v7.3.0
dwlfrth
released this
25 Sep 18:18
·
23093 commits
to devel
since this release
New Features
- Added a RADIUS only mode to PacketFence.
- Add a cluster wide view of pfqueue statistics (#2195) (PR #2573)
- Added the possibility of importing switches from a CSV file. (PR #2480)
Enhancements
- The GUI will now display the VLAN in the locationlog view
- The timezone is now a selectable item to prevent invalid input
- Updated ACE text editor to version 1.2.8
- Search forms for nodes and users can now be reset (PR #2555)
- Configuration files can now be saved in readonly mode except violation, switches, role (#2464) (PR #2566)
- Extended descriptions are now supported in the custom reports
- Mail can now be sent using SSL and StartTLS (PR #2446)
- Self signed certificate errors for nessus 6 can now be ignored (PR #2568)
- Violations can now be triggered by nessus 6 scanner (PR #2568)
- The device registration page now supports connection profiles like any other portal
- The username sent in firewall SSO now supports a configurable format (PR #2499)
- PacketFence will now monitor TLS certificates expiration and alert if they are expired (PR #2444)
- LDAP source caching is now caching the rule match rather that the whole source match (PR #2560)
- The admin GUI startup time has been decreased (#2545)
- New and improved documentation for Debian clustering
- Show DHCP Option82 data in the node view (#2396)
- Custom reports columns representing a node or a user can now be configured to be clickable for details on the object in question (#PR 2508)
- New Fortigate 50E 802.1x support
- The computer authentication username can now be normalized when using EAP-TLS (PR #2414)
- Added a task count jitter to reduce the chance that pfqueue workers exit at the same time
- Experimental support for Content Security Policy (CSP) has been added, but is disabled by default (PR #2336)
- A violation can now redirect to a URL specified in a template (PR #2400)
Bug Fixes
- The syslog parser has moved from Compliance to Integration in the GUI (#2467)
- pfsso now logs in packetfence.log (#2553) (PR #2557)
- httpd.dispatcher now logs in httpd.dispatcher.log (PR #2557)
- Fixed incorrect inline sub type detection
- Fixed ipset update with the incorrect ip address
- Fixed missing confirm prompt when restarting all services via the admin interface (#2365) (PR #2571)
- Fixed violation definition sync when removing a violation from the config
- Fixed incorrect Connection-Type when using EAP-TTLS (#2582)
- Fixed VOIP logic to reduce the chance of duplicate locationlog entries (#2527)
- Fixed SNMP connection issues on Extricom controllers
- Fixes segfaults when logging in the multithread environments (#2603)
- reuseDot1x: Changed the way authentication sources are matched with realms regarding a security concern(#2536)
- Trust the wsrep_ready flag of MariaDB Galera cluster for read only detection as putting the DB in read-only can result in occasional de-synchronization between members. (#2593) (PR #2594)
- Run the configreload as the pf user when done through pfcmd (PR #2510)
- Run the 6.0+ upgrade scripts as the pf user to prevent permissions issues after running them (PR #2509)
- Fixed incorrect NULL realm use when authenticating to the admin GUI (#2529)
- Enforced use of the system time instead of browser time when using preset time values (#2559)
- Logging into the status page when reuse dot1x is enabled is no longer broken (#2542) (PR #2598)