Wednesday, November 14, 2007

the server project: lesson learned aka why /var/log is sometime useless, and etc

Got called back to check out some issue on the linux firewall, that is providing the internet connection to 4 blocks. Still figure out why, but i think i got a suspect.

On the other hand, learned a few things.
1) sometime logs are useless,
especially when you set logging on shorewall, or iptables and their friends. I was hoping to see why the server hangs, so from my experience i check on the last minute entry on /var/log/messages . It work last time. It is useful to check out what is the last system states, or kernel states.

only to found out that, the is a lot of complaints from shorewall on martian packets. So cat /var/log/messages|tail, don't work either, because as soon the shorewall starts, there will be complaints on martian packet.

By then my laptop don't serve hundreds of people

2) there is 2 version of top,
one is top, another is htop. htop look nicer, but top comes by default. But really it do the same thing.

anyway htop have more feature

3) webmin can take a lot of cpu cycles.
not webmin it self, but rather, its log rotating scripts, it can take 100% of the cpu time.

4) on the other hand, webmin can be useful
at least having a gui, is nice, but interestingly awkward.
and it have some useful things such as bandwitdh monitoring. and frontend for configuring your server

5)but webmin can be useless too.
maybe not much, it just happens that we use a maclist to authenticate internet user. and the webmin shorewall module don't provide it. therefore, sometime shell rules.

i know using maclist is not wise, but i am not prepared to change the process of the block resident applying for internet connection.

i think that is pretty much it

No comments:

Post a Comment