IP-Cop Firewall/Gateway 0.1.1
I should start by saying for those who don't know, that IPCop is a Smoothwall fork.
A while ago, I got an e-mail from someone who had read our Smoothwall review, saying that we should review IPCop. At the time I took a look at the IPCop site and decided that it was practically Smoothwall and that reviewing it would be pointless. But now, for various reasons I think it is now worth reviewing. I don't know how other people feel about Smoothwall and the attitudes of certain people (although I've never experienced that first hand) but I personally don't like the way it's going. The adverts for commercial versions of Smoothwall plastered all over the interface were manageable, but the final straw which made me decide to look at IPCop was when an update changed one of the ads to now proclaim that Smoothwall GPL is EVALUATION SOFTWARE for the commerical version. Then I took a look at the smoothwall site and discovered the direction Smoothwall was going; away from GPL. While all the GPL stuff will still be included, other things such as the interface etc. would be non-GPL without the source being available. One reason for this according to the site is that they don't like being copied (aka, IPCop). Clearly the Smoothwall team have lost their belief in the GPL which does not make me want to keep using Smoothwall.
Anyway, enough of the politics and on with the review.
I decided to install IPCop in VMWare simply to save me the effort of sorting out a machine to test it on. The spec of the machine is an AMD 1700+ with 128 Mb of RAM allocated to VMWare - IPCop will run on significantly less spec machines such as 486s upwards.
I booted from the CD (actually ISO image mapped to an IDE CD device by VMWare) into the text-based install. There is an option of installing either from a CD or via HTTP.
The hard disk is then automatically partitioned (IPCop requires a dedicated machine) as, I believe, EXT3.
Next comes the essential network setup. The network card was automatically detected and then I was promped to configure the IP address etc.
The system is then installed (very quickly) - the system requires less than 50 Meg of hard disk space.
Then there is setups for the keymap, any ISDN devices and USB ADSL configuration.
Next are setups for the (optional) DHCP server and promps to set the passwords for the various users.
The system then reboots. Configuration must now be continued via the web interface by going to http://ipcop:81 or https://ipcop:445 (for secure connections).
You have to login using the admin password you will have been prompted to set in the previous stage to make any changes.
You need to set the "dial" user password which will allow users of IPCop to manually dial your ISP if you're not using dial on demand.
The first priority, is of course to configure you ISP account(s) and modem/ISDN/ADSL options.
You can have a maximum of 5 ISP dialup accounts in the system which you can switch between as necessary.
The long list of features of IPCop include:
- USB ADSL support
- Web proxy server
- DHCP server
- IP masquerading
- Port forwarding
- Dynamic DNS services support
- Snort intrusion detection system
- Virtual private networking
In my opinion, the best feature of IPCop is the excellent logging facilities available. Everything that happens on the box is logged and accessible via the web interface.
You can easily see which clients are currently using the Internet, which are accessing the IPCop box, who has tried to hack you machine in the firewall log, web proxy activity, suspect activity detected by the IDS as well as detailed dialup/PPP and kernel logs.
There is an update administration section to allow you to easily apply updates to your IPCop box without having to reinstall the whole system. You are informed of any available updates via the main dialup page.
I found IPCop ideal for the job. It is quick, the interface is uncomplicated and it will always be GPL.
Technically, there is little difference between the features of Smoothwall and IPCop. IPCop's best advantage is the lack of advertising and the lack of "you will buy the commercial product".
If you're trying to decide between IPCop and Smoothwall, choose IPCop. There are additional features not included in Smoothwall and the software does appear to be more up-to-date.
About a 28meg download. Get it!
Added: Tuesday, June 04, 2002
Reviewer: David Johnson
Related Link: IP-Cop