[isf-wifidog] Future Idea Dump
Ian White
ian.white at datamile-computers.com
Lun 15 Mai 04:40:15 EDT 2006
Hi,
I noticed that some of these are in the feature list, but I thought I
just list some of my experiences. I've been running a locustworld
community mesh for the last 4 years, and played around with publicip
LW uses nocat, and some hacks for whitelists, and walled gardens, and
I've written a mesh monitoring tool that is a packet sniffer that logs
bytes in/out by port/user/destination ( meshtrak.com ) .
wifidog is way better than nocat due to its two way communication, and
heartbeating etc.
Thoughts
1) Separate out wifidog and auth server and publish messaging
protocols. I think this will give people the option of developing
their our auth-servers/content servers etc, and allow a shared wifidog
distribution.
2) User Mac. Is this sent with the login/auth requests ? It would be
handy to have it passed to the auth server
3) Login options. LW has various options and control levels given the
possible parameters of user+pass+mac.
a) Splash only - no login, just terms
b) User+pass
c) mac only - whitelist, auto login (staff perhaps)
d) user+pass+mac (locked down) - admin user
4) User realm/dimension. A gateway is a node, and belongs to a
network. A user belongs to a network, but a network can be affiliate
with other networks to allow user account sharing. Makes the admin
reporting more complex, but may increase take up with business. i.e.
coffee shop is a node, coffee chain is a network, it may affiliate
with book shop chain network.
5) Walled garden.
Users are allowed to visit without logging. Means user traffic is not
logged (no connection id), but allows a network to give user access to
its own sites etc without login.
LW does this with a 15 minute cron job that sets up the walled list as
IP chain.
6) Throttle.
While you can build a real complex system, the actual requirement is
throttle heavy users, or the whole system when its under load. A
secondary pitch is for community meshes where business hosts nodes and
throttle access during the day and then open it up when they don't use
it.
In reality I think you only need three bands high,med,low , and then
assign a user to one of them. LW gets the band during login, but with
wifidog, you could use it a part of the auth update to reallocate a
user to a new band. If you wanted to get really techie, then the auth
server could auto manage it.
7) Tickets.
Public ip sets up tick users with time limits or download limits, you
should be able to monitor this, and use the auth server to remove the
user.
8) MyStatus/Messaging.
PublicIp does use windows messaging to sent time left/node messages to
the user, but this relies on the user having windows.
If would be nice if with a DNS redirect the user types
http://wifistatus/ , and gets their stats, login times, node closure
time. I can't think of any other way of informing a user when they are
going to be kicked off due to node opening hours etc.
Ian
More information about the WiFiDog
mailing list