Raqcop-1.4.21-2

[Davesworld]

I implemented some changes that I did not want to hold off for 1.4.22 release.

For flash installs, switched over to the tmpfs rather than continuing to use an ext2 formatted ramdisk. This is used in 1.9.3 (2.0svn) for the /tmp directory in all installs and of course /ram in a flash install. The virtues of the tmpfs are numerous. I could write a half page about it but won't here. I was able to set up the mounting of /ram using the tmpfs in percentage of total memory rather than a fixed size. I set it to use 25% of total memory, in this case however, total memory is ram, IPCop does not use a swap file in a CF install but tmpfs will use swap if it exists and is needed You can change it on line 8 of rc.flash.up if you wish. This arrangement gave a 256MB ram install 64MB of space in /ram, if you add more ram to the box, the size of /ram goes up automatically with no editing on your part.

On the lcd end of it, when rebooting or shutting down, the lcd has verbose output telling you what is being stopped, unmounted etc at that moment and if halting, it will tell you when to shut the machine off, if rebooting, it will tell you it is doing that and to please wait.

The lcd script itself is now based on the original author's (Bob Fisch) last posted script on the French IPCop forum. I have most functions fitting the 16 character length now if you get bored of the up and down bar and value display. Also, the behavior was to leave an lcd.conf file in the root / directory upon shutting down and if you started and stopped the lcd via shell, you wound up with yet another one in the /root directory, I changed this to look for it in /etc and also we now start with an existing one since lcd.conf will override the default functions. I wrote up some info on how to use this in the downloads section.

For existing raqcop 1.4.21 installations, you can simply drop this http://downloads.raqcop.com/cobalt_ipcop/raqcop-flash-image-install/tmpfs-lcd-changes-1.4.21-2.tar.gz into the root / directory and issue # tar -xvzf tmpfs-lcd-changes-1.4.21-2.tar.gz and you will have the lcd and flash changes, hard disk installtion users will still benefit from the lcd improvements and should one decide to make a flash image from it, the improved flash using tmpfs is already there. If you are running flash and do this update, you will need to reboot, for a hard drive install, just # killall lcd, do any changes to /etc/lcd.conf and /sbin/lcd if you want to change the interface and speed and then issue # lcd -loop > /dev/null 2>&1 & and that should get you going. For further info on how to use this: http://downloads.raqcop.com/cobalt_ipcop/extras/lcd-0.8.1-cobalt/lcd-functions.txt

The pre made images you will notice have two designations, Qube3 and Raq4, the only difference is the nic configuration, The Qube3 images will work right away with network access and ssh enabled on Qube3 and Raq550 Cobalts since they share the National Semiconductor DP83815 nics. The Raq 4 images will work right away with network access on Raq3 and Raq4 units since these share the Intel 82559er nics. These are in the raqcop-flash-image-install folder under downloads.

Enjoy!

[Davesworld]

For those of you who use flash installs on Cobalt Raqs and Qubes which is really preferred by many of us, something I tried today with the tmpfs which is one of the main reasons I made the newer 1.4.21 build available and that is remounting an existing tmpfs on /ram. In a nutshell, it works wonderfully since a mounted tmpfs partition is NOT a formatted block device like the rd filesystem was.

mount -o remount -t tmpfs -o size=128MB tmpfs /ram

Ok, that's an example of a fixed size, if you wanted the mounted /ram partition to grow with the amount of installed ram you could do this as a percentage instead.

mount -o remount -t tmpfs -o size=30% tmpfs /ram

Note that there is no loss of data doing this on the fly, logs, graphs and everything hold up in /ram just fine. If you wanted the changes to be permanent should you ever reboot the system, you would then edit /etc/rc.flash.up on line 8. For example change:

TMPFS_MAX_SIZE=25%

to:

TMPFS_MAX_SIZE=128M

or a percentage:

TMPFS_MAX_SIZE=30%


Not Cobalt specific but a nuisance on ANY IPCop flash install having been created by the mkflash script is that upon first boot, you wind up with an empty /var/log/squid directory with no access.log in it. The casual user who wants to use the proxy (limit your cache size in flash installs to avoid unpleasant surprises) of course activates the proxy and possibly the log, what winds up happening is that the access log is created at that point with a mode of 640 NOT 644 which is not readable in the web gui under proxy logs. Hashed this over with Eric Oberlander and he had me try to delete the /var/log/squid directory and restart, it then works since the flash up script has a touch command to create this file and the sysinit runs with a umask of 022. One could also take an existing flash install and chmod 644 the access.log. This file is kept in the compressed tarball which is expanded on reboot and the permissions stay as set.

To keep this from happening in the first place, the following patch to the mkflash script itself solves it, you get an empty access.log file with mode 644 squid:squid in the tarball that is created during this process.

--- mkflash 2008-03-29 03:28:23.000000000 -0700
+++ mkflashnew 2008-10-18 00:55:13.958780943 -0700
@@ -308,6 +308,9 @@
# /var/log
rm -rf /mnt/flash/var/log/snort/*
find /mnt/flash/var/log -type f -exec rm -f {} \;
+touch /mnt/flash/var/log/squid/access.log
+chmod 644 /mnt/flash/var/log/squid/access.log
+chown squid:squid /mnt/flash/var/log/squid/access.log
tar -C /mnt/flash -czf /mnt/flash/var/log_compressed/log.tgz var/log/
rm -rf /mnt/flash/var/log/
ln -sf /ram/log /mnt/flash/var/log


I already submitted this as a bug report with the patch since this affects all flash installs of IPCop 1.4.x.