Re: [FIRMWARE] Itus Networks Shield Firmware Upgrade *WIP*
Posted by
Grommish on
Jul 02, 2019; 7:05am
URL: https://itus.accessinnov.com/FIRMWARE-Itus-Networks-Shield-Firmware-Upgrade-WIP-tp1726p1791.html
One of the reasons I was looking into the F2FS (Flash Friendly File System) was because it incorporates wear-leveling, which helps with the destructive writes shortening the life.
Currently, I am moving the alert.fast.xxxx files (1mb each) to /etc/snort/logs, pulling out the Priority 1 logs and saving them on disk, then removing everything but the last 5 logs (by timestamp). I'm crontab'ing this every half an hour. You're right about the logs getting get many and large quickly, and I understand the concern.
What about this..
Every 30 minutes, pulling the Priority 1 alerts/drops out and storing that on disk, but instead of moving/removing the alert.fast.xxxx files, just removing all but the "newest" 4 (not counting the active alert.fast file) to keep the RAM from getting filled up.
This way, we can remove almost all of the MMC writes AND free up RAM.
Thoughts on this strategy?
Running Itus Shield v2 Firmware