New Features
- DNS based enforcement as a new enforcement mode for routed networks
- Captive portal authentication now supports SAML authentication
- It is now possible to search for nodes that are online based on RADIUS accounting
- Integration with Suricata MD5 extraction module to scan against OPSWAT MetaScan online scanner
Enhancements
- Support for floating devices on HP Procurve switches
- RADIUS CoA support added to Brocade switches
- The NULL authorization source can now be combined with other sources
- Added possibility to trigger Firewall Single Sign-On when an endpoint changes status
- The username on a captive portal will no longer be stripped unless required otherwise
- Improved UDP reflector documentation
- Improved vendor specific attributes in radius filters
- Now able to specify on which LDAP attribute we should match for SponsorEmail
- Now able to strip a username in LDAP source even if not present in RADIUS request
Bug Fixes
- Fixed incorrect provisioning that ignored broadcast state of provisioned SSID
- Present a login page without login form when a blackhole source is used on the portal profile ([#1021](https://github.com/inverse-inc/packet
fence/issues/1021)) - Fixed incorrect provisioning templates that required entering a password twice (#1119)
- Fixed ambiguous SQL accounting stored procedure that could return duplicate results
- Fixes incorrect IPv6 DHCP processing in pfdhcplistener