From: <eob...@us...> - 2011-11-13 18:04:25
|
Revision: 6079 http://ipcop.svn.sourceforge.net/ipcop/?rev=6079&view=rev Author: eoberlander Date: 2011-11-13 18:04:18 +0000 (Sun, 13 Nov 2011) Log Message: ----------- Add section on CRE to web proxy, including screenshot, with thanks to Marco Sondermann for use of his text. Modified Paths: -------------- IPCopDoc/trunk/en/admin/xml/admin.xml IPCopDoc/trunk/en/admin/xml/services.xml Added Paths: ----------- IPCopDoc/trunk/en/admin/images/proxy-cre.png Added: IPCopDoc/trunk/en/admin/images/proxy-cre.png =================================================================== (Binary files differ) Property changes on: IPCopDoc/trunk/en/admin/images/proxy-cre.png ___________________________________________________________________ Added: svn:mime-type + application/octet-stream Modified: IPCopDoc/trunk/en/admin/xml/admin.xml =================================================================== --- IPCopDoc/trunk/en/admin/xml/admin.xml 2011-11-13 13:25:24 UTC (rev 6078) +++ IPCopDoc/trunk/en/admin/xml/admin.xml 2011-11-13 18:04:18 UTC (rev 6079) @@ -42,11 +42,15 @@ <firstname>Peter</firstname> <surname>Walker</surname> </author> + <author> + <firstname>Marco</firstname> + <surname>Sondermann</surname> + </author> </authorgroup> - <date>2011-02-09</date> + <date>2011-11-13</date> <copyright> <year>2002-2011</year> - <holder>Chris Clancey, Harry Goldschmitt, John Kastner, Eric Oberlander, Peter Walker</holder> + <holder>Chris Clancey, Harry Goldschmitt, John Kastner, Eric Oberlander, Peter Walker, Marco Sondermann</holder> </copyright> <legalnotice> <para> @@ -105,7 +109,7 @@ <revision> <revnumber>2.x</revnumber> <date>2009-2011</date> - <authorinitials>EO,OW</authorinitials> + <authorinitials>EO, OW, MS</authorinitials> <revremark>IPCop v2 additions and modifications</revremark> </revision> </revhistory> Modified: IPCopDoc/trunk/en/admin/xml/services.xml =================================================================== --- IPCopDoc/trunk/en/admin/xml/services.xml 2011-11-13 13:25:24 UTC (rev 6078) +++ IPCopDoc/trunk/en/admin/xml/services.xml 2011-11-13 18:04:18 UTC (rev 6079) @@ -492,6 +492,151 @@ </para> </sect3> + <sect3 id="services-webproxy-cre"> + <!-- Text copyright Marco Sondermann, sub-edited by Eric Oberlander --> + <title>Classroom extensions</title> + <para> + The ClassRoom Extensions (CRE) to the Proxy Server + give you the ability to delegate administrative tasks to + non-administrative users through a separate Web Access + Management page. + </para> + <para> + The CRE creates a new role, between that of Admin and Users: + the Supervisor. + </para> + <para> + The Supervisor can turn on and off web access for predefined + groups (e.g. specific computers in a classroom) + without the need to have administrative access rights, + or knowledge of, the IPCop GUI. + </para> + <para> + The Web Access Management Interface can be started from any + client computer. + Open a web browser and enter the URL + <ulink url="https://192.168.1.1:8443/cgi-bin/webaccess.cgi">https://192.168.1.1:8443/cgi-bin/webaccess.cgi</ulink> + (replacing the 192.168.1.1 with the IP Address of your IPCop). + </para> + <para> + If the Web Access Management Interface has not been yet enabled + by the Admin, you'll see this text: + <quote>The management interface has been disabled by the + Administrator</quote>. + </para> + <para> + If the Web Access Management Interface has been enabled, + but the Admin has not defined any groups, you will see this + text: <quote>There are no access groups available</quote>. + </para> + <para> + <figure id="v2.services.013"> + <title>Web proxy - Classroom extensions configuration Section</title> + <mediaobject> + <imageobject role="fo"> + <imagedata fileref="&imagepath;proxy-cre.&imageext;" + format="PNG" + contentwidth="14cm"/> + </imageobject> + <imageobject role="html"> + <imagedata fileref="&imagepath;proxy-cre.&imageext;" format="PNG" align="center"/> + </imageobject> + <textobject> + <phrase>Classroom extensions configuration</phrase> + </textobject> + </mediaobject> + </figure> + </para> + <formalpara> + <title><guilabel>Enabled</guilabel></title> + <para> + Check this box to enable the Supervisor management interface. + </para> + </formalpara> + <formalpara> + <title><guilabel>Supervisor password</guilabel> (optional)</title> + <para> + When this password is set, all Supervisor users must enter + the password to manage web access. + This is optional, but for security reasons, either set a + Supervisor password, or define Supervisor IP addresses. + </para> + </formalpara> + <formalpara> + <title><guilabel>Supervisor IP addresses (one per line)</guilabel> (optional)</title> + <para> + This field allows you to define the IP addresses that will + be able to manage web access. + This is an optional configuration item which can be used to + increase security, or to simplify management, + if you don't want to configure a Supervisor password. + </para> + </formalpara> + <para> + For example, add these IP addresses, if you want to + allow them Supervisor access: + </para> + <screen><computeroutput>192.168.1.20 +192.168.1.30</computeroutput></screen> + <para> + The highest level of security is achieved when both a Supervisor + password is set, and IP restrictions are applied. + </para> + <formalpara> + <title><guilabel>Classroom group definitions</guilabel></title> + <para> + Your classroom group definitions are entered in this field. + A classroom group definition takes this format: + </para> + </formalpara> + <screen><computeroutput>[groupname] +client MAC address or client IP address or IP range or IP subnet +client MAC address or client IP address or IP range or IP subnet +client MAC address or client IP address or IP range or IP subnet</computeroutput></screen> + <para> + So, for example, you might have a pair of group definitions + like this: + </para> + <screen><computeroutput>[Example group 1] +192.168.1.11 +192.168.1.12 +192.168.1.13 +[Example group 2] +192.168.1.21-192.168.1.25</computeroutput></screen> + <para> + Each group has a 'groupname', which must be unique. + The groupname is the part of the group definition between the + square brackets. + The name will appear in the web access management interface. + </para> + <para> + Each group can have an unlimited number of client definitions. + You can use mixed client definitions within a group, + but each definition must be in a single line. + Here are some examples: + </para> + <para> + Single host - MAC Address + </para> + <screen><computeroutput>01:23:45:67:89:0A</computeroutput></screen> + <para> + Single host - IP Address + </para> + <screen><computeroutput>192.168.1.11</computeroutput></screen> + <para> + Host range + </para> + <screen><computeroutput>192.168.1.21-192.168.1.25</computeroutput></screen> + <para> + Subnet (netmask notation) + </para> + <screen><computeroutput>192.168.1.32/255.255.255.240</computeroutput></screen> + <para> + Subnet (CIDR notation) + </para> + <screen><computeroutput>192.168.1.32/28</computeroutput></screen> + </sect3> + <sect3 id="services-webproxy-time"> <title>Time Restrictions</title> <para> @@ -679,10 +824,10 @@ <para> Some examples might be: </para> - <screen><computeroutput>*.stuckfast.net -www.stuckfast.net + <screen><computeroutput>*.example.net +www.example.net 123.45.67.89 -www.stuckfast.net/downloads</computeroutput></screen> +www.example.net/downloads</computeroutput></screen> </sect3> <sect3 id="services-webproxy-browser"> This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |