Menu
▾
▴
[Ipcop-svn] SF.net SVN: ipcop:[6079] IPCopDoc/trunk/en/admin
|
From: <eob...@us...> - 2011-11-13 18:04:25
|
Revision: 6079
http://ipcop.svn.sourceforge.net/ipcop/?rev=6079&view=rev
Author: eoberlander
Date: 2011-11-13 18:04:18 +0000 (Sun, 13 Nov 2011)
Log Message:
-----------
Add section on CRE to web proxy, including screenshot, with thanks to Marco Sondermann for use of his text.
Modified Paths:
--------------
IPCopDoc/trunk/en/admin/xml/admin.xml
IPCopDoc/trunk/en/admin/xml/services.xml
Added Paths:
-----------
IPCopDoc/trunk/en/admin/images/proxy-cre.png
Added: IPCopDoc/trunk/en/admin/images/proxy-cre.png
===================================================================
(Binary files differ)
Property changes on: IPCopDoc/trunk/en/admin/images/proxy-cre.png
___________________________________________________________________
Added: svn:mime-type
+ application/octet-stream
Modified: IPCopDoc/trunk/en/admin/xml/admin.xml
===================================================================
--- IPCopDoc/trunk/en/admin/xml/admin.xml 2011-11-13 13:25:24 UTC (rev 6078)
+++ IPCopDoc/trunk/en/admin/xml/admin.xml 2011-11-13 18:04:18 UTC (rev 6079)
@@ -42,11 +42,15 @@
<firstname>Peter</firstname>
<surname>Walker</surname>
</author>
+ <author>
+ <firstname>Marco</firstname>
+ <surname>Sondermann</surname>
+ </author>
</authorgroup>
- <date>2011-02-09</date>
+ <date>2011-11-13</date>
<copyright>
<year>2002-2011</year>
- <holder>Chris Clancey, Harry Goldschmitt, John Kastner, Eric Oberlander, Peter Walker</holder>
+ <holder>Chris Clancey, Harry Goldschmitt, John Kastner, Eric Oberlander, Peter Walker, Marco Sondermann</holder>
</copyright>
<legalnotice>
<para>
@@ -105,7 +109,7 @@
<revision>
<revnumber>2.x</revnumber>
<date>2009-2011</date>
- <authorinitials>EO,OW</authorinitials>
+ <authorinitials>EO, OW, MS</authorinitials>
<revremark>IPCop v2 additions and modifications</revremark>
</revision>
</revhistory>
Modified: IPCopDoc/trunk/en/admin/xml/services.xml
===================================================================
--- IPCopDoc/trunk/en/admin/xml/services.xml 2011-11-13 13:25:24 UTC (rev 6078)
+++ IPCopDoc/trunk/en/admin/xml/services.xml 2011-11-13 18:04:18 UTC (rev 6079)
@@ -492,6 +492,151 @@
</para>
</sect3>
+ <sect3 id="services-webproxy-cre">
+ <!-- Text copyright Marco Sondermann, sub-edited by Eric Oberlander -->
+ <title>Classroom extensions</title>
+ <para>
+ The ClassRoom Extensions (CRE) to the Proxy Server
+ give you the ability to delegate administrative tasks to
+ non-administrative users through a separate Web Access
+ Management page.
+ </para>
+ <para>
+ The CRE creates a new role, between that of Admin and Users:
+ the Supervisor.
+ </para>
+ <para>
+ The Supervisor can turn on and off web access for predefined
+ groups (e.g. specific computers in a classroom)
+ without the need to have administrative access rights,
+ or knowledge of, the IPCop GUI.
+ </para>
+ <para>
+ The Web Access Management Interface can be started from any
+ client computer.
+ Open a web browser and enter the URL
+ <ulink url="https://192.168.1.1:8443/cgi-bin/webaccess.cgi">https://192.168.1.1:8443/cgi-bin/webaccess.cgi</ulink>
+ (replacing the 192.168.1.1 with the IP Address of your IPCop).
+ </para>
+ <para>
+ If the Web Access Management Interface has not been yet enabled
+ by the Admin, you'll see this text:
+ <quote>The management interface has been disabled by the
+ Administrator</quote>.
+ </para>
+ <para>
+ If the Web Access Management Interface has been enabled,
+ but the Admin has not defined any groups, you will see this
+ text: <quote>There are no access groups available</quote>.
+ </para>
+ <para>
+ <figure id="v2.services.013">
+ <title>Web proxy - Classroom extensions configuration Section</title>
+ <mediaobject>
+ <imageobject role="fo">
+ <imagedata fileref="&imagepath;proxy-cre.&imageext;"
+ format="PNG"
+ contentwidth="14cm"/>
+ </imageobject>
+ <imageobject role="html">
+ <imagedata fileref="&imagepath;proxy-cre.&imageext;" format="PNG" align="center"/>
+ </imageobject>
+ <textobject>
+ <phrase>Classroom extensions configuration</phrase>
+ </textobject>
+ </mediaobject>
+ </figure>
+ </para>
+ <formalpara>
+ <title><guilabel>Enabled</guilabel></title>
+ <para>
+ Check this box to enable the Supervisor management interface.
+ </para>
+ </formalpara>
+ <formalpara>
+ <title><guilabel>Supervisor password</guilabel> (optional)</title>
+ <para>
+ When this password is set, all Supervisor users must enter
+ the password to manage web access.
+ This is optional, but for security reasons, either set a
+ Supervisor password, or define Supervisor IP addresses.
+ </para>
+ </formalpara>
+ <formalpara>
+ <title><guilabel>Supervisor IP addresses (one per line)</guilabel> (optional)</title>
+ <para>
+ This field allows you to define the IP addresses that will
+ be able to manage web access.
+ This is an optional configuration item which can be used to
+ increase security, or to simplify management,
+ if you don't want to configure a Supervisor password.
+ </para>
+ </formalpara>
+ <para>
+ For example, add these IP addresses, if you want to
+ allow them Supervisor access:
+ </para>
+ <screen><computeroutput>192.168.1.20
+192.168.1.30</computeroutput></screen>
+ <para>
+ The highest level of security is achieved when both a Supervisor
+ password is set, and IP restrictions are applied.
+ </para>
+ <formalpara>
+ <title><guilabel>Classroom group definitions</guilabel></title>
+ <para>
+ Your classroom group definitions are entered in this field.
+ A classroom group definition takes this format:
+ </para>
+ </formalpara>
+ <screen><computeroutput>[groupname]
+client MAC address or client IP address or IP range or IP subnet
+client MAC address or client IP address or IP range or IP subnet
+client MAC address or client IP address or IP range or IP subnet</computeroutput></screen>
+ <para>
+ So, for example, you might have a pair of group definitions
+ like this:
+ </para>
+ <screen><computeroutput>[Example group 1]
+192.168.1.11
+192.168.1.12
+192.168.1.13
+[Example group 2]
+192.168.1.21-192.168.1.25</computeroutput></screen>
+ <para>
+ Each group has a 'groupname', which must be unique.
+ The groupname is the part of the group definition between the
+ square brackets.
+ The name will appear in the web access management interface.
+ </para>
+ <para>
+ Each group can have an unlimited number of client definitions.
+ You can use mixed client definitions within a group,
+ but each definition must be in a single line.
+ Here are some examples:
+ </para>
+ <para>
+ Single host - MAC Address
+ </para>
+ <screen><computeroutput>01:23:45:67:89:0A</computeroutput></screen>
+ <para>
+ Single host - IP Address
+ </para>
+ <screen><computeroutput>192.168.1.11</computeroutput></screen>
+ <para>
+ Host range
+ </para>
+ <screen><computeroutput>192.168.1.21-192.168.1.25</computeroutput></screen>
+ <para>
+ Subnet (netmask notation)
+ </para>
+ <screen><computeroutput>192.168.1.32/255.255.255.240</computeroutput></screen>
+ <para>
+ Subnet (CIDR notation)
+ </para>
+ <screen><computeroutput>192.168.1.32/28</computeroutput></screen>
+ </sect3>
+
<sect3 id="services-webproxy-time">
<title>Time Restrictions</title>
<para>
@@ -679,10 +824,10 @@
<para>
Some examples might be:
</para>
- <screen><computeroutput>*.stuckfast.net
-www.stuckfast.net
+ <screen><computeroutput>*.example.net
+www.example.net
123.45.67.89
-www.stuckfast.net/downloads</computeroutput></screen>
+www.example.net/downloads</computeroutput></screen>
</sect3>
<sect3 id="services-webproxy-browser">
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|