PacketFence v5.7 released
February 17, 2016

The Inverse team is pleased to announce the immediate availability of PacketFence 5.7.0. This is a major release with new features, enhancements and important bug fixes. This release is considered ready for production use and upgrading from previous versions is strongly advised.

Here are the changes included in this release:

New Features

  • DNS based enforcement as a new enforcement mode for routed networks
  • Captive portal authentication now supports SAML authentication
  • It is now possible to search for nodes that are online based on RADIUS accounting
  • Integration with Suricata MD5 extraction module to scan against OPSWAT Metascan online scanner


  • Support for floating devices on HP ProCurve switches
  • RADIUS CoA support added to Brocade switches
  • The NULL authorization source can now be combined with other sources
  • Added possibility to trigger Firewall Single Sign-On when an endpoint changes status
  • The username on a captive portal will no longer be stripped unless required otherwise
  • Improved UDP reflector documentation
  • Improved vendor specific attributes in radius filters
  • Now able to specify on which LDAP attribute we should match for SponsorEmail
  • Now able to strip a username in LDAP source even if not present in RADIUS request

Bug Fixes (bug Id is denoted with #id)

  • Fixed incorrect provisioning that ignored broadcast state of provisioned SSID
  • Present a login page without login form when a blackhole source is used on the portal profile (#1021)
  • Fixed incorrect provisioning templates that required entering a password twice (#1119)
  • Fixed ambiguous SQL accounting stored procedure that could return duplicate results
  • Fixes incorrect IPv6 DHCP processing in pfdhcplistener

See the complete list of changes and the UPGRADE.asciidoc file for notes about upgrading.

Back to 2016