Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Security Reviews

Introduction

Copfilter logo

At a Glance
Product Copfilter for IpCop
Summary Open source network traffic filtering and anti-virus add-on for IPCop
Pros • Power compilation of multiple open source tools
• Centralized anti-virus and anti-spam filtering
• Web based GUI for configuration
Cons • Requires some Linux ability to install and manage
• No content filtering

Network security is a significant issue for virtually all networks, both personal and business. As we increase our use of the Internet and network enabled devices, our private information, communication, and network devices are more and more exposed to uninvited parties.

Larger networks typically have significant investments in network security and filtering tools to protect information and control inbound and outbound communications. Fortunately, there are also solutions for small networks, ranging from software to hardware-based appliances. A few examples of hardware-based appliances include the recently reviewed Zyxel USG100, as well as the SonicWall TZ190W and D-Link DFLCPG310.

All three of these solutions integrate a physical router, firewall, and subscription-based network filtering tools. These three solutions range in price from $110-$735 to purchase the hardware, plus an additional $166-$418 in annual subscription fees.

For the technically adventurous, there are sound and "free" options that can be implemented with older computing hardware and open source software. I say "free" in quotes because although the software may be openly available, an investment in time and effort is required, which also has value.

"Free" options also generally have no warranties or support. So initiative and ingenuity are required to fully leverage and manage their capabilities. In this review, I'm going to cover one of those "free" options, Copfilter, which is an add-on to the open source firewall solution called IPCop.

One of the neat aspects of the IPCop and Copfilter solution is it centralizes traffic filtering and doesn't require software to be installed on each network client. Indeed, Copfilter could be used instead of software on individual PCs. Although an organization may prefer the enhanced security of both centralized and distributed security solutions, the reduced cost and computing overhead provided by a centralized Copfilter solution is a compelling proposition.

Copfilter filters network traffic such as email, web surfing and downloads, looking for viruses, spam and other exploits. It does not, however, provide web content filtering.

Copfilter includes an anti-virus engine called ClamAV. To scan email for viruses with two anti-virus engines, Copfilter also offers the option of adding the Linux version of F-Prot's anti-virus software. F-Prot is an anti-virus client similar to the more well-known Norton and McAfee applications. Note that the free version of F-Prot is designed for workstation based filtering, not centralized filtering as we're doing with Copfilter. To use F-Prot's server-based version, a subscription is required.

Installation

Copfilter is an add-on to IPCop, so you need IPCop up and running first. IPCop runs on standard PC components and I used a 3.2 GHz P4 CPU with 2 GB of RAM and a pair of Intel gigabit NICs. We reviewed IPCop awhile back and covered hardware, installation and uses, so I'll just focus on installing Copfilter.

Many open source solutions lack good documentation and require significant technical skill. Installing Copfilter does require some Linux knowledge, but there is a well written 46 page guide (README.pdf) available on Copfilter's website that I found very useful for installing and evaluating this tool.

The Copfilter guide is relatively user-friendly and doesn't presume advanced Linux skills. And it has directions for installing and administering Copfilter from both Linux and Windows machines. There are several Linux commands that have to be entered at the command line in IPCop, but each is listed in the guide. I was pleased to find the installation instructions worked as written.

To install Copfilter from a Windows machine, you'll need an SSH client like Putty and an SCP client like WinSCP on your Windows machine. SSH and SCP are included in many Linux distributions, so I used a Linux workstation behind my IPCop firewall to install and configure Copfilter. I found the installation boils down to 5 steps; each is pretty straightforward.

Step 1: Enable SSH and Web Proxy on IPCop
As with most other small network firewall/routers, IPCop is managed via a web based GUI. IPCop's web GUI is point and click, so enabling the SSH and Web Proxy features are a matter of clicking check boxes on a web page.

Step 2: Download Copfilter and F-Prot to a PC in IPCop's "Green" LAN
IPCop calls the network connected to its LAN interface "Green" and the network connected to its WAN interface "Red" as illustrated in Figure 1. Other interfaces can be installed in IPCop, each designated by a different color.

IpCop interfaces

Figure 1: IpCop interfaces

Installing Copfilter is typically done from a PC connected to IPCop's “Green” or LAN interface. I used the Firefox browser on a Linux workstation connected to the “Green” interface of my IPCop to download both Copfilter (filename = copfilter-0.84beta3a.tgz) and F-Prot (filename = fp-Linux-i686-ws.tar.gz).

Step 3: Copy Copfilter and F-Prot to IPCop
After downloading the files, I copied them from my Linux workstation to my IPCop machine. From a terminal session on my Linux workstation, I typed the commands below.

NOTE!Note: 192.168.188.3 is the IP address of the Green interface on my IPCop machine; your IP may be different. SCP stands for secure copy, a protocol for secure transmission of files.
scp -P 222 copfilter-0.84beta3a.tgz root@192.168.188.3:/root
scp -P 222 fp-Linux-i686-ws.tar.gz root@192.168.188.3:/root

Step 4: SSH to IPCop
I used SSH to log in to the command line of my IPCop via 192.168.188.3. SSH (secure shell) is a secure network protocol for command line access from one machine to another. It works just like Telnet, but the traffic sent between the two machines is encrypted, preventing someone from capturing and reading the data transmitted.

Note that you use port 222 instead of the standard port 22 for SSH access to IPCop, as shown below.

ssh -P 222 root@192.168.188.3

Step 5: Expand and install Copfilter and F-Prot
It took seconds for each to complete, and once done, the Copfilter menu was created in the IPCop GUI and available for configuration without a reboot, although I rebooted anyway.

cd /root
tar xzvf copfilter-0.84beta3a.tgz
cd copfilter-0.84beta3a
./install
cp /root/fp-Linux-i686-ws.tar.gz /root/copfilter/
cd /root/copfilter
./setup_util -f fp-Linux-i686-ws.tar.gz

With installation complete, the IPCop GUI shows an additional tab named Copfilter. This tab has the configuration options for the various traffic filters now incorporated into your IPCop Firewall, shown in Figure 2.

CopFilter tab
Click to enlarge image

Figure 2: CopFilter tab

Notice in Figure 2 that there are configuration menus for POP3, SMTP, HTTP, FTP, AntiSpam and AntiVirus. You have to go into each of these menus and turn on the options in order for each type of traffic filtering to be enabled. It's point and click, so it isn't a big deal, but obviously an important step.

More Stuff

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Featured Sponsors



Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

thiggins said:↑ If you are using MU-MIMO with more than one MU-MIMO device, please share your experience.Has it helped? Has it hurt? Does it make any...
Dear folksSimple task can't get it workhttps://www.askdavetaylor.com/enable-parental-controls-linksys-wi-fi-router/Tried to block internet access for ...
I have this line: server=/pandora.com/107.170.15.247in my dnsmasq.conf.add file stored in /jffs/configs/ directory and it works like it is supposed to...
Firmware Version: 384.6 (AC86U)For the past few days, the 2.4Ghz wireless band has been dropping/losing connection to the connected devices: however t...
For some reason, starting 2 days ago, I can no longer access this web page, it's the login page for the Playstation Network: https://account.sonyenter...

Don't Miss These

  • 1
  • 2
  • 3