Hi Anu,
Hope this URL will help you to configure further.
www.securityfocus.com/infocus/1556
Unfortunately, the referenced article covers an outdated version of IPCOP 0.1.1. Current version is 1.4.11.
Anu2, a useful reference is the
IPCOP admin guide
.
Now to answer your questions, IPCOP will do what you want with the help of a changes to ac couple of config files and the installation of an add-on.
1. First of all, confirm that machines in the GREEN zone can access the internet without any problems.
2. You will need to add a custom rule to your /etc/rc.d/rc.local file as follows:[code:1]
#!/bin/sh
#variables defined therein
. /var/ipcop/ethernet/settings
# Flush Custom Input Rules
/sbin/iptables -F CUSTOMINPUT
/sbin/iptables -F CUSTOMFORWARD
# shorthand helper
IPT="/sbin/iptables"
#bar access for all other IPs
$IPT -A CUSTOMFORWARD -i $GREEN_DEV -o $RED_DEV -j DROP[/code:1]This blocks all direct IP access to the internet for all clients on GREEN, which forces them to use the Proxy service(Squid) on your IPCOP.
3. You will then need to enable the Proxy Service by accessing the Services/Proxy menu option, and enter the IPCOP's details in the proxy server settings on the clients' web browsers.
At this point, all your clients will have full internet access, but only through the IPCOP's Proxy service.
When you have completed the above, post back for further instructions.
