Key Pages: [ Rope Home Page | Basics (tutorial) | Language Reference | Download ]

IpTables Rope Add-In For IPCop 1.4.6

The Iptables Rope module extends the capabilities of IPCop by allowing complex packet-matching rules to be added to the system easily. Users can deploy one of the packet matching rules supplied with the software, or develop their own "match modules" without having to write linux kernel code in C. Instead: a simple scripting language can be used.

You dont need to compile any code at all in order to install the Rope module into IPCop 1.4.6. The Rope software comes bundled with a pre-build binary version suitable for that platform.

See the Basics page for an overview of the capabilities of the Rope language.

The P2PWall project has developed the Rope module for Iptables (and hence: IPCop) to provide the next generation of it's P2P controlling logic. Currently, sample logic is provided with the base Rope distribution to identify and control...

More packet match rules are being developed and will be available on the Rope home page (Rope) in due course.

License And Disclaimer

The Rope module is freely available for use under GPL license. Please read it carefully since there are some important restrictions about what is and is not permitted; particularly in terms of re-distribution.

Also note that the Rope software is UNSUPPORTED. Which means that you are welcome to use it for free, but if it "breaks" for you, the author (or his employer, ISP or any other related party) cannot be held responsible for any damage or costs caused directly or indirectly by it.

Adding The Add-in

The Rope add-in should be installed in IPCop version 1.4.6 only (pre-built versions for other versions will be produced in due course).

Please note; support for multi-CPU IPCop systems has not yet been provided. The Rope module will only work on single-CPU systems (although it shouldn't "break" a multi-CPU one because the module for the relevant version of linux is simply missing).

• Download and un-pack the Rope software from the Download page. Be sure to take the 20050724 version, or a later one.
• Ensure that SSH support is enabled (turned on) on your IPCop.
• Copy the file "rope-ipcop-1.4.6.tgz" into the /tmp directory of your IPCop 1.4.6 system. If you are using linux or some other system with the "scp" utility, you can use the command..

scp -o port=222 rope-ipcop-1.4.6.tgz root@GREEN_IP_ADDRESS:/tmp

• Login in to your IPCop as root using ssh (port 222)
• Type the following commands at the IPCop shell (ssh) prompt..

cd /
tar xvfz /tmp/rope-ipcop-1.4.6.tgz
depmod -ae

Check that none of the commands displays an error. In particular, the "depmod" command should return no messages at all (but be patient - it can take a few minutes to run).

Now, please consider supportting the project financially using any of these methods..

• Adding a link to the Rope project page on your site.
• Making a financial contribution (via PayPal using your credit card or your own PayPal account [if you have one]).
• Shopping at Amazon.com through the links in the box on this page (or: AmazonCom).
• Visiting this page for details of other possibilities.

That's all there is to it. The Rope module is now installed and ready to use. The four scripts mentioned in the table above are pre-compiled and installed already. All you have to do is add the commands to add Rope rules. The best place to add these is to /etc/rc.d/rc.local. And generally speaking, the best chain to add them to (if you are interested in restricting out-going access to P2P applications) is the CUSTOMFORWARD chain.

Lowth.com: [ Home | Rope | P2PWall | LinWiz | cutter | Protector - Free Antivirus software | TapeIO ]