2003-08-07 13:19 sderle * Makefile: Changed etc/authserv.conf to etc/httpd.conf in Makefile. 2003-07-30 22:22 sderle * lib/NoCat/Gateway.pm: Removed redundant expression in previous update. 2003-07-30 22:21 sderle * lib/NoCat/Gateway.pm: Fixed reported data loss problem where gateway child fails to exit after handling a client. 2003-05-19 07:39 sderle * doc/AuthService.txt, etc/httpd.conf: Renamed etc/authserv.conf to etc/httpd.conf because it was confusing too darn many people. 2003-05-17 07:35 sderle * Makefile, NEWS, README, TODO: Updated documentation for 0.82 release. 2003-05-17 07:05 sderle * Makefile: Added DESTDIR option to Makefile for packagers. 2003-05-17 06:56 sderle * Makefile: Added DESTDIR option to Makefile to assist with packaging. 2003-03-26 19:21 rob * libexec/iptables/initialize.fw: Added a sample for allowing 10 net traffic before auth 2003-03-25 14:12 sderle * libexec/iptables/initialize.fw: Added some extra NAT modules, per Chris Tracy. 2003-03-25 14:09 sderle * libexec/iptables/initialize.fw: iptables/initialize.fw only tries to modprobe etc. if it's running as root, per request from Terry Schmidt. 2003-03-17 14:46 sderle * README, authserv.conf, lib/NoCat/Source/NIS.pm: Added NIS auth source support, with code from Olivier Page. 2003-03-10 08:50 sderle * lib/NoCat/Gateway.pm: Made logging to disk optional again. 2003-03-07 17:56 rob * bin/gateway, lib/NoCat/Gateway.pm: Pulled logging initialization into sub open_log in Gateway.pm bin/gateway now resets log files on SIGHUP if it's logging locally. 2003-03-06 17:24 sderle * README, authserv.conf, lib/NoCat/Source/IMAP.pm, lib/NoCat/Source/LDAP.pm: Added IMAP authentication support. 2003-02-27 18:28 sderle * lib/NoCat/Gateway.pm: Fixed dumb control flow bug in IgnoreMAC feature. Thanks go to Chris Tracy for finding the bug. 2003-02-18 10:15 sderle * lib/NoCat/Source/: PAM.pm, Samba.pm: Fixed bugs in Samba and PAM support. 2003-02-11 18:56 sderle * lib/NoCat/Firewall.pm: Finishing touches on IgnoreMAC support. 2003-02-11 18:43 sderle * lib/NoCat/Firewall.pm: Fixed syntax error in IgnoreMAC support. 2003-02-11 18:37 sderle * lib/NoCat/: Firewall.pm, Gateway.pm: Fixed IgnoreMAC support. 2003-02-11 18:33 sderle * libexec/iptables/access.fw: Added IgnoreMAC support. 2003-02-10 17:59 sderle * gateway.conf, lib/NoCat/Firewall.pm, lib/NoCat/Peer.pm, lib/NoCat/Gateway/Captive.pm, lib/NoCat/Gateway/Passive.pm: Added IgnoreMAC gateway option, if the NoCat gateway isn't connected to the internal network at Layer 2. 2002-11-16 22:45 rob * libexec/iptables/initialize.fw: iptables: Invalid argument on the DNAT stuff, so I commented it out. 2002-10-03 02:55 sderle * README, TODO, lib/NoCat/Firewall.pm: README, TODO, i18n-disabling fiddly bits. 2002-10-03 02:48 sderle * libexec/iptables/initialize.fw: Force unauthenticated DNS traffic through one of our DNS servers to prevent unauthenticated use of port 53 for... stuff, per Matt Barclay. Now someone just needs to add this feature to the other firewall scripts. 2002-10-03 02:33 sderle * libexec/iptables/initialize.fw: Fixed silly syntax bug in iptables/initialize.fw as reported by so many good people. 2002-10-03 02:17 sderle * lib/NoCat/AuthService.pm: Made socket shutdown failure non-fatal. 2002-10-03 02:14 sderle * lib/NoCat/Gateway.pm: Removed reaper sub and made {CHLD} into a closure that raises a semaphore inside Gateway->run to prevent malloc() problems on BSD, per DJ Gregor. 2002-10-03 01:57 sderle * TODO, gateway.conf, lib/NoCat/Firewall.pm, libexec/ipchains/initialize.fw, libexec/ipfilter/initialize.fw, libexec/pf/initialize.fw, libexec/iptables/initialize.fw: Added DNS autoconfiguration via /etc/resolv.conf, using a patch from DJ Gregor. 2002-10-03 01:52 sderle * lib/NoCat.pm: Patched to import setlogsock for perl 5.6.1 per DJ Gregor. 2002-08-20 10:50 sderle * libexec/iptables/initialize.fw: Drop unauthenticated traffic to windowsupdate.microsoft.com, 'cause it's killing the gateway. 2002-08-14 19:09 sderle * README: Updated patch authorship. 2002-08-14 19:08 sderle * authserv.conf: Altered authserv.conf to support pgsql out of the box and to document the enhanced RADIUS support. 2002-08-14 19:05 sderle * cgi-bin/login: Changed test for mode_foo.x to defined() to permit hitting enter in the login form, per Ilguiz Latypov. 2002-08-14 19:04 sderle * lib/NoCat/Firewall.pm: Disable i18n on arp(8) and ifconfig(8) so we can parse the output. 2002-08-14 19:03 sderle * etc/nocat.schema: Altered nocat.schema to support PostgreSQL out of the box. 2002-08-14 19:01 sderle * htdocs/login_ok.html: Added 'click here to continue' link to login.html 2002-08-14 19:01 sderle * lib/NoCat/Message.pm: GPG errors now get sent to NoCat->log. 2002-08-14 19:00 sderle * lib/NoCat/Source/RADIUS.pm: Significant enhancements by Chip Ach. 2002-08-13 17:37 rob * gateway.conf, htdocs/login-no-skip.html: Updated MembersOnly comment in gateway.conf. Also added a login with no skip button example html file. 2002-08-08 23:49 rob * Makefile: chown nocat pgp 2002-08-08 23:38 rob * libexec/: ipchains/access.fw, ipchains/clear.fw, ipchains/dump.fw, ipchains/initialize.fw, ipchains/reset.fw, ipfilter/initialize.fw, iptables/access.fw, iptables/clear.fw, iptables/dump.fw, iptables/initialize.fw, iptables/reset.fw, iptables/throttle.fw, loopback/clear.fw, loopback/dump.fw, loopback/initialize.fw, pf/access.fw, pf/clear.fw, pf/dump.fw, pf/initialize.fw, pf/reset.fw: Removed all PATH lines 2002-08-08 23:38 sderle * Makefile: Added chown step to suid-gateway, so that gateway can create and write its own log files. 2002-08-08 23:28 sderle * Makefile, bin/detect-fw.sh, lib/NoCat/Firewall.pm: Moved f/w scripts into libexec/; revised detect-fw.sh and Makefile to account for this; can now install setuid gateway wrapper with 'make suid-gateway'; NoCat::Firewall now provides a default path for .fw scripts. 2002-08-08 23:12 sderle * Makefile, bin/detect-fw.sh, etc/fw-wrap.c: Added fw-wrap, a setuid wrapper for the firewall binary. Run "make wrapper" prior to running "make gaeteway" to install it. 2002-08-08 21:45 sderle * lib/NoCat/Gateway/Open.pm: Bugfixes to variable interpolation in Open mode. 2002-08-08 21:28 sderle * lib/NoCat/Gateway/Open.pm: Open mode g/w now automatically parses any HTML files it delivers for $whatnot type variables. This will permit the NYCWireless folks to have the login page be different from the splash page. 2002-08-08 21:12 rob * lib/NoCat.pm: updated version number 2002-08-08 21:12 sderle * bin/gateway: Added -F command-line option to gateway, to prevent daemonization. 2002-07-07 23:34 rob * NEWS, README: notes for v0.81 2002-07-07 23:05 sderle * upgrade-0.80-db.pl, libexec/upgrade-0.80-db.pl: Moved DBI upgrade script out of bin/ so it won't be installed everywhere needlessly. 2002-07-07 22:58 sderle * libexec/upgrade-0.80-db.pl: Added 0.80 database conversion script. 2002-07-07 22:42 sderle * libexec/pf/: access.fw, initialize.fw: Completed pf support, courtesy of Richard Lotz. 2002-07-07 22:40 sderle * lib/NoCat/: Firewall.pm, Gateway.pm, Peer.pm: Fixed login loop bug where a user who changed IP addresses had multiple ARP entries, causing NoCat to use the wrong IP when modifying the firewall. 2002-06-23 19:01 rob * etc/: README, exception, goodbye.html, logout.html: exception: add an exception to the auth list (for local machines) *.html: sample customized logout screen 2002-06-23 00:58 rob * htdocs/status.html: image path fix-up 2002-06-21 22:35 sderle * libexec/ipchains/: access.fw, clear.fw, dump.fw, initialize.fw, reset.fw: Rewrite ipchains scripts based on new iptables scripts. Still some weirdness in reset connections, etc. Must get an ipchains guru to look at this. 2002-06-20 20:40 sderle * libexec/pf/access.fw: Brand new pf access.fw script, courtesy of Richard Lotz, based on scripts submitted by DJ Gregor, seriously hacked by me. Blame me if it's broken. 2002-06-20 20:39 sderle * libexec/pf/: clear.fw, initialize.fw, reset.fw: Brand new pf scripts, courtesy of Richard Lotz, based on scripts submitted by DJ Gregor. 2002-06-19 23:44 sderle * lib/NoCat/AuthService.pm: Fixed the redirect value passed into authservice login_ok templates etc. 2002-06-19 23:40 sderle * libexec/iptables/initialize.fw: Fixed non-functional AllowedWebHosts. RouteOnly still not working. 2002-06-19 23:07 sderle * lib/NoCat/Source/Passwd.pm: Removed writeability requirement in Passwd driver for read-only accesses of the passwd files. 2002-06-19 18:04 sderle * lib/: NoCat.pm, NoCat/Gateway.pm, NoCat/Gateway/Captive.pm: Fixed Captive mode re-login bug, and added status page to Captive/Passive mode, based on patches from Matt Barclay. 2002-06-13 23:23 sderle * authserv.conf: Added new LDAP options to authserv.conf 2002-06-13 23:20 sderle * libexec/iptables/initialize.fw: Fixed Include/ExcludePorts, per Terry Schmidt; Also, reliminated dependency on AuthServiceAddr in Open mode. 2002-06-13 23:09 sderle * lib/NoCat/Source/LDAP.pm: Massive improvements to LDAP.pm by Scott Lemon. 2002-06-13 22:53 sderle * lib/NoCat/Source/RADIUS.pm: Fixed authenticate_user() in RADIUS, with a patch from Martin Davidsson. 2002-06-13 22:41 sderle * htdocs/: login_ok.html, register_ok.html, renew.html, renew_pasv.html: Fixed IE6 redirect bug. 2002-06-05 00:07 sderle * bin/gateway: Added termination signal handlers to bin/gateway. 2002-06-05 00:00 sderle * lib/NoCat/Firewall.pm: Corrected 'initalize' typo. 2002-06-04 23:55 sderle * lib/NoCat.pm, lib/NoCat/Firewall.pm, libexec/ipchains/reset.fw: Added auto-reset support on gateway exit, since Rob already announced it. 2002-06-04 23:53 sderle * bin/detect-fw.sh, bin/gateway, libexec/ipchains/clear.fw, libexec/ipchains/reset.fw, libexec/iptables/clear.fw, libexec/iptables/reset.fw, libexec/loopback/access.fw, libexec/loopback/clear.fw, libexec/pf/access.fw, libexec/pf/clear.fw, libexec/pf/reset.fw: Moved reset.fw to clear.fw, so that reset.fw could reset firewall rules on g/w exit 2002-06-04 23:12 sderle * libexec/iptables/initialize.fw: Removed debug data from initialize.fw. 2002-06-04 23:05 sderle * libexec/iptables/: access.fw, initialize.fw: Revised iptables scripts to use separate chains. 2002-05-29 18:02 sderle * lib/NoCat/Message.pm: Fixed gpgv return value issues in verify() 2002-05-28 19:13 sderle * lib/NoCat/Source/Passwd.pm: Removed :seek constants from Passwd.pm, using a patch from DJ Gregor. For some reason, OpenBSD has a problem with them sometimes? 2002-05-28 09:17 sderle * authserv.conf: Corrected 'Authen::Samba' typo in authserv.conf to read 'Authen::Smb' 2002-05-27 22:53 sderle * authserv.conf, lib/NoCat/Source/PAM.pm, lib/NoCat/Source/Samba.pm: Added Samba support. Also, made PAM_Service directive optional. 2002-05-27 22:36 sderle * authserv.conf, etc/pam.conf, lib/NoCat/Source/PAM.pm: Added rudimentary PAM support. 2002-05-24 16:14 sderle * gateway.conf, lib/NoCat.pm: Moved firewall *Cmd options from gateway.conf to NoCat.pm defaults, per David Whitmarsh. 2002-05-24 15:13 sderle * bin/gateway: More mucking with diagnostic mode. 2002-05-24 14:29 sderle * libexec/iptables/access.fw: Oooops. Didn't mean to check in the new access.fw yet. 2002-05-24 14:28 sderle * bin/gateway, libexec/iptables/access.fw: Gateway diagnostic mode caught in loop, eats all RAM. Fixed.bin/gateway 2002-05-24 12:09 sderle * bin/gateway: Removed END block from gateway -- too confusing at startup. 2002-05-24 11:52 sderle * bin/gateway: Added -D option to gateway to provide further diagnostics. 2002-05-24 10:52 sderle * test.sh, lib/NoCat/Message.pm: Fixed a dumb syntax bug. 2002-05-23 20:36 sderle * Makefile: Makefile now preserves existing .conf and htdocs/ files and directories. 2002-05-23 18:07 sderle * lib/NoCat/Source/DBI.pm: Passwords are once again properly hashed before being stored with the DBI driver. (SDE = T3H M0R0N. I have a DB fix-it script if anyone needs it.) 2002-05-23 00:15 sderle * bin/gateway: Whoops, I meant $FindBin::Bin/.. 2002-05-23 00:13 sderle * bin/gateway: bin/gateway chdir()'s to $FindBin::Bin now. 2002-05-22 22:21 sderle * INSTALL, README, TODO, doc/SameMachine.txt: Updated some documentation; added SameMachine.txt 2002-05-22 21:52 sderle * lib/NoCat/Firewall.pm: Beefed up autoconfiguration of network addresses and added sundry autoconfig warnings. 2002-05-22 21:39 sderle * Makefile: Added *.conf directory munging based on $(PREFIX), per Adam Shand. 2002-05-22 21:28 sderle * lib/NoCat/Message.pm: Spruced up error messages in Message.pm 2002-05-22 21:25 sderle * lib/NoCat/Message.pm, libexec/pf/access.fw, libexec/pf/initialize.fw: Fixes to pf support, using patches from Richard Lotz. 2002-05-22 21:22 sderle * lib/NoCat/: Source.pm, Source/RADIUS.pm: Moved source driver stub functions from NoCat::Source::RADIUS to NoCat::Source to prepare for adding PAM support. 2002-05-22 21:03 sderle * gateway.conf, lib/NoCat.pm: Added syslog support, based on a patch from Matt Barclay. Also, reorganized gateway.conf. Also, made passive mode default. 2002-05-21 12:29 sderle * htdocs/status.html: Updated status.html to display version numbers. 2002-05-21 12:07 sderle * lib/NoCat.pm: Added version number to NoCat.pm, per Don Park and Andrew Woods. 2002-05-13 13:31 sderle * lib/NoCat/Source/RADIUS.pm: Fixed reference to Authen::Radius in NoCat::Source::RADIUS.pm. Ooops. 2002-05-06 17:24 rob * NEWS: minor formatting issues... 2002-05-06 17:19 sderle * NEWS, README: Version 0.80 released. 2002-05-06 00:04 sderle * TODO: Updated TODO preparatory to 0.79 release. 2002-05-06 00:01 sderle * lib/NoCat/AuthService.pm: Fixed IE breakage in passive mode. FINALLY. It was that pesky trailing slash (or lack thereof) in the g/w notification redirect. Who knew. 2002-05-05 22:53 sderle * bin/gateway: Added a default $PATH to bin/gateway 2002-05-05 12:38 sderle * lib/NoCat/: Gateway.pm, Gateway/Captive.pm: Fixed passive mode issues with post-forking. 2002-05-05 12:37 sderle * lib/NoCat/Peer.pm: Moved token-incrementing code out of Peer.pm 2002-05-05 12:32 sderle * lib/: NoCat.pm, NoCat/AuthService.pm: Moved token-incrementing code into NoCat.pm 2002-04-24 14:42 sderle * lib/NoCat/Gateway.pm: Added patch from Michael Codanti to add IEEE MAC manufacturer search links on status page. 2002-04-24 14:40 sderle * lib/NoCat.pm: file() method no longer looks in current directory, per Michael Codanti. 2002-04-24 14:40 sderle * cgi-bin/login: Added 'use passive mode' warning to cgi-bin/login 2002-04-24 14:38 sderle * libexec/iptables/initialize.fw: Rolled back Rob's changes preparatory to release. 2002-04-24 11:31 sderle * htdocs/splash.html: Removed base href from splash.html, since it was breaking in IE, per Andrew Woods. 2002-04-23 22:48 rob * gateway.conf, lib/NoCat/Firewall.pm, libexec/iptables/initialize.fw: gateway.conf: two new variables, MembersOnly and RouteOnly. initialize.fw: many changes, SDE's new syntax, ports from pre to fwd Firewall.pm: added the two new variables for export. 2002-04-22 10:11 sderle * lib/NoCat/Gateway.pm: Reset LastConnectionTime on user login, rather than on any HTTP connection, per Andrew Woods. 2002-04-22 02:21 sderle * lib/: NoCat.pm, NoCat/Gateway.pm, NoCat/Peer.pm, NoCat/Gateway/Captive.pm, NoCat/Gateway/Open.pm: Made gateway post-forking, implemented IPC to share details of peers, etc. Hopefully no more crashy-crashy. Also, added Michael Codanti's patch to Open.pm to provide better diagnostics? 2002-04-19 10:56 sderle * lib/NoCat/Gateway.pm: Hey, Schuyler, you bozo! eval() won't catch an alarm() if the alarm() doesn't get unset after the eval() exits! Also, in other news, TotalConnections status field is now actually incremented for each new connection. 2002-04-19 03:54 sderle * authserv.conf, lib/NoCat/Source/LDAP.pm, lib/NoCat/Source/RADIUS.pm: Tweaked LDAP support. Added RADIUS support, based on sample code submitted by Jan-Patrick Perisse. Added LDAP & RADIUS options to authserv.conf. 2002-04-19 03:23 sderle * lib/NoCat/: Source.pm, User.pm, Source/DBI.pm, Source/LDAP.pm, Source/Passwd.pm: Moved password encryption out of User.pm and into the source drivers where it belongs. Added an LDAP driver written by Nathan Zorn. 2002-04-19 02:16 sderle * gateway.conf, htdocs/splash.html, htdocs/status.html, lib/NoCat.pm, lib/NoCat/Gateway.pm, lib/NoCat/Gateway/Open.pm: Added HandleTimeout alarm to keep gateway from hanging on interrupted HTTP requests. Thanks to Michael Codanti for pinpointing this issue. Also, rolled in new status patches from Michael Codanti. 2002-04-17 22:54 rob * TODO: More and more and more ToDo. 2002-03-20 01:13 sderle * README: Added credits for recent patches to README. 2002-03-20 01:12 sderle * detect-fw.sh: Moved detect-fw.sh into bin/ 2002-03-20 01:11 sderle * Makefile, bin/detect-fw.sh, libexec/pf/access.fw, libexec/pf/dump.fw, libexec/pf/initialize.fw, libexec/pf/reset.fw: Added packetfilter support, using patches from Richard Lotz. 2002-03-20 01:04 sderle * libexec/loopback/: access.fw, dump.fw, initialize.fw: Added loopback firewall scripts for testing gateway on a single machine. 2002-03-20 00:54 sderle * lib/NoCat/Firewall.pm: Firewall.pm exports GatewayAddr to support OpenBSD, per a patch submitted by Richard Lotz. 2002-03-20 00:53 sderle * lib/NoCat.pm: Patched NoCat.pm to cache a singleton instance of the firewall object, to prevent the need for repeated network detection. 2002-03-20 00:51 sderle * gateway.conf, htdocs/status.html: Added status page template & reference in gateway.conf. 2002-03-20 00:49 sderle * lib/NoCat/: Gateway.pm, Gateway/Open.pm: Added status() and respond() methods to NoCat::Gateway, based on a patch submitted by Don Park. 2002-03-16 13:48 sderle * lib/NoCat/Source/DBI.pm: Removed requirement of group needing to have users to fetch successfully from DBI.pm 2002-03-08 23:50 sderle * NEWS: Actual NEWS for 0.78. (oops.) 2002-03-08 23:31 sderle * NEWS, README, TODO: Version 0.78 released. 2002-03-07 17:36 sderle * lib/NoCat/Firewall.pm: Fixed buggy detection of ExternalInterface. 2002-03-06 19:36 sderle * lib/NoCat/AuthService.pm: Made LoginTimeout check a little more flexible in AuthService.pm 2002-03-06 18:24 sderle * lib/NoCat/AuthService.pm: Fixed minor case isses in AuthService.pm 2002-03-06 18:23 sderle * lib/NoCat/Message.pm: NoCat::Message->pgp() now passes --no-tty by default and checks for failure. 2002-03-06 17:41 sderle * lib/NoCat/AuthService.pm: Fixed minor typo that prevented auth token from being passed to the popup. 2002-03-06 03:39 sderle * lib/NoCat/AuthService.pm: Fixed token handling in Captive mode. 2002-03-06 03:37 sderle * lib/NoCat/: Firewall.pm, Gateway/Captive.pm: Fixed LoginTimeout passing in Captive mode. 2002-03-06 02:54 sderle * htdocs/login.html: Changed form method in login.html from GET to POST. 2002-03-06 02:52 sderle * etc/httpd.conf: Added ScriptAlias line to etc/authserv.conf 2002-03-06 02:44 sderle * authserv.conf, htdocs/renew_pasv.html: Added passive mode popup box. 2002-03-06 02:03 sderle * README: Credited Craig Slimmer and Michael Codanti for their input and assistance. 2002-03-06 02:01 sderle * cgi-bin/admlogin, cgi-bin/login, lib/NoCat.pm, lib/NoCat/AuthService.pm: Authservice side fixes to 'Any' support, and passive mode now works. 2002-03-06 01:57 sderle * lib/NoCat/Gateway/Passive.pm: Likewise, no_response is spelled with *two* 's'-es. 2002-03-06 01:56 sderle * lib/NoCat/Gateway.pm: HTTP No Response is 204, not 304, stoopid. 2002-03-06 01:54 sderle * lib/NoCat/Peer.pm: Magical 'Any' access was being extended to all users, not just group members. Fixed. 2002-03-06 00:13 sderle * lib/NoCat/AuthService.pm: Various code tweaks. 2002-02-25 11:28 sderle * lib/NoCat/AuthService.pm: Removed datasource directives from @NoCat::AuthService::REQUIRED. 2002-02-22 17:49 sderle * cgi-bin/login, lib/NoCat.pm, lib/NoCat/AuthService.pm: Fixed a stupid bug that was crippling popups in captive mode, and refactored the relevant code to attempt to preclude further similar bugs. Also added MinLoginTimeout to authservice default config to provide some sanity. 2002-02-21 15:21 sderle * gateway.conf: Merged Open and Captive mode references to LoginTimeout. 2002-02-16 23:39 sderle * gateway.conf, lib/NoCat/Firewall.pm, lib/NoCat/Gateway.pm: Implemented automatic network discovery. 2002-02-16 17:39 sderle * lib/NoCat/Gateway/Open.pm: Added some more MIME types per Adam Shand's request. 2002-02-15 17:53 sderle * ChangeLog, NEWS, README, TODO: Updated NEWS for release v0.77. 2002-02-15 17:36 sderle * test.sh: Added a simple test script to check perl code for syntactic correctness. 2002-02-15 10:52 rob * libexec/iptables/initialize.fw: Needed, but untested feature: Deny all access on the external interface to the GatewayPort, unless its origin is AuthServiceAddr. Should help keep script kiddie portscanners moving along... 2002-02-15 10:08 sderle * lib/NoCat/Peer.pm: Fixed moronic syntax bug in lib/NoCat/Peer.pm, reported by Chip Ach. 2002-02-15 10:08 sderle * htdocs/splash.html: Added title to open mode splash page, per Michael Codanti. 2002-02-13 18:25 sderle * ChangeLog, NEWS, README: Final dox update for 0.76. 2002-02-08 14:30 sderle * BUGS, cgi-bin/login, lib/NoCat/AuthService.pm, lib/NoCat/Gateway/Passive.pm: Added some more cruft to support Passive mode. Hopefully this is the last of it. 2002-02-08 14:27 sderle * nocat.conf: Removed nocat.conf in favor of authserv.conf and gateway.conf. 2002-02-08 14:27 sderle * Makefile, authserv.conf, gateway.conf: Split nocat.conf into gateway.conf and authserv.conf per Sameer Verma's suggestion, and updated Makefile to copy the relevant conf file to $PREFIX/nocat.conf. 2002-02-07 22:51 sderle * nocat.conf, lib/NoCat.pm, lib/NoCat/Gateway.pm: Updated ARP expiration patch to disable it if MaxMissedARP is set to zero. 2002-02-07 21:22 sderle * lib/: NoCat.pm, NoCat/Gateway.pm, NoCat/Peer.pm: Applied Michael Codanti's ARP cache expiration timeout patch. 2002-01-26 19:01 sderle * lib/NoCat/Gateway/Open.pm: Applied Michael Codanti's icon mime type patch to support favicon.ico on the gateway. 2002-01-25 12:00 sderle * lib/NoCat/Gateway/Open.pm: Patch from Michael Codanti to make requests to the document root of the open mode gateway be captured with the HomePage defined in nocat.conf used as the redirect page. 2002-01-24 19:53 sderle * lib/: NoCat.pm, NoCat/Peer.pm: Implemented some damnfool craziness involving libc MD5-hashing crypt functions, obsoleting Digest::MD5 on the g/w. 2002-01-24 19:11 sderle * TODO: Updated TODO. 2002-01-24 19:10 sderle * cgi-bin/login: Fixed the somewhat irritating appearance of Mode_foo.[xy] parameters. 2002-01-24 19:08 sderle * htdocs/login.html, lib/NoCat/AuthService.pm, lib/NoCat/Gateway/Passive.pm: Fixed (slightly broken) Captive mode support, and added LoginTimeout support to Passive mode. 2002-01-24 18:17 sderle * lib/: NoCat.pm, NoCat/Gateway/Captive.pm: Fixed stupid syntax bug in Captive.pm. 2002-01-23 23:38 sderle * lib/NoCat/AuthService.pm: Debugged support for passive-mode portal in AuthService.pm. 2002-01-23 23:37 sderle * lib/NoCat/Gateway/: Captive.pm, Passive.pm: Debugged support for passive-mode portal. 2002-01-23 23:35 sderle * lib/NoCat/Message.pm: Message.pm now specifically includes trustedkeys.gpg in call to gpg. 2002-01-23 23:34 sderle * lib/NoCat/: Firewall.pm, Gateway/Open.pm: Firewall.pm now calls out to access.fw using system() rather than exec(). 2002-01-23 23:29 rob * nocat.conf: Added a 'Passive' mode note. 2002-01-23 23:28 rob * libexec/iptables/: access.fw, initialize.fw: Fixed some access strangeness. Also implemented AllowedWebHosts in initialize.fw. 2002-01-23 23:19 sderle * libexec/ipchains/: access.fw, initialize.fw: Converted ipchains scripts from DOS to unix mode (?!) and fixed horrible bugs in ipchains/access.fw. 2002-01-23 21:32 sderle * lib/NoCat/AuthService.pm: Added check_user() method to AuthService.pm. 2002-01-23 21:30 sderle * lib/NoCat/Group.pm: Undef group ID if the group can't be found. 2002-01-23 20:57 sderle * lib/NoCat.pm: NoCat.pm now exports LOGIN. Maybe someday we'll actually use it for something. 2002-01-23 20:06 rob * nocat.conf, lib/NoCat/Firewall.pm, libexec/iptables/initialize.fw: Implemented AllowedWebHosts. On to testing! 2002-01-23 19:33 sderle * lib/NoCat/Gateway.pm: NoCat/Gateway.pm now handles SIGCHLD gracefully again, like it used to, before the great GatewayMode fork. My bad. Thanks to Steve Beattie for reporting the bug. 2002-01-23 19:06 sderle * README: Added Michael Codanti to the README credits for his debugging assistance. 2002-01-21 14:41 sderle * lib/NoCat/Gateway.pm: ->permit now stashes the peer object in ->{Peer}, fixing the open mode timeout-loss bug. 2002-01-21 11:02 sderle * TODO, cgi-bin/login, htdocs/login.html, lib/NoCat.pm, lib/NoCat/AuthService.pm, lib/NoCat/Message.pm, lib/NoCat/Peer.pm, lib/NoCat/Gateway/Captive.pm, lib/NoCat/Gateway/Passive.pm, libexec/create: Added support for passive mode gateway. 2002-01-18 16:23 sderle * lib/NoCat/Firewall.pm, libexec/iptables/initialize.fw: Don't open the firewall to AuthServiceAddr is GatewayMode is set to "Open". 2002-01-18 12:34 rob * htdocs/splash.html: Forgot /images/ (thanks Michael) 2002-01-18 12:32 rob * README, TODO, doc/Introduction.txt: Stuff. The Intro ain't ready yet. 2002-01-10 12:13 sderle * TODO: Updated TODO. 2002-01-06 15:00 rob * README, TODO: Updates. 2002-01-06 14:52 rob * README, doc/Introduction.txt: MattW credits 2002-01-05 18:46 sderle * ChangeLog: Added ChangeLog. 2002-01-05 18:42 sderle * BUGS, TODO: Updated BUGS & TODO. 2002-01-05 18:38 sderle * NEWS, WHATSNEW: Renamed WHATSNEW to NEWS. 2002-01-05 14:58 sderle * lib/NoCat/Gateway/Open.pm: Fixed Open mode loop bug for Mac clients et al. 2002-01-04 21:42 sderle * TODO, lib/NoCat.pm, lib/NoCat/Gateway.pm, lib/NoCat/Source.pm, lib/NoCat/Gateway/Captive.pm: Minor code comment type things. 2002-01-03 16:15 sderle * libexec/: ipchains/access.fw, iptables/access.fw: Renamed some variables in the access.fw scripts so that error messages are at least mildly meaningful. 2002-01-03 16:06 sderle * libexec/ipchains/access.fw: Changed hardcoded eth0 in ipchains/access.fw to $ENV{InternalDevice}. 2002-01-03 16:02 sderle * libexec/ipchains/: access.fw, initialize.fw: Significant improvements to ipchains access.fw and initialize.fw by Matt Westervelt to make them actually functional. 2001-12-31 00:14 rob * WHATSNEW, doc/AuthService.txt, doc/Introduction.txt, etc/group, etc/groupadm, etc/passwd: Dummy group and pw files. EXTENSIVE documentation. ;) 2001-12-31 00:12 rob * Makefile, nocat.conf, etc/README: Install etc/ on make authserv. Also fixed some passwd paths in the conf. 2001-12-30 22:49 rob * INSTALL, TODO, libexec/iptables/dump.fw, libexec/iptables/initialize.fw, libexec/iptables/reset.fw, libexec/iptables/throttle.fw: Added PATHs (and comments) to all of the .fw scripts. Also added some docs (still in progress.) 2001-12-28 21:59 rob * Makefile: Makefile oops. 2001-12-28 21:58 rob * INSTALL, Makefile, README, TODO, nocat.conf: Makefile: cleaned up for gw install. Still in progress. Docs in progress... 2001-12-28 21:42 rob * libexec/iptables/initialize.fw: Set an explicit PATH. iptables Fails if /sbin isn't in your PATH. 2001-12-28 01:53 rob * README, TODO: Minor updates. Very near next release! 2001-12-28 01:10 rob * libexec/iptables/: access.fw, dump.fw, initialize.fw, reset.fw: Implemented Michael Bailey's FORWARD chain idea. initialize.fw: only accept parkets with fwmark <= 3, and always from the AuthServiceAddr. access.fw: add a FORWARD exception for valid ip's. dump,reset: also show/reset the filter table. Stateful TCP connections are now reset on logout! 2001-12-28 01:05 rob * htdocs/splash.html: All images are now in /images/ 2001-12-28 01:04 rob * lib/NoCat/Source/Passwd.pm: Major bugfixes. Should work fine now. Beta. 2001-12-28 01:03 rob * lib/NoCat/Gateway/Open.pm: Fixed subdirectory support within DocumentRoot in the http server. 2001-12-28 01:03 rob * lib/NoCat/User.pm: Turned ->id and ->passwd into get/set methods. 2001-12-28 01:00 rob * bin/admintool: Vastly improved. Can now add users, set passwords, add & remove to groups, promote and demote admins. 2001-12-14 16:44 sderle * nocat.conf: Added sample directives & documentation for Passwd DataSouce. 2001-12-14 16:25 sderle * lib/NoCat/AuthService.pm: Removed "return $gw" line that was (for no apparent reason) blocking Mike Bailey's patch. 2001-12-14 16:15 sderle * lib/NoCat/Source/: DBI.pm, Passwd.pm: Added passwd-type file support as NoCat data source. Fixed horrible bug in ->update_group_member in DBI.pm. 2001-12-10 10:40 rob * TODO: Add fw rule... 2001-11-21 10:14 rob * TODO: As per Terry's request: agree/disagree instead of login 2001-11-14 22:10 rob * bin/admintool: ...just about working. 2001-11-14 21:59 sderle * lib/NoCat/Group.pm: Same fix to ->update. 2001-11-14 21:14 sderle * lib/NoCat/Group.pm: Fixed bug in call to ->fetch_users_by_group from ->fetch. 2001-11-14 20:49 rob * nocat.conf: Changed GroupField to GroupIDField to match the library 2001-11-14 20:48 rob * bin/admintool: ...working... Added dynamic lib discovery with a BEGIN Still trying to figure out the API... 2001-11-14 11:23 rob * README: Gave Peterson credit. 2001-11-14 11:20 rob * detect-fw.sh: Added Matt Peterson's ipf patch (for BSD) 2001-11-01 23:28 rob * bin/admintool: Commandline admin tool for adding, dropping, and listing admins. It's currently broke, pending better grokking of the API. 2001-11-01 20:21 sderle * lib/NoCat/Group.pm: Added an ->admin method to Group.pm. 2001-10-25 10:32 rob * nocat.conf: minor typo 2001-10-25 00:04 sderle * cgi-bin/login, cgi-bin/update, lib/NoCat.pm, lib/NoCat/AuthService.pm, lib/NoCat/Group.pm, lib/NoCat/User.pm, lib/NoCat/Source/DBI.pm: Bug fixes to make everything happy after testing. 2001-10-25 00:04 rob * README: prep for v.60 release 2001-10-24 23:33 rob * libexec/iptables/initialize.fw: minor typo. 2001-10-24 23:11 rob * Makefile: added cp -d to preserve symlinks (rather than make copies on install.) 2001-10-24 23:07 rob * libexec/iptables/: initialize.fw, throttle.fw: Now, chmod +x throttle.fw to run it, and notes to that effect in initialize.fw. 2001-10-24 22:05 sderle * lib/NoCat/Source.pm: Source.pm now requires DataSource directive (versus Database). 2001-10-24 22:05 sderle * nocat.conf: Added LocalGateway directive to nocat.conf. 2001-10-20 23:07 sderle * lib/NoCat/AuthService.pm: Added cookie functions to AuthService.pm, and cgi-bin/admlogin to use them. 2001-10-20 23:07 sderle * cgi-bin/admlogin: Added cookie functions to AuthService.pm, and cgi-bin/admlogin to use them 2001-10-20 22:02 sderle * lib/: NoCat.pm, NoCat/Firewall.pm: Minor warnings fixed in Firewall.pm. For some sad reason, NoCat->instantiate has to call NoCat->new, rather than $self->SUPER::new, in spite of the fact that $self->SUPER:: is inevitably NoCat::, and NoCat very definitely has a new method. *sigh* 2001-10-20 21:12 sderle * lib/NoCat/: Gateway.pm, Source.pm: Added the very crucial @_ argument to calls to ->instantiate. 2001-10-20 20:54 sderle * detect-fw.sh: Minor syntax tweak to detect-fw.sh. 2001-10-20 20:54 sderle * Makefile: Made Makefile actually work w/r/t .fw script symlinks. 2001-10-18 22:16 rob * detect-fw.sh: Add some "" to not confuse [ 2001-10-18 21:22 sderle * cgi-bin/login: cgi-bin/login calls ->groups, not ->authorize. 2001-10-18 21:20 rob * etc/portforward.sample: minor typo. 2001-10-18 21:19 rob * etc/portforward.sample: Added iptables example. 2001-10-18 21:11 sderle * libexec/iptables/initialize.fw: Added rmmod ipchains / modprobe ip_tables, as suggested by Pasi Lahtinen (pasi@lahtinen.fsnet.co.uk). 2001-10-18 20:21 sderle * lib/NoCat/AuthService.pm: Incorporated LocalGateway patch, submitted by Michael Bailey (mbailey@enternet.com.au), with some small changes. 2001-10-14 19:48 sderle * libexec/ipchains/access.fw: Simplified bin/ipchains/access.fw by a touch. 2001-10-14 19:16 sderle * libexec/iptables/access.fw: Removed erroneous interface parameter from access.fw usage message. (This information is stored in $ENV{InternalInterface} when access.fw is called, anyway.) 2001-10-14 19:05 sderle * detect-fw.sh, libexec/ipchains/access.fw, libexec/ipchains/dump.fw, libexec/ipchains/initialize.fw, libexec/ipchains/reset.fw: Added ipchains support, courtesy of Steve Beattie . 2001-10-14 18:49 sderle * lib/: NoCat.pm, NoCat/Firewall.pm, NoCat/Gateway.pm, NoCat/Group.pm, NoCat/Source.pm, NoCat/User.pm, NoCat/Source/DBI.pm: More work to make pluggable authentication sources possible. 2001-10-14 18:08 rob * cgi-bin/: login, register, update: New syntax for user stuff. Plus, %p is now %params. 2001-10-14 16:59 sderle * lib/NoCat/: AuthService.pm, Group.pm, Source.pm, User.pm, Source/DBI.pm: More work towards multi-group authservice API. 2001-10-09 17:37 sderle * htdocs/: auth_logo.gif, continue.gif, expired.html, fatal.html, login.gif, login.html, login_ok.html, logout.gif, logout.html, register.gif, register.html, register_ok.html, renew.html, reset.gif, skip.gif, update.gif, update.html, images/auth_logo.gif, images/continue.gif, images/login.gif, images/logout.gif, images/register.gif, images/reset.gif, images/skip.gif, images/update.gif: Moved GIF files into images/ directory and fixed links, per Michael Bailey (mbailey@enternet.com.au). 2001-10-09 17:33 sderle * lib/: NoCat.pm, NoCat/AuthService.pm, NoCat/Group.pm, NoCat/Source.pm, NoCat/User.pm, NoCat/Source/DBI.pm: Added fun new API to support multiple groups & admin tools & stuff. 2001-10-03 20:36 sderle * Makefile, TODO, detect-fw.sh, nocat.conf, lib/NoCat/Firewall.pm, libexec/access, libexec/bandwidth.linux, libexec/bandwidth.policy, libexec/firewall.linux, libexec/firewall.policy, libexec/iptl, libexec/reset.firewall, libexec/ipfilter/initialize.fw, libexec/iptables/access.fw, libexec/iptables/dump.fw, libexec/iptables/initialize.fw, libexec/iptables/reset.fw, libexec/iptables/throttle.fw: NoCat now provisionally supports *BSD and IPFilter. All of the firewall scripts were moved around as a result. 2001-10-01 12:28 sderle * lib/NoCat/Firewall.pm: Refactored subs relying on perform(); added $Arp_Source to check for lack of /proc and use /sbin/arp as needed. 2001-09-28 13:27 sderle * cgi-bin/login: Removed old crud from cgi-bin/login to make it work right with multiple groups per authservice. 2001-09-25 14:03 rob * README: .52 notes. 2001-09-25 14:02 rob * lib/NoCat.pm: Added ANY to the export list. Ugh. 2001-09-24 22:03 sderle * TODO: TODO updated post-release-v.0.51 2001-09-24 21:33 rob * README, nocat.conf: Updates for 0.51 2001-09-24 20:56 sderle * nocat.conf, lib/NoCat.pm, lib/NoCat/Gateway.pm, lib/NoCat/Peer.pm: Added support for magical "Any" group. 2001-09-24 18:07 sderle * lib/NoCat/Gateway.pm: HTTP headers are now read with into the request hash with uniformly cased keys, hopefully clearing up the open mode redirect bug reported by Terry and Adam S. 2001-09-24 17:53 sderle * TODO: Couple of notes on the TODO. 2001-09-22 01:32 sderle * nocat.conf: A hint of extra documentation in nocat.conf about suggested LoginTimeout settings per mode. 2001-09-22 01:31 sderle * lib/NoCat/: Gateway.pm, Peer.pm, User.pm, Gateway/Captive.pm: Bug fixes to make multiple groups functional. 2001-09-22 00:37 sderle * nocat.conf, cgi-bin/login, etc/nocat.schema, lib/NoCat/Gateway.pm, lib/NoCat/Peer.pm, lib/NoCat/User.pm, lib/NoCat/Gateway/Captive.pm: Added multiple group/network support to gateway and authservice systems. 2001-09-17 12:58 sderle * README, lib/NoCat.pm: Added Rich Gibson's NoCat.pm documentation. 2001-09-15 16:44 rob * README: Okay, screwed up the tags, too. We're now at .45. 2001-09-15 16:42 rob * README: Revised README for 0.44 2001-09-15 16:38 rob * lib/NoCat.pm: Updated NoCat.pm from last night (accidentally left out of .43.) 2001-09-15 02:39 rob * README: Doh. Version typo. 2001-09-15 02:37 rob * README: Added update for open portal. 2001-09-15 02:35 rob * htdocs/splash.html: Splash screen for open portal mode. 2001-09-15 02:27 sderle * lib/NoCat/: Gateway.pm, Gateway/Captive.pm, Gateway/Open.pm: Bug fixes and tweaks to make open portal mode work. 2001-09-14 22:20 sderle * lib/: NoCat.pm, NoCat/Gateway.pm, NoCat/Gateway/Open.pm: Open gateway now serves images. NoCat.pm loads the right gateway code based on the GatewayMode parameter. 2001-08-24 20:57 rob * etc/httpd.conf: Commented out SSLSessionCache line (as it'll break in some circumstances if the installer doesn't read the directions and has apache installed somewhere other than /usr/local/apache/) 2001-08-24 20:55 rob * etc/httpd.conf: Added MSIE + Mac + SSL stupidity workaround lines 2001-08-24 11:22 sderle * Makefile, TODO, nocat.conf: Updated nocat.conf & Makefile for open portal stuff. 2001-08-21 15:46 sderle * lib/NoCat.pm: Added default DocumentRoot based on $FindBin::Bin to NoCat.pm. 2001-08-21 15:45 sderle * lib/NoCat/: Gateway.pm, Gateway/Captive.pm, Gateway/Open.pm: Split Gateway.pm into parent module Gateway.pm and child Gateway/Captive.pm. Added Gateway/Open.pm as second child of Gateway.pm. 2001-08-20 11:11 sderle * INSTALL, TODO, etc/nocat.rc: Bug fix in environment variables in etc/nocat.rc (only relevant where NoCat is installed elsewhere). Minor updates to INSTALL and TODO. 2001-08-15 22:42 rob * lib/NoCat/Gateway.pm: Changed the unhelpful "* Your Message Here *" to a "please click here". 2001-08-15 01:18 rob * etc/portforward.sample: Sample script to forward 5280 traffic 2001-08-15 01:09 rob * libexec/firewall.linux: Oops. Forgot to check in new firewall. 2001-08-15 00:58 rob * BUGS, INSTALL, README, TODO, etc/nocat.rc, lib/NoCat/Firewall.pm: Documentation updates in preparation for v0.41. Firewall.pm now also exports GatewayPort (needed for firewall rules.) There are also a couple of outstanding issues, now outlined in BUGS. 2001-08-15 00:33 rob * etc/README: Added nocat.rc description. 2001-08-15 00:31 rob * etc/nocat.rc: That's better. No need for a PATH. 2001-08-15 00:28 rob * etc/nocat.rc: Simple init script. 2001-08-15 00:02 rob * nocat.conf: Added some documentation and IncludePorts / ExcludePorts lines. 2001-08-14 21:52 rob * libexec/firewall.linux: Added a couple of more comments, and am about to test on the stylistic. 2001-08-14 19:08 rob * libexec/firewall.linux: Added IncludePorts and ExcludePorts 2001-08-14 19:02 sderle * INSTALL, TODO, bin/gateway, lib/NoCat/Gateway.pm: Refactored NoCat::Gateway->run. Fiddled with INSTALL and TODO. 2001-08-14 18:25 rob * lib/NoCat/Firewall.pm: Added "IncludePorts" and "ExcludePorts" to the export list. 2001-08-13 00:07 sderle * bin/gateway, lib/NoCat/Gateway.pm: Broke bind() method out of run() in Gateway.pm to improve error reporting when binding the listener port. Added call to NoCat::Gateway->bind to bin/gateway *prior* to log redirection just to catch fatal bind errors. 2001-08-12 23:52 sderle * lib/NoCat/Firewall.pm: Also made %ENV assignment use sensible defaults for optional items. 2001-08-12 23:50 sderle * lib/NoCat/Firewall.pm: Added firewall config parameters to @NoCat::Firewall::REQUIRED. 2001-08-12 01:00 sderle * README: Updated the README file for 0.40. 2001-08-12 00:51 rob * htdocs/login.html: Again. 2001-08-12 00:47 rob * htdocs/login.html: Pretty pretty fonts. 2001-08-12 00:43 sderle * nocat.conf: Fixed up LogoutURL in nocat.conf to point to the new logout.html. 2001-08-12 00:41 sderle * htdocs/: auth_logo.gif, continue.gif, expired.html, fatal.html, login.gif, login.html, login_ok.html, logout.gif, logout.html, register.gif, register.html, register_ok.html, renew.html, reset.gif, skip.gif, update.gif, update.html: New and improved forms with IMAGE BUTTONS!! 2001-08-12 00:03 sderle * cgi-bin/: register, update: More dumb hacks to make image buttons work. 2001-08-11 23:17 sderle * cgi-bin/login: More ugly hacking to make cgi-bin/login DTRT with login buttons. 2001-08-11 22:48 sderle * cgi-bin/login: Ugly, ugly hack to cgi-bin/login to allow image buttons. 2001-08-11 21:29 sderle * TODO: Updated TODO for 0.40. 2001-08-11 21:21 sderle * cgi-bin/login: Altered cgi-bin/login to keep from obliterating the user's identity on public-class renewals. 2001-08-11 21:04 sderle * lib/NoCat/Gateway.pm: Fixed up owner support in Gateway.pm to trigger regardless of reported class. 2001-08-11 20:52 rob * INSTALL: Added iproute2 / tc stuff. 2001-08-11 20:45 sderle * lib/NoCat/AuthService.pm: Bug fix to lib/NoCat/AuthService.pm. 2001-08-11 20:45 rob * libexec/firewall.linux: Added commented call to bandwidth.linux 2001-08-11 20:38 sderle * htdocs/login_ok.html: Added refresh link to login_ok.html on the offchance it doesn't actually refresh. 2001-08-11 20:38 rob * libexec/bandwidth.linux: Removed flush. 2001-08-11 20:34 rob * libexec/bandwidth.linux: Linux bandwidth rules 2001-08-11 20:17 sderle * cgi-bin/login, htdocs/expired.html, lib/NoCat/AuthService.pm: Bug fixes on the "Expired Login" stuff. 2001-08-11 19:54 sderle * nocat.conf, cgi-bin/login, htdocs/expired.html: Oops, the Expired stuff didn't work right the first time. Fixed. Added an expired form. 2001-08-11 19:42 sderle * nocat.conf, cgi-bin/update, htdocs/update.html: Bug fixes to make cgi-bin/update work as planned. 2001-08-11 18:03 sderle * nocat.conf, lib/NoCat/User.pm: Added UserStampField to stamp Creation time in authserv database. 2001-08-11 17:27 sderle * INSTALL, lib/NoCat/AuthService.pm: Fixed stupid syntax bug in AuthService.pm. Updated INSTALL for the latest release. 2001-08-11 17:05 sderle * nocat.conf: Changed ResetCmd from firewall.policy to firewall.linux. firewall.policy is deprecated and will go away. 2001-08-11 17:00 sderle * bin/gateway, libexec/firewall.linux: Fixed AuthServiceAddr naming bugs in bin/firewall.linux. Added -f and -R command line switches to bin/gateway. 2001-08-11 16:57 sderle * nocat.conf, cgi-bin/login, lib/NoCat/AuthService.pm, lib/NoCat/Gateway.pm: Fixed login-after-timeout bug in login & AuthService. Added LoginExpired message. 2001-08-11 15:25 sderle * lib/NoCat/AuthService.pm, lib/NoCat/Gateway.pm, libexec/firewall.linux: Ported module additions from firewall.policy to firewall.linux. Bug fix in refresh in AuthService.pm. 2001-08-11 15:21 rob * libexec/firewall.policy: Added two more modules, LOG and mark. 2001-08-11 14:59 sderle * nocat.conf: Added some commentary to nocat.conf about Internal and ExternalInterface. 2001-08-11 14:25 sderle * etc/: README, linux-2.4.config: Added etc/README and linux-2.4.config. 2001-08-11 13:36 sderle * htdocs/register_ok.html, lib/NoCat/AuthService.pm, lib/NoCat/User.pm: Minor bug fixes to AuthService.pm and User.pm to fix refreshes. 2001-08-11 13:26 sderle * nocat.conf, cgi-bin/register, cgi-bin/update, lib/NoCat/AuthService.pm, lib/NoCat/User.pm: Fixed minor naming bugs in AuthService.pm, cgi-bin/register, cgi-bin/update, nocat.conf. 2001-08-11 13:05 sderle * htdocs/: login_ok.html, register_ok.html, success.html: Renamed success.html to login_ok.html. Added register_ok.html. 2001-08-11 13:04 sderle * nocat.conf, cgi-bin/login, cgi-bin/register, htdocs/login.html, htdocs/register.html, lib/NoCat/AuthService.pm: Abstracted success() routine out of cgi-bin/login and into AuthService.pm. Added redirect on success to cgi-bin/register. Added link to register to login.html. Added hidden field to propgate redirect value to register.html. 2001-08-11 12:34 sderle * cgi-bin/register, htdocs/register.html, lib/NoCat.pm, lib/NoCat/User.pm: Bug fixes to NoCat->check_config and to register script. 2001-08-11 01:14 sderle * libexec/: firewall.linux, init.firewall: Renamed init.firewall to firewall.linux in recognition of its platform specificity. 2001-08-11 01:03 sderle * nocat.conf, libexec/init.firewall: Added init.firewall to supercede firewall.policy. Updated nocat.conf with integrated firewall config parameters. 2001-08-11 00:59 sderle * lib/NoCat/Firewall.pm: Added environment export on perform() to Firewall.pm. 2001-08-10 23:56 sderle * lib/NoCat/AuthService.pm: Set AuthService.pm to POST auth notifications by MAC, not by token. 2001-08-10 23:55 sderle * nocat.conf, lib/NoCat.pm, lib/NoCat/Gateway.pm, lib/NoCat/Peer.pm: Bug fixes in NoCat/Gateway.pm et al. to do client MAC lookups in the Peer hash. 2001-08-10 22:16 sderle * INSTALL, nocat.conf, lib/NoCat.pm, lib/NoCat/Message.pm: Added more detail to INSTALL. Added more logical defaults for GPG to nocat.conf, lib/NoCat.pm, lib/NoCat/Message.pm. 2001-08-06 19:38 sderle * libexec/firewall.policy: Reset firewall.policy to some logical defaults. 2001-08-05 18:44 sderle * nocat.conf, bin/gateway, lib/NoCat/Peer.pm: bin/gateway now daemonizes by default, writes logfile info to file specified by GatewayLog, if any. 2001-08-05 16:03 sderle * TODO, nocat.conf, lib/NoCat/Firewall.pm, lib/NoCat/Gateway.pm, lib/NoCat/Peer.pm: Shifted Peer hash keys to MAC addresses in Gateway objects. Did some preliminary work on soft ping timeouts. 2001-07-25 16:30 sderle * README: Updated README. 2001-07-25 16:27 sderle * INSTALL, lib/NoCat.pm: NoCat.pm now looks for nocat.conf in /usr/local/nocat if not otherwise specified. Added INSTALL. 2001-07-25 15:13 sderle * TODO, cgi-bin/login, cgi-bin/register, cgi-bin/update: Added config checking for cgi scripts. 2001-07-25 12:15 sderle * doc/working.iptables, libexec/deny, libexec/firewall.policy, libexec/permit, libexec/rc.modules, libexec/working.iptables: Cleaned up bin/ directory. Folded rc.modules in firewall.policy. 2001-07-25 12:04 sderle * Makefile, bin/vtun.sh: Makefile definitely works. Added separate 'gateway' and 'authserv' targets. 2001-07-24 17:26 sderle * TODO, bin/vtun.sh, etc/vtund.conf, htdocs/success.html, lib/NoCat.pm, lib/NoCat/AuthService.pm, lib/NoCat/Firewall.pm, lib/NoCat/Gateway.pm, lib/NoCat/Message.pm, lib/NoCat/Peer.pm, lib/NoCat/User.pm, libexec/access, libexec/firewall.policy: Added required config directive checking to all modules. Added vtun config and script. Bug fix in access and firewall.policy. 2001-07-24 15:27 sderle * Makefile, TODO, libexec/firewall.policy: Added conditional test for DNSSERV, plus cleanup in firewall.policy. Minor tweak to Makefile to update only changed files. 2001-07-24 15:21 sderle * nocat.conf, lib/NoCat/Gateway.pm, libexec/access: Fixed up bin/access to allow multiple classes of service, removed interface addressing. Bug fixes in lib/NoCat/Gateway.pm. 2001-07-24 14:42 sderle * TODO, nocat.conf, htdocs/logout.html, lib/NoCat/Gateway.pm: Added logout() with redirect to Gateway.pm. 2001-07-24 14:30 sderle * Makefile, TODO, lib/NoCat/Gateway.pm, lib/NoCat/Peer.pm, libexec/firewall.policy: Debugging and testing. 2001-07-24 14:26 sderle * htdocs/renew.html: Changed logout link to form button in renew.html. 2001-07-24 12:31 sderle * lib/NoCat/: Firewall.pm, Gateway.pm, Message.pm: Bug fixes. 2001-07-24 11:06 sderle * pgp/trustedkeys.gpg: Added trustedkeys.gpg for NoCat network. 2001-07-24 11:01 sderle * Makefile: Added pgp directory, updated Makefile. 2001-07-22 00:32 sderle * TODO, nocat.conf: Updated TODO. Fixed ResetCmd in default nocat.conf. 2001-07-22 00:29 sderle * htdocs/renew.html: Added "logout" link to renew.html. 2001-07-22 00:14 sderle * nocat.conf, bin/gateway, cgi-bin/login, lib/NoCat.pm, lib/NoCat/AuthService.pm, lib/NoCat/Firewall.pm, lib/NoCat/Gateway.pm: Added a touch of documentation to nocat.conf. Added a persistent firewall property to Gateway.pm. Added class-of-service tracking per MAC address to Firewall.pm to eliminate redundant rule setting. Added a means of logging out via Gateway.pm plus mechanisms in login and AuthService.pm to create the links to do so. 2001-07-21 14:09 sderle * CONFIG, Makefile, TODO, nocat.schema, doc/nocat-conf.txt, doc/nocatrfc.txt, etc/httpd.conf, etc/nocat.schema: Added doc/ and etc/ directories, moved stuff around. Added Makefile for installation and PGP key generation. Updated TODO with to-be-tested items. 2001-07-17 13:04 sderle * lib/: NoCat.pm, NoCat/AuthService.pm, NoCat/Gateway.pm, NoCat/Peer.pm: Added some constants to NoCat.pm to try and clean things up a little bit. 2001-07-17 03:32 sderle * LICENSE, TODO: Added a "ready but untested" section to TODO. Added a copy of the GPL in LICENSE. 2001-07-17 03:25 sderle * TODO, cgi-bin/login, lib/NoCat/AuthService.pm: Adjusted cgi-bin/login and NoCat/AuthService.pm to pass "class" CGI variable and clear up "skip auth" public-class renewal issues. Must test. 2001-07-16 23:23 sderle * TODO: Added couple things to TODO. 2001-07-16 23:14 sderle * cgi-bin/login: Made logging slightly more verbose for login. 2001-07-16 23:08 sderle * lib/: NoCat.pm, NoCat/Gateway.pm, NoCat/Peer.pm: Separated ->class() and ->status() methods in Peer.pm. status() now keeps track of permit/deny status per peer. Fixed permit()/deny() methods in Gateway.pm to *not* execute firewall rules except as necessary per $peer->status. Hacked NoCat.pm to use Exporter... eventually. 2001-07-16 16:55 rob * TODO: The tentative TODO list. 2001-07-16 01:37 sderle * cgi-bin/login, htdocs/renew.html, lib/NoCat/AuthService.pm: Got popup/renew modes working for member class login. 2001-07-16 01:21 sderle * nocat.conf: Changed PermitFoo to PermitCmd for all classes. 2001-07-16 01:17 sderle * lib/NoCat/Firewall.pm: debug 2001-07-16 01:08 sderle * lib/NoCat/: AuthService.pm, Peer.pm: debug 2001-07-16 01:04 sderle * lib/NoCat/Gateway.pm: Debug 2001-07-16 00:58 sderle * lib/NoCat/Gateway.pm: Debug 2001-07-16 00:54 sderle * lib/NoCat/Gateway.pm: Debug 2001-07-16 00:45 sderle * lib/NoCat/: Gateway.pm, Peer.pm, Gateway.pm: Debug 2001-07-16 00:42 sderle * lib/NoCat/Gateway.pm: debug 2001-07-16 00:32 sderle * lib/NoCat/Gateway.pm: Debug 2001-07-16 00:09 sderle * htdocs/success.html, lib/NoCat/AuthService.pm: debug 2001-07-15 23:46 sderle * cgi-bin/login: debug 2001-07-15 23:41 sderle * lib/NoCat/: Gateway.pm, Message.pm: Debug 2001-07-15 23:37 sderle * lib/: NoCat.pm, NoCat/Gateway.pm: Debug 2001-07-15 23:32 sderle * lib/NoCat/: Gateway.pm, Message.pm: Debug 2001-07-15 23:30 sderle * lib/NoCat/: AuthService.pm, Gateway.pm: Debug & testing. 2001-07-15 23:18 sderle * lib/NoCat/Gateway.pm: Debug update 2001-07-15 23:14 sderle * lib/NoCat/: AuthService.pm, Gateway.pm, Message.pm: Bug fixes. 2001-07-15 22:40 sderle * htdocs/login.html: Changed $CGIscript to $CGI. 2001-07-15 21:06 sderle * cgi-bin/login, htdocs/login.html, lib/NoCat.pm, lib/NoCat/AuthService.pm, lib/NoCat/Firewall.pm, lib/NoCat/Gateway.pm, lib/NoCat/Message.pm, lib/NoCat/Peer.pm: Added NoCat::Peer and tweaking everything else to use it. 2001-07-12 17:13 sderle * lib/NoCat/Gateway.pm: No, really, this time the request=/redirect= bug in Gateway->capture() really is fixed. I swear. 2001-07-12 16:55 rob * libexec/: iptl, working.iptables: iptl: show tables iptables output of a working system 2001-07-12 16:54 rob * libexec/: access, firewall.policy, reset.firewall: IT WORKS. With fwmark. Append marks as they are cumulative. 2001-07-12 16:53 sderle * cgi-bin/login: Return SuccessForm instead of LoginForm on success in cgi-bin/login. Also fixed skip demo logic. 2001-07-12 14:05 sderle * cgi-bin/login: Enabled the "skip auth" feature in cgi-bin/login for demo purposes. 2001-07-12 13:49 rob * README, cgi-bin/login, htdocs/login.html, lib/NoCat.pm, lib/NoCat/AuthService.pm, lib/NoCat/User.pm: Added alpha README. Check in bug fixes for login, AuthService.pm, User.pm. 2001-07-12 03:49 rob * libexec/: access, reset.firewall: sh reset.firewall to clear nat rules access still aint' quite rite, but it's late. 2001-07-12 03:25 sderle * lib/NoCat/Firewall.pm: Added IP addresses to firewall script arguments. 2001-07-12 03:22 rob * libexec/access: permit / deny instead of add / remove 2001-07-12 03:18 sderle * lib/NoCat/Gateway.pm: Chomping auth msg line end in Gateway->verify() to make MACs match properly. 2001-07-12 03:16 sderle * lib/NoCat/Gateway.pm: debug update 2001-07-12 03:12 sderle * lib/NoCat/: Gateway.pm, Gateway.pm: debug update 2001-07-12 03:06 sderle * lib/NoCat/: Gateway.pm, Gateway.pm: debug update 2001-07-12 02:59 sderle * lib/NoCat/Gateway.pm: debug update 2001-07-12 02:56 sderle * lib/NoCat/Gateway.pm: Added set_cookie() method to Gateway.pm since cookies set in children were unavailable in parent 2001-07-12 02:55 rob * libexec/firewall.policy: more policy 2001-07-12 02:43 sderle * lib/NoCat/Gateway.pm: debug update 2001-07-12 02:39 sderle * lib/NoCat/: Gateway.pm, Gateway.pm: debug update 2001-07-12 02:32 sderle * lib/NoCat/Firewall.pm: Fixed repeated entry bug in Firewall::_read_arp_table. 2001-07-12 02:29 sderle * lib/NoCat/: Firewall.pm, Firewall.pm, Firewall.pm: debug update 2001-07-12 02:25 sderle * lib/NoCat/: Firewall.pm, Firewall.pm: debug update 2001-07-12 02:24 sderle * lib/NoCat/Firewall.pm: Added debug hlagh to Firewall.pm. 2001-07-12 02:22 sderle * lib/NoCat/: AuthService.pm, Gateway.pm: Mucked about with debug code. 2001-07-12 02:17 sderle * lib/NoCat/Gateway.pm: Added debug code to Gateway->redirect(). 2001-07-12 01:21 rob * libexec/rc.modules: more mods 2001-07-12 01:03 rob * libexec/firewall.policy: allow to the web service! 2001-07-12 00:59 rob * libexec/firewall.policy: tighter and tighter... 2001-07-12 00:38 sderle * lib/NoCat/Gateway.pm: Fixed SIGCHLD handler in Gateway->run(). 2001-07-12 00:26 sderle * nocat.conf, lib/NoCat/Gateway.pm: Finished renewal code in Gateway.pm. Assorted other bugfixes to Gateway.pm. 2001-07-12 00:18 rob * libexec/: access, firewall.policy: it works. Splendidly. Muhahahahahahahahaha. 2001-07-12 00:10 sderle * lib/NoCat/Gateway.pm: Added debug code to Gateway->run to attempt to reveal local socket address. 2001-07-12 00:00 rob * libexec/firewall.policy: Oh yeah. 2001-07-11 23:57 sderle * htdocs/renew.html: Added template for login renewal. 2001-07-11 23:56 sderle * lib/NoCat/Gateway.pm: Added renewal code to gateway lib. 2001-07-11 23:45 rob * libexec/firewall.policy: new policies 2001-07-11 23:45 rob * libexec/rc.modules: modules to be loaded at runtime 2001-07-11 23:29 sderle * nocat.conf, cgi-bin/login, htdocs/login.html, htdocs/success.html, lib/NoCat/AuthService.pm: Added renewal features to the authservice code. 2001-07-11 00:58 sderle * nocat.conf, cgi-bin/login, lib/NoCat.pm, lib/NoCat/AuthService.pm, lib/NoCat/Gateway.pm: Incorporated request IDs and auth message signing/verification. 2001-07-11 00:18 sderle * lib/NoCat/Message.pm: First cut at NoCat::Message, intended for use with gpg/gpgv. 2001-07-10 14:23 sderle * nocat.conf: Fixed little typo in nocat.conf. 2001-07-09 23:19 rob * libexec/: bandwidth.policy, firewall.policy: Updated policy files. 2001-07-09 22:53 rob * libexec/firewall.policy: Enable masquerading... 2001-07-09 22:48 rob * libexec/access: exec multilist for iptables 2001-07-09 22:40 rob * libexec/access: Fixed example. Duh. 2001-07-09 22:39 rob * libexec/access: Generic script to add / revoke access 2001-07-09 22:28 rob * libexec/bandwidth.policy: 2001-07-06 17:51 sderle * nocat.conf, cgi-bin/register, cgi-bin/update, htdocs/register.html, htdocs/update.html: Added register and update scripts. 2001-07-06 12:31 rob * libexec/: bandwidth.policy, deny, firewall.policy, permit: Some samples. *.policy need a bit of work. permit and deny are close. 2001-07-05 21:02 sderle * CONFIG, nocat.conf, bin/gateway, cgi-bin/create, cgi-bin/login, libexec/create: Added a global nocat.conf. Moved CLI create util to bin/. Altered all scripts to look in $NOCAT in shell environment to find ConfigFile location (nocat.conf). 2001-07-05 20:26 sderle * lib/NoCat/User.pm: Added a little API documentation to User.pm. 2001-07-05 20:15 rob * nocat.schema: The new one. 2001-07-05 19:08 sderle * bin/gateway, cgi-bin/login, htdocs/fatal.html, htdocs/login.html, htdocs/success.html, lib/NoCat.pm, lib/NoCat/AuthService.pm, lib/NoCat/Gateway.pm: Moved all the CGI whatnot from login into AuthService.pm. Tweaked the HTML forms. 2001-07-05 18:27 rob * htdocs/: fatal.html, login.html, success.html: The new ones. 2001-07-05 18:27 rob * htdocs/loginform.html: Removed it. 2001-07-05 18:13 rob * cgi-bin/create: Create a new user. 2001-07-05 09:11 sderle * CONFIG, lib/NoCat/Firewall.pm, lib/NoCat/Gateway.pm: Added login timeouts to Gateway.pm. Tidied up Firewall.pm. 2001-07-04 17:39 sderle * lib/NoCat/User.pm: Fixed fetch() to call DBI->bind_columns() with a list of refs rather than a simple list. 2001-07-04 17:36 sderle * lib/NoCat/User.pm: debug yak yak 2001-07-04 17:18 sderle * lib/NoCat/User.pm: Added sanity checking of parameters in NoCat::User instantiation. 2001-07-04 17:14 sderle * lib/: NoCat.pm, NoCat/User.pm: Syntax bug fixes. 2001-07-04 17:06 sderle * lib/: NoCat.pm, NoCat/AuthService.pm, NoCat/Gateway.pm, NoCat/User.pm: Added parse_file() to NoCat.pm. Tweaked logging of gateway failure in AuthService.pm. Altered authenticate() in User.pm to take an argument. 2001-07-04 17:00 sderle * cgi-bin/login: minor alterations to login. 2001-07-04 16:19 rob * htdocs/loginform.html: More more more. 2001-07-04 16:18 rob * nocat.schema: the database schema 2001-07-04 16:17 rob * users.sql: Removed in favor of nocat.schema 2001-07-04 16:13 sderle * users.sql, lib/NoCat/User.pm: Created rudimentary user table schema. Altered User.pm to use Base64 MD5 hashes, making all passwords 22 chars hashed. 2001-07-04 16:00 rob * htdocs/loginform.html: The default login form. 2001-07-04 16:00 rob * cgi-bin/login: Many many more. Muahahaha. 2001-07-04 15:49 sderle * CONFIG, lib/NoCat/User.pm: Updated documentation and changed directive names to contain "Passwd" for consistency's sake. 2001-07-04 15:35 sderle * lib/NoCat/User.pm: Added User.pm. 2001-07-04 14:52 rob * cgi-bin/login: Getting there... 2001-07-04 14:52 sderle * lib/: NoCat.pm, NoCat/AuthService.pm: Removed quotemeta from parse() in NoCat.pm. 2001-07-04 13:51 rob * cgi-bin/login: da authserv login skript, d00d! 2001-07-04 13:45 sderle * lib/NoCat/AuthService.pm: Changed connect failure in notify() from exception to return false. 2001-07-04 13:34 sderle * lib/NoCat/: AuthService.pm, Firewall.pm, Gateway.pm: Revised authservice notify failure to throw an exception. Changed firewall deny code to use a single 'DenyAccess' directive. Corrected calls to ->url_decode and ->permit request format. 2001-07-04 13:12 sderle * lib/NoCat/Gateway.pm: Changed use reference from Arp.pm to Firewall.pm. 2001-07-04 13:09 sderle * lib/NoCat/AuthService.pm: Added debug code. 2001-07-03 20:47 sderle * lib/NoCat.pm: Fixed premature dereferencing of $class in NoCat->new. 2001-07-03 20:43 sderle * lib/: NoCat.pm, NoCat/AuthService.pm: Added ->auth_service wrapper method to NoCat.pm. Tweaked AuthService->notify reponse. 2001-07-03 20:34 sderle * lib/: NoCat.pm, NoCat/AuthService.pm: Added ->notify( $gateway_ip, $action, $user, $mac ) to AuthService.pm Added default GatewayPort 5280 to NoCat.pm 2001-07-03 20:16 sderle * lib/NoCat/: .AuthService.pm.swp, AuthService.pm: Replaced vi swap file with AuthService.pm stub. 2001-07-03 20:14 sderle * CONFIG, bin/gateway, lib/NoCat.pm, lib/NoCat/.AuthService.pm.swp, lib/NoCat/Firewall.pm, lib/NoCat/Gateway.pm: Initial revision 2001-07-03 20:14 sderle * CONFIG, bin/gateway, lib/NoCat.pm, lib/NoCat/.AuthService.pm.swp, lib/NoCat/Firewall.pm, lib/NoCat/Gateway.pm: Original working import.