Skip to main content

IPCop Linux Firewall

Closing Thoughts

IPCop has a few other useful features that we'd be remiss if we didn't at least let you know about them. It includes the Snort intrusion detection system, which can be set to monitor each interface for known data traffic signatures of suspicious activity. (You can read more about Snort here.)

There are also bandwidth management ("Traffic shaping") features courtesy of the built-in WonderShaper package. Traffic shaping makes the most out of the upstream and downstream bandwidth doled out by your ISP by allowing you to assign high, medium and low priorities to specific web services (ports). Wondershaper then takes it from there and manages traffic through the network interfaces to keep everything moving along according to the priorities you set.

Finally, IPCop includes a built-in IPsec VPN server that can handle both Net-to-Net (such as between two IPCops or an IPCop and commercial IPsec gateway) and Host-to-Net (between a single machine running an IPsec client and the IPCop) tunnels. The IPsec server can handle pre-shared key/password/pass phrase or X.509 certificate authentication methods, but the VPN section of the Support section to get a successful tunnel set up.

So if you're thinking of going down the DIY router path, you have many distros to choose from. IPCop's easy installation, extensive feature set and nicely-designed user interface should put it on your selection short list.