Martin F. Krafft blogged about how to rollback firewall changes in the case you managed to lock yourself out from the box

It's even easier if you use my Pyroman firewall config tool. (apt-get install pyroman). If you run pyroman safe it will execute the new firewall rules - and if you don't type OK within 30 seconds, it will undo all changes. Note that it can also restore to a configuration set by a different firewall app. (It just restores the old iptables state and feeds it back to iptables - it will support anything your iptables version does.)

Oh, and it's much faster than the other firewall scripts I've tested so far, since it doesn't spawn hundreds of iptables processes, but only one iptables-restore for setting the new rules in one transaction.

Check the web page for other benefits; should just work on any Linux distribution with iptables and python (read: every).

[Update: Martin, I was referring to the instructions you gave, to adding an at job and then running atrm to accept the changes. Yeah, what you script does is basically the same what mine does for rollback.]

You might have read that ext2/ext3 has support for so called "directory indexes", which supposedly speed up operations on directories with many files. For example your /usr/share/doc directory, your packages database, or your home directory (use ls -la | wc -l to count the number of files).

However, this feature is not enabled on most machines, since up to now you needed to pass a flag when creating the filesystem. The 1.39 upload of e2fsprogs (in Debian unstable as of May 29) made this default. So you probably didn't enable this when creating your filesystem.

To check, first find out what your filesystem device is (use mount). Mine is /dev/hda5, so my example will use this device. In traditional terms, this is the first extended partition on the IDE primary master drive.

Now use tune2fs -l /dev/hda5 | grep features to get a list of your filesystem features. If you have "dir_index" in there then you're all set. Ignore any "needs_recovery" - that is good for mounted filesystems (it just means "not cleanly unmounted")

To add dir_index, do the following.

• Unmount the filesystem. If this is your primary filesystem, use a bootable CD like Knoppix or some Linux install CD.
• Make sure the filesystem is really not mounted. Just for safety of your data. Run e2fsck /dev/hda5 - this should take less than one second if your filesystem is clean and is needed anyway otherwise...
• Execute tune2fs -O +dir_index /dev/hda5 to enable the feature for your filesystem
• Execute e2fsck -Df /dev/hda5. This will force a filesystem check with directory optimization (!) on your filesystem.
• Mount your system (or reboot, if you were using a live CD)