PacketFence v5.6 released
January 13, 2016

The Inverse team is pleased to announce the immediate availability of PacketFence 5.6.0. This is a major release with new features, enhancements and important bug fixes. This release is considered ready for production use and upgrading from previous versions is strongly advised.

Here are the changes included in this release:

New Features

  • New RADIUS auditing report allows troubleshooting from the GUI
  • The email authorization source now allows to set roles based on the email used to register
  • New switch groups now allows to assign settings to multiple switches at once
  • DHCP filters now allow arbitrary rules to perform actions based on DHCP fingerprinting
  • Cisco switches login access can now be authenticated through PacketFence
  • The filter engine configuration can now be edited through the admin GUI

Enhancements

  • New dedicated search feature for violations in the nodes panel
  • New pfcmd pfqueue command allows managing the queue from the command line
  • New option to specify the authentication source to use depending on the RADIUS realm
  • Upgrade Config::IniFiles to allow faster loading of configuration files
  • Performance improvements to the filtering engine by avoiding unnecessary database lookups
  • New columns bypass_vlan and bypass_role are allowed to be import for nodes
  • Service start/stop order can now be configured through the admin GUI
  • Pagination can now be defined by the user in the admin GUI search results
  • The pfdns service now forks to process multiple requests in parallel
  • Added configurable timeout for send/receive operations on the OMAPI socket
  • The authorization process will now test if the role changed before reevaluating access
  • New option to add date based VLAN filter condition (is before date, is after date)
  • pfconfig backend can now be cleared via pfcmd
  • Improved RADIUS accounting handling for better performance

Bug Fixes (bug Id is denoted with #id)

  • Remove old entries in ipset session
  • Always reevaluate the access if the order come from the admin gui (#1056)
  • Portal profiles templates are now properly synced between members of a cluster (#942)
  • Process requests properly when running a pfdhcplistener on an interface that has networks with and without dhcpd activated
  • Violation trigger from web admin will now override grace period (#1028)
  • Fix queue task counters out of sync when a task expires
  • Reworked the configuration backends to prevent a race condition of the configuration namespaces in active/active cluster (#1067)
  • Define each internal network to NAT instead of a global rule when passthroughs are enabled (#1118)

See the complete list of changes and the UPGRADE.asciidoc file for notes about upgrading.

Back to 2016