[isf-wifidog] FirewallRuleSets & User Classes

[Scott Tully]

> > > The idea was to have the gateway download firewall rules from the gateway at
> > > startup, and use the ones in the config file as an override.
> >
> > I don't understand.
> 
>        See my previous reply on this thread covering the arbitrary
> config file download bit. A bit of history is in order:
> 
>        One of the ISF partner is called Teliphone, they provide VoIP
> services and sell WiFi VoIP handsets. As part of an agreement between
> them, they give us one (or is it two?) phone(s) plus a certain amount
> of money in addition to help getting hotspots and in exchange, we let
> their phones work transparently at our hotspots as well as provide
> logistical support for them. That is, we'd handle any hot spots they
> settle as part of the ISF network. There's a bit more to it, but that's
> the basics.
> 
>        Now, we needed to have the gateway customize the firewall rules
> so that their phone woudl work without authentication. Part one of that
> was the current firewall rule code that let us define arbitrary rules
> without recompiling everything. This was the thing that tipped us over
> into version 1.1.0.
> 
>        The other part was having the gateways download configuration
> from the central server. I never got around to that part (the firewall
> rule code was mostly hashed out during two of our bi-monthly meetings.)
> 
> Alex
> 

Thank you for you explanation Alex. I suppose we will give and take
what we need from each other.  As far as coding is concerned, i can
see that i will probably be taking more than giving, but i'll offer
back to you whatever i have.   I may have something to offer as far as
experience in what hotspot operators want and maybe some interface
design, but mostly i will just help share the burden of getting it
done :-)

I have a nasty head cold, so you may not hear from me much today...