|
← Revision 1 as of 2002-02-11 08:51:31 →
Size: 2035
Comment:
|
Size: 2581
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 5: | Line 5: |
| Line 6: | Line 7: |
|
* Fix auto-logout code * Fix defunct process problem (One created for each Permit/Deny) * Allowed domains exception in initialize.fw (for ptp, easystreet etc) |
* Fix auto-logout code (MichaelCodanti) * Fix defunct process problem (One created for each Permit/Deny) (SteveBeattie) * Allowed domains exception in initialize.fw (for ptp, easystreet etc) (SteveBeattie) |
| Line 10: | Line 11: |
| * Ability to logout (in captive/passive mode) |
* Ability to logout (in captive/passive mode) (NoCat) * Status page (DonPark, MichaelCodanti, and SchuylerErle) |
| Line 13: | Line 15: |
|
* Branded splash page (open and captive mode) (NodeSplashPages) * Pop up window which allows persistent branding, logout button, node info, trouble reports etc |
* Branded splash page (open and captive mode) (BillHolmstrom, LonnieWormley) * Pop up window which allows persistent branding, logout button, node info, trouble reports etc (NoCat) * Ability to display AcceptableUseAgreement (via server side include from central server?) (BillHolmstrom, LonnieWormley) * Bandwith limiting/traffic shaping (NoCat) |
| Line 17: | Line 21: |
| * Add a security notice. Explain the risks and what to do about it (and why we don't fix it). | |
| Line 18: | Line 23: |
| * Ability to display AcceptableUseAgreement (via server side include from central server?) | |
| Line 23: | Line 27: |
| * By desing, should not effect traffic on any interfaces but ones listed in nocat.conf. All other options should have a setting to either deny all or allow all. | * Should not effect traffic on any interfaces but ones listed in nocat.conf. All other options should have a setting to either deny all or allow all. |
| Line 27: | Line 31: |
|
* PAM support * http://gateway:gatewayport/status Status page |
|
| Line 31: | Line 37: |
|
* Bandwith limiting/traffic shaping * It already does this to some extent. --MichaelCodanti |
|
| Line 35: | Line 39: |
|
* connect to centralized user/node(gawd?) database |
* Connect to centralized user/node (["GAWD"]?) database. * Lots of pretty web-based administration and statistics * Log into a Jabber server and you're automatically logged into NoCat * Support remote administrative queries (via SOAP). * Separate management console to monitor/configure many remote nocat installations |
Here is the wish list of things that Personal Telco would like to see added to NoCatAuth. We're working on them as we have time, energy and inspiration.
See also: NoCatAuth, NoCatAuthTesting, NodeSplashPages
Done!
Fix auto-logout code (MichaelCodanti)
Fix defunct process problem (One created for each Permit/Deny) (SteveBeattie)
Allowed domains exception in initialize.fw (for ptp, easystreet etc) (SteveBeattie)
Capture requests directly to the gateway's IP (i.e. http://10.11.12.1/)
Ability to logout (in captive/passive mode) (NoCat)
Status page (DonPark, MichaelCodanti, and SchuylerErle)
In Progress
Branded splash page (open and captive mode) (BillHolmstrom, LonnieWormley)
Pop up window which allows persistent branding, logout button, node info, trouble reports etc (NoCat)
Ability to display AcceptableUseAgreement (via server side include from central server?) (BillHolmstrom, LonnieWormley)
Bandwith limiting/traffic shaping (NoCat)
Short Term
- Add a security notice. Explain the risks and what to do about it (and why we don't fix it).
- Move firewall rules to separate table (so nocat rules can ignore all interfaces but the ones specified in nocat.conf)
- Firewall rules to protect local networks (eg. "ghettowall")
- A way to put up a maintenance message (eg. we're working on stuff, come back later)
- Put a link to a CGI script in the popup nav window which updates the maps server with a "last accessed on xxxxx" message.
- Ability to track repeat users (business' may worry about other businesses leaching off them)
- Should not effect traffic on any interfaces but ones listed in nocat.conf. All other options should have a setting to either deny all or allow all.
- Watchdog function - a selftest every 5 mins
- Automatically determing wireless network by looking at the inside interface.
- Make sure that ingress/egress filtering is done so wireless clients can't do "bad things"
- PAM support
http://gateway:gatewayport/status Status page
Longer Term
- Don't assume NAT
- IPv6 support
- Ability to set bandwidth restrictions based on time of day
- Custom permissions/bandwidth setting on a per user basis
- Connect to centralized user/node (["GAWD"]?) database.
- Lots of pretty web-based administration and statistics
Log into a Jabber server and you're automatically logged into NoCat
- Support remote administrative queries (via SOAP).
- Separate management console to monitor/configure many remote nocat installations