Altostrat logo
Dashboard
Change Log

Weekly Changelog: Captive Portal, DNS/BGP Filtering, Developer API & Enhanced Network Access Controls

This week's update brings new capabilities for configuring network access controls, including entry types and stricter validation. We've also launched the Captive Portal, BGP/DNS Filter, Elastic IP, and initial Developer API services.

-

Highlights this Week

Building on our newly launched platform, we've significantly expanded our network control and management capabilities. Key services including Captive Portal, BGP/DNS Filtering, Elastic IP management, and the initial Developer API are now fully operational.

New Service Activations & Initial Features

  • Captive Portal Services (captive-portal-stun, captive-portal):
    • The captive-portal-stun service is now live, acting as the initial contact point for redirecting users to the main portal.
    • The captive-portal service is fully operational, supporting initial user authentication via OAuth2 (as configured in auth) and introducing Coupon-based access. Basic instance management and Walled Garden rule definition (including typed entries) are now available.
  • DNS & BGP Filtering (bgp-dns-filter): The bgp-dns-filter service is online, providing foundational capabilities for DNS content filtering (BIND RPZ) and BGP blackholing (Bird). Initial policy management and configuration file generation to S3 are active.
  • Static IP Management (elastic-ip): The elastic-ip service is now fully integrated, managing static IP allocations along with associated RADIUS user credentials and PTR records directly via its RADIUS database.
  • Developer API (developers-api): The first iteration of the developers-api is launched! This gateway allows for programmatic interaction, offering initial authenticated synchronous command proxying to control-plane/mikrotik and asynchronous job dispatch via SNS.

Existing Service Enhancements (Originally from Changelog)

  • Typed Walled Garden Entries (within captive-portal): You can now assign specific types to Walled Garden entries, starting with support for authentication-related entries. This lays the groundwork for different validation rules and processing based on the entry's purpose, improving configuration clarity and control.
  • Improved Walled Garden Validation (within captive-portal): For typed Walled Garden entries related to authentication, we've implemented stricter validation. The system now checks that specified IP addresses or ranges are correctly located within the subnets assigned to your specific network access instances, preventing misconfigurations and enhancing security.
  • API Update for Walled Gardens (within captive-portal): The API resource for Walled Garden entries now includes the new type field, providing developers and integrators with more detailed information for easier management.

Bug Fixes

  • No user-facing bug fixes were required this week beyond the initial stabilization of newly activated services.