[ previous ] [ next ] [ threads ]
 
 From:  "Dan Bond" <dan dot bond at gmail dot com>
 To:  m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall-dev] Re: [m0n0wall] Re: [m0n0wall-dev] SUGGESTION: M0n0wall flashsize and Recommendedmemory
 Date:  Fri, 15 Sep 2006 22:16:16 +0100
Forgive my ignorance, but would FreeBSD run if everything except the
configuration file was mounted ro? Honest question, because that sound
very interesting but I can't see quite how that would be possible,
however you are obviously right, would make turning off totally safe.

Have to admit to having not really thought about how much disk access
would actually be needed for a running system being that most of the
daemons would be in ram anyway, this is very true. Ditto the idea of
having binaries in a ram disk, again a great idea which i'd failed to
think of.

Dan


On 15/09/06, Kendrick Vargas <ken at hudat dot com> wrote:
> Dan Bond wrote:
> > Which is, if i'm not mistaken, how pfSense works. I tried it once but
> > there are things that m0n0wall just does better due to everything
> > running off a flash disk. For instance, when you want to turn off your
> > m0n0wall, you just pull the power because, unless you're writing a
> > config change at that point, there will be no disk activity. PfSense
> > is like any normal system, you've got to shut it down properly. Not to
> > mention for systems which go very long times between reboots (like
> > firewalls) the act of loading a large image once requires much less
> > disk activity than accessing each binary, config file and whatever
> > else every time you want to use them.
>
> Running the system directly off the flash doesn't have to mean mounting the
> filesystem as read-write. It can be in read-only mode which means powering
> off without "properly shutting down" wouldn't be an issue (unless freebsd is
> different from linux in this respect). There's only one thing that really
> changes on the system, and that's the configuration file. Furthermore, the
> configuration file changes in a predictable manner: it's initiated by the user.
>
> If there were a seperate, small rw partition for the configuration file,
> which was typically only mounted as ro and remounted as rw temporarily ONLY
> when a change needed to be made, and then the rest of the system was mounted
> as ro... how would that be an unsafer? Also, since this is still basically a
> general purpOS, wouldn't the daemons and stuff mostly be in memory once
> they're run the first time, thus making them faster to execute later? How
> about creating a ramdisk path where you could copy oft running binaries and
> just put it in the path?
>                         -peace
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash dev dash help at lists dot m0n0 dot ch
>
>