LockWianaChangesNode

back to http://scratchpad.wikia.com/wiki/Sasecurity

We implement this function in our interface:

http://209.210.230.104:81/cgi-bin/system.cgi

name=admin pass=terra7

so that you enter the IP's of each gateway in the order you want the fail-over to take place. When the function is selected it works like this: if the primary gateway fails to respond to icmp pings every 90 seconds for whatever reason, the node hops down the list until it finds a gateway that responds, then routes everything there. If all the gateways on the list fail, the node will query the AODV for any gateway not on the list and will attempt to establish a connection there.

We don't currently have, but will add some logic to check the old gateway every once in a while to see if its come back to life, and then re-associate there. It may also make sense to add an optional outside host to receive and respond to pings (e.g. www.yahoo.com) to make sure we have a valid upstream connection. I'll bring up your suggestion here which I think is a good one, and see if there's an easy way to add it. http://www.qorvus.net

> Out of interest, how does the preferred gateway work ? Do you lock to it,and if > it disappears, then change parameter to lock to any. If so, does that need a > reboot. > > No-one replied to my mailing interest in locking nodes to gateways depending on > bandwidth available. i.e. go an extra hop for 1 mb gateway in a multi-gateway > system. > > If you have a solution, then I would certainly be interested, as we could build > controls around locking nodes to gateways based on bandwidth profiles of the > gateways. > > I working with Ryan on Meshtrak.com to graph user/node info, and updating nocat > to take more instructions.. user logout, remote logout, re-classing user, boot > request.

> > The Qorvus extensions are installed by us on top of the standard LW distro, > > and provide such features as real-time embedded web management of the nodes > > for easier field installation and optimization, added setup functions like > > highly visible real-time radio signal bar-graphs, settings backup and > > restore, click-through links to other nodes in the mesh, Prefer Gateway > > (intead of lock to gateway) function, seperate splash-redirect URLs for > > members and guests, and so on. In addition, the installation of our > > extensions streamlines and fixes a variety of minor bugs in the original > > scripts (many of which we've posted in the wiki). We're continuing to evolve > > this, so additional features like local radius are coming. > > > > We've also added a "lock out Wiana changes to this node" function, which > > allows user to continue to use Wiana as a statistics gathering and mapping > > service, but prevents unwanted remote changes via Wiana to the nodes > > configuration once an installation is stable. This would also address the > > wiana vulnerability issue you describe, since the system will remain fully > > functional and manageable without Wiana. > > > > Our paid support program applies to any meshAP based on the LW distro, with > > or without Qorvus extensions. However since the systems are easier to manage > > with our extensions, we're making it easy for our support clients to add > > them.

> > > Hello, What improvements is there in the qorvus distro over the > > > locustworld distro? > > > Are you mainly offering support over a new distro? If it is a new distro, > > > Have you looked > > > at the linksys WRT54GS with OpenWRT??? Have you solved the security issues > > with > > > wianna (namely that a person does not 100% control over there network and > > a > > > upstream > > > attack on the domain/ip could render a network vulnerable?) > > > > > > > > > Jeromie Reeves > > > > > > At 06:12 PM 7/20/2004 -0700, you wrote: > > > >Dear fellow MeshAP users, > > > > > > > >For quite some time, we've been getting lots of calls and emails asking > > > >for technical support for non-Qorvus mesh networks and other wireless > > > >products. We've been happy to help, but it's getting out of hand (I do > > > >like having a day off once in a while), and since we are compensating our > > > >employees to provide more and more of this support, we've decided to > > offer > > > >a paid technical support service for mesh users who use LW mesh (or one > > of > > > >its derivatives) to provide connectivity for paying clients or for some > > > >other commercial purpose. > > > > > > > >This service will include routine remote set-up and deployment > > assistance, > > > >advanced trouble-shooting, and basic custom scripting and setup for > > > >various specialty applications. Our existing customers for Qnodes already > > > >receive extensive product support, our embedded web management tools, and > > > >logo splash-screen at no additional charge, but for non-Qnode customers, > > > >we will be charging $95 for one hour, or $75 per hour for blocks of 10 > > > >hours (prepaid via Paypal). This is a best-efforts service since it > > > >involves open-source code, non-Qorvus equipment, and a number of > > > >conditions that are outside our control. Support will be available via > > > >email or phone, and charged in 30 minute increments. We've added a link > > to > > > >this service and described terms and conditions here: > > > > > > > > > >http://www.qorvus.net/techsupp > > ort/index.htm > > > > > > > >Each hour of prepaid service will also get you one installed copy of our > > > >embedded web management tool: > > > > > > > >http://209.210.230.104:81/ > > > > > > > >name=admin, pass=terra7 > > > > > > > >and new splash-screen with your logo: > > > > > > > > > >http://www.qorvus.net/admin/ > > images/splash.jpg > > > > > > > >at no additional charge other than the time needed to configure and > > > >install your logo and the software on your system. > > > > > > > >We're also considering a hardware reliability-enhancement service for > > > >non-Qorvus mesh equipment, to incorporate proper shielding, grounding and > > > >our web-management tools, on a time and materials basis. > > > > > > > >We will still try to answer questions for hobby and experimental users > > via > > > >the meshAP board when we get a spare minute. However, we won't be able to > > > >respond to technical support phone calls or emails any longer, unless > > > >you're a client.