CONFIGURE THE FILTER ON IPCOP DEVICES
You can activate the content filter on any IPCOP devices by following these steps:
If you haven’t registered yet, you can do it now for free here: Click here to register.
Connect to the dashboard by entering the IP address in your browser. NB: you have to write the address as follows: https://IPAddress:8443.
Then insert your credentials to log in.
First of all, you need to change the DNS of your device. To do that, click on the [System] menu and open the [SSH Access] submenu.
Check on the SSH Access tab and click on [Save] to apply the changes.
You can use the software Putty (Click here to download the software.) to access the console using the SSH protocol.
Then open the software Putty and type in the IP of your IPCOP in the field and 8022 in the Port field.
Then click on [Open].
Now use your root user credentials and enter the command setup. Then push the enter key on your keyboard and a Wizard page will be appear.
Select the Networking item, then click on [Select].
Choose the DNS and Gateway settings item and click on [Select].
Insert the address 18.104.22.168 as the primary DNS and 22.214.171.124 as the seconday DNS.
Click the [Ok] button and wait for the network’s reconfiguration to be completed.
You can now close Putty.
NB: you can check if the DNS has been properly modified by clicking on the [Status] button, in the IPCOP web panel, and then by opening the [Network Status] submenu. Search for the Red DNS configuration item and check if the DNS is correct.
Now you need to configure your IPCOP so you can authenticate it with our servers.
To do that, open the [Services] menu and then the [Dynamic DNS] submenu.
Select the dyndns.org item as Service. IMPORTANT: You do not have to register with the dyndns.org service: it works anyway because the servers redirect the request to themselves.
Then click on the [Add] button to configure the service.
Configure the Dynamic DNS service as follows:
– Enabled: Check the item.
– Hostname: Enter a name of your choice.
– Domain: Insert a domain name. For example, domain.com.
– Username: Insert the filter’s email/username. NB: you don’t have to enter the username for the Dyndns.org service.
– Password: Insert the filter’s password. NB: you don’t have to enter the password for the Dyndns.org service
– Finally, click on the [Update] button to save.
You can enable and configure the DHCP server to distribute the filter ‘s DNSs to the devices within your network.
To do that, open the [DHCP Server] submenu of the [Services] menu, and fill in the following fields:
– Enabled: Check the item to enable the service.
– Start address: Insert the first IP of the DHCP range.
– End address: Insert the last IP of the range.
– Default lease time (mins): Choose the DHCP lease time (in minutes).
– Primary DNS: Insert the filter’s primary DNS: 126.96.36.199.
– Secondary DNS: Insert the filter’s secondary DNS: 188.8.131.52.
– Click on [Save] to apply the configuration.
Alternatively, you can manually change the DNS of the devices that you want to filter.
OPTIONAL: DENY DNS CHANGES BY USERS
You can enforce security by preventing users from changing the DNS. To do this, you can proceed in the following way:
Click on the [Firewall] menu and open the [Firewall rules] submenu.
Now you need to create rules to block all traffic on port 53 (DNS Service), TCP and UDP, except on the filter’s DNS servers. Click on [Outgoing Traffic] to create a new rule.
See the image below to understand how to create the rules.
NB: Type 184.108.40.206 in the field Destination IP or Net:.
Click then on [Save] to add the rule.
Create another rule, similar to the previous one, except for the field Destination IP or Net:, which must be 220.127.116.11.
Finally, you need to create a rule which blocks all traffic on port 53 (DNS), TCP and UDP. See the image below to understand how to fill in the different fields: