Version 1 (modified by Pascal Leclerc, 13 years ago)

--

Wifidog Features List

Realy out of date. To be updated soon !

Design Goals

Wifidog was designed as a replacement to existing captive portal solutions which we felt didn't fit the needs of next generation community groups. Specifically, we wanted both personalised and community wide content for each hotspot, no pop ups, no client software and centralized management.

Features

  • Captive portal which lets hotspot owners communicate with their users (custom content management).
  • Wifidog gateway runs on GNU/Linux server and embedded device like the Linksys WRT54G with OpenWRT.
  • Multi-language support : English, French and German.
  • Maintain the connection by checking network activity instead of a javascript window. This allows PDAs and Cellphones to connect.
  • Users are unique and have a valid email address in order to open an account. Their privacy must be respected. You can also use a splash only page and do not ask user to create an account.
  • Users are able to create a working account directly from any hotspot. New users sign on from any hotspot, create their account and are granted access for 15 minutes to confirm an email. If they don't, they are disconnected.
  • Hotspot monitoring by two way heartbeating, so the central server always knows which hotspots are up, regardles of dynamic DNS, firewalls, etc.
  • Firewall has one rule to jump in, one to jump out when a connection is rejected, and one to jump out when a connection is accepted. The gateway must do it's own NAT. All this allows wifidog to be integrated easily into an existing firewall configuration.
  • Statistics : Cumulative bandwidth usage accounting (per connection, per user, per hotspot)
  • Self-identification of the gateways ???

Please see roadmap for new features coming out.

Detailed features

Auth server (Current)

Auth server (Future)

Gateway (Current)

Gateway (Future)


The following are the main technical design goals of the project. Detailed feature lists can be found further down.

Implemented

Moved on top

Not yet implemented

  • User classes
  • Bandwidth limiting per class
  • Bandwidth limiting per router
  • Port blocking per class
  • Apply policies based on time of day

Detailed features

Auth server (Current)

  • Node-specific content features. Wifidog-auth has a very cool local content architecture.
    • Every hotspot can have a folder in the local_content directory. This folder can be filed by a single logo, leaving all the rest to be default content, or be completely custom (stylesheet, login page, portal page, header, etc.)
    • Everything in local content is templated with smarty, no problems with web designer wrecking havoc on the auth server. You can edit everything in local_content/default even if you only speak html.
    • RSS feed support (optional, with magpierss), one feed per node (url stored in the database, works great, but no gui to edit it yet) and one network-wide RSS feed.
  • Configuration and integration
    • No need to set any path in the web server config files
    • All paths are editable from the config file
    • Quick setup: the network name, url, default RSS, and similar data are set from the config file, and will be displayed as needed throughout the system.
    • Can import all users and passwords from a ?NoCat passwd file [WWW] More info].
  • Development
    • Demo page to let people to hack on it more easily
    • Database abstraction layer with very nice debugging features (just append true at the end of the call and you'll see the query, the results, the query plan, and the number of affected rows. Porting to another database only requires porting one file. Currently uses Postgres.)
  • User management (end user)
    • Users can create and activate accounts without admin intervention. The user will be granted a 15 minute grace period after signing up in order to retrieve and validate his email.
    • Users can request that the server re-send the validation email
    • Users can change their passwords
    • Users who forget their username can have it mailed to them.
    • Users who lose their password can ask the system to generate a new one and mail it to them.
    • Email must be valid but isn't displayed in order to preserve user privacy.
    • Users can login using either email or username
    • Enforces (politely) that duplicate email addresses are not allowed in the database
  • Logging and monitoring
    • MAC address logging (in case it is a legal requirement in your country)
    • Sends the original url before redirecting to the central server in order to allow linking on the portal page

Auth server (Future)

  • (in progress) Internationalization: Most strings are already in gettext calls for easy translation. However language detection and translation work still needs to be done. A French language version should be available soon.
  • (in progress) Script and sql execution time breakdown. Already implemented, just needs to be packaged to be usable by the templates.
  • Merge with the node database project.

Gateway (Current)

  • Supports using backup auth servers if the primary one doesn't respond.
  • Runtime query interfac
  • One rule to jump in, one to jump out rejects, one to jump out accepts

Gateway (Future)

  • Planned for next release
    • Detect the IP adress of an interface automatically, instead of specifying it separately in the config file.

Sourceforge

You can also take a look at Sourceforge  Feature Requests page or add your new requests.

Attachments