Welcome to the documentation for openNDS
openNDS (open Network Demarcation Service) is a high performance, small footprint, Captive Portal. It provides a border control gateway between a public local area network and the Internet.
It supports all ranges between small stand alone venues through to large mesh networks with multiple portal entry points.
Both the client driven Captive Portal Detection (CPD) method and gateway driven Captive Portal Identification method (CPI - RFC 8910 and RFC 8908) are supported.
In its default configuration, openNDS offers a dynamically generated and adaptive splash page sequence. Internet access is granted by a click to continue button, accepting Terms of Service. A simple option enables input forms for user login.
The package incorporates the FAS API allowing many flexible customisation options. The creation of sophisticated third party authentication applications is fully supported.
Internet hosted https portals can be implemented with no security errors, to inspire maximum user confidence.
It is a fork of the NoDogSplash project that in turn was derived originally from the codebase of the Wifi Guard Dog project.
openNDS is released under the GNU General Public License.
openNDS: https://github.com/openNDS/openNDS
Original Homepage down: http://kokoro.ucsd.edu/nodogsplash
Archive: https://web.archive.org/web/20140210131130/http://kokoro.ucsd.edu/nodogsplash
Wifidog down: http://dev.wifidog.org/
Archive: https://web.archive.org/web/20220518120459/http://dev.wifidog.org/wiki/About
NoDogSplash: https://github.com/nodogsplash/nodogsplash
GNU GPL: http://www.gnu.org/copyleft/gpl.html
The following describes what openNDS does, how to get it and run it, and how to customize its behavior for your application.
Contents:
- Overview
- What’s New? - ChangeLog
- How openNDS (NDS) works
- Installing openNDS
- The Splash Page Sequence
- Customising openNDS
- Configuration Options
- Enable openNDS
- Use deprecated generic configuration file
- Enable debug output (0-3)
- Firewall Restart hook
- Ndsctl Socket Access
- Local Log Mountpoint
- Maximum number of Local Log Entries
- Login Option
- Allow Preemptive Authentication
- ThemeSpec Path
- Define Custom Parameters
- Define Custom Variables
- Define Custom Images
- Define Custom Files
- Set refresh interval for downloads
- Use outdated libmicrohttpd (MHD)
- Maximum Page Size to be served by MHD
- Set the MHD WebRoot
- Set the GatewayInterface
- Set the GatewayPort
- Set the GatewayName
- Serial Number Suffix Enable
- Set GatewayFQDN
- Set StatusPath
- Set MaxClients
- Client timeouts in minutes
- Set the Checkinterval
- Set Rate Quotas
- Set Bucket Ratio
- MaxDownloadBucketSize
- MaxUploadBucketSize
- DownLoadUnrestrictedBursting
- UpLoadUnrestrictedBursting
- Set RateCheckWindow
- Set Volume Quotas
- Set Fair Usage Policy Throttle Rate
- Enable BinAuth Support.
- Set Fasport
- Set Fasremotefqdn
- Set the Fasremoteip
- Set the Faspath
- Set the Faskey
- Set Security Level: fas_secure_enabled
- Set NAT Traversal Poll Interval
- Access Control For Authenticated Users
- Access Control For Preauthenticated Users:
- Walled Garden Access For Preauthenticated Users
- User Access to Services On the Router
- Trusted Clients
- Pre-emptive Clients
- Dhcp option 114 Enable - RFC8910
- Packet Marking Compatibility
- Custom Parameters, Variables, Images and files
- Forwarding Authentication Service (FAS)
- Overview
- Using FAS
- Security
- Example FAS Query strings
- Custom Parameters
- Network Zones - Determining the Interface the Client is Connected To
- After Successful Verification by FAS
- Post FAS processing
- BinAuth Post FAS Processing
- Manual Access of NDS Virtual URL
- Running FAS on your openNDS router
- Using a Shared Hosting Server for a Remote FAS
- Using a CDN (Content Delivery Network) Hosted Server for a Remote FAS
- Using the FAS Example Scripts (fas-hid, fas-aes.php, fas-hid-https.php and fas-aes-https.php)
- Changing faskey
- ThemeSpec Script Files
- PreAuth Option
- BinAuth Option
- Walled Garden and Block Lists
- Library Utilities
- Using ndsctl
- Data Quotas and Traffic Shaping
- The Client Status/CPI (Captive Portal Information) Page
- Frequently Asked Questions
- What’s the difference between versions?
- Can I upgrade from NoDogSplash to openNDS?
- Can I upgrade from v5 to v6
- Can I upgrade from v6 to v7?
- Can I upgrade from v7 to v8?
- Can I upgrade from v8 to v9
- Can I upgrade from v9 to v10
- How can I add custom parameters, such as site specific information?
- How can I add custom fields on the login page, such as phone number, car licence plate number etc.?
- Is it possible to display custom info or advertising on the login pages?
- How do I manage client data usage?
- Is an https splash page supported?
- Is https capture supported?
- What is CPD / Captive Portal Detection?
- What is CPI / Captive Portal Identification?
- How to Compile openNDS
- Debugging openNDS
- TODO List