Book Image

Configuring IPCop Firewalls: Closing Borders with Open Source

Book Image

Configuring IPCop Firewalls: Closing Borders with Open Source

Overview of this book

IPCop is a powerful, open source, Linux based firewall distribution for primarily Small Office Or Home (SOHO) networks, although it can be used in larger networks. It provides most of the features that you would expect a modern firewall to have, and what is most important is that it sets this all up for you in a highly automated and simplified way. This book is an easy introduction to this popular application. After introducing and explaining the foundations of firewalling and networking and why they're important, the book moves on to cover using IPCop, from installing it, through configuring it, to more advanced features, such as configuring IPCop to work as an IDS, VPN and using it for bandwidth management. While providing necessary theoretical background, the book takes a practical approach, presenting sample configurations for home users, small businesses, and large businesses. The book contains plenty of illustrative examples.
Table of Contents (16 chapters)
Configuring IPCop Firewalls
Credits
About the Authors
About the Reviewers
Preface
7
Virtual Private Networks
11
IPCop Support

Network Status


The information contained on the Network Status screen is frequently very useful in troubleshooting networking issues.

The first tool we are given is a colorized version of the output from the ifconfig command, with the network interfaces on the system being given the colors that IPCop uses to refer to them. Quite often when the IPCop host is attached to a network such as a Cable or ADSL connection that allocates configuration information via DHCP, this can be useful for verifying whether a loss of connectivity is related to the IPCop host or if there is a network outage with the service provider. Since we can see the number of errors and dropped packets, this can frequently be useful in troubleshooting other networking issues too.

The lo interface represents the Local Loopback adapter, with the address of 127.0.0.1, and should always be present. On this system, the Red interface is inactive, but on a fully populated IPCop system, we could see up to five interfaces here...