There wasn't much of a change from 1.4.20 to 1.4.21, so they didn't make
an iso. You can build the 1.4.21 iso yourself (LFS), or simply install
1.4.20 and upgrade to 1.4.21. Upgrading is a breeze, so I'd go that route.
Eric Cope wrote:
> is it just me, or is the 1.4.21 version iso of IPCop not available yet?
> http://sourceforge.net/project/showfiles.php?group_id=40604&package_id=35093
> <http://sourceforge.net/project/showfiles.php?group_id=40604&package_id=35093>
>
> Eric
>
> On Thu, Jun 4, 2009 at 3:51 PM, Eric Shubert <ejs@shubes.net
> <mailto:ejs@shubes.net>> wrote:
>
> I guess this would make IPCop is a bit geeky. It's based on LFS, and you
> can compile the whole thing if you'd like. ;) (Instructions are on the
> web site)
>
> kitepilot@kitepilot.com <mailto:kitepilot@kitepilot.com> wrote:
> >>> Any extra/unwanted packages which come in a standard distro,
> >>> but which aren't needed for a router, have been removed
> > The best (GEEKY) firewall is an LFS installation running iptables.
> > You just NEVER install "any extra/unwanted package" to begin
> with. :)
> > I understand it is not for everyone though, but I couldn't
> resist... 8)
> > ET
> >
> > PS: For the "uninitiated":
> > LFS=http://www.linuxfromscratch.org/
> >
> >
> >
> >
> > Alex Dean writes:
> >
> >> On Jun 4, 2009, at 3:24 PM, Paul Mooring wrote:
> >>
> >>> Maybe most people would disagree with me on this but I don't think
> >>> there's too many advantages to runnning IPcop over a standard linux
> >>> distro in the first place if you're only looking to use it as a
> router.
> >>> Any router or firewall distro is more or less an iptables frontend
> >>> anyhow. To do it make sure "net.ipv4.ip_forward = 1" is in /
> >>> etc/sysctl.conf and there should be an iptables rule for nat, run
> >>> iptables-save and look for a rule that says either -j SNAT
> --to- source
> >>> or -j MASQUERADE, if your existing iptables rules don't have
> that run
> >>> 'iptables -t nat -I POSTROUTING -o $EXTIF -j MASQUERADE' where
> $EXTIF is
> >>> your external interface (probably eth0 or eth1), and then you
> have a
> >>> fully functional router.
> >> If you know what you're doing, I agree there isn't any
> difference. But
> >> the set of people who might want a good firewall/router is much
> larger
> >> than the set of people who are really comfortable with
> iptables, and
> >> that's where IPCop & other distros like it fit in really well.
> >>
> >> There are other benefits besides iptables ease. Any extra/unwanted
> >> packages which come in a standard distro, but which aren't
> needed for a
> >> router, have been removed (and are therefore not exploitable).
> >> Configuring multiple interfaces for multiple networks is really
> simple.
> >> Etc...
> >>
> >> alex
>
>
> --
> -Eric 'shubes'
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> <mailto:PLUG-discuss@lists.plug.phoenix.az.us>
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
>
>
>
> --
> Eric Cope
> http://cope-et-al.com
>
--
-Eric 'shubes'
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss