Add - documentation updates

Signed-off-by: Rob White <rob@blue-wave.net>

docs/source/clientstatus.rst

@@ -1,5 +1,5 @@
-The Client Status/Error511 Page
-###############################
+The Client Status/CPI (Captive Portal Information) Page
+#######################################################
 
 If the client is redirected by the CPI (RFC 8910) process, this page is displayed.
 
@@ -7,14 +7,14 @@ This page is also accessible by any connected client at the default url:
 
 http://status.client
 
+**If the client is not authenticated**, then this page is also known as the Error511 page, as it serves to the client the "511 Network Authentication Required" html status code and a button is displayed to allow the client to log in.
+
+**If the client is authenticated**, a page is served displaying the Gatewayname and the Network Zone the client device is currently using.
+
 Default "Quick Status" and optional "Advanced Status" options can be selected.
 
-If the client has been authenticated in the normal way by the client CPD process, a page is served displaying the Gatewayname and the Network Zone the client device is currently using.
-
 A list of allowed quotas and current usage is displayed along with "Refresh" and "Logout" buttons.
 
-If the client has not been authenticated, or has been deauthenticated due to timeout or quota usage, then a "*Error 511 Network Authentication Required*" page is displayed with a "Continue" button for logging in.
-
 The "Continue" button allows the client to immediately attempt to login without waiting for the client CPD to trigger.
 
 The URL used to access this page can be changed by setting the config option gatewayfqdn.
@@ -23,18 +23,13 @@ For best results it is recommended that gatewayfqdn is set to two words separate
 
 	``option gatewayfqdn 'my.status'``
 
- **Warning** - if set, services on port 80 of the gateway will no longer be accessible (eg Luci AdminUI)
-
- By default, the Error511/Status page will be found at ``http://status.client/`` by a redirection of port 80 to ``http://gatewayaddress:gatewayport/``
-
  ***Disable GatewayFQDN*** by setting the option to 'disable'
  ie:
 
  ``option gatewayfqdn 'disable'``
 
-An alternate Useful Example:
+ **Warning** - if enabled, services on port 80 of the gateway will no longer be accessible (eg the OpenWrt Luci AdminUI)
 
-``option gatewayfqdn 'login.page'``
 
 Custom Files and Images
 ***********************

docs/source/config.rst

@@ -979,6 +979,22 @@ Example:
 
 ``option fas_secure_enabled '3'``
 
+Set NAT Traversal Poll Interval
+*******************************
+
+Sets the polling interval for NAT Traversal in seconds
+
+Default 10 seconds
+
+Allowed values between 1 and 60 seconds inclusive
+
+Defaults to 10 seconds if set outside this range
+
+Effective only when option fas_secure_enabled is set to 3
+
+Example:
+
+``option nat_traversal_poll_interval '5'``
 
 Set PreAuth
 ***********

docs/source/howitworks.rst

@@ -123,7 +123,7 @@ Instead of waiting for the client to test for Internet access using its vendor s
 
 Any clients supporting this method will open their CPD browser pointing at the specified URL instead of waiting for a redirection.
 
-This is a new and somewhat experimental standard with very few clients supporting it, but this is likely to change rapidly as the standard matures.
+This is a new and somewhat experimental standard but at the time of writing (September 2022) an increasing number of new clients are beginning to support it as their implementations of the standard mature.
 
 This method is enabled in openNDS by default, but can be disabled (see "Dhcp option 114 Enable - RFC8910" in the Configuration Options section).
 
@@ -133,7 +133,7 @@ Captive Portal Identification With Portal API (RFC 8910 / RFC 8908)
 The RFC8908 Captive Portal API extends Captive Portal Identification by adding an API by which a client device can access the Portal.
 This is supported in openNDS from version 9.5.0 onwards.
 
-At the time of writing (November 2021), very few client devices support this API.
+At the time of writing (September 2022), very few client devices support this API.
 
 Network Zone Detection (Where is the Client Connected?)
 *******************************************************

docs/source/libraries.rst

@@ -239,6 +239,49 @@ dhcpcheck:
 
     *returns*: The mac address that was allocated to the ip address or null and exit code 1 if not allocated
 
+deauth:
+-------
+
+	arg1: "deauth", deauthenticates a client by ip or mac address
+
+        arg2: contains the ip or mac address
+
+    *Can NOT be called from a binauth script*
+
+
+    *returns*: the status of the deauth request
+
+daemon_deauth:
+--------------
+
+    arg1: "daemon_deauth", initiates a daemon process to deauth a client by ip or mac address
+
+        arg2: contains the ip or mac address
+
+    *Can be called from a binauth script*
+
+    *returns* the pid of the daemon_deauth process
+
+    The actual client deauth will be reported in the syslog if successful
+
+urlencode:
+----------
+
+    arg1: "urlencode", urlencode a string
+
+        arg2: contains the string to be encoded
+
+    *returns* the encoded string
+
+urldecode:
+----------
+
+    arg1: "urldecode", urldecode a string
+
+        arg2: contains the string to be decoded
+
+    *returns* the decoded string
+
 ?fas:
 -----
     **arg1**: "*?fas=<b64string>*", generates ThemeSpec html using b64encoded data sent from openNDS