inverse-inc/packetfence packetfence-5.6.0

PacketFence v5.6.0

on GitHub

New Features

• New RADIUS auditing report allows troubleshooting from the GUI
• The email authorization source now allows to set roles based on the email used to register
• New switch groups now allows to assign settings to multiple switches at once
• DHCP filters now allow arbitrary rules to perform actions based on DHCP fingerprinting
• Cisco switches login access can now be authenticated through PacketFence
• The filter engine configuration can now be edited through the admin GUI

Enhancements

• New dedicated search feature for violations in the nodes panel
• New pfcmd pfqueue command allows managing the queue from the command line
• New option to specify the authentication source to use depending on the RADIUS realm
• Upgrade Config::IniFiles to allow faster loading of configuration files
• Performance improvements to the filtering engine by avoiding unnecessary database lookups
• New columns bypass_vlan and bypass_role are allowed to be import for nodes
• Service start/stop order can now be configured through the admin GUI
• Pagination can now be defined by the user in the admin GUI search results
• The pfdns service now forks to process multiple requests in parallel
• Added configurable timeout for send/receive operations on the OMAPI socket
• The authorization process will now test if the role changed before reevaluating access
• New option to add date based VLAN filter condition (is before date, is after date)
• pfconfig backend can now be cleared via pfcmd
• Improved RADIUS accounting handling for better performance

Bug Fixes (bug Id is denoted with #id)

• Remove old entries in ipset session
• Always reevaluate the access if the order come from the admin gui (#1056)
• Portal profiles templates are now properly synced between members of a cluster (#942)
• Process requests properly when running a pfdhcplistener on an interface that has networks with and without dhcpd activated
• Violation trigger from web admin will now override grace period (#1028)
• Fix queue task counters out of sync when a task expires
• Reworked the configuration backends to prevent a race condition of the configuration namespaces in active/active cluster (#1067)
• Define each internal network to NAT instead of a global rule when passthroughs are enabled (#1118)