[fw-wiz] IPCop addon problem (Copfilter)

From: Roger E. Rustad, Jr. (scubacuda_at_iname.com)
Date: 04/09/05

  • Next message: Adam Shostack: "Re: [fw-wiz] Biometrics"
    To: firewall-wizards@honor.icsalabs.com
    Date: Sat, 09 Apr 2005 14:32:22 -0700
    
    

    I'm having problems with IPCop addons, particularly Copfilter.

    My friend owns a small cybercafe, and I'm helping him put in a better
    firewall than the Cayman PoS his DSL company gave him. He doesn't much
    about Cisco or *nix, so I suggested that he use IPCop or m0n0wall as an
    easy way of tightening up his network security (particularly because he
    has lots of spare PCs lying around).

    Last night, I gave IPCop a go here at my house. For those unfamiliar
    with IPCop, It's incredibly easy to install and use -- simply download
    and burn the ISO, boot to the cd, answer a few questions about your
    network setup, and voila. From the "green" (e.g. LAN) side, you can open
    up the browswer and hit http://ipAddress:81 and manage everything in
    much the same way you might if you had, say, a Linksys-like firewall.
    If, for whatever reason, it's not network accessible, you can console in
    and type in ./setup to go through the installation menu again. Very cool
    for newbies who might be intimidated by *nix or Cisco's command line.

    I ran into problems as soon as I started goofing around with addons,
    particularly CopFilter. http://members.inode.at/m.madlener/ipcop/

    It was cake to install (used winspc3 to u/l the tar.gz file, untarred,
    then ran ./install.sh). After the installation, I could no longer hit
    http://ipAddress:81 with my browser. I googled and found a forum that
    (supposedly) deals with this bug. Even after doing everything
    (http://tinyurl.com/6e49u), it still doesn't *completely* work. While I
    can hit it with my browser, all the services (e.g. spamd) aren't
    properly starting when I boot.

    My questions to the fw-wizards list:

    A) If anyone has dealt with this, please let me know. If not, that's
    cool -- I'll hit their board. Unfortunately, their documentation is very
    poor.
    B) More importantly, does anyone have an incredibly easy way to filter
    incoming traffic (http/pop/smtp) for virii/trojans/worms? Preferably
    something on the same box and manageable by GUI.

    Roger
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Adam Shostack: "Re: [fw-wiz] Biometrics"

    Relevant Pages