Basic IPFire Configuration
You can now connect the RED WAN port to your modem, then hook up your GREEN port to a switch and connect all your PC’s to that (IPFire will act as a router on the GREEN interface handing out IP address leases to anything that connects, that’s why we only need a switch which simply relays data). Go to your normal PC and open your web browser, you should have full internet access (troubleshooting here) then follow the guide below or watch the slideshow further below:
- Type
https://192.168.2.1:444
into your web browser address bar and hit Enter - You’ll be presented with a Certificate Warning, click "Continue" or "Advanced > Add Exception"
- The username and password box should pop up, type admin for username, then enter the same Admin password you used when you setup IPFire
- You should now be inside the IPFire web administration interface
- Go to Network > Assign DNS-Server then enter
8.8.8.8
for Primary DNS and8.8.4.4
for Secondary DNS, click Save
- If you wish to use Intrusion Detection, you will need to sign up with a free account at Snort.org and generate an Oinkcode
- Go to Services > Intrusion Detection and check the "RED Snort" check box, choose "Sourcefire VRT rules for registered users" from drop down, then copy and paste your Oinkcode into the text field, click Save
- Once saved, click the "Download new ruleset" button (can take a few minutes)
- Go to Firewall > P2P networks and uncheck any P2P networks you don’t want enabled, then check the "Using P2P protocol is allowed" checkox
- Go to Firewall > Firewall rules and click the "Apply changes" button
- Go to IPFire > Pakfire then click the "Refresh list" button (this can take a while, if it hangs click the little refresh icon)
- Any new updates will show on the right-side select box (empty by default) click the download icon to update your system
- Go to IPFire > Pakfire and inside the "Available addons" select box, find "clamav-xx.xx" then click the plus + icon, do the same for "squidclamv-x.xx"
- Go to Status > Services and under the "add-on – Services" section confirm that clamav is RUNNING
- Go to Network > Web Proxy and set the following options:
- Enabled on Green: Yes
- Transparent on Green: Yes
- Processes: 30
- SquidClamav Enabled: Yes
- URL filter Enabled: Yes
- Update accelerator Enabled: Yes
- Log enabled: Yes
- Log query terms: Yes
- Activate cachemanager: Yes
- Memory cache size: 256
- Cache administrator email: [your email address]
- Cache administrator password: [password]
- Hard disk cache size: 5120 (ie. 5GB or amount suitable for your drive)
- Max object size: 6144 (ie. 6MB)
- Do not cache these domains: [domains you don’t want cached]
- Scroll down and click Save and Restart button
- Go to Firewall > GeoIP Block then check "Enable GeoIP based blocking" check box, choose countries, then click Save button
- Suggested countries are:
- Brazil
- Colombia
- China
- Egypt
- Ghana
- Hungary
- Iran
- Indonesia
- Latvia
- Malaysia
- Mexico
- Nigeria
- Philipines
- Romania
- Turkey
- Ukraine
- Venezuela
- South Africa
- See: Top 10 Countries Where Cyber Attacks Originate
- See: Countries with the most and least online fraud
- See: 10 High-Risk Online Fraud Countries That Stripe & PayPal Merchants Should Monitor
Summary
You should now have a fully fledged IPFire firewall protecting your network 😉 Some things to look into are using the VPN features (OpenVPN or IPSec), browsing all the available Add ons for IPFire, Static Leases, URL Filter, Dynamic DNS and QoS. So I hope this guide has helped you build your own firewall and if you have any questions or comments, leave them below or email me directly.
- IPFire
- IPFire Homepage (official)
- IPFire Wiki
- IPFire Forums
- Parts, Hardware
- Logic Supply (components)
- Mini-Box (US)
- Mini-Box (AU)
- eBay.com – Computers and Networking
- NewEgg.com
- TigerDirect.com
- MicroCenter.com
- NCIX (CA)
- Technical Reference
- Firewall at Wikipedia.org
- Comparison of Firewall Operating Systems at Wikipedia.org
- Next Generations Firewall at Wikipedia.org
- OpenVPN.net (official)
- IPSec at Wikipedia.org
- Intrusion Detection System at Wikipedia.org
- QoS (Quality of Service) at Wikipedia.org
- Mini-ITX at Wikipedia.org
Leave a Reply