Re: [m0n0wall-dev] Our enhancements to Monowall

From:	Angus Jordan <angus dot jordan at gmail dot com>
To:	Paul Taylor <PaulTaylor at winn dash dixie dot com>
Cc:	m0n0wall dash dev at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall-dev] Our enhancements to Monowall - Released!
Date:	Thu, 1 Sep 2005 15:49:16 -0700
A CD image would be great too...makes it real easy to try out the 
modifications without having to overwrite our current configuration.

Angus

On 9/1/05, Paul Taylor <PaulTaylor at winn dash dixie dot com> wrote:
> 
> We are very proud to release version 2.2 of our enhanced Monowall image, 
> our
> first public release. We would absolutely love it if all of our
> enhancements make it into the base Monowall image.
> 
> 
> 
> Enhancements:
> 
> 
> 
> 1. Sub-Admin Users: The webGui now allows multiple users, configurable by
> the admin user via the webGui. Each user can have their permissions
> controlled on a per-page level. Users can be created and have their page
> permissions updated via checkboxes on the System > User Manager link,
> available only to the admin user. In a corporate setting this lets various
> departments take on their own roles. For example, a Security department
> might be in charge of the Captive Portal users, and Network Operations 
> might
> be given access to the Diagnostics and Status pages. In addition,
> individual users may modify their own password via the webGui. (Assuming
> they have permissions for that page.)
> 
> 2. Adaptive Menus: The menu structure has been overhauled to be completely
> dynamic. A user will only be presented with menu items that they have
> access to view. The left menu still has the familiar Monowall menu
> structure, but items will not appear if the user doesn't have access.
> 
> 3. Adaptive Tabs: All pages with Tabs (such as the Logs page) now have
> dynamic tabs. Only tabs to which the user has access will be displayed.
> 
> 4. Captive Portal Element Manager: You can now host images and css files
> directly from the Monowall machine by using the Element Manager. After
> uploading your captive portal login and error pages, simply select the
> "Element Manager" tab under Captive portal. There, you will be presented
> with a list of all detected page elements, with whether or not the files
> exist (and if so, their size), along with the opportunity to upload or
> delete the actual image and css files. Once uploaded, all elements are
> stored in the config.xml file and placed in the captive portal directory.
> The Captive Portal index page is called each time a user's browser 
> requests
> a page element. This way, it knows which are valid elements and will 
> upload
> them to the user. This eliminates the need to have a separate web server 
> to
> simply server up images for Captive Portal pages. In addition, HTTPS
> traffic will now
> 
> 5. The ability to disallow concurrent logins of the same username via the
> Captive Portal.
> 
> 6. ARP table page: This page displays the ARP table of the Monowall, along
> with the hostname of devices which are in the DHCP Leases file.
> 
> 7. Traceroute page
> 
> 8. NS Lookup page: Server field is auto-populated. This hasn't been tested
> on a DHCP system yet, but should work.
> 
> 9. Whois page
> 
> 10. Firewall States page: For advanced troubleshooting... It shows the
> Source IP, Port, Destination IP, Port, Protocol, Packets, Bytes, and
> Time-to-live.
> 
> 
> 
> This is perhaps the best feature for troubleshooting an individual user
> problem... Here you can see all connections live (as fast as you refresh
> the page), sort by whichever column you want, ascending or descending,
> filter on source or destination IP Address by clicking the desired IP
> Address, and take Statistics Snapshots to view Delta packet and byte info.
> 
> 11. Exit to Shell: Option on the console to get to the underlying shell.
> 
> 12. SSH access with Authorized keys: On the Advanced screen, you can 
> enable
> SSH and paste in an Authorized keys file to allow root SSH access. To go
> along with this, we've included a minimalist termcap file (about 1K in 
> size)
> instead of the standard 200+K file. This has enough terminal definitions 
> to
> allow you to use either the console or SSH to run applications like top 
> and
> vi. This termcap file is also required for the Firewall States page.
> 
> 
> 
> At this time, we are releasing a generic PC image:
> 
>
www.addressplus.net/generic-pc-1.2b9.wd2.2.zip<http://www.addressplus.net/generic-pc-1.2b9.wd2.2.zip>
> <http://www.addressplus.net/generic-pc-1.2b9.wd2.2.zip>
> 
> 
> 
> Within the next few days or so, I'll try to get a net4801 image compiled 
> and
> release it as well.
> 
> 
> 
> Paul
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
>