-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathTODO
61 lines (34 loc) · 1.66 KB
/
TODO
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
=== On Fire
* User mgmt tools, including admin interface & "Forgot my password" mailer.
* ipchains support is b0rked
* Easy MAC white/blacklisting in nocat.conf
* HTTPS requests crash the gateway hard??
=== Implemented but in need of testing:
* "Connect-Forward" gateway mode for firewalled gateways (require HTTPS on g/w)
>> Passive mode supercedes this. Does Passive mode work?
* Find DNS via resolv.conf parsing.
* NoCatSplash
=== To Do (more or less in order of importance):
* Add forced DNS to other firewall scripts.
* Easy 'disable public access' option in nocat.conf
* Cookie-based persistent logins
* Logout option for Open mode
>> Link on community site pointing to gw:/logout ?
* Group managment tools. *** bin/admintool is a fully functional commandline
interface. Use it!
* Find DNS via resolv.conf parsing.
=== Other random issues:
* Figure out perms issues when writing to passwd files from Apache
* Sanity checking of timeout values, etc. Esp. try to prevent g/w from blocking forever.
* CLI auth agent (for Linux users etc)
* Better error reporting from gateway to authservice and from authservice to user during notification.
* Doc note per Terry Schmidt: "(Note: Causes Security alert
message after clicking login, because you are directed from an insecure URL
to a Secure URL, to an insecure URL. Not a problem with NoCat Auth, but
should be mentioned in user documentation.)"
* Have auth tokens show up in both gateway and authservice logs, for bug tracking.
* "Agree-Disagree" instead of just "Login" for splash page
* Anonymous (vs. Public) Class Service
* DOCS
* Setuid firewall script wrapper (in C)
* User-definable timeout option