=== On Fire

* User mgmt tools, including admin interface & "Forgot my password" mailer.

* ipchains support is b0rked

* Easy MAC white/blacklisting in nocat.conf

* HTTPS requests crash the gateway hard??

=== Implemented but in need of testing:

* "Connect-Forward" gateway mode for firewalled gateways (require HTTPS on g/w)
  >> Passive mode supercedes this.  Does Passive mode work?

* Find DNS via resolv.conf parsing.

* NoCatSplash

=== To Do (more or less in order of importance):

* Add forced DNS to other firewall scripts.

* Easy 'disable public access' option in nocat.conf

* Cookie-based persistent logins

* Logout option for Open mode
  >> Link on community site pointing to gw:/logout ?

* Group managment tools. *** bin/admintool is a fully functional commandline
  interface.  Use it!

* Find DNS via resolv.conf parsing.

=== Other random issues:

* Figure out perms issues when writing to passwd files from Apache

* Sanity checking of timeout values, etc. Esp. try to prevent g/w from blocking forever.

* CLI auth agent (for Linux users etc)

* Better error reporting from gateway to authservice and from authservice to user during notification.

* Doc note per Terry Schmidt: "(Note:  Causes Security alert
  message after clicking login, because you are directed from an insecure URL
  to a Secure URL, to an insecure URL.  Not a problem with NoCat Auth, but
  should be mentioned in user documentation.)"

* Have auth tokens show up in both gateway and authservice logs, for bug tracking.

* "Agree-Disagree" instead of just "Login" for splash page

* Anonymous (vs. Public) Class Service

* DOCS

* Setuid firewall script wrapper (in C)

* User-definable timeout option
