|
Listed below are a few of the features that will be available
to you as a premium Public IP subscriber. Many of the services
are also available using our free
service. Aside from the interfaces,
the biggest differences in the free service vs. premium service
are high availability, a queue system for configuration updates to
the gateway, the end-user session tracking, and a professional support
system is available to Premium subscribers. Session
tracking meaning how the system "knows" that
a user is still connected. The free service uses a fork of NoCat,
which depends on a popup window to maintain a user session. The premium
service uses a fork of WiFiDog which
simply watches network activity to maintain a user session.
Captive
Portal: Public IP's premium service uses a homebrewed
version of WiFiDog captive portal system. We have tweaked the
gateway, and re-written the authserver to enable more control
over user activity. In addition to the typical captive portal
features, such as capturing outbound web traffic, and homepage redirection,
we have added a list of control features. The added gateway functionality
works in tandem with the Public IP servers and other software running/available
on the ZoneCD. Features such as time limits, bandwidth throttling,
transfer limits, available hours, and content filtering have
all been added by Public IP. Some features such as bandwidth
throttling are really gateway features controlled be the server,
while others such as time constraints are actually server features
controlled by the gateway. Much of the system design is based
on the fact that the gateway (zoneCD) is a live CD. Live CD's
have read only file systems, so almost all of the configuration is
done on the server then downloaded to the gateway.
Firewall: Use
Public IP to configure the firewall rules to protect
your network from malicious activities. Open and close ports as needed,
and configure access to computers on your local network. Public IP
allows you to configure your wireless signal to block or limit access
to your wired network. By default, private [wired] LAN access is
blocked from Wi-Fi users (Super user class has access to entire network).
You can also allow access to your entire wired network, or define
a specific IP address and ports to allow access to a single or multiple
computers on your network.
User
Classes: Public IP uses a user class system to assign special
rights and privileges to users. All users in your "zone"
are members of a class or group. There are four user classes:
Protected, Liberated, Trusted, and Super. Each user class can be
assigned a predefined limit for bandwidth, data transfer, and usage
time. Protected and/or Liberated classes can be configured
to use the content filter. The Protected user class default firewall
rules is to block (your define open ports). The Liberated user
class default firewall rule is to allow (you define ports to block). Trusted
and Super user classes have no firewall rules, only time and transfer
limits are applied to users in these classes. Super users are given
special access to LAN resources. To determine new user classes,
you define a default user class for new users to be added upon
registration.
End-User Classes and default settings:
- Protected: ALLOWS traffic on 80, 443, and 110. Content filter
enabled.
- Liberated: BLOCKS traffic on 21 25 445 1214 3689 6667 6699. Content
filter disabled.
- Trusted: Firewall disabled. Content filter disabled.
- Super: Given network priority, pre-empt's traffic from other
classes. Firewall disabled. Content filter disabled.
All the settings for the classes are totally customizable. Port ranges can be entered with this format 20:25.
|
Content Filtering: Public IP's gateways run
an unmodified version of Dansguardian, an open source content filter.
Dansguardian is configured using a group of user interfaces inside
Zone Control. The content filter configuration is downloaded
to the zoneCD during boot, or using the queue system.
Time
and Transfer Limits: Data and time
limits can be configured on a daily, weekly, or monthly basis. Usage
limits can be defined by user class or for individual users. Temp
limits can be used to increase the usage limits of a user for the
remainder of the day without changing the user's permanent account
settings.
Bandwidth
Throttling: Control the amount of bandwidth available
to a user in each user class. Set the upload and download
throttle for each user class.
Network Availability Hours: Define the network availability for each hour
of each day. A nice feature to keep users off your network during closed
hours or busy times. Ticket System: A Ticket System is available
if you would like to disable self-registration and automatically
generate logins to be printed and distributed to visitors. The ticket
will have the network name, username, ticket valid date and time,
and a free form text description area for a very brief message. This
option is activated when you select to not require passwords from
your users. In place of a password the visitor must type the random
characters displayed in an image file generated by the server.
Spot Check: A RSS feed is available to monitor the
usage and availability of your hotspot. While inside Zone Control
the same data is available from the status page from within a Flash
object. Watch active user sessions, and system loads to always be
on top of your spot. In the event of a gateway failure you will be
notified not only via RSS or a message in the Flash object, but the
system will also email the details of the crash to your hotspot's
support email address. You will be notified again upon recovery.
Hotspot Directory: An optional public Hotspot Listing is
available. Very useful for new people finding your hotspot and for
providing details to current users about network availability hours
and other info.
Reports: Reports, reports, reports... One for
usage, one for limits and blocks, and another for the content filter. You can
apply date ranges and filter results by username, Mac address, or IP address.
You can also group the data by username, Mac, or IP if you want to see more
cumulative data. All reports also generate bar graphs and/or pie charts. You
can also view summary reports for the number of logins per day, and time of
day usage for the last four weeks so you can get an idea of your busy times.
Configuration
Queue: In order to make some configuration changes take effect on
your ZoneCD a service may need to be restarted, or the gateway itself
may need to be rebooted. Once you have completed making any configuration
changes in Zone Control you can approve the updates and the changes
will be downloaded to your gateway. A broadcast message will be sent
to users if the action will effect connectivity (Windows XP and Windows
2000 users). The update will be made on the gateway within 5 minutes.
You will recieve an email to your support email address when complete.
Templates: Choose a template designed by Public IP, or if
you want more control you can design your own template. The
template system uses the Smarty Template engine. If you decide to
subscribe to a service that allows you to customize your template
you should become familiar with the Smarty syntax.
Proxy Server: Proxy server configuration can be used to
setup your gateway to used a proxy server on your network.
Network Printer: A shared network printer can be configured
via zone control. If you provide an IP address of the printer, along
with a small note to users the printer (among other things such as
available time, transfer, hours, etc.) will be displayed in the users
connection properties window upon login.
Customize Emails: You can customize the emails that are generated
by the server and sent to your users. A Welcome Email, Forgot
Password, and Email Validation email can all be customized by entering
your message and using special tags to insert variable values like
name, username, and password.
|
