Introduction
IPCop Linux Firewall | |
---|---|
Summary | Linux firewall with Web GUI and built-in traffic shaping and IPsec VPN. Can support up to four network interfaces |
Update | None |
Pros | • Up to four network interfaces
• Includes Traffic Shaping and IPsec VPN • Free |
Cons | • Incomplete documentation on more advanced features |
Got an old Pentium 90 kicking around somewhere and a hankering to learn more about an Internet router than plugging it in? Building your own router using that old clunker is a good way to both peek under the hood of a piece of gear essential to most 'net-connected households today. And having it be Linux-based will get your feet wet with an operating system that continues to make inroads against the beast from Redmond.
There are many Linux-based router / firewalls available, and we've previously looked at m0n0wall , Smoothwall Express, LEAF-Bering uClibc and ClarkConnect. This time, we'll focus on IPCop, whose tagline is "The bad packets stop here".
Hardware Requirements
According to the manual, IPCop's minimum requirements are a motherboard with a 386 processor, 32MB of RAM and a 300MB hard drive. However, we recommend using faster hardware for a router that can handle bandwidths of up to 6 Mbps. A Pentium-class processor with 256MB of RAM should do quite well, and with a 20 GB hard drive it can pull double-duty as an efficient proxy cache.
Trying to use hardware that is too modern can actually be problematic. For example, IPCop's support for the PCI Express architecture is still in its beginning stages, which may lead to issues with certain onboard LAN components. But NICs that use a conventional PCI connection, such as the Intel PRO-1000, shouldn't pose any problems.
Figure 1: The Hardware - Pentium 75 Socket 7 system
IPCop's standard configuration requires at least one network adapter. Even cheaper Ethernet adapters of the 100MBit/s variety are easily up to the task, and shouldn't cost more than about $5 apiece. Cards based on Realtek's 8139 chip are a safe bet for this purpose, as the chip's widespread use guarantees equally widespread support. If you want to be completely certain that your network card is supported, check out IPCop's Hardware Compatibility List (HCL).
Due to a lack of driver support, using the IPCop router as a wireless access point is rather difficult at the moment, and requires a great deal of manual configuration. Therefore, our current recommendation for using IPCop within a WLAN is to use a conventional network card and attach it to a WLAN access point. Such solutions already exist for PRISM chipsets. The Host AP-Project offers more information on how to do this.