This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new!


Posted by: Administrator on October 15, 2004 01:08 AM
I'll second this. Though it does have some limitations (primarily that outbound connections always come from the same public IP address regardless which internal IP address is used, and that NAT is required), IPCop is VERY easy to install and administer. VPN connections (at least with other IPCop machines) are a snap using Openswan, and plenty of 3rd party addons are available. And it can probably run on hardware you have laying in a closet somewhere.

Also, for the (few) cases I've found where IPCop isn't appropriate, <A HREF="" title="">Firewall Builder </a> provides an X-Windows based easy-to-use frontend for manipulating iptables (or ipfilter, or Cisco Pix, or OpenBSD ipf) rules, which is extremely flexible and powerful.


Return to A Linux firewall primer