Chapter 3. Deploying IPCop and Designing a Network
Now that we understand what IPCop is capable of as a firewall unconnected to any other system, we need to start considering how it does connect to them, and what are the implications for us. As you must now be realizing, the scope for deploying IPCop is quite varied, and especially in conjunction with a knowledge of Linux and the flexibility of open-source software, the number of possible permutations of even one IPCop box are fairly limitless! That said, there is a core of functionality used by the majority of networks, and among all of those permutations, there are a few core network layouts that will probably be common among the majority of IPCop deployments.
What we will try to do here, therefore, is outline a few common methods of deploying IPCop and the motivation behind these topologies, depending on which IPCop components we want to deploy.
Trust Relationships between the Interfaces
As we now understand, the four types of network interface...