Implemented features
Important note WPM's development was halted for
about one year... It is back on track again. Of course,
one year worth of time makes a project change. You can
take a look at the
roadmap I am proposing now... And as always, please contact me with any suggestions
you might have.
- User authentification and different user access
levels (to a certain extent)
- Client-server based interface for all the
root-level operations
- Easy to define network segments
- Displays if the hosts on a segment are allowed
or denied Internet access, or if only some of
them are allowed, from an easy-to-understand main
page
- Can allow/deny access to single IP addresses
- Implement web interface for the many parts of the
configuration that still have to be hand-edited
- A forking server, allowing it to serve more than one
concurrent connection
- Allow segments to have names rather than numbers
(Thanks to oktay.akbal@s-tec.de for the patch!)
To-do list
- Add support for ipfwadm (Linux kernel 2.0.x) and other
operating systems
- Test system with a firewalling machine instead of a
proxy, and implement the necessary changes
- Add more access-level restrictions (should be very
easy to do - just have to come up with the right ideas
:) )
- Double-check everything (specially the part that runs
as root) for security holes. Maybe re-write that part
in C or something similar.
- Provide more than a workaround for networks that are
not Class-C. NOTE - The workaround *DOES* work (confirmed),
but I don't like its lack of elegance. Anyway....
Workaround: If you specify as your network
(in wpmd.conf) only the first octet (eg., 1 in 1.2.3.4)
of your IP, you should be able to allow/deny access to
IP 2.3.4 - not very confortable, but works... (if you
don't need IPs from different first-octet network
segments).
- Add all the scheduling code
- Whatever you can suggest
me...
Go back