On Mon, 23 Oct 2000, Brandon D. Valentine wrote:

# Date: Mon, 23 Oct 2000 17:00:03 -0400 (EDT)
# From: Brandon D. Valentine <bandix@looksharp.net>
# To: Jon Lindgren <jlindgren@slk.com>
# Cc: Manuel Bouyer <bouyer@antioche.lip6.fr>, port-sparc@netbsd.org,
#      netbsd-help@netbsd.org
# Subject: Re: r/o filesystem restrictions for firewall?
# 
# On Mon, 23 Oct 2000, Jon Lindgren wrote:
# 
# >Correct.  I want [read: need] this box to be:
# >
# >1) Insert NetBSD CD mod'd to be a firewall,
# >2) Boot
# >3) Enjoy
# >
# >[lather, rinse, repeat]
# 
# Then mounting the CD as the root filesystem is not the way to go.  I
# would recommend creating a bootable CDROM that does nothing but write
# out a disk image to your hard drive.  Then the box can be a fully
# functional NetBSD machine with a r/w root filesystem.  Then if the box
# gets rooted, you simply pop the CD in, and flip the switch and your
# drive will get rewritten.

Idea:

Mount it as your root disk.
Tar up /dev.
mount /dev as a mfs.
extract from the tarred-up /dev.

Somehow.

				--*greywolf;
--
If anyone requests a reason as to why Windows NT is inferior to UNIX,
refer them to the process scheduler, for starters.  Of course, users
don't care, and programmers try not to, even though they both should.
If that fails, reiterate that remote administration and control of a
node is a *good* thing, especially if network security is concerned.