[ previous ] [ next ] [ threads ]
 
 From:  "Holger Bauer" <Holger dot Bauer at citec dash ag dot de>
 To:  <m0n0wall dash dev at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall-dev] Re: [m0n0wall] Re: [m0n0wall-dev] SUGGESTION: M0n0wall flashsize and Recommendedmemory
 Date:  Fri, 15 Sep 2006 23:55:34 +0200
pfSense does run RO on embedded builds/cf images.

Holger

> -----Original Message-----
> From: Dan Bond [mailto:dan dot bond at gmail dot com]
> Sent: Friday, September 15, 2006 11:16 PM
> To: m0n0wall dash dev at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall-dev] Re: [m0n0wall] Re: [m0n0wall-dev]
> SUGGESTION: M0n0wall flashsize and Recommendedmemory
> 
> 
> Forgive my ignorance, but would FreeBSD run if everything except the
> configuration file was mounted ro? Honest question, because that sound
> very interesting but I can't see quite how that would be possible,
> however you are obviously right, would make turning off totally safe.
> 
> Have to admit to having not really thought about how much disk access
> would actually be needed for a running system being that most of the
> daemons would be in ram anyway, this is very true. Ditto the idea of
> having binaries in a ram disk, again a great idea which i'd failed to
> think of.
> 
> Dan
> 
> 
> On 15/09/06, Kendrick Vargas <ken at hudat dot com> wrote:
> > Dan Bond wrote:
> > > Which is, if i'm not mistaken, how pfSense works. I tried 
> it once but
> > > there are things that m0n0wall just does better due to everything
> > > running off a flash disk. For instance, when you want to 
> turn off your
> > > m0n0wall, you just pull the power because, unless you're writing a
> > > config change at that point, there will be no disk 
> activity. PfSense
> > > is like any normal system, you've got to shut it down 
> properly. Not to
> > > mention for systems which go very long times between reboots (like
> > > firewalls) the act of loading a large image once requires 
> much less
> > > disk activity than accessing each binary, config file and whatever
> > > else every time you want to use them.
> >
> > Running the system directly off the flash doesn't have to 
> mean mounting the
> > filesystem as read-write. It can be in read-only mode which 
> means powering
> > off without "properly shutting down" wouldn't be an issue 
> (unless freebsd is
> > different from linux in this respect). There's only one 
> thing that really
> > changes on the system, and that's the configuration file. 
> Furthermore, the
> > configuration file changes in a predictable manner: it's 
> initiated by the user.
> >
> > If there were a seperate, small rw partition for the 
> configuration file,
> > which was typically only mounted as ro and remounted as rw 
> temporarily ONLY
> > when a change needed to be made, and then the rest of the 
> system was mounted
> > as ro... how would that be an unsafer? Also, since this is 
> still basically a
> > general purpOS, wouldn't the daemons and stuff mostly be in 
> memory once
> > they're run the first time, thus making them faster to 
> execute later? How
> > about creating a ramdisk path where you could copy oft 
> running binaries and
> > just put it in the path?
> >                         -peace
> >
> > 
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash dev dash help at lists dot m0n0 dot ch
> >
> >
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash dev dash help at lists dot m0n0 dot ch
> 
>