summaryrefslogtreecommitdiffstats
path: root/TODO
blob: ff5911b9cf424ffdb49554d80e5f1c6501ab7998 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57


* Write firewall (iptables) implementation
   - Add function declarations in eurephia_firewall.h (DONE)
   - Enable firewall functionality by checking if firewall_interface
     config variable is set. (DONE)
   - Add eDBget_firewall_profile(ctx, session) in eurephiadb (DONE)
   - Add eurephia_firewall(ctx, mode{ADD|DELETE},   {profilename|macaddr},
                          (eurephiaCTX *, const int mode, char *) (DONE)
      - This function is located in eurephia_fw_iptables.c (DONE)
      - iptables -I {INSERT place} is taken from config:
        firewall_destination (DONE)
      - iptables -j {vpnuser_profile} is taken from VPN users
        accessprofile (DONE)

   - Needs probably to be an own thread with root permission and a
     socket to send ADD/DELETE commands (DONE)

   - Flush iptables chain on startup

* Implement logging of env.variable time_duration on disconnect
   - Needs to expand the openvpn_lastlog table with connection_duration
     field.

* Log MACaddresses per session into openvpn_macaddr_history
   - Can change during a session
      CREATE TABLE openvpn_macaddr_history (
             sessionkey varchar(64)  NOT NULL,
             macaddr    varchar(20)  NOT NULL,
             registered timestamp    DEFAULT CURRENT_TIMESTAMP,
             semaid     integer      PRIMARY KEY AUTOINCREMENT,
             KEY(sessionkey),
             KEY(macaddr)
      );
    - Add insert in database/sqlite/eurphia-sqlite.c -- eDBregister_vpnaddr(...)

* Write admin program
   - Add / Delete / Modify users
   - Add / Delete / Modify certificates (by loading the certfile)
   - Add / Remove user->certlink
   - Add / Delete blacklisted users/cert/IP addr
   - Show lastlog
   - Show blacklist
   - Admin program should use eurephiaDB
   
* Make new eurephiadb-driver_template.c - template for creating db driver
   - add new parameter to eDBregister_attempt(...) -- attempt_mode

* Write PostgreSQL driver

* A lot of QA
   - Writing test program for DB drivers
       - which tests only the driver (loads .so file)
       - which tests the API, simulating openvpn calls
   - Check that user gets blocked and blacklisted on too many failing attempts
   - Check that right connection profiles are used
   - Check that user/cert matches
generated by cgit (git 2.34.1) at 2024-11-12 19:19:40 +0000