Thanks, John, for the quick response.  I have a few follow-up questions...

> > Current setup: Quadra 700, 68 MB RAM, 1 GB hard drive,
> > Farallon Ethermac card (ae0), internal ethernet (sn0), and
> > internal video. Drive partitioned as follows: 60 MB Mac OS, 
> > 100 MB root, 580 MB /usr, 200 MB /var, and 71 MB swap.
>
> This type of system can generally handle up to 400k/sec at minimum.

Wow... really?  Maybe I could have built a firewall out of my IIci then... I only have to be able to maintain around 100K/second.  You're talking about kilobytes, yes?  Not kilobits...

[Weird df output trimmed.]
> > First, it seems like there's way to much space there -- too many
> > 1K blocks present.
> 
> That is bizarre. How did you partition the drive? What utility?
 
I used HD SC setup, modified with the 00->FF resedit trick.  I used it for two previous "practice" installs, with no problems.

> >  Also, how can root be at 101% capacity?
> > How can it have -12770 blocks available?
> 
> The UFS filesystems have a certain percentage of extra blocks that only
> priviledged processes can use. So if a user filled up /usr, proviledged
> processes will still have some space until you come and fix things.

I had assumed 100 MB for root would be more than spacious... especially with /usr and /var getting their own partitions. But the weird df output makes me wonder.  I've got lots of space to play with... assuming my next install goes smoothly, will 100 MB for / be okay?

> > Finally, considering what I installed, it seems like too 
> > much disk space is used already. What's going on?
> 
> Hmmm. Good question.

I'm going to just assume something went wrong with the partitioning or installation, and start again from scratch

> I will send my Quadra instant-NAT how-to to the mac68k list in a few
> minutes.

Thanks! After skimming it over, it looks like I'm going to have to start fresh with 1.6 anyway, since I have to do PPOE. Four questions:

1. Maybe I just missed it when I skimmed over the procedure, but I didn't notice whether this will result in a state-based port-filtering type firewall, or whether it will only be doing NAT.  I have one of those dedicated hardware router/switches that does NAT, but the port-filtering feature on it blocks in BOTH directions.  So if I'm blocking a port inbound, it's blocked outbound as well. I figured I would build a NetBSD firewall out of the old Quadra to give me more/better features than the little hardware router has.  I want to block pretty much anything coming in, but allow a wide range of ports going out.

2. Will I be able to find .tgz packages similar to the 1.5.3 packages I used previously, or is there some other procedure I'll have to follow for 1.6?

3. Is the 68 MB of RAM going to provide any real benefit?  I could just as easily drop the Quadra back to 20 MB and use the extra RAM elsewhere. But if this box will benefit in any real way from the extra RAM, I'll keep it in there.

4. My two "practice" installs were done on a single big root&usr partition, and both worked fine with no strange df output. (FWIW, one of them was NetBSD 1.5.3 and the other was OpenBSD 3.1).  In principle I'd like to place /, /usr, and /var on their own partitions.  But again, if there's no real-world benefit to doing so, I'll just go back to one giant partition for everything to simplify the setup.

> Just don't ask us how to set up Windows to do IP NAT...

Ha! I do mostly Windows at work, but I'm a Mac guy at home... ;)  My unix experience is limited to Ultrix (yes, really -- I did system administration on a DECStation 5100 about 10 years ago) and Mac OS X, though I'm far more proficient on the command line than most Mac folks.

Thanks again for the advice/info...
Russ
-- 
__________________________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup