PacketFence v6.0 released
April 19, 2016

The Inverse team is pleased to announce the immediate availability of PacketFence 6.0. This is a major release with new features, enhancements and important bug fixes. This release is considered ready for production use and upgrading from previous versions is strongly advised.

Here are the changes included in this release:

New Features

  • Fully redesigned frontend and backend of the captive portal
  • Parking state for unregistered devices (where it will have a longer DHCP lease time and will only access a lightweight portal)
  • CentOS 7 and Debian 8 (Jessie) support
  • RADIUS support for Avaya switches
  • New filter engine to return custom answers in pfdns
  • Redirect URL are defined in Role by Web Auth URL switch configuration (Cisco)
  • Added support for Captive-Portal DHCP attribute (RFC7710)
  • Added Google Project Fi as a SMS carrier for SMS signup option
  • FreeRADIUS 3 support with Redis integration

Enhancements

  • Added ability to expire users
  • Automatically update all the Fingerbank databases (Redis, p0f, SQLite3)
  • Do not allow the TRACE method to be used in any of the web processes
  • Can now limit the maximum unregdate an administrator can set to a person
  • Added option to disable the accounting recording in the SQL tables
  • Added caching of the latest accounting request for use in access reevaluation
  • Reduced the number of webservices calls during RADIUS accounting
  • Added configuration for Apache 2.4 with Template Toolkit
  • Added a timer for each RADIUS request (radius audit log)
  • Assign the voice role to VoIP devices when PacketFence detects them
  • Renamed VLAN to Role in admin GUI violation
  • Unregistering a node from a secure connection to an unsecured one is now managed by the VLAN filters
  • Location history of a node now shows the role instead of the VLAN id
  • Documentation to configure Cisco switches with Identity Networking Policy
  • Trigger violation on source or destination IP address only if they are in the trapping range networks
  • Performance improvement for VoIP detection
  • Added new RADIUS filter return option (random number in a range)
  • Reinstated iplog (iplog_history and iplog_archive) rotation/cleanup jobs performed by pfmon
  • An asynchronous LDAP lookup is now done on each 802.1x request to populate the person fields for that user

Bug Fixes

  • Compute unregistration date for secure connections
  • Fixed unescape value in LDAP search
  • Fixed Apache 2.4 core dump
  • Fixed update locationlog from accounting start with the wrong connection type

See the complete list of changes and the UPGRADE.asciidoc file for notes about upgrading.

Back to 2016