IpCop is a firewall software based on a Linux distribution that aims to provide a simple and configurable hardware firewall using a standard PC. Initially, it was a fork of SmoothWall IPCop. Later development has followed different paths and now the two distributions differ greatly.
IPCop is licensed under the GPL and is developed with the traditional style of Open Source: the project is developed through the collaboration of several developers scattered around the globe. The graphical interface is available in 17 different languages. The distribution also includes an elegant and simple system upgrade.
Although not entirely official dichiatati for IPCop, there are plenty of addons, developed by large software companies, which add extra features of IPCop, such as advanced QoS, e-mail virus checking, traffic summaries, extended interfaces for controlling proxy, and many others.
IPCop offers a wide range of technical features, ranging from standard Linux netfilter capabilities of NAT support for DNAT DMZ away from supporting DHCP (client and server) to support and serve NTP to synchronize the date and time, the ability to activate a proxy to enable an IDS. It also supports four network cards and an unlimited number of VPN connections, as well as offering the possibility to backup and restore of the configuration. It is also easily extensible with many modules available on the Internet.
IPCop does not require much computing power to work: just a 386 little RAM and MB HD, but to do more configuration is required as a minimum a Pentium MMX with 64 Mb of RAM and a few GB of hard drive. If you plan to use the proxy functions are recommended 256 MB of RAM and a few GB free. The installation options range depending on your needs: street CD (it requires a reader) via USB key (requires an opportunity for booting from USB port), or directly to Compact Flash Card (must be an appropriate hardware).
IPCop appointment and diversified network interfaces in color. Here are the meanings:
- RED – the interface is connected to the Internet. (Commessioni ISP – PPPoE – PPPoA, xDSL Router)
- GREEN – is the interface for the internal network. (Private LAN)
- BLUE – is the interface for a second internal network or a wireless network. (WiFi)
- ORANGE – is the interface for any DMZ where there are servers that offer services outside. (Demilitarized Network)
The minimum configuration includes two network interfaces: RED (Internet) and GREEN (to protect the internal network), but it is not difficult to extend these steps to configure a firewall complex. If there are two local networks that should not be separated using the interface BLUE. Special features of IPCop is the ability to expand and add features. For many distributions that are created with special addons.
List of features
- Management of 4 types of networks
- Standard Netfilter NAT and Routing capability
- Management of incoming and outgoing traffic
- Administration via Web GUI with user friendly interface
- Remote administration of the SSH protocol
- Updates On The Fly
- System Backup
- Capacity performance even on older machines
- System Logs Accurate consultation
- Directors of Unlimited VPN, IPsec and OpenVPN on protocols, with the use of CA certificates
- Integration with a wide range of additional modules
- Dynamic nature and possibility for customization
Firewall UTM Services List
- Firewall with Service Management and Administration by the rules. (Port forwarding, Block Out Traffic, External Access, DMZ pinholes)
- Dynamic DNS services
- Advanced Proxy service in transparent layer, and application. With System User Authorization and CRE
- DHCP server
- Hosts Service
- Adding IP aliases
- Traffic Graphics Management
- Time Server
- Bandwidth management
Additional services with Compatible Addons
IPCop v2.x incorporates some significant improvements.
- Linux kernel 2.6.32
- New hardware support, including cobalt platforms, SPARC and PPC
- New installer that allows you to install on compact flash drives or hard drives, and select the interface cards and assign them to particular networks
- The access to GUI web pages are all protected by a password
- The port for https secure connections has been changed to 8443
- Redirected from ports 81 and 445 does not work, has been deleted
- A new user interface, which includes:
- A new schedule page, in the menu system, where you can program various events
- More pages in the status menu, including new pages for System Info, Traffic Management, and IPTables, as well as a revised page for connections
- A proxy page updated, now with advanced control features
- There is one page simplified DHCP server, dhcpd, dnsmasq has replaced as a DHCP server
- The Time Server page has been simplified, now using IPCop in ntpd fully
- The Firewall menu has been revised, Going Out and Port forwarding traffic controlled by firewall rules are now more complete
- The IPCop OpenVPN has been added as an alternative to IPsec
The snort intrusion detection system has been removed from IPCop v2.x, to make way for the AIDE addon.