port-mac68k: Firewall question & df weirdness

Subject: Firewall question & df weirdness
To: None <port-mac68k@netbsd.org>
From: Russ Arcuri <photo.nut@mindless.com>
List: port-mac68k
Date: 09/01/2002 12:48:54
Apologies in advance: This will probably be a bit long, but I 
would appreciate any advice that's offered.

Current setup: Quadra 700, 68 MB RAM, 1 GB hard drive, 
Farallon Ethermac card (ae0), internal ethernet (sn0), and 
internal video.

Drive partitioned as follows: 60 MB Mac OS, 100 MB root, 580 MB 
/usr, 200 MB /var, and 71 MB swap.  I believe this will be overkill 
for firewall duty, but I want to be sure it can handle the full 
throughput of my DSL connection -- I don't want a firewall that will 
be a performance bottleneck.  Also, I may be adding web server 
and sendmail duties later.  For now, it will just be a firewall.

I have netbsd 1.5.3 installed.  Installation went smoothly, though 
the installer took quite a while to get everything loaded.  I 
installed base.tgz, comp.tgz, etc.tgz, games.tgz, kern.tgz, 
man.tgz, misc.tgz, and text.tgz.

Okay, enough background.  Here are my questions:

1. I'm confused by what I'm seeing when I do a df -k.  It says:

Filesystem  1K-blocks   Used       Avail    Capacity   Mounted on
/dev/sd0a     927628     847635   -12770    101%        /
/dev/sd0e     261694     69372     166152    29%         /var
/dev/sd0g     831141     372058   375968    49%        /usr
kernfs                       1                1               0    100%     /kern
procfs                       4                4               0    100%     /proc

First, it seems like there's way to much space there -- too many 
1K blocks present.  Also, how can root be at 101% capacity?  
How can it have -12770 blocks available? It says kernfs is 
mounted on /kern, and procfs is mounted on /proc, both at 100% 
capacity.  What does that mean? Finally, considering what I 
installed, it seems like too much disk space is used already.  
What's going on?

2. The only documentation I can find about setting up a firewall 
indicates I should download a 1.4.2 'dedicated' firewall kernel.  
I'd rather stick with 1.5.3, but I'm not sure what the next step is to 
configure it as a firewall.  Any pointers to online documentation 
would be appreciated.

I'm sure I'll have many other questions.  Hopefully people won't 
lose patience with me...

Thanks,
Russ
-- 
__________________________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup