1.3. Overview

You will be installing an operating system on the IPCop PC. It is a Linux based operating system, but it is not meant to be a general-purpose system. The firewall design attempts to eliminate as many features from the system as possible. The central idea is that the more code that runs on the firewall, the more places there are that are vulnerable to attacks. Do not expect facilities like sendmail or FTP daemons to be present. These are not needed on a firewall and may contain holes that are known to malicious users.

Although these instructions will appear to be long and often detailed, take heart. Once you have figured out what you want to do and have obtained your current configuration parameters, installing IPCop will take as little as fifteen minutes.

You will have to boot from an installation media (cdrom, floppy, USB key) or from the network with PXE boot. Boot from cdrom may not be supported by old machines (should work after first Pentium I). Boot from network depend if an installed netcard is shipped with a boot ROM. Boot from USB key need a BIOS capable of booting from USB device (typically motherboard with Pentium IV, Athlon XP 2600 or better). Use boot from floppy only as a last resort and none of the previous methods work. If you have a CD burner, you will probably want to create a bootable CD from the ISO file using ipcop-2.0.0-install-cd-i486.iso. If your BIOS is recent and support to boot from USB key, you would have the option to install from an USB key formatted as a superfloppy (ipcop-2.0.0-install-usb-fdd-i486.img.gz) or as a hard disk (ipcop-2.0.0-install-usb-hdd-i486.img.gz). If you cannot burn a CD, you could have to place files from the ISO image on a web or FTP server. If the IPCop PC cannot boot from CD, you will have to create a bootable floppy using files on images directory or try PXE boot.

Architecture variations

IPCop 2.0.0 supports multiple architectures to which limitations may apply (for example boot from USB key). Please refer to the manual sections for specifics.