Here is the wish list of things that Personal Telco would like to see added to NoCatAuth. We're working on them as we have time, energy and inspiration.
See also: NoCatAuth, NoCatAuthTesting, NodeSplashPages
Done!
Fix auto-logout code (MichaelCodanti)
Fix defunct process problem (One created for each Permit/Deny) (SteveBeattie)
Allowed domains exception in initialize.fw (for ptp, easystreet etc) (SteveBeattie)
Capture requests directly to the gateway's IP (i.e. http://10.11.12.1/)
Ability to logout (in captive/passive mode) (NoCat)
Status page (DonPark, MichaelCodanti, and SchuylerErle)
http://gateway:gatewayport/status status page (see NodeStatusPage)
Branded splash page (open and captive mode) (BillHolmstrom, LonnieWormley, AndrewWoods)
Ability to display AcceptableUseAgreement
- A way to put up a maintenance message (eg. we're working on stuff, come back later)
- Move firewall rules to separate table (so nocat rules can ignore all interfaces but the ones specified in nocat.conf)
- PAM support
- Automatically determine wireless network by looking at the inside interface.
In Progress
Ability to display AcceptableUseAgreement via server side include from central server
Pop up window which allows persistent branding, logout button, node info, trouble reports etc (NoCat)
Bandwith limiting/traffic shaping (NoCat)
Short Term
- Add a security notice. Explain the risks and what to do about it (and why we don't fix it).
- Firewall rules to protect local networks (eg. "ghettowall")
- Put a link to a CGI script in the popup nav window which updates the maps server with a "last accessed on xxxxx" message.
- Ability to track repeat users (business' may worry about other businesses leaching off them)
- Should not effect traffic on any interfaces but ones listed in nocat.conf. All other options should have a setting to either deny all or allow all.
- Watchdog function - a selftest every 5 mins
- Make sure that ingress/egress filtering is done so wireless clients can't do "bad things"
Longer Term
- Don't assume NAT
- IPv6 support
- Ability to set bandwidth restrictions based on time of day
- Custom permissions/bandwidth setting on a per user basis
Connect to centralized user/node (GAWD?) database.
- Lots of pretty web-based administration and statistics
Log into a Jabber server and you're automatically logged into NoCat
- Support remote administrative queries (via SOAP).
- Separate management console to monitor/configure many remote nocat installations