> having it store all this time. Most compact flash cards are good for 100,000
> writes per block, or something insane like that. Here is where it gets bad.
> That means that as your firewall runs, rrdtool would be constantly writing
> to the same few blocks on your CF card. Which, after a few years, would kill
> it. A better idea would be to have m0n0wall create a ram disk on boot, and
> create the rrdtool database within that. Since you aren't going to be
> storing a lot of datapoints (only 1 day's worth at the most), the ramdisk
> would only need to be a few MB.
the way we did it, which i listed here:
is to only copy the database to compact flash once per hour, even though
we update the RAM copy every minute. that way the compact flash is
only written to ~9000 times per year for this application.
our RR database is about 1 MB, and holds the statistics for 8 network
interfaces and 4 enviromental points (Temperature, Vcc, Vpower, LoadAVG).
you can pull out min/max/avg/last for any given timeframe. i was impressed
with the capabilities of rrdtool! it did not require pulling in a lot of
other libraries and can generate the PNG graphics itself.
> So anyways, if you're going to put a traffic graph right into the firewall,
> you're really not going to care much past 1 day's worth of information. You
> really only log into a firewall for 2 reasons. Either you're making a
> change, or your trying to figure out what's broke. You're really only going
> to care about immediate information, like what's been going on over the past
> hour, and the past day. Anything more than that, and you'd be looking at
> your much bigger traffic logs.
i want to see traffic over longer timeframes - and i trust m0n0wall box to hold
that data better than any of the PC's :) i like to try and answer questions like
"what is different in network traffic this week compared to last week" or "what
is the trend in box temperature now that i've placed the unit in a closed rack".