netfilter firewalling problems and solutions

Bennett Todd bet at
Tue Feb 24 08:24:03 PST 2004

2004-02-24T10:55:59 Ian Molton:
> Oh right - you're saying tis easy to know nothing is writing to
> the hdd, rather than you have to boot off something that isnt the
> hdd.

Yup. I'm planning on doing exactly this for the internal drive on
the old junker laptop that's my home fileserver. Have it load a
vmlinuz and initrd off the internal harddrive, then turn it off, run
entirely off the initrd, fileserve entirely off the chain of
external USB hard drives slung off it.

Since compactflash looks exactly like an IDE drive to the system,
I'm looking forward to building myself some genuinely diskless, no
moving parts systems one of these days, using the same trick.

Booting off something that isn't the hdd is hard, but booting a nice
big decadent initrd off the hdd then turning it off is dead simple.

Shoehorning everything a body could want into whatever slack is left
after you fit a vmlinuz onto a floppy is tricky. But building a
happy custom server into a 4MB, or 8MB, or 16MB initrd is easy and
fun, especially with uClibc + BusyBox:-).

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <>

More information about the hlfs-dev mailing list