Now the family has a computer and connected to the Internet is not a minority, even many families have more than one computer. However, due to the complexity of the Internet, most users may have been affected by virus intrusion, hacker attacks and unknown scanning and other security factors, if there is a hardware firewall to use the hand, it will be greatly convenient. But now the market hardware firewall products are often to thousands of yuan, for the average family is really not cost-effective. In fact, as long as there is a previous elimination can use the old machine, and then install the Linux based free firewall products can achieve this goal, for users, the cost of the costs can be negligible.
There are many Linux-based router/firewall software available, such as M0n0wall, Smoothwall Express, leaf-bering uclibc and ClarkConnect, and so on, this time, we turn our eyes to the so-called " Let the bad packet end of the IPCOP, mainly to introduce how to install a IPCOP hardware firewall.
Prepare the hardware platform
According to the IPCOP user's manual, the minimum hardware requirement for this software is a "vintage" machine with 386 processors, 32MB of RAM, and a 300MB size-capacity hard drive. However, from the operating speed and stability of the system, the author is recommended to use faster hardware. A Pentium (Pentium) family of processors plus 256MB of RAM should be able to perform fairly well, and using a 20GB sized hard disk can also be used as an efficient proxy caching machine. It's not that the latest, best-configured hardware can perform well, the use of the latest hardware platform may cause some problems, mainly IPCOP new hardware product support is not perfect, for example, the PCI Express technology support is only just beginning, far from completion and maturity.
IPCOP standard configuration requires at least one network card support, no network card router We also called the Router? We have chosen the network card based on the Realtek 8139 series chip, because a very wide range of applications is actually equivalent to ensure that it can be more extensive drive support. In the author's introduction to the example, the use of two network cards, which with our use of a Soho broadband router to share ADSL or cable modem Internet network structure is the same (as shown in Figure 1). In the network we use, a network card (the first network card) is connected to the end of the home network on the switch (indicated by a green connector), and its other network card (the second network card) is directly connected to an ADSL or cable modem (with a red connector line). In fact, an ISDN card or a traditional analog modem card can also be used to replace its second NIC, and we can add more network cards to meet more complex requirements.
Hardware requirements for IPCOP routers
cpu/Motherboard |
Intel or AMD's Cpu,pentium series or higher, with a minimum rate of MHz (socket 7, Socket 370, socket a, etc.) |
Memory |
256 MB SDRAM or Ddr-sdram |
Hard disk |
20-40 GB is used in proxy mode to cache Web sites |
Card |
Two pieces of 10/100 mbit/s network card |
Graphics |
A random piece of 2MB memory card, do not need 3D acceleration function, as long as it can be installed on the line |
Drive |
Any kind of CD-ROM drive, as long as you can use |
Keyboard |
Any kind of keyboard. |
Installing software Systems
IPCop is based on the Linux system, the operating system itself and its source code are freely available, as long as the GPL license agreement, the download address is http://www.ipcop.org/, the format is an ISO CD-ROM image file, small size, only MB, You can use it to burn a bootable disc, and the image file can be restored to a partition to install. In our installation, the computer acting as a router is installing the entire system from an optical drive and from the CD.
After the CD-ROM is installed as the first boot device in the motherboard BIOS setup, the settings are saved and the computer restarts, and we can see the Isolinux boot loader. It is important to note that if this installation process goes on, you will delete all the data on your hard drive, so please be careful that you must back up the vital data before you install it.
Pressing the ENTER key will load the Linux kernel. Note that you can also use the other two parameters "Nousb" and "Nopcmcia" in this place, which are essentially the USB and PCMCIA interface features on the screen board. In general, an ordinary router does not need these two interfaces at all.
When the operating system's kernel finishes loading, the first step in the installation process is to select the language version of the installation interface, where there are several different languages available, but it seems that there is no Chinese option, so let's choose English.
Next, the installer asks us which storage media media we want to install from, with CDROM and http/ftp to choose from. If you are booting a system from a floppy drive, then you can choose the HHTP/FTP mode and we will choose CDROM this option. Then, although we have put the installation CD in the CD drive, but the installer will be prompted to insert an installation CD, be sure to confirm the line.
When the installer has partitioned and formatted the hard drive, the real installation begins, and the whole thing does not need to interact with the user, all automatically, such as the system checking the hard drive used, partitioning it, and then using the appropriate file system to format the new partition. Unlike other operating system installations, the installer frequently requests questions about the installation, such as what is the capacity size of the swap partition. And we do not have to understand its data partition is using ReiserFS or EXT3 partition format.
If you have previously installed such a system, and the relevant configuration information is saved to a floppy disk, the installation can be achieved directly import all the configuration information, and skip the remaining configuration process, which may save users a lot of time. Just select the "Restore" button on the screen shown in Figure 3, and then let the installer do the rest of the work. Since we are installing the new system this time, no configuration information is available, so we can only choose the "Skip" button. The installation of the system is complete and the next step is to set up the IPCop.