> I'm sorry, I forgot to give you more specifics about the box itself.
> It's an AMD K6 200Mhz, and has 32mb of memory. I'm sorry Jeff, I don't
> know what "df" and "free" are, or how to use them. Since memory is so
> cheap these days, would it be safe to say that one easy way to solve
my
> problem would be to simply add more memory? I think (if I don't
already
> have it laying around) you can buy 128mb for under $20. What do you
> think???
It's not just how much memory you have, but how it's allocated. You may
(or may not) have enough memory already in your system. Most LEAF
versions (Dachstein included) run out of a ram-disk, meaning you have to
"split" your ram into at least two partitions, one for the kernel
(memory to run programs), and one to use as a ramdisk (for file
storage). Dachstein-CD by default includes three memory segments:
Ram disk: / (root directory)
This is the ramdisk containing the core filesystem required to run
LEAF, including your /etc directory, the various programs in
/bin;/sbin;/usr/bin;/usr/sbin, and all the other files that make a happy
linux system :-) This partition defaults to 12 Meg on an unmodified
Dachstein-CD release. To change this size, you have to edit the kernel
command line parameters in the boot-loader configuration file
(syslinux.cfg contained in the implicit bootdisk.bin image for a
bootable Dachstein-CD).
Ram disk: /var/log (log files)
This ramdisk is used only for log files, and exists so you won't run
out of storage space on the root device (which can cause bad things to
happen) if your logs start filling up uncontrollably for whatever reason
(typically because of lots of denied/rejected packets from the
internet). This partition defaults to 4 Meg on a Dachstein-CD release,
and is configurable by editing the /etc/ramdisk.conf file (and backing
up the ramlog package).
kernel memory:
All memory *NOT* used by the above ramdisks is available to the
kernel to run programs, store firewall rules, and generally do all the
things computers need memory for. Bad things will happen if you run out
of available memory, especially since you probably don't have any swap
space configured (or a device to swap to, for that matter).
So...how do "df" and "free" fit in?
"free" lists the memory currenty used by the computer. The two biggest
things to check are MemTotal (make sure this matches how much memory you
should have) and MemFree (the amount of memory currently sitting idle
waiting to be used).
"df" lists the storage consumed by the various devices currently
mounted. Perhaps an example is in order...when I run "df", I get the
following output:
# df
Filesystem 1k-blocks Used Available Use% Mounted on
/dev/ram0 12155 6548 5607 54% /
/dev/ram1 4049 3187 862 79% /var/log
The left-most column (Filesystem) is the actual device...in this case,
you can see I have the default Dachstein configuration of 2 ramdisks.
The right-most column tells you where the devices appear in the
filesystem...in this case /dev/ram0 is the root device, and /dev/ram1 is
mounted on /var/log.
The middle columns provide statistics on storage capacity...the
1k-blocks column lists the total capacity of the device in blocks
(multiply by 1024 or 1k to get the actual number of bytes), while the
used and available are exactly what they indicate, and are also reported
in blocks. The Use% is a convinent display of the number of used blocks
converted to a percentage (ie 100% is completely full).
You want to make sure your partitions do not completely fill up, or you
may suffer some odd side effects. If /var/log fills up, you will miss
any logged messages until the log files get automatically rotated. If
the root partition fills up, some programs may die (specifically dhcpd,
which expects to be able to write to it's leases file), and you may
experience other odd behavior.
I suspect from your reported symptoms that you're logging lots of
denied/rejected traffic, and your log files are filling up. Verify this
with df, and take a look at the log files if that's the case. Analyze
any recurring packet deny/reject messages, and add any traffic you can
safely ignore to the SILENT_DENY variable in /etc/network.conf.
Charles Steinkuehler
http://lrp.steinkuehler.net
http://c0wz.steinkuehler.net (lrp.c0wz.com mirror)
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
