I have installed 2.2RC1 on a compact flash card using the method listed
below. Am I missing anything which could cause me problems in the future? I
have blogged this, but want to update it as better information becomes
available.
Cheap solid state router using Endian
Firewall<http://robwicks.blogspot.com/2008/07/cheap-solid-state-router-using-endian.html>
I
wanted to run Endian Firewall <http://www.endian.com/> on compact flash,
something which is not explicitly supported, apparently. I had 1.5GB of RAM,
and Endian runs in 512 with no problem, so I figured I could use tmpfs to do
/var and /tmp, helping prevent the card wearing out. I could not get Endian
to install to a USB device, but a $12 CF-IDE adapter allowed me to install
it on a 2GB flash card with no problem. It will disable swap automatically.
You can either pop it out after you install, or you can boot off a Knoppix
CD next so that you can make some modifications to your installation. If you
are using the CF card via USB (I could not get Endian to install on a USB
connected CF card, but I imagine I could get it to boot and run, once I
installed it over IDE. After you perfect the installation, you can just dd
the boot sector and each partition so that you can clone your install to new
media), mount /dev/sdb3 to /mnt to access the root directory (/). Once you
mount the / partition for editing, change the etc/fstab file on the CF card
to read something like this:
/dev/hdb1 /boot ext3 nodev,nosuid,noatime 1 2
/dev/hdb3 / ext3 noatime 1 1
/dev/hdb4 /varperm ext3 noatime,mand 1 1
none /var tmpfs noatime,mand 0 0
none /tmp tmpfs defaults 0 0
none /home tmpfs defaults 0 0
none /proc proc defaults 0 0
none /dev/pts devpts gid=5,mode=620 0 0
/dev/cdrom /mnt/cdrom udf,iso9660 noauto,owner,kudzu,ro 0 0
Note that I moved /var to /varperm and /home to /homeperm. You can mkdir
those directories under your root partition which has been mounted to /mnt.
Next, edit the etc/rc.d/rc.sysinit file. Locate the line which reads
mount -a
Add three lines immediately below it:
######copy stuff to the tmpfs filesystems
/usr/bin/rsync -a /varperm/ /var/
/usr/bin/rsync -a /homeperm/ /home/
This will get the necessary directories and files on boot from the flash to
RAM so that scripts start correctly. That's all which is actually required!
You can (and probably should) add a cron job (under
/etc/cron.{minutely|hourly|daily} to periodically rsync stuff from /var to
/varperm to keep historical logs. This is in /etc/cron.d/syncflash on my
system:
#!/bin/sh
/usr/bin/rsync -a /var/ /varperm/
/usr/bin/rsync -a /home/ /homeperm/
I also added /etc/cron.d/syncflash to /etc/rc.d/rc.halt, right after the
"Shutting down" line at the top of the file so that I flush to flash
whenever I shut down.
Since tmpfs allocates half your RAM by default, we effectively have a 750MB
combined /tmp and /var filesystem. This is plenty, really. We can even
enable the proxy and ntop, so long as we set the limits to something
reasonable. I may hack it further to keep longer logs on flash and
continually flush tmpfs, but what I have works for now. I think this may be
a really good solution for a dedicated router box, maybe using something
like a Fit PC <http://www.fit-pc.com/new/>. *Addendum: Fit PC does not have
enough memory for this application. But an old laptop and a PC Card CF
reader might do the trick. I also had to change the options from defaults in
the /var line to enable mandatory locks. Havp would not start without this
setting, which kept squid from working correctly.*
--
Rob Wicks
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Efw-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/efw-user
