[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Revised Web UI for NPF as a GSoC project
After feedback and some thought, I've come up with a revised plan.
Mostly chosen some tools, namely purecss for front-end (I would like to
nginx+Lapis for Lua framework, etc.
I get the impression that we want something that offers the
functionality of pfSense/dd-wrt, not just a UI for npf/blacklistd.
Crude implementation (1-2 weeks):
Implement a very basic router supporting DHCP client/server and PPPoE using
a 'dumb' implementation, to experiment.
Add a pile of features, refactor (1-2 months):
Ordered by priority:
- Add any feature supported by plain dd-wrt/pfSense.
- NPF and blacklistd support
- Refactor so each feature is its own extension, use Lua templates
Optional things given remaining time:
- Graphs that change in time.
- Allow automatic updates of OS
- UI for extensions
- Add popular extensions (thinking of varnish, squid, clamav)
- Translate (should be easy given templates)
- Test a wide array of browsers to ensure everything looks good.
- If Lua templates removed most of our need for Lapis, take it out from
all the other bits.
- Switch to bozohttpd
It seems like there's a big need for security. I've learned of one
attack called cross-site request forgery. Seems like the way to tackle
it is an awkward dance with embedding tokens in forms.
I can already see that Sailor (other Lua framework)'s authentication
scheme doesn't handle this...
Are there other such concerns?
Should it run as an individual one for "base" even when I plan to have
Having one per extension might get a bit silly when there's 30 of them,
if every single feature is a daemon.
Not entirely convinced of the need of them here. What's the use case? I
can only think of graphs and it's probably not worth the trouble.
Main Index |
Thread Index |