With the URLfilter addon installed, an IPcop firewall can be turned into a free content-filtering web gateway perfect for a church, non-profit organization or home office. Access to inappropriate sites whether they be pornagraphic or just not work-related will be denied automatically at the firewall. Both IPcop and URLfilter are free to download and use.

Why IPcop?
IPcop differs from most internet routers and firewalls because it has proxy software built-in. At first glance, a proxy server doesn’t do anything more than a standard router. Both will allow multiple computers inside the network to access websites on the internet, but a proxy servers looks at the actual web address in order to get a web page. For example, a standard router will recognize that a computer is visiting a website out on the internet whereas a proxy server understands that a computer is visiting www.MSN.com/music or www.msn.com/jobs. By looking at the full web address, IPcop can create internet access logs accurate down to the actual web page that was visited. IPcop and other free firewalls are compared in this article.
Another handy trick that IPcop can do is proxy web traffic transparently. Most proxy servers require users to make configuration changes to Internet Explorer or Firefox to use them, but that is not the case with IPcop. Web traffic can be proxied, logged and filtered without any configuration at the workstation and most users will never know that their web traffic is being analyzed. If a network administrator is just interested in keeping a detailed web access log, then IPcop can do that by? default. URL Filter adds the filtering capability.
Why URL filter?
URL filter (Short for Universal Resource Locater Filter) just adds a module to IPcop that helps it make decisions on whether to process a computer request for a web page. It makes decisions two ways. It keeps a list of known unacceptable websites and blocks those and it keeps a list of bad words and blocks anything with one of those bad words in the name. URL filter can be configured to download new lists of bad words and sites automatically.


URL Filter requires IPcop be installed and running first. The IPcop website has very detailed instructions on installation and configuration. The install process for IPcop only takes about 15 minutes and almost any old computer can be used because the system requirements are so low. (Should be in above paragraph?)
Installing URL filter
First, verify that SSH access is enabled on the IPcop firewall by going to the System Menu, selecting SSH access and enabling SSH access. Next, download the URLfilter installer to your computer and upload it to the IPcop firewall via SCP (secure copy). WinSCP is a simple and free SCP utility to upload the file. Remember that IPcop uses port 222 for SSH rather than the standard 22.
Log into the IPcop with an SSH client like Putty or log directly into the firewall at the keyboard. Use the root user id and password that was specified in the IPcop install process rather than the admin user that is used for the web administration page. Enter the following commands:
root@ipcop:~ #tar -xvf ipcop-urlfilter-1.9.1.tar.gz
root@ipcop:~ # cd ipcop-urlfilter
root@ipcop:~ # ./install
The URL filter will scroll through the installation steps on the console and verify that installation was successful.
Enable the web proxy
After answering yes to the installer script, URLfilter should be installed and accessible through the web administration page, although it will not be actively filtering web access yet. First activate URLFilter by going to the Services menu, selecting Proxy server and checking the following options:
Enabled on Green: This turns on the web proxy
Transparent on Green: This silently redirects web traffic to be processed by the web proxy
Log Enabled: Creates a log of all web usage, even what is not blocked.
Configure URL Filter
Next, go to the URL filter administrative web page, by clicking on the Services Menu again and selecting URL Filter. Remember, IPcop’s administration page is on port 445 (https://IpcopIPAddress:445.) URL filter is highly configurable with many options, but its simple web filter is easy to setup. Simply click the block categories that you want blocked. URL Filter will come with a small block list by default that it out of date. To update the filter list, scroll down to Automatic blacklist update and select how often the blacklist is updated and an update source. Weekly updates are fine for most applications. All four of the blacklist update sources in the dropdown menu are free. A commercial blacklist is available for a fee from URLblacklist.
Using larger blacklists like Shalia and University of Toulouse will increase the number of filter categories to choose from. After clicking update now, it can take up to two hours to download and prepare the blacklist for use, depending on your internet connection speed and how fast the firewall is. When the firewall is finished, it will display a last successful update message in the Automatic blacklist update section. The web administration page will probably time out before the list is finished.

Key Advanced Settings
After you have updated the blacklist and selected categories to block, there are a few options that most people want to add.
Under Block page settings
Show category on block page: When a page is blocked, this will show the user what web filter category had an entry that caused the site to be blocked. Useful for troubleshooting.
Show URL on block page: This will show the actual web address that triggered the web filter.
Under Advanced Settings
Block “ads” with empty window: If the ads category is selected, this will replaced the ad with a blank picture rather than the typical (what?)
Enable SafeSearch: This feature forces the SafeSearch option (what is this option?) on web searches at Google, Yahoo and other search engines. Even if the user de-selects the option, it will not be passed to the search engine. Viewing cached content from a search engine is a simple way of bypassing web filters.
Enable expression lists: This allows URL filter to block content based on a list of bad words in addition to its list of known bad sites.
Block sites accessed by an IP address: Almost no legitimate web sites are addressed by their IP address. This is another way of bypassing web filter and blocks users from typing something like http://10.105.4.5 into their web browser
Enable Log: This creates a record of all websites blocked by the filter and the IP address of the computer that requested the website.
After URL filter has been downloaded, has compiled a blacklist and has been configured with the desired options, web filtering can be enabled globally by checking the Enabled box under URL filter at the bottom of the Proxy page under the Services menu.
A more detailed explanation of the URL filter settings are available at the URL filter FAQ.
Tweaking URL Filter
Anytime the web is filtered, it is possible to get false positives and have a website blocked that should not be. Most of the blacklists are not created by hand, they are created by robot programs that crawl the internet and record sites with objectionable material much like Yahoo or Google crawls the internet to create their search indexes. To remove a site or web address from blacklist, go back to the URL filter web administration page under the Services menu and add the site to the Custom Whitelist section. If you want to allow the entire website (www.mydomain.com), add the site to the allowed domains section. If you want to just allow access to a page (www.mydomain.com/myFavoritePage), then add the address to the allowed URL sections.
With URL filter and IPcop, your firewall will automatically block inappropriate websites and log all internet usage.

Related posts:

  1. Upgrade to an Open Source FirewallFirewall companies have a little secret that they do not...
  2. Cisco sets End of Sale for PIX FirewallCisco announced the End of Life for the PIX firewall...
  3. Configure Policy-based routing with Route-Map StatementsRoute-maps allow to you deal with traffic on your router...
  4. Password Recovery on a Sidewinder G2 Firewall (How-to)I recently had to go in and recent the password...
  5. The Value of Open Source FirewallsI found this article on Associated Content that describes several...

Related posts brought to you by Yet Another Related Posts Plugin.