I have been using IPcop for a while. It's a great linux (and free) firewall. I don't know if there are better firewalls out there, but it seems to serve my purposes and those of my employers and customers.


IPcop is a Linux based firewall (and therefore free) that installs from a CD. It can be easily managed from any web browser. You download it from here. You download an ISO image, and burn it (as an ISO..) to a cd. Then just boot from the CD, and follow the directions. There are however a few

things that could be improved. There seem to be a few "gotcha's" that aren't readily documented. These are some of my notes concerning installing IPcop's firewall which will help smooth out the process.

After completeing the initial install, which is very straightforward, (just follow the prompts, and answer the questions) you will need to make a few tweaks to get things running smoothly on your new firewall.

For web based remote administrtion, IPcop uses port 445. However many ISP's block this port as it has been used for many attacks. So changing it to another port is required. Here is how:

First, you need to enable SSH access on your IPcop firewall. To do this, login via the web interface. The default URL is this: http://GREEN_IP_ADDRESS:81. Hover your mouse over system then click on ssh access. Check the box that says ssh access then the save button.

Login into the IPcop firewall using ssh via port 222, and change these 5 files:

/etc/httpd/conf/httpd.conf
/home/httpd/cgi-bin/portfw.cgi
/var/ipcop/header.pl
/var/ipcop/proxy/acl
/var/ipcop/proxy/squid.conf

Change 445 to 441 in these files, or what port you like. Pay attention, to change all occurenses (1-2 per file). Restart httpd (and squid if you use it). Restart IPCOP if you don't know how to do it!

Then login to IPcop, then hover the mouse over firewall then click on external access and add what ever port you used above (EX: 441).

Also if you want to SSH into IPcop via the internet, also enable port 222.

To access IPcop remotely (via internet..) enter the following in your browser: https://IPADDRESS:441 Where IPADDRESS is you public IP address, or your domain name etc.

Personally, I set up an account at dyndns.org and use that for a public IP address. Its nice because its free.

So there you go, this should get your IPcop firewall going.

This article was originally posted on www.mikestechblog.com Any reproduction on any other site is prohibited and a violation of copyright laws.