Site hosted by Angelfire.com: Build your free website today!

The Public IP zoneCD is what's known as a LiveCD. It does not install to your hard drive. It runs right from your CD-ROM. The zoneCD is a re-master of Morphix CD ( http://www.morphix.org/ ) which in turn is a modified version of KNOPPIX CD ( http://www.knoppix.net/ ). The zoneCD is a bootable CD with a collection of GNU/Linux software pre-configured to create a WiFi gateway. The CD is a mini operating system with automatic hardware detection, and support for many graphics cards, sound cards and other peripherals. The gateway includes support for WiFi end-user authentication and web content filtering. Public IP zoneCD is distributed under the GNU General Public License .

The zoneCD is Linux, but you don't have to know anything about Linux to use the zoneCD. You just need to know how to place a CD in a CD-ROM, and turn on a computer… How cool is that!? All the benefits of Linux (stability, configurability, security, and a few other * ity's) without having to know anything about Linux! We have Knoppix to thank for that. Knoppix provides much of the auto configuration software used during bootup. Morphix provides the lightweight modular platform for me to add the components and software required to create an automatic WiFi gateway.

The ideal of Open Source is what makes the building and distribution the zoneCD possible. The sharing of code so that the next developer can pickup and take the software in a new direction is what makes open source work. It's what makes the zoneCD work.

The zoneCD works by adding a piece of hardware between your AP (wireless access point or router) and your network or Internet connection. The piece of hardware used for the zoneCD can be any PC with a minimum of 128MB RAM, two ethernet cards, a floppy drive or USB “thumb” drive, and a CD-ROM (see gateway requirements or setup instructions). Once the initial setup and configuration is complete, the system can be run headless. Headless meaning there is no need for keeping a keyboard, mouse, or monitor hooked-up. The CD will boot completely unattended after setup is complete.

 

Queue System
In order for some of the options configured in Zone Control to be updated on the zoneCD they must be downloaded from the control server and services must be restarted on the zoneCD. In order to make this as easy as possible, a system has been developed that will add updates to a queue in Zone Control while you are configuring your zone. Any updates that are made in Zone Control that require a configuration change on the zoneCD will cause a message to be displayed informing you of pending updates with a description of the action that will be performed. Once you have completed your changes, you can make the queue "active". This will allow the zoneCD to retrieve the instructions from the control server and make the required changes "live".

If the changes required will disrupt your users in any way, a message will be sent to users one minute before the update will be made. This message is sent using Samba client on the zoneCD. The message will inform the user of the pending update and appear personalized with your network name. This popup message will more than likely only be displayed on Widows XP and Windows 2000 clients. It's possible to be displayed on others, but the winpop client is running by default on XP and 2000.

The zoneCD has two very important services running that enable the system to operate as a self-contained wifi gateway. WiFiDog, and Dansguardian.

WiFiDog Captive Portal
For Public IP's premium subscribers, the central feature of the zoneCD is WiFiDog. WiFiDog is an open source captive portal that captures and redirects outbound 'web' traffic to a login page. WiFiDog has been extremely customized to work with the Public IP servers to enable remote configuration, accounting, and usage limits. You can configure the zoneCD to run WiFiDog in many different configurations depending on how much or little control you want of your users.

Aside from security, the most important function of a hotspot system is handling user registration. I have spent a good amount of time creating a system that allows many options for registering new users. User registration can be configured in the following ways:

  1. Username/Password
  2. Email/Password
  3. Validated Email/Password
  4. No Public Registration (message displayed with access instructions)
  5. Ticket System
  6. Shared Usernames
  7. Anonymous access with registration
  8. Anonymous access without registration
  9. Unauthenticated access

No matter what configuration you choose, you will always have access to register users (or generate tickets) from within Zone Control.

WifiDog is configured from Zone Control and the configuration is encrypted and downloaded to the zoneCD during boot or a queue process.

 

 DansGuardian Content Filtering
DansGuardian is an award winning web content filter for Linux, FreeBSD, OpenBSD, NetBSD, Mac OS X, HP-UX, and Solaris that uses Squid to do all the fetching. It filters using multiple methods. These methods include URL and domain filtering, content phrase filtering, PICS filtering, MIME filtering, and file extension filtering.

The zoneCD can be configured to use content filtering in the Protected and/or Liberated User Classes. It can also be completely turned off. The content phrase filtering will check for pages that contain profanities and phrases often associated with pornography and other undesirable content. Content filtering can be turned off for individual users by identifying the user as Liberated, or Trusted in your Zone User administrative page located in Zone Control.

The zoneCD filters :

·         Text and HTML pages for obscene (sexual, racial, violent, etc) content.

·         Sites using the PICS labeling system.

·         According to MIME type and file extension (.exe, .mp3, etc)

·         According to Regular Expression URLs.

The filtering basically serves two purposes: 1) It prevents end-users from viewing inappropriate content that could possibly offend your other customers or visitors. 2) It prevents end-users from using all of your bandwidth for downloading music, movies, and programs files by blocking mime types.

 

Hotspot operators can use any wireless access point or wireless router with Public IP's hotspot solution. However, the system adds an additional piece of hardware to your network. The zoneCD requires a separate computer to run between the AP and the wired network. This computer acts as a gateway between the wired world and the wireless world.

Because the zoneCD is a LiveCD it cannot retain any configuration during a reboot. For this reason Public IP has created a system that will save the zoneCD configuration to a floppy disk, or to a USB thumb drive (versions over 0.6-0). Also for the same reason, it is suggested that you use an additional router connected to the Internet to maintain your ISP connection and WAN configuration.

The zoneCD computer does not require any Input/Output (keyboard,mouse,monitor) devices after the initial configuration is complete. The zoneCD box will run completely headless. It can also be configured to enable SSH (see docs) for remote administration of the system.

Here's what you need to get setup

  • Any WiFi compliant wireless router or access point
  • Standard router for Internet connection/firewall
  • Computer with:
    • An Intel-compatible CPU
    • Minimum 128 MB RAM.
    • Bootable CD-ROM drive.
    • Floppy drive or USB thumb drive
    • 2 Network Interface Cards (NIC's)
  • High-speed Internet connection

User control is the reason you are looking for a hotspot solution, right? If you didn't want control, then you could just setup an AP (access point), and be done with it. But it's control you want, and it's control Public IP will give you. Zone Control enables you to have complete control over “who”, “what”, “when”, and “how” (the “where” is up to you).

“WHO”
You will have total visibility and control over who is using your hotspot at all times. Zone Control allows you to choose from many types of registration.

Registration Options

  • Username/Password
  • Email/Password
  • Validated Email/Password
  • No Public Registration (message displayed with access instructions)
  • Ticket System
  • Shared Usernames
  • Anonymous access with registration
  • Anonymous access without registration
  • Unauthenticated access

Web based registration is fast, easy and automatic. A user clicks a link, registers with your zone, and gets instant access. If you need more control you can disable web registration and use the ticket system, or register users manually in Zone Control.

Zone Control will also display all user activity. You can use the active session page to view all the users that are currently using your zone, or you can run reports and even download them into Excel(*.xls), or Word(*.doc). Active sessions and reports display the mac, username, ip, session start time, session length, and kilobytes up/down.

 

“WHAT”
Control what your users have access to while using your zone. By taking advantage of the user class system you can define how groups of users can access the Internet, and what they can access. Firewall rules and content filtering play a major role in protecting your network and users. You can also block P2P programs such as Kazaa, and BitTorrent.

Classes are concepts that NoCat had developed into their system to provide higher levels of access for trusted users. I have taken the same user class concept and added it to Public IP's fork of WiFiDog. I have also added the ability to funnel the classes through the content filter. The content filter can be applied to the Protected and/or Liberated class, or disabled completely.

The content filter can be customized to allow or block specific sites and URLs. You can also configure the "Naughtiness Limit" as well as what file extension should be blocked.

Firewall rules are also completely customizable for the Protected and Liberated classes. Trusted and Super users have very little that needs configuring since they have open access to the network. You can also block access to your "wired" network. Wireless users will not be able to access any computers on the other side of the gateway, unless you allow them to access the network. You can grant wireless users no access, partial access, or total access to your LAN. Partial access allows you to define IP addresses and ports to allow access. Super users have access to all network resources regardless of any settings for LAN access.

When a new user registers at your zone, the default action is to add the new user to the Protected class, but this can also be modified to be Liberated, or Trusted. End-User Classes and default settings are:

  • Protected: ALLOWS traffic on 80, 443, and 110. Content filter enabled.
  • Liberated: BLOCKS traffic on 21 25 445 1214 3689 6667 6699. Content filter disabled.
  • Trusted: Firewall disabled. Content filter disabled.
  • Super: Given network priority, pre-empt's traffic from other classes. Firewall disabled. Content filter disabled.

 

“WHEN”
Zone Control allows you to enforce limits on when users are able to access your zone. You can set your zone's "Open" and "Closed" times to only allow access during certain hours. You can define each hour of each day that users are allowed to access your network. When a user attempts to make a wifi connection to your network during off hours they will be redirected to a page that displays your logo and says "Sorry we're closed" with your available hours.

You can also define when the user can access your zone by setting the time limits for user classes. A user's time limit can also be adjusted individually. Zone Control allows you to limit a users 24 hour usage to a couple hours a day, week, month, or unlimited access.

“HOW”
Zone Control gives you total control over how users can access and use your Internet connection. Configuring registration options, firewall rules, and the content filter, allows you to make Zone Control what you want it to be. Be strict or lenient with the restrictions you impose on your visitors... It's your choice.

 

 

Public IP Services was first conceived by me, Scott Tully, in the summer of 2003 as an ISP/Free WiFi provider. Going back a few months further, back in the Spring of 2003, is when I first got motivated to do something with WiFi. I was looking for something to occupy my creativity when I stumbled on to WiFi. At the time I was working in the Transportation industry and saw a lot of potential for truck drivers, and those who need to interact with truckers to benefit from WiFi access. So I dug a little deeper into WiFi and the business of providing WiFi access.

After researching and thinking of WiFi usage in real terms, I decided that providing free WiFi access would be the way to go. It didn't really seem like WiFi as a standalone service would work in many places. It was those places that I would target to provide them with a way to provide free internet access to their visitors.

So how would I make a business based on providing a free service? I thought by combining Internet service with providing free WiFi access that I could generate a little revenue by re-selling DSL. So I partnered with Covad, and New Edge Networks to re-sell DSL. For a WiFi system, I first experimented with Sputnik (i was a beta tester), but that was way to unstable. Bought an Orinoco AP-2500, didn't like that either. Then I hooked up with Netopia and made a deal to test their new AP with firmware that would provide a homepage redirect. It was a done deal. We had press releases, the whole 9 yards. I based my system design on what they had told me the AP would be capable of. Weeks turned into months and in December of 2003 I stopped waiting. Netopia screwed me. I was crushed. I wasted so much time and energy just to get blown-off. I know a few other guys tried to follow in my footsteps, but things did not work out for them either, just more empty promises from Netopia.

While Netopia was jerking me around I had read a little about NoCat but I really didn't have the time to play with it. Well now I did. It was Christmas vacation 2003 and I got Nocat installed and working on a spare Linux box. It wasn't exactly a simple install. I was looking for a way to make a simple NoCat distro when I found Morphix. Within a few days or maybe a week I had NoCat running on Morphix and the current day Public IP was born.

Since I first got NoCat to run on Morphix, the control server has undergone a few major revisions. You can find more details on the history and growth of Public IP and Zone Control in my blog. All the revisions and features included in Zone Control and the zoneCD are based on feedback provided by users of the system. If you have any request for features please send them to me and I'll do what I can to incorporate features that will make Public IP what you need it to be.

 

WORKS MS WINDOWS OS

The OS that is currently installed on you PC makes no difference... The ZoneCD itself is an OS. The ZoneCD is what's called a LiveCD. A LiveCD runs directly from the CD-ROM without ever being installed. The CD creates what's called a RAM disk and loads the file system into RAM.

 

When spotcheck informs you that your gateway is down, it means that WiFiDog has missed more than two "pings". This could be a problem with WiFiDog, the ZoneCD, or the Internet connection at your location.

To get a better idea of what the problem could be; login to Zone Control with your Master Login (email address) and select your zone from the droplist. On the status tab (you should already be there) go to the bottom right corner and select Restart/Reboot Service. If the gateway is unreachable, or the ZoneCD has crashed, you will see a message on this page.