[lug] ipchains and SYN packets

D. Stimits stimits at idcomm.com
Tue Jan 22 22:59:46 MST 2002


Sean Reifschneider wrote:
> 
> On Mon, Jan 21, 2002 at 03:13:01PM -0700, D. Stimits wrote:
> >No, my ramblings are more about full journaling modes rather than
> >meta-journaling. I have heard of a few people that found quirks with it.
> 
> I *BELIEVE* that ext3 is no longer journaling all writes, and instead is
> doing meta-data only journaling by default (unless overridden).  So far, I
> haven't experienced any problems with ext3, but I've only used it about
> half as long as I used ReiserFS on an extensive basis.

I already have excellent meta journaling via XFS, but I ran into a
problem that ended up making me lose all of my ipchains firewall data
(aside from a backup that was somewhat out of date). For those who don't
know, meta journaling is faster than full journaling, but suffers an
ability to lose a file if power is lost at the moment the meta data has
completed writing but before the main data has been written (it turns
the file into NULL characters). Well, the "stutter" where RH (and
probably others) does a syslogd restart (it attempts to restart 6 times
all at once, not just a single instance) can be fatal if you try to
shutdown at the same instant, or possibly other things. I had written a
new ipchains rule and matching hosts.deny rule, and instantly switched
to a new console to restart xinetd. Turns out restarting xinetd was
exactly at the same time as the 6 simultaneous restarts of syslogd, and
it locked up hard. The only other time I had this happen, coincidence
had me do a shutdown at exactly the moment the 6 syslogd restarts
occurred. I would bet it is rare for someone to shutdown exactly at the
moment cron does syslogd restart, or to do something like restart xinetd
at that moment. But it has me thinking of full journaling instead of
meta journaling. This is the part I wished worked correctly on ext3,
full journaling. Lots of people seem to use it with meta journaling, but
the results would have been the same for my ipchains disaster if any
meta journaling was used; only full journaling would have saved it. Has
anyone here had any good full journaling experiences? For just meta
journaling, XFS has done the job quite well since last spring.

D. Stimits, stimits at idcomm.com

> 
> One benefit to me is that ext3 file-systems can be re-mounted on ext2
> systems if need be.  Less of an issue with KRUD and the stock kernel now
> supporting ReiserFS, but there were a number of times when I was needing a
> feature in a new kernel but unable to upgrade because the ReiserFS patches
> were failing to apply in a very serious way...
> 
> We did use ReiserFS on our laptops for about a year, to decrease fsck times
> on reboot largely (since we mostly use laptops as our primary machines
> these days).  *EVERY* laptop ran into at least one instance of file-system
> corruption under Reiser.
> 
> However, on fixed-position machines, which rarely reboot, I don't think
> I've run into a single corruption problem during that time and over the 6
> months or so since switching the laptops to ext3...
> 
> Sean
> --
>  Rocky: "I must be getting near-sighted!  You look all fuzzy..."
>  Bullwinkle: "Let's face it, Rock...  I *AM* all fuzzy."
> Sean Reifschneider, Inimitably Superfluous <jafo at tummy.com>
> tummy.com - Linux Consulting since 1995. Qmail, KRUD, Firewalls, Python
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug



More information about the LUG mailing list