, you just pull the power because, unless you're writing a
> config change at that point, there will be no disk activity. PfSense
> is like any normal system, you've got to shut it down properly. Not to
> mention for systems which go very long times between reboots (like
> firewalls) the act of loading a large image once requires much less
> disk activity than accessing each binary, config file and whatever
> else every time you want to use them.

Running the system directly off the flash doesn't have to mean mounting the
filesystem as read-write. It can be in read-only mode which means powering
off without "properly shutting down" wouldn't be an issue (unless freebsd is
different from linux in this respect). There's only one thing that really
changes on the system, and that's the configuration file. Furthermore, the
configuration file changes in a predictable manner: it's initiated by the user.

If there were a seperate, small rw partition for the configuration file,
which was typically only mounted as ro and remounted as rw temporarily ONLY
when a change needed to be made, and then the rest of the system was mounted
as ro... how would that be an unsafer? Also, since this is still basically a
general purpOS, wouldn't the daemons and stuff mostly be in memory once
they're run the first time, thus making them faster to execute later? How
about creating a ramdisk path where you could copy oft running binaries and
just put it in the path?