2012 News

2012-02-23 (3 yrs)

PacketFence 3.2.0 released

This is a major release with big features, new hardware support, enhancements, bug fixes (including a security fix) and updated translations.


Ready for production use.

Here are the changes in 3.2.0:

Security

  • Reflected Cross-site scripting (XSS) in Web Admin printing system (#1362)

New Hardware Support

  • Ruckus Wireless Controllers

New Features

  • OpenVAS Vulnerability Assesment integration for client-side policy compliance
  • Bandwidth violations based on RADIUS accounting information
  • Billing engine integration for allowing the use of a payment gateway to gain network access.

Enhancements

  • Migrated our documentation from a binary-only ODT to a flexible asciidoc format
  • Code and tests refactoring
  • Minor documentation update for Aruba Controllers
  • Performance: avoiding some redundant operations on startup
  • A DHCP listener will run by default on the management interface
  • pfcmd_vlan is now able to run arbitrary methods on network devices
  • Debug statement with the resolved SSID now available to troubleshoot SSID problems live
  • Added getSwitchLocation to pfcmd_vlan which fetches SNMP sysLocation on switch (#1250, Thanks to Maikel!)
  • Introduced more aggressive exception-based configuration error handling
  • Introduced new trigger types (nessus and openvas) and removed the scan type
  • Added the capability to use dots in trigger id
  • Added a new config flag: registration.guests_self_registration to control if self-registered guests are enabled (#1361)
  • Made it easier to override preregistered guest usernames (default is email)
  • Added a new config flag: vlan.trap_limit to enable/disable the trap limit feature
  • RADIUS captive portal authentication can now target several RADIUS servers for fault tolerance
  • Added a multi-threaded EAP test script in t/stress-test/
  • Performance: node_view query optimized for 100x+ gain in environments where MySQL is taking a lot of CPU
  • Performance: faster command line response time (15%+ with bin/pfcmd)
  • Our FreeRADIUS module packetfence.pm now logs in radius' log instead of syslog (related to #1377)
  • Performance: ~2x FreeRADIUS performance by avoiding superfluous queries

Bug Fixes

  • Buttons in graphs.php of type ifoctetshistoryswitch, ifoctetshistoryuser, ifoctetshistorymac (#1110)
  • Web Admin usability fixes (#1071)
  • Small typo error in node.pm log message (#1357)
  • Interpolation issue in pf::web::custom's code which is disabled by default (#1358)
  • Allow more than one SNMPv3 EngineID per user (#1354)
  • OS and violation classes properly displayed in printer-friendly tables in the Web Admin
  • Disabled config ownership tests because of too many false positives (#1345)
  • Passthrough doesn't work with domains without an ending slash (#1368)
  • Returning exit status 0 on command line tools when asked to show help
  • pfcmd's general help is now sent to standard ouput instead of standard error
  • Globally disabled privilege detection in hardware requiring Telnet / SSH. All except Trapeze. (#1370)
  • Thread crash with floating network devices with VoIP through SSH transport (#1369)
  • MAC-Auth / 802.1X translation fixes for the Cisco Catalyst 3550
  • No more obscure error message if no management interface is defined in pf.conf
  • pfcmd exit status now more consistent regarding config
  • No more "Can't call method "tag" on an undefined value" on broken pf.conf configuration (#1352)
  • More reliable SSID extraction in Called-Station-Id (#1379)
  • Fixed FreeRADIUS crashes in heavily loaded environments (#1377)

Translations

  • Updated Brazilian Portuguese (pt_BR) translation (Thanks to Diego de Souza Lopes)
  • Updated Brazilian Portuguese (pt_BR) Admin guide translation (Thanks to Diego de Souza Lopes)

... and more. See the ChangeLog file for the complete list of changes and the UPGRADE [External] file for notes about upgrading. Both files are in the PacketFence distribution.

Enjoy PacketFence's finest iteration yet!