Releases: inverse-inc/packetfence
Releases · inverse-inc/packetfence
PacketFence v4.1.0
New Features
- Portal profiles can be filtered by switches
- Proxy interception
- New pfcmd command fixpermissions
- Added a "Null" authenication source
- Displayed columns of nodes are now customizable
- Create a single node or import multiple nodes from a CSV file from the Web admin
- LDAP authentication sources can now filter by group membership using a second LDAP query
- Extended definition of access durations
- FreeRADIUS does not need to be restarted after adding a switch
- New customizable ACLs for Web admin interface
Enhancements
- Improved error messages in RADIUS modules
- Simple search for nodes now includes IP address
- Search by MAC address for nodes and users now accepts any MAC format
- Improved starting delay when using inline mode
- Added memcached as a managed service
- Added CoA support for Xirrus access point
- Improved validation of VLAN management
- Updated FontAwesome to version 3.2.1
- Each portal profile can now have a different redirection URL
- Initial destination URL is now respected with Firefox
- An Htpasswd source can now define sponsors
- Improved display of pie charts (limit of legend labels and highlight of table rows)
- Creation of users is now performed from the users page (was on the configuration page)
- Validate file path when saving an Htpasswd authentication source
- Improved validation of a sponsor's email address
- Allow actions depending on authentication source type
- Modified logrotate so it uses copytruncate instead of restarting the services.
- Now comes with a corosync compatible barnyard2 init script in addons.
- Unreg the node when you come from a secure connection to an open connection
- Allow a self-registered node by SMS to go back to the registration page
- Sponsor email authentication source can refuse email addresses of the local domain (as the email source)
- Updated German (de) translation
Bug Fixes
- RADIUS configuration files are no longer replaced when updating packages
- Fixed match of Htpasswd authentication source (#1714)
- Fixed creation of users without a role (#1721)
- Fixed expiration date of registration to the end of the day (#1722)
- Fixed caching issue when editing authentication sources (#1729)
- Allow rules with dashes (#1730)
- Fixed vconfig setting the wrong name_type
- Fixed help text in Web admin (#1724)
- Removed references to unavailable snort rules (#1715)
- Fixed LDAP regexp condition not considering all attribute values (#1737)
- Fixed sort by phone number and nodes count when performing an advanced search on users (#1738)
- Fixed users searches not being saved in the proper namespace
- Fixed handling of form submit when saving a user search
- Fixed self-registration of multiple unverified devices
- Fixed duplicate entries in advanced search of nodes
- Fixed advanced search by node category
- Fixed reordering of conf sections and groups (#1749)
- Fixed pid of SMS-registered devices (was "admin" in certain circumstances)
- Fixed saving of 'allow local domain' option when disabled in an email authentication source
- The 'allow local domain' option of the email source will now only affect the user who registers by email
- Fixed ifoctetshistoryuser command to use the correct query when just a user is given
- Fixed network-detection for IE 8
- Fixed SQL query of SSID report in Web admin
PacketFence v4.0.6-2
PacketFence v4.0.6
New Features
- New Polish (pl_PL) translation (thanks to Maciej Uhlig [email protected])
Enhancements
- Improved display of filters and sources (DynamicTable) in portal profile editor
- Ensure the VLAN naming scheme is set on start up
- When no authentication source is associated to the default portal profile, all available sources are used
- Phone number is now editable from the user editor
- Updated fingerprints of gaming devices (Xbox)
- Moved pfmon to a single process daemon and added the ability to restart itself upon error
- Added new test tool bin/pftest
- Improved SQL query in pf::node when matching a valid MAC
- Allow change of owner in node editor (with auto-completion)
- iptables management by packetfence is now optional
- Allow advanced search of users and nodes by notes (#1701)
- Added better error/warning messages when adding a violation with pfcmd
- Output the violation id for pfcmd violation add command when the json option is supplied
Bug Fixes
- Fixed XML encoding of RADIUS attributes in SOAP request
- Fixed retrieval of user role for gaming devices
- Fixed SQL query of connection types report in Web admin
- Fixed issue with anonymous LDAP bind failing with searches
- Fixed email subject when self-registering by email
- Fixed empty variables of preregistration email template
- Fixed detection of guest-only authentication sources when no source is associated to the portal
- Fixed stylesheet for Firefox and IE when printing user access credentials
- Fixed display of IP address in advanced search of nodes
- Fixed advanced search of nodes by violation
- Fixed advanced search of users by sponsor
- Fixed various caching issues
- Fixed various logged warnings
- Fixed various authentication issues (#1693, #1695)
PacketFence v4.0.5-2
Bug Fixes
- Fixed authentication with multiple sources
- Fixed oauth2
- Authentication source is now respected when using WISPr
PacketFence 4.0.5
New Features
- Passthrough with Apache's mod_proxy module
Enhancements
- Improved validation of sponsor's email
- Self-registration by sponsor now works without having to define an email authentication source
- Fetching VLAN for dot1x connections is now limited to internal authentication sources
- Splitted internal and external classes in dropdown menu of authentication types
- Show error message when trying to delete a source used by the portal profiles
- Documentation of the vip parameter for management interface
Bug Fixes
- Authentication is now limited to internal sources
- DynamicTable widget now allows to drag'n'drop under last row
- Connections on port 443 are now accepted for self-registration (#1679)
- Use virtual ip when available for SNAT
- Remote conformity scan engines (Nessus/OpenVAS) can now scan devices in unregistrated state on inline networks
- Returned per-switch role (if configured) for "Role mapping by switch role" rather than sending the user role
PacketFence v4.0.4
New Features
- Portal profiles can now have multiple filters
Enhancements
- Added new regexp operator for strings in authentication rules
- Automatic landing on the sign-in page if no internal/oauth authentication source is used by the portal profile
- Self-registration is now enabled when a profile has at least one external authentication source
- Authentication sources of portal profiles are now displayed in a sortable table
- Sort actions of a violation in reverse order to set the role before auto registration
- Added hostapd configuration in the Network Devices Configuration Guide
- Version number is now sent when submiting dhcp and useragents fingerprints
Bug Fixes
- External authentication sources of portal profiles are not respected
- A portal profile can have multiple external authentication sources of the same type
- Port 443 on the management interface is not open when gaming registration is enable
- Crash of FreeRADIUS with SOAP::Lite prior to version 1.0
- Wrong permissions on the logs files causes an error with the log action of violations
- Error with violations with tainted chain in pfmailer and action_log subroutines
- Triggering a violation with a trap action doesn't reevaluate access
- authentication.conf and profiles.conf are overwritten when updating PacketFence
- First element of button groups is not properly displayed
- Sponsors are not extracted from LDAP sources
PacketFence v4.0.3
New Features
- Support for 'hostapd' access points
Enhancements
- Add buttons to clone a switch, a floating device, and a violation
- Add version number in the top navigation bar
Bug Fixes
- Form toggle fields don't support all variations
- Counters and graphs for today are empty
- Maintenance interval is not respected in pfmon
- Optgroup labels in select menus are hidden when build multiple times
- Callbacks are performed on every ReadConfig
- Guest modes don't show up on captive portal
- Authentication source is not respected when matching actions in register.cgi
PacketFence v4.0.2
Enhancements
- Replaced bind with pfdns - PacketFence's own DNS server
- Rewrote Oauth2 support (based on ipset sessions)
- New counters bellow line graphs of reports
- Support for anonymous bind in LDAP authentication sources
- Added support for date and time conditions in authentication sources
- Added "is not" condition on connection type
- Extend simple search of nodes to match MAC, owner and computer name
- Added search and display of the a user’s telephone number
- Can now have multiple external authentication sources
- Increased speed of loading configuration from the cache
- Each portal profiles can now use a list of authentication sources
- A switch definition can now be easily cloned
- Switches are now ordered by IP address
Bug fixes
- Re-evaluate network access when changing a node status
- Re-evaluate network access when closing a violation
- Missing unit when interval is zero
- Switch with empty inlineTrigger rises an exception
- Web admin sets triggerInline while libs expect inlineTrigger
- Condition on user email doesn’t work for email sources
- Sponsors can’t be validated
- Node search by person name is broken (#1652)
- Can’t enable VoIP from switch configuration form (#1663)
- Maximum number of nodes per user is not respected by role
- Routed networks are not properly sorted (#1666)
- Can’t edit notes of a node (#1667)
- pfdetect_remote and pfarp_remote fix