From schuyler at nocat.net Mon Feb 2 13:27:51 2009 From: schuyler at nocat.net (Schuyler Erle) Date: Mon, 02 Feb 2009 16:27:51 -0500 Subject: [NoCat] NoCatSplash In-Reply-To: <496F13D2.7010708@netsmith.ltd.uk> References: <496F13D2.7010708@netsmith.ltd.uk> Message-ID: <1233610071.3413.48.camel@goldman> On Thu, 2009-01-15 at 10:45 +0000, Kevin Smith wrote: > > I'm wondering how much development is currently active on this project > (NoCatSplash) and the kind of support from the community is currently > available. To be totally honest with you, I have been asking for someone who actively uses captive portal technology to take over lead maintenance on these projects for years. I'm not engaged with community wireless projects myself at the moment, don't have the time to manage software that I don't use, and feel that the NoCat software projects deserve to be maintained by someone who is involved and does have time, or else be relegated to history. So far several people have volunteered in theory but in practice no one has stepped forward to assume responsibility. Meanwhile, a couple of other projects have gained momentum to provide similar functionality, like WiFiDog. WiFiDog does have a bit of current activity around it and appears (at least in the documentation) to offer functionality similar to NoCatAuth/Splash. I appreciate the interest of people who have inquired lately about NoCatAuth and NoCatSplash and I wish I had a better answer than this. Responses and commentary welcome! SDE From shashanka2005 at gmail.com Thu Feb 12 00:16:09 2009 From: shashanka2005 at gmail.com (shashanka bhat) Date: Thu, 12 Feb 2009 13:46:09 +0530 Subject: [NoCat] Help needed Message-ID: Hi All, Please help me with below queries : 1) What is the significance of Fame MTU in Radius ?. Cheers, Giri Prasad. From shashanka2005 at gmail.com Thu Feb 12 00:47:37 2009 From: shashanka2005 at gmail.com (shashanka bhat) Date: Thu, 12 Feb 2009 14:17:37 +0530 Subject: [NoCat] Help needed Message-ID: Hi, Is there anyway by which the Radius Accounting server would indicate the client "The quota" that is allowed in the session. Eg : Quota can be 10MB of data that can be used in the session. Cheers, Giri Prasad. From shashanka2005 at gmail.com Thu Feb 12 01:10:16 2009 From: shashanka2005 at gmail.com (shashanka bhat) Date: Thu, 12 Feb 2009 14:40:16 +0530 Subject: [NoCat] Help needed Message-ID: Hi, I have a requirement as below : 1) NAS would request the Radius server the quota needed for the session. 2) Server would reply with the granted quota. 3) Upon the completion of quota, Server must give the address of a "Quota server" from where the user can buy extra quota, If the radius server finds that it cannot grant anymore quota. Kindly help me out with the call flow, and the attributes used in each message. Thanks and regards, -Giri Prasad. From kevin at netsmith.ltd.uk Tue Feb 17 01:53:12 2009 From: kevin at netsmith.ltd.uk (Kevin Smith) Date: Tue, 17 Feb 2009 09:53:12 +0000 Subject: [NoCat] Nocat List In-Reply-To: <499A8886.9000303@cam.ac.uk> References: <496F13D2.7010708@netsmith.ltd.uk> <1233610071.3413.48.camel@goldman> <499A8886.9000303@cam.ac.uk> Message-ID: <499A8908.2060702@netsmith.ltd.uk> Hi Dan, I don't think so, as I posted to the list with the same question. I was referred to a new project called, WiFiDog. Check that out. Regards, Kevin ds10025 at cam.ac.uk wrote: > Is this list still active? > > > Dan From ds10025 at cam.ac.uk Tue Feb 17 01:51:02 2009 From: ds10025 at cam.ac.uk (ds10025 at cam.ac.uk) Date: Tue, 17 Feb 2009 09:51:02 +0000 Subject: [NoCat] Nocat List In-Reply-To: <1233610071.3413.48.camel@goldman> References: <496F13D2.7010708@netsmith.ltd.uk> <1233610071.3413.48.camel@goldman> Message-ID: <499A8886.9000303@cam.ac.uk> Is this list still active? Dan From cderr at simons-rock.edu Tue Feb 17 04:49:07 2009 From: cderr at simons-rock.edu (charlie derr) Date: Tue, 17 Feb 2009 07:49:07 -0500 Subject: [NoCat] Nocat List In-Reply-To: <499A8886.9000303@cam.ac.uk> References: <496F13D2.7010708@netsmith.ltd.uk> <1233610071.3413.48.camel@goldman> <499A8886.9000303@cam.ac.uk> Message-ID: <499AB243.2010407@simons-rock.edu> ds10025 at cam.ac.uk wrote: > Is this list still active? > Define active. There's always someone lurking at least :-] ~c > > Dan > > _______________________________________________ > NoCat mailing list > NoCat at lists.nocat.net > http://lists.nocat.net/mailman/listinfo/nocat From Chris at Neitzert.com Tue Feb 17 07:34:30 2009 From: Chris at Neitzert.com (Chris Neitzert) Date: Tue, 17 Feb 2009 07:34:30 -0800 Subject: [NoCat] Nocat List In-Reply-To: <499AB243.2010407@simons-rock.edu> References: <496F13D2.7010708@netsmith.ltd.uk> <1233610071.3413.48.camel@goldman> <499A8886.9000303@cam.ac.uk> <499AB243.2010407@simons-rock.edu> Message-ID: I've seen perhaps 1 question a month come across this list. so yeah i guess it is still active. I'm happy to hang on until they find petrified remains ;) chris On Tue, Feb 17, 2009 at 4:49 AM, charlie derr wrote: > ds10025 at cam.ac.uk wrote: >> >> Is this list still active? >> > > Define active. There's always someone lurking at least :-] > > ~c > > >> >> Dan >> >> _______________________________________________ >> NoCat mailing list >> NoCat at lists.nocat.net >> http://lists.nocat.net/mailman/listinfo/nocat > > > _______________________________________________ > NoCat mailing list > NoCat at lists.nocat.net > http://lists.nocat.net/mailman/listinfo/nocat > From sverma at sfsu.edu Tue Feb 17 08:00:11 2009 From: sverma at sfsu.edu (Sameer Verma) Date: Tue, 17 Feb 2009 08:00:11 -0800 Subject: [NoCat] Nocat List In-Reply-To: <499A8886.9000303@cam.ac.uk> References: <496F13D2.7010708@netsmith.ltd.uk> <1233610071.3413.48.camel@goldman> <499A8886.9000303@cam.ac.uk> Message-ID: <5fb387c70902170800s39b03478y75d035a33f1d6bd6@mail.gmail.com> On Tue, Feb 17, 2009 at 1:51 AM, wrote: > Is this list still active? > > > Dan > > _______________________________________________ > NoCat mailing list > NoCat at lists.nocat.net > http://lists.nocat.net/mailman/listinfo/nocat > Dormant. NoCat seems like it was so long ago. I had no gray hair and could pull an all-nighter. Then again, NoCat 0.52 didn't really work :-) This was a terrific project...in fact, I'd go so far as to say that this was the mother of all captive portals. A detailed design and plugin based arch. So much fun and so much to learn. Thanks Schuyler and Rob!!! Sameer -- Dr. Sameer Verma, Ph.D. Associate Professor of Information Systems San Francisco State University San Francisco CA 94132 USA http://verma.sfsu.edu/ http://opensource.sfsu.edu/ From rob at nocat.net Tue Feb 17 09:52:42 2009 From: rob at nocat.net (Rob Flickenger) Date: Tue, 17 Feb 2009 18:52:42 +0100 Subject: [NoCat] Nocat List In-Reply-To: <5fb387c70902170800s39b03478y75d035a33f1d6bd6@mail.gmail.com> References: <496F13D2.7010708@netsmith.ltd.uk> <1233610071.3413.48.camel@goldman> <499A8886.9000303@cam.ac.uk> <5fb387c70902170800s39b03478y75d035a33f1d6bd6@mail.gmail.com> Message-ID: <499AF96A.8090801@nocat.net> Sameer Verma wrote: > NoCat seems like it was so long ago. I had no gray hair and could pull > an all-nighter. The first alpha of NoCatAuth was released on 12-Jul-2001. At the time, we didn't know of any other open source portal implementation. Schuyler became motivated at OSCon that year to put something together when I threatened to write some (likely very dodgy) perl code myself. Back then, "WiFi" didn't yet exist and the only practical way to get wireless into a laptop was to use a Lucent card. It has been a fascinating 7.5 years. I have developed my own grey hair since then (falling off the roof in 2002 didn't help with that ;) I've written or edited more than a dozen books since then. My interest in the code has long since died, given the availability of much more capable and active projects like WiFiDog and Chillispot. I now spend a lot of my time teaching long-distance wireless techniques (including Pringles cans!) to folks from the developing world. A lot of that is documented in Wireless Networking in the Developing World (http://wndw.net/). This list is still here out of sheer habit. It currently has 755 members. Wow. We'll probably keep the light on until this list server falls over. Thank you all for your support and well wishes over the years! Cheers, --Rob From arun at lessnetworks.com Tue Feb 17 11:01:22 2009 From: arun at lessnetworks.com (Arun Chatterjee) Date: Tue, 17 Feb 2009 13:01:22 -0600 Subject: [NoCat] Nocat List In-Reply-To: <499AF96A.8090801@nocat.net> References: <496F13D2.7010708@netsmith.ltd.uk> <1233610071.3413.48.camel@goldman> <499A8886.9000303@cam.ac.uk> <5fb387c70902170800s39b03478y75d035a33f1d6bd6@mail.gmail.com> <499AF96A.8090801@nocat.net> Message-ID: <499B0982.6040803@lessnetworks.com> Thanks, guys. At Less Networks, we started installing nocat hotspots in Sept of 2003 and still have 78 nocat hotspots active. Our new hotspots are wifidog-based. But every now and then (like last week), a venue replaced its aging nocat hotspot with another new nocat one. -arun Less Networks Rob Flickenger wrote: >Sameer Verma wrote: > > >>NoCat seems like it was so long ago. I had no gray hair and could pull >>an all-nighter. >> >> >The first alpha of NoCatAuth was released on 12-Jul-2001. At the time, >we didn't know of any other open source portal implementation. Schuyler >became motivated at OSCon that year to put something together when I >threatened to write some (likely very dodgy) perl code myself. Back >then, "WiFi" didn't yet exist and the only practical way to get wireless >into a laptop was to use a Lucent card. > >It has been a fascinating 7.5 years. I have developed my own grey hair >since then (falling off the roof in 2002 didn't help with that ;) I've >written or edited more than a dozen books since then. My interest in the >code has long since died, given the availability of much more capable >and active projects like WiFiDog and Chillispot. > >I now spend a lot of my time teaching long-distance wireless techniques >(including Pringles cans!) to folks from the developing world. A lot of >that is documented in Wireless Networking in the Developing World >(http://wndw.net/). > >This list is still here out of sheer habit. It currently has 755 members. > >Wow. > >We'll probably keep the light on until this list server falls over. > >Thank you all for your support and well wishes over the years! > >Cheers, > >--Rob > >_______________________________________________ >NoCat mailing list >NoCat at lists.nocat.net >http://lists.nocat.net/mailman/listinfo/nocat > > > From whiteca at gmail.com Tue Feb 17 13:59:11 2009 From: whiteca at gmail.com (Colin White) Date: Tue, 17 Feb 2009 15:59:11 -0600 Subject: [NoCat] Nocat List In-Reply-To: <499B0982.6040803@lessnetworks.com> References: <496F13D2.7010708@netsmith.ltd.uk> <1233610071.3413.48.camel@goldman> <499A8886.9000303@cam.ac.uk> <5fb387c70902170800s39b03478y75d035a33f1d6bd6@mail.gmail.com> <499AF96A.8090801@nocat.net> <499B0982.6040803@lessnetworks.com> Message-ID: <8cf933780902171359s5c0068d1s3c08e604826e6fd1@mail.gmail.com> We too are "calling last orders" on our Nocat network of about 50 APs (first Soekris then WRAP2.C boards) It's been a fantastic ride and we're hugely greatful to Schuyler. I plan to stay on this list until it finally burns out. Rgds On Tue, Feb 17, 2009 at 1:01 PM, Arun Chatterjee wrote: > Thanks, guys. At Less Networks, we started installing nocat hotspots in > Sept of 2003 and still have 78 nocat hotspots active. Our new hotspots are > wifidog-based. But every now and then (like last week), a venue replaced its > aging nocat hotspot with another new nocat one. > > -arun > Less Networks > > > Rob Flickenger wrote: > > Sameer Verma wrote: >> >> >>> NoCat seems like it was so long ago. I had no gray hair and could pull >>> an all-nighter. >>> >>> >> The first alpha of NoCatAuth was released on 12-Jul-2001. At the time, >> we didn't know of any other open source portal implementation. Schuyler >> became motivated at OSCon that year to put something together when I >> threatened to write some (likely very dodgy) perl code myself. Back >> then, "WiFi" didn't yet exist and the only practical way to get wireless >> into a laptop was to use a Lucent card. >> >> It has been a fascinating 7.5 years. I have developed my own grey hair >> since then (falling off the roof in 2002 didn't help with that ;) I've >> written or edited more than a dozen books since then. My interest in the >> code has long since died, given the availability of much more capable >> and active projects like WiFiDog and Chillispot. >> >> I now spend a lot of my time teaching long-distance wireless techniques >> (including Pringles cans!) to folks from the developing world. A lot of >> that is documented in Wireless Networking in the Developing World >> (http://wndw.net/). >> >> This list is still here out of sheer habit. It currently has 755 members. >> >> Wow. >> >> We'll probably keep the light on until this list server falls over. >> >> Thank you all for your support and well wishes over the years! >> >> Cheers, >> >> --Rob >> >> _______________________________________________ >> NoCat mailing list >> NoCat at lists.nocat.net >> http://lists.nocat.net/mailman/listinfo/nocat >> >> >> > > _______________________________________________ > NoCat mailing list > NoCat at lists.nocat.net > http://lists.nocat.net/mailman/listinfo/nocat > -- Colin A. White P : +1 605 940 5863 www.colinwhite.net From sverma at sfsu.edu Tue Feb 17 21:29:30 2009 From: sverma at sfsu.edu (Sameer Verma) Date: Tue, 17 Feb 2009 21:29:30 -0800 Subject: [NoCat] Nocat List In-Reply-To: <499AF96A.8090801@nocat.net> References: <496F13D2.7010708@netsmith.ltd.uk> <1233610071.3413.48.camel@goldman> <499A8886.9000303@cam.ac.uk> <5fb387c70902170800s39b03478y75d035a33f1d6bd6@mail.gmail.com> <499AF96A.8090801@nocat.net> Message-ID: <5fb387c70902172129ue2ee636je03fe4b2f087298d@mail.gmail.com> On Tue, Feb 17, 2009 at 9:52 AM, Rob Flickenger wrote: > Sameer Verma wrote: >> NoCat seems like it was so long ago. I had no gray hair and could pull >> an all-nighter. > The first alpha of NoCatAuth was released on 12-Jul-2001. At the time, > we didn't know of any other open source portal implementation. Schuyler > became motivated at OSCon that year to put something together when I > threatened to write some (likely very dodgy) perl code myself. Back > then, "WiFi" didn't yet exist and the only practical way to get wireless > into a laptop was to use a Lucent card. > > It has been a fascinating 7.5 years. I have developed my own grey hair > since then (falling off the roof in 2002 didn't help with that ;) I've > written or edited more than a dozen books since then. My interest in the > code has long since died, given the availability of much more capable > and active projects like WiFiDog and Chillispot. > > I now spend a lot of my time teaching long-distance wireless techniques > (including Pringles cans!) to folks from the developing world. A lot of > that is documented in Wireless Networking in the Developing World > (http://wndw.net/). > > This list is still here out of sheer habit. It currently has 755 members. > > Wow. > > We'll probably keep the light on until this list server falls over. > > Thank you all for your support and well wishes over the years! > > Cheers, > > --Rob > I *still* have a nocat folder in my inbox. I have a nocat t-shirt as well. I remember when Rob fell off the roof trying to install an antenna (can based waveguide, iirc) and ruptured a kidney. Everyone on the list was "Don't die...finish the code first!" Just kidding :-) I am glad you made it and its always good to hear from you. A lot of what I gleaned from nocat is still with me and I'm able to use it in my current project/obsession: One Laptop Per Child Thanks, and keep the light on! cheers, Sameer -- Dr. Sameer Verma, Ph.D. Associate Professor of Information Systems San Francisco State University San Francisco CA 94132 USA http://verma.sfsu.edu/ http://opensource.sfsu.edu/ From lober at ohana.org Tue Feb 17 22:03:43 2009 From: lober at ohana.org (Bill Lober) Date: Tue, 17 Feb 2009 22:03:43 -0800 Subject: [NoCat] Nocat List In-Reply-To: <5fb387c70902172129ue2ee636je03fe4b2f087298d@mail.gmail.com > References: <496F13D2.7010708@netsmith.ltd.uk> <1233610071.3413.48.camel@goldman> <499A8886.9000303@cam.ac.uk> <5fb387c70902170800s39b03478y75d035a33f1d6bd6@mail.gmail.com> <499AF96A.8090801@nocat.net> <5fb387c70902172129ue2ee636je03fe4b2f087298d@mail.gmail.com> Message-ID: I think this is my first post in... 5 years... And, basically, its to say thanks to Rob. Still have the inbox - don't have a T-shirt (Darn! T-shirts... Who knew...!) We ALMOST were able to deploy NoCat throughout the Health Sciences complex at the University of Washington back in the year 2002? 2003? I forget, but it was a long time ago. I think we had a version of it working with our campus-wide, cookie-based authentication system, and we gave a talk to the Campus Technology group, with that vision of a broad deployment. It was well received. Then, they crushed us like bugs. Still it was a great diversion from informatics research, and solved a real problem for us. (One year we went on the road, and set up a non-authenticating, anonymous, portal at a national conference, both to share the hotel's Internet access, and because we could...) Now, of course, central campus computing provides excellent authenticated wireless virtually campus-wide, including the medical center and health sciences. Life goes on. Thanks, Bill -------- Bill Lober, MD Associate Professor Schools of Medicine, Nursing, and Public Health University of Washington At 09:29 PM 2/17/2009, Sameer Verma wrote: >On Tue, Feb 17, 2009 at 9:52 AM, Rob Flickenger wrote: > > Sameer Verma wrote: > >> NoCat seems like it was so long ago. I had no gray hair and could pull > >> an all-nighter. > > The first alpha of NoCatAuth was released on 12-Jul-2001. At the time, > > we didn't know of any other open source portal implementation. Schuyler > > became motivated at OSCon that year to put something together when I > > threatened to write some (likely very dodgy) perl code myself. Back > > then, "WiFi" didn't yet exist and the only practical way to get wireless > > into a laptop was to use a Lucent card. > > > > It has been a fascinating 7.5 years. I have developed my own grey hair > > since then (falling off the roof in 2002 didn't help with that ;) I've > > written or edited more than a dozen books since then. My interest in the > > code has long since died, given the availability of much more capable > > and active projects like WiFiDog and Chillispot. > > > > I now spend a lot of my time teaching long-distance wireless techniques > > (including Pringles cans!) to folks from the developing world. A lot of > > that is documented in Wireless Networking in the Developing World > > (http://wndw.net/). > > > > This list is still here out of sheer habit. It currently has 755 members. > > > > Wow. > > > > We'll probably keep the light on until this list server falls over. > > > > Thank you all for your support and well wishes over the years! > > > > Cheers, > > > > --Rob > > > >I *still* have a nocat folder in my inbox. I have a nocat t-shirt as well. > >I remember when Rob fell off the roof trying to install an antenna >(can based waveguide, iirc) and ruptured a kidney. Everyone on the >list was "Don't die...finish the code first!" Just kidding :-) I am >glad you made it and its always good to hear from you. > >A lot of what I gleaned from nocat is still with me and I'm able to >use it in my current project/obsession: One Laptop Per Child > >Thanks, and keep the light on! > >cheers, >Sameer >-- >Dr. Sameer Verma, Ph.D. >Associate Professor of Information Systems >San Francisco State University >San Francisco CA 94132 USA >http://verma.sfsu.edu/ >http://opensource.sfsu.edu/ > >_______________________________________________ >NoCat mailing list >NoCat at lists.nocat.net >http://lists.nocat.net/mailman/listinfo/nocat From rob at nocat.net Tue Feb 17 23:12:03 2009 From: rob at nocat.net (Rob Flickenger) Date: Wed, 18 Feb 2009 08:12:03 +0100 Subject: [NoCat] Nocat List In-Reply-To: <20090218060414.3B92947AD58@relay1.halfrack.com> References: <496F13D2.7010708@netsmith.ltd.uk> <1233610071.3413.48.camel@goldman> <499A8886.9000303@cam.ac.uk> <5fb387c70902170800s39b03478y75d035a33f1d6bd6@mail.gmail.com> <499AF96A.8090801@nocat.net> <5fb387c70902172129ue2ee636je03fe4b2f087298d@mail.gmail.com> <20090218060414.3B92947AD58@relay1.halfrack.com> Message-ID: <499BB4C3.700@nocat.net> Bill Lober wrote: > I think this is my first post in... 5 years... And, basically, its > to say thanks to Rob. While I appreciate the sentiment, it's really Schuyler who you should thank. He was the more than the lead developer for the project; we would talk about technical solutions to the various problems over lunch (token necklace!) and he'd have it coded the next day. The guy is a perl diva and a brilliant coder. I just kicked him in the butt to get him started. =) > Still have the inbox - don't have a T-shirt (Darn! T-shirts... Who > knew...!) Ah, the t-shirts. We ran out of them ages ago, and mine are all but worn out now. Thanks again for the kind stories. --Rob > We ALMOST were able to deploy NoCat throughout the Health Sciences > complex at the University of Washington back in the year 2002? 2003? > I forget, but it was a long time ago. I think we had a version of it > working with our campus-wide, cookie-based authentication system, and > we gave a talk to the Campus Technology group, with that vision of a > broad deployment. > > It was well received. Then, they crushed us like bugs. > > Still it was a great diversion from informatics research, and solved a > real problem for us. (One year we went on the road, and set up a > non-authenticating, anonymous, portal at a national conference, both > to share the hotel's Internet access, and because we could...) > > Now, of course, central campus computing provides excellent > authenticated wireless virtually campus-wide, including the medical > center and health sciences. Life goes on. > > Thanks, > > Bill > -------- > Bill Lober, MD > Associate Professor > Schools of Medicine, Nursing, and Public Health > University of Washington > From wh at msdrd.com Thu Feb 19 13:34:26 2009 From: wh at msdrd.com (Wilson Hernandez - MSD, S. A.) Date: Thu, 19 Feb 2009 17:34:26 -0400 Subject: [NoCat] NoCat Opens all ports Message-ID: <499DD062.1020804@msdrd.com> Hello. I have Nocat installed and is working. The only problem I am experiencing is that I have a firewall script that blocks all the ports except for web, mail, ftp, ssl, and ssh. I noticed that when nocat runs it opens up all the ports and as a result I have all the users in the lan connected to a lot of p2p programs and the network gets slugish. How can I run nocat along with my script so that I don't experience that. Thanks in advanced. From wh at msdrd.com Thu Feb 19 17:47:38 2009 From: wh at msdrd.com (Wilson Hernandez - MSD, S. A.) Date: Thu, 19 Feb 2009 21:47:38 -0400 Subject: [NoCat] NoCat Opens all ports In-Reply-To: References: <499DD062.1020804@msdrd.com> Message-ID: <499E0BBA.9000804@msdrd.com> Nocat works just fine. I noticed the initialize script lets you add your own > script at the end of the file. I added there but my script's rules never get > through because NoCat's mangle rules takes over and it just allows the > authenticated user to just do everyhting it wants. > > By the way I'm running Nocat in open mode just showing a portal page every > two hours and the user has to press an enter button to get authenticated by > nocat. > > Thanks. > > > Here's my nocat.conf file: > > ##########Nocat.conf file############# > Verbosity 10 > > ##### Gateway application settings. > # > # GatewayName -- The name of this gateway, to be optionally displayed > # on the splash and status pages. Any short string of text will do. > # > GatewayName Trahersa NoCat Network > > ## > # > # GatewayMode -- Determines the mode of operation of the gateway. Possible > # values are: > # > # Open - Simply require a user to view a splash page and accept > # a use agreement. > # > # Only Open mode is currently supported. > # > GatewayMode Open > > ## > # GatewayLog -- Optional. If unset, messages will go to STDERR. > # (currently unused!) > # > # GatewayLog /var/log/nocat.log > > ## > # LoginTimeout - Number of seconds after a client's last > # login/renewal to terminate their connection. Probably > # don't want to set this to less than 60 or a lot of > # bandwidth is likely to get consumed by the client's > # renewal attempts. > # > # For Open Mode portals, you probably want to comment out > # the preceding and set LoginTimeout to > # something large (like 86400, for one notification > # per day). > # > LoginTimeout 7200 > > ###### Open Portal settings. > # > ## > # HomePage -- The authservice's notion of a default > # redirect. > # > HomePage http://nocat.net/ > > # DocumentRoot -- Where all of the application templates (including > # SplashPage) are hiding. Can be different from Apache's DocumentRoot. > # Defaults to /usr/local/share/NoCatSplash/htdocs via compile-time option. > # > # DocumentRoot /usr/local/share/NoCatSplash/htdocs > > # SplashForm -- Form displayed to users on capture. > # > SplashForm splash.html > > # StatusForm -- Page displaying status of logged in users. > # NOT YET IMPLEMENTED. > # > StatusForm status.html > > # SplashURL -- URL to fetch remote splash page from. You must compile > # with --with-remote-splash for this to work. SplashTimeout specifies > # the reload period of the remote splash page. > # > # SplashURL http://example.com/get_splash_page.cgi?node=$NodeID > # > # SplashTimeout 21600 > > ###### Active/Passive Portal settings. > # None of these settings affect open mode operation. > # > # TrustedGroups - A list of groups registered with the auth server > # that a user may claim membership in order to gain Member-class > # access through this portal. The default magic value "Any" indicates > # that a member of *any* group is granted member-class access from > # this gateway. NOT YET IMPLEMENTED. > # > # TrustedGroups NoCat NYCWireless PersonalTelco > # > TrustedGroups Any > > ## > # Owners - Optional. List all local "owner" class users here, separated > # by spaces. Owners typically get full bandwidth, and unrestricted > # access to all network resources. NOT YET IMPLEMENTED. > # > # Owners rob at nocat.net schuyler at nocat.net > > ## > # AuthServiceAddr - Required, for captive mode. Must be set to the address > of > # your authentication service. You must use an IP address > # if DNS resolution isn't available at gateway startup. > # > # AuthServiceAddr 208.201.239.21 > # > AuthServiceAddr auth.nocat.net > > ## > # AuthServiceURL - HTTPS URL to the login script at the authservice. > # > AuthServiceURL https://auth.nocat.net/cgi-bin/login > > ## > # LogoutURL - HTTP URL to redirect user after logout. > # > LogoutURL https://auth.nocat.net/logout.html > > ## > # PGPKeyPath -- The directory in which PGP keys are stored. > # NoCat tries to find this in the pgp/ directory above > # the bin/ parent directory. Set this only if you put it > # somewhere that NoCat doesn't expect. > # > # PGPKeyPath /usr/local/share/NoCatSplash/pgp > > > ### Network Topology > # > # FirewallPath - Where to find the firewall scripts. > # Defaults to /usr/local/libexec/NoCatSplash via compile-time option. > # > # FirewallPath /usr/local/libexec/NoCatSplash > > # > # ExternalDevice - Required if and only if NoCatAuth can't figure it out > # from looking at your routing tables and picking the interface > # that carries the default route. Must be set to the interface > # connected to the Internet. Usually 'eth0' or 'eth1' > # under Linux, or maybe even 'ppp0' if you're running > # PPP or PPPoE. > # > ExternalDevice eth0 > > ## > # InternalDevice - Required if and only if your machine has more than two > # network interfaces. Must be set to the interface connected to your local > # network, normally your wireless card. > # > InternalDevice eth1 > > ## > # LocalNetwork - Required if and only if NoCatSplash can't figure it out > # by polling the InternalDevice. Must be set to the network > # address and net mask of your internal network. You > # can use the number of bits in the netmask (e.g. /16, /24, etc.) > # or the full x.x.x.x specification. > # > # LocalNetwork 10.0.1.0/24 > LocalNetwork 192.168.2.0/24 > ## > # DNSAddr - Optional. *If* you choose not to run DNS on your internal > network, > # specify the address(es) of one or more domain name server on the > Internet > # that wireless clients can use to get out. Should be the same DNS that > your > # DHCP server hands out. > # > # DNSAddr 111.222.333.444 > DNSAddr 196.3.81.5 200.88.127.22 > > ## > # AllowedWebHosts - Optional. List any domains that you would like to > # allow web access (TCP port 80 and 443) BEFORE logging in (this is the > # pre-'skip' stage, so be careful about what you allow.) > # > # AllowedWebHosts nocat.net > > ## > # RouteOnly - Required only if you DO NOT want your gateway to act as a NAT. > # Uncomment this only if you're running a strictly routed network, and > # don't need the gateway to enable NAT for you. > # > # RouteOnly 1 > > ## > # MembersOnly - Optional. Uncomment this if you want to disable public > # access (i.e. unauthenticated 'skip' button access). You'll also want to > # point AuthServiceURL somewhere that doesn't include a skip button (like > # at your own Auth server.) > # > # MembersOnly 1 > > ## > # IncludePorts - Optional. Specify TCP ports to allow access to when > # public class users login. All others will be denied. > # > # For a list of common services and their respective port numbers, see > # your /etc/services file. Depending on your firewall, you might even > # be able to specify said services here, instead of using port numbers. > # > # IncludePorts 22 80 443 > > ## > # ExcludePorts - Optional. Specify TCP ports to denied access to when > # public class users login. All others will be allowed. > # > # Note that you should use either IncludePorts or ExcludePorts, but not > # both. If neither is specified, access is granted to all ports to > # public class users. > # > # You should *always* exclude port 25, unless you want to run an portal > # for wanton spam sending. Users should have their own way of sending > # mail. It sucks, but that's the way it is. Comment this out *only if* > # you're using IncludePorts instead. > # > # ExcludePorts 23 25 111 > # > ExcludePorts 25 > > ####### Syslog Options -- alter these only if you want NoCat to log to the > # system log! NOT YET IMPLEMENTED. > # > # Log Facility - syslog or internal. Internal sends log messages > # using the GatewayLog or STDERR if GatewayLog is unset. Syslog > # sends all messages to the system log. > # > # LogFacility internal > > ## > # SyslogSocket - inet or unix. Inet connects to an inet socket returned > # by getsrvbyname(). Unix connects to a unix domain socket returned by > # _PATH_LOG in syslog.ph (typically /dev/log). Defaults to unix. > # > # SyslogSocket unix > > ## > # SyslogOptions - Zero or more of the words pid, ndelay, cons, nowait > # Defaults to "cons,pid". > # > # SyslogOptions cons,pid > > ## > # SyslogPriority - The syslog class of message to use: In decreasing > importance, > # the typical priorities are EMERG, ALERT, CRIT, ERR, WARNING, NOTICE, > INFO, > # and DEBUG. Defaults to INFO. > # > # SyslogPriority INFO > > ## > # SyslogFacility - The facility used to log messages. Defaults to user. > # SyslogFacility user > > ## > # SyslogIdent - The ident of the program that is calling syslog. This will > # be prepended to every log entry made by NoCat. Defaults to NoCat. > # > # SyslogIdent NoCat > > ###### Other Common Gateway Options. (stuff you probably won't have to > change) > # > # ResetCmd, PermitCmd, DenyCmd -- Shell commands to reset, > # open and close the firewall. You probably don't need to > # change these. > # > # ResetCmd initialize.fw > # PermitCmd access.fw permit $MAC $IP $Class > # DenyCmd access.fw deny $MAC $IP $Class > > ## > # GatewayPort - The TCP port to bind the gateway > # service to. 5280 is de-facto standard for NoCatAuth. > # Change this only if you absolutely need to. > # > GatewayPort 5280 > > ## > # > # IdleTimeout -- How often to check the ARP cache, in seconds, > # for expiration of idle clients. NOT YET IMPLEMENTED. > # > # MaxMissedARP -- How many times a client can be missing from > # the ARP cache before we assume they've gone away, and log them > # out. Set to 0 to disable logout based on ARP cache expiration. > # > MaxMissedARP 0 > # > # IdleTimeout 300 > > ### Fin!