Quick Question
Ivan Kohler
ivan at sisd.com
Fri Nov 6 19:25:45 PST 1998
On Fri, Nov 06, 1998 at 06:12:03PM -0500, james at wwnet.net wrote:
> A quick question about freeside. Does freeside currently have a cgi for
> allowing customers to add themselves.
Not yet, no.
I wouldn't implement it as a local script. I wouldn't want users talking
to my freeside machine; too much potential for DoS attacks. I'd probably
do something client/server like fs_passwd (the passwd/chfn/chsh
replacement):
-The freeside machine starts a daemon remotely (via ssh) on the web server.
-The daemon on the web server opens a protected-mode UNIX domain socket.
-Processes on the web server talk to the local socket.
ssh provides strong authentication and encryption on the web server to
freeside connection. Presumably the web server would run SSL of some
sort. You don't have to allow any userland packets near your freeside
machine, as all connections are initiated from the freeside machine.
> I am looking for something that
> will verify that the users card is valid before adding the user.
> If there isn't anything like this, I am probably going to end up coding it
> myself.
I hope you'll consider checking your code into the CVS tree so that I and
others can help you out.
> James
--
Ivan Kohler <ivan at sisd.com> - finger for PGP key
Silicon Interactive Software Design - http://www.sisd.com/ - 888-670-SISD
Open-source billing and administration for ISPs - http://www.sisd.com/freeside
20 4,16 * * * saytime # please don't be surprised if you find me dreaming too
More information about the freeside-users
mailing list