Re: stripping OpenBSD router/firewall , how? [and disk space/partitioning - advice needed]

From: PiotrAF (piotraf_at_nospam.poczta.onet.pl)
Date: 04/28/04

  • Next message: Peter Matulis: "Re: stripping OpenBSD router/firewall , how? [and disk space/partitioning - advice needed]" 
    Date: Wed, 28 Apr 2004 14:45:25 +0200

    On Wed, 28 Apr 2004 01:49:47 +0000, Tim Hammerquist wrote:

    >
    > What Linux sees is the Primary partition used by the OpenBSD
    > filesystems. It won't see the individual ffs filesystems (sometimes
    > called "slices") inside it, but the principal remains the same: with so
    > little space to work with in the first place, you don't want to risk
    > wasting space my using too many partitions.
    >
    > E.g., on one of my systems, the /usr fs is 2GB. But even with all the
    > packages I have installed, 440MB is unused, and probably never will be.
    > In this case, more space than the entire capacity of your drive will not
    > be accessible to any other filesystems that might benefit from it.
    >
    > At the very least, I'd combine / and /usr into one partition (/) and
    > combine /var and /var/log into one partition (/var). You'll save some
    > diskspace, and your system still won't be brought down over a rogue
    > logfile. (This is the system I used for the 250MB drive I installed
    > OpenBSD 3.3 on.)
    >

    OK, you convinced me, but then we have to go further :)
    I've read that I should have the comp35.tgz elsewhere -not the
    router/firewall, therefore I decided to have OpenBSD on the DMZ
    www/mail/proxy server. questions are:
    1. I will need a DNS as well, should it be on the firewall/router or in
    the DMZ?
    2. Is it safe enough to have samba/print server on the DMZ (for local-net
    only) or should I have it on another PC?
    Would this be about OK, a far as disk space goes:
    router/firewall (340MB):
    /dev/wd0a 200M /
    /dev/wd0b 70M (RAM=64MB) swap
    /dev/wd0d 70M /var
    DMZ www/mail(.maildir -postfix?exim?)/samba/print/ (8,5GB)
    serwer# df -h
    Filesystem Size Used Avail Capacity Mounted on
    /dev/wd0a 147M 29.3M 110M 21% /
    /dev/wd0i 6.1G 2.0K 5.8G 0% /dane
    /dev/wd0h 1006M 295M 661M 31% /usr
    /dev/wd0d 78.9M 6.8M 68.2M 9% /var
    /dev/wd0e 250M 22.0K 238M 0% /var/log
    /dev/wd0g 250M 22.0K 238M 0% /var/spool
    /dev/wd0f 250M 4.0K 238M 0% /var/tmp
    swap 300M (RAM 128MB)
    this is a fresh 'full'(including X) install. The:
    /dane (means -data) will include:
    /home /usr/ports /usr/src /usr/obj /var/www /var/backups
    /var/squid/cache /var/db/mysql
    The /tmp either mfs or linked /var/tmp

    Another question is about MTA. Until now I used postfix, but I've heard
    that exim is quite good. I will have <5 www/mail domains and would like to
    have it connected with mysql and some free antivirus
     I'll be greatfull for any
    hints from more experienced people.

  • Next message: Peter Matulis: "Re: stripping OpenBSD router/firewall , how? [and disk space/partitioning - advice needed]"

    Relevant Pages

    • Re: Cant see OpenBSDs slices
      ... I assume the OpenBSD machine was i386 and not sparc. ... doesn't understand OpenBSD disklabels. ... disklabel then we can't find the filesystems. ... Do you have a partition map from OpenBSD to compare with? ...
      (freebsd-current)
    • Re: [9fans] Glendix?
      ... I've no idea how the BSD VFS is these days. ... OpenBSD has dropped stackable filesystems long ago. ... unionfs implementation was a nightmare. ...
      (comp.os.plan9)
    • Re: [9fans] Glendix?
      ... OpenBSD) one should be allow ed to write userland file servers (that's ... one of my personal goals). ... OpenBSD already has filesystems in userland. ...
      (comp.os.plan9)