Re: Building Debian firewall

To: "Kirk Schroeder" <kirkschr@pacbell.net>, <debian-firewall@lists.debian.org>
Subject: Re: Building Debian firewall
From: "Robert Davies" <RaggedRob@Lineone.Net>
Date: Sun, 27 May 2001 20:24:48 +0100
Message-id: <[🔎] 006801c0e6e2$cb2e9940$1b327bd5@oak>
Reply-to: "Robert Davies" <RobDavies@Webtribe.Net>
References: <[🔎] 20010526190707.D22624@pacbell.net> <GCEGLPFGDCACHENIJHDDCECJCDAA.blacknet@phenixcable.net> <[🔎] 20010527113226.A6238@pacbell.net>

Note please don't reply to this email address my usual ISP dial-up is
failing to connect up PPP, so I've created a temporary account with a
different one.  I won't check the mail box!

> On Sat, May 26, 2001 at 11:03:47PM -0400, Ed Street wrote:
> > Hello,
> >
> > sounds all good BUT I would *STRONGLY* recomend you do *NOT*, I repeat,
do
> > *NOT* use reiserFS on a firewall box.  My boxes are potato with minimal
> > packages installed.  I wrote my own script using iptables and other
usefull
> > packages.
>
> Ed,
> Thanks for your reply. I did not know that the reiserFS would be bad for
> a firewall box. I live in California and we have power promblems and not
> all of my boxes are on a UPS. I thought that having a reiserFS would be
> a good idea for a recovery from a power outage.

ReiserFS is supposed to be pretty stable now, since 2.4.4, I don't think any
fixes for it went into the latest 2.4.5 kernel release.  The SuSE distro has
been including Reiser for at least a year now, and by all accounts users are
happy with it.

So what are the reasons for not using ReiserFS?  I read somewhere that even
the latest verson of lilo is starting to support booting from a reiserfs
partition.

I understand Ed's minimalist approach to using a firewall, but then you
would argue against using Debian, and applying a Linux router project, some
of which do not require a hard disk.  Better still boot from CD-ROM and use
read-only filesystems, TMPFS or RAMFS.

So does ReiserFS interact fiendishly with the network stack?  It seems a bit
implausible to me, does Ed know something in particular or is the strident
advice based on the file systems relatively new status to the standard
kernel?

BTW  A Caveat Applies

ReiserFS transaction log only applies to filesystem meta data, the journal
filesystems are not flushing data blocks any quicker than ext2, so improper
shutdowns can result in corrupt files, or loss of data, just not totally
corrupt filesystems.

I've been playing with Reiser and it's great not waiting for fsck-ing fsck.
I'm definitely going to employ it, and most of the reviews and comparisons
have shown Reiser and/or XFS to compare well with ext2.

Rob

Reply to:

Follow-Ups:
- Re: Building Debian firewall
  - From: Kirk Schroeder <kirkschr@pacbell.net>

References:
- Building Debian firewall
  - From: Kirk Schroeder <kirkschr@pacbell.net>
- Re: Building Debian firewall
  - From: Kirk Schroeder <kirkschr@pacbell.net>

Prev by Date: Re: Building Debian firewall
Next by Date: Re: Building Debian firewall
Previous by thread: Re: Building Debian firewall
Next by thread: Re: Building Debian firewall
Index(es):
- Date
- Thread