PacketFence v4.1.0

New Features

• Portal profiles can be filtered by switches
• Proxy interception
• New pfcmd command fixpermissions
• Added a "Null" authenication source
• Displayed columns of nodes are now customizable
• Create a single node or import multiple nodes from a CSV file from the Web admin
• LDAP authentication sources can now filter by group membership using a second LDAP query
• Extended definition of access durations
• FreeRADIUS does not need to be restarted after adding a switch
• New customizable ACLs for Web admin interface

Enhancements

• Improved error messages in RADIUS modules
• Simple search for nodes now includes IP address
• Search by MAC address for nodes and users now accepts any MAC format
• Improved starting delay when using inline mode
• Added memcached as a managed service
• Added CoA support for Xirrus access point
• Improved validation of VLAN management
• Updated FontAwesome to version 3.2.1
• Each portal profile can now have a different redirection URL
• Initial destination URL is now respected with Firefox
• An Htpasswd source can now define sponsors
• Improved display of pie charts (limit of legend labels and highlight of table rows)
• Creation of users is now performed from the users page (was on the configuration page)
• Validate file path when saving an Htpasswd authentication source
• Improved validation of a sponsor's email address
• Allow actions depending on authentication source type
• Modified logrotate so it uses copytruncate instead of restarting the services.
• Now comes with a corosync compatible barnyard2 init script in addons.
• Unreg the node when you come from a secure connection to an open connection
• Allow a self-registered node by SMS to go back to the registration page
• Sponsor email authentication source can refuse email addresses of the local domain (as the email source)
• Updated German (de) translation

Bug Fixes

• RADIUS configuration files are no longer replaced when updating packages
• Fixed match of Htpasswd authentication source (#1714)
• Fixed creation of users without a role (#1721)
• Fixed expiration date of registration to the end of the day (#1722)
• Fixed caching issue when editing authentication sources (#1729)
• Allow rules with dashes (#1730)
• Fixed vconfig setting the wrong name_type
• Fixed help text in Web admin (#1724)
• Removed references to unavailable snort rules (#1715)
• Fixed LDAP regexp condition not considering all attribute values (#1737)
• Fixed sort by phone number and nodes count when performing an advanced search on users (#1738)
• Fixed users searches not being saved in the proper namespace
• Fixed handling of form submit when saving a user search
• Fixed self-registration of multiple unverified devices
• Fixed duplicate entries in advanced search of nodes
• Fixed advanced search by node category
• Fixed reordering of conf sections and groups (#1749)
• Fixed pid of SMS-registered devices (was "admin" in certain circumstances)
• Fixed saving of 'allow local domain' option when disabled in an email authentication source
• The 'allow local domain' option of the email source will now only affect the user who registers by email
• Fixed ifoctetshistoryuser command to use the correct query when just a user is given
• Fixed network-detection for IE 8
• Fixed SQL query of SSID report in Web admin

PacketFence v4.0.6-2

Bug Fixes

• Fixed dependancy in debian/ubuntu package (#1705)
• Fixed 802.1X error in RADIUS authorize (#1709)
• Fixed pfcmd not stopping services (#1710)
• Fixed caching issue on Web admin interface (#1711)

PacketFence v4.0.6

New Features

• New Polish (pl_PL) translation (thanks to Maciej Uhlig [email protected])

Enhancements

• Improved display of filters and sources (DynamicTable) in portal profile editor
• Ensure the VLAN naming scheme is set on start up
• When no authentication source is associated to the default portal profile, all available sources are used
• Phone number is now editable from the user editor
• Updated fingerprints of gaming devices (Xbox)
• Moved pfmon to a single process daemon and added the ability to restart itself upon error
• Added new test tool bin/pftest
• Improved SQL query in pf::node when matching a valid MAC
• Allow change of owner in node editor (with auto-completion)
• iptables management by packetfence is now optional
• Allow advanced search of users and nodes by notes (#1701)
• Added better error/warning messages when adding a violation with pfcmd
• Output the violation id for pfcmd violation add command when the json option is supplied

Bug Fixes

• Fixed XML encoding of RADIUS attributes in SOAP request
• Fixed retrieval of user role for gaming devices
• Fixed SQL query of connection types report in Web admin
• Fixed issue with anonymous LDAP bind failing with searches
• Fixed email subject when self-registering by email
• Fixed empty variables of preregistration email template
• Fixed detection of guest-only authentication sources when no source is associated to the portal
• Fixed stylesheet for Firefox and IE when printing user access credentials
• Fixed display of IP address in advanced search of nodes
• Fixed advanced search of nodes by violation
• Fixed advanced search of users by sponsor
• Fixed various caching issues
• Fixed various logged warnings
• Fixed various authentication issues (#1693, #1695)

PacketFence v4.0.5-2

Bug Fixes

• Fixed authentication with multiple sources
• Fixed oauth2
• Authentication source is now respected when using WISPr

PacketFence 4.0.5

New Features

• Passthrough with Apache's mod_proxy module

Enhancements

• Improved validation of sponsor's email
• Self-registration by sponsor now works without having to define an email authentication source
• Fetching VLAN for dot1x connections is now limited to internal authentication sources
• Splitted internal and external classes in dropdown menu of authentication types
• Show error message when trying to delete a source used by the portal profiles
• Documentation of the vip parameter for management interface

Bug Fixes

• Authentication is now limited to internal sources
• DynamicTable widget now allows to drag'n'drop under last row
• Connections on port 443 are now accepted for self-registration (#1679)
• Use virtual ip when available for SNAT
• Remote conformity scan engines (Nessus/OpenVAS) can now scan devices in unregistrated state on inline networks
• Returned per-switch role (if configured) for "Role mapping by switch role" rather than sending the user role

PacketFence v4.0.4

New Features

• Portal profiles can now have multiple filters

Enhancements

• Added new regexp operator for strings in authentication rules
• Automatic landing on the sign-in page if no internal/oauth authentication source is used by the portal profile
• Self-registration is now enabled when a profile has at least one external authentication source
• Authentication sources of portal profiles are now displayed in a sortable table
• Sort actions of a violation in reverse order to set the role before auto registration
• Added hostapd configuration in the Network Devices Configuration Guide
• Version number is now sent when submiting dhcp and useragents fingerprints

Bug Fixes

• External authentication sources of portal profiles are not respected
• A portal profile can have multiple external authentication sources of the same type
• Port 443 on the management interface is not open when gaming registration is enable
• Crash of FreeRADIUS with SOAP::Lite prior to version 1.0
• Wrong permissions on the logs files causes an error with the log action of violations
• Error with violations with tainted chain in pfmailer and action_log subroutines
• Triggering a violation with a trap action doesn't reevaluate access
• authentication.conf and profiles.conf are overwritten when updating PacketFence
• First element of button groups is not properly displayed
• Sponsors are not extracted from LDAP sources

PacketFence v4.0.3

New Features

• Support for 'hostapd' access points

Enhancements

• Add buttons to clone a switch, a floating device, and a violation
• Add version number in the top navigation bar

Bug Fixes

• Form toggle fields don't support all variations
• Counters and graphs for today are empty
• Maintenance interval is not respected in pfmon
• Optgroup labels in select menus are hidden when build multiple times
• Callbacks are performed on every ReadConfig
• Guest modes don't show up on captive portal
• Authentication source is not respected when matching actions in register.cgi

PacketFence v4.0.2

Enhancements

• Replaced bind with pfdns - PacketFence's own DNS server
• Rewrote Oauth2 support (based on ipset sessions)
• New counters bellow line graphs of reports
• Support for anonymous bind in LDAP authentication sources
• Added support for date and time conditions in authentication sources
• Added "is not" condition on connection type
• Extend simple search of nodes to match MAC, owner and computer name
• Added search and display of the a user’s telephone number
• Can now have multiple external authentication sources
• Increased speed of loading configuration from the cache
• Each portal profiles can now use a list of authentication sources
• A switch definition can now be easily cloned
• Switches are now ordered by IP address

Bug fixes

• Re-evaluate network access when changing a node status
• Re-evaluate network access when closing a violation
• Missing unit when interval is zero
• Switch with empty inlineTrigger rises an exception
• Web admin sets triggerInline while libs expect inlineTrigger
• Condition on user email doesn’t work for email sources
• Sponsors can’t be validated
• Node search by person name is broken (#1652)
• Can’t enable VoIP from switch configuration form (#1663)
• Maximum number of nodes per user is not respected by role
• Routed networks are not properly sorted (#1666)
• Can’t edit notes of a node (#1667)
• pfdetect_remote and pfarp_remote fix