Cop+ (Copplus)

"Gets the dirt others leave behind!"

Installation

Cop+ 3.1.0 addon package

is now available. Built for IPCop 1.4.21, but should work on 1.4.15 or later, including the beta ipcop 1.9.16 and later.  It is compatible with IPCop 2.0.0, but for IPCop 2.0.1 or 2.0.2 you need to replace the wget program or downloading of blacklists won't work. See the bugs page for instructions.
Download Cop+ 3.1.0 from here:
http://dl.dropbox.com/u/2756597/copplusaddon-3.1.0.tgz

Instructions for installation:
  You do not need to uninstall older versions of Cop+; just install right over them. It SHOULD keep your old dansguardian settings. You might want to save a copy of your customized whitelists and greylists etc. before installing, just in case.
Use WinSCP to copy copplusaddon-3.1.0.tgz to the root (i.e. / ) of your IPCop. The md5sum is:
f9c9f372eccafe30271871d8466bc7e6
Login as root on IPCop using putty.exe or by hooking up a keyboard and monitor. Type these commands:

cd /
tar -zxf copplusaddon-3.1.0.tgz 
/var/ipcop/copplus/copplussetup

IMPORTANT - On IPCop 1.9.x or 2.0.0 you MUST manually add a firewall rule using IPCop's GUI to allow inbound connections to IPCop port 8080 from your Green Network. (Also Blue network if you have one.)

On the Firewall - Services GUI page add a Service Name: "Dansguardian" with Protocol:TCP and Port 8080 then hit the "Add" button.
Then on the Firewall -Firewall Rules page, under "Add a new rule" click the "IPCop access " button. On that page, leave the Source and Additional sections alone. Under Destination it will say "IPCop Access", check the "Use Service" checkbox, Choose "Custom services" and select Dansguardian from the drop down list. Click the Save button

Notes on Advance proxy compatibility:

Copplus 3 can be installed before or after advance proxy. If you try to install old versions of advance proxy addon after installing copplus, you will need to remove the line in the advproxy installer program that refuses to install if copplusis there.  After you extract the advproxy tarball according to Marco's instructions, these commands will remove the offending line and install advanced proxy. (This is NOT necessary for Advanced Proxy 3.0.6.)

sed -i '/copplus/d' ipcop-advproxy/install
cd ipcop-advproxy
./install

IMPORTANT - After installing any version of Advanced Proxy you need to rerun the copplus setup program:

/var/ipcop/copplus/copplussetup

The go to the advanced proxy GUI page and hit the "Save and Restart" button.
If you don't run copplussetup and do the save-restart of advproxy, it will work, but you won't get the user's IP numbers in the proxy logs. Neither will any IP based access controls in advanced proxy work!
The copplussetup program reconfigures everything necessary. Please IGNORE the instructions about configuring dansguardian and privoxy in the "Advanced Proxy Administrator's Guide."

Enabling ident with Advanced Proxy or IPCop 2.0.x

If you want to use ident to get usernames in the dansguardian logs (or put people in filter groups) you need to enable ident in the Content-filter advanced configuration GUI page, and NOT in the Advanced Proxy GUI page (or the Services - Proxy page in 2.0). I don't think it's possible to get names in both the squid logs and the Dansguardian logs using ident. Ident no longer works correctly in transparent proxy mode. (Some images etc. will be missing.) You'll need to disable Transparent proxy in IPCop and set all your web browsers to use a proxy server on port 8080 of IPCop's green IP number. (Yes, this stinks and no, it's not my fault and there doesn't seem to be a way around this design limitation.)

Uninstalling Cop+ 3.x

Logon to the console as root and run:

/var/ipcop/copplus/Copplus-uninstall