The Inverse team is pleased to announce the immediate availability of PacketFence 5.7.0. This is a major release with new features, enhancements and important bug fixes. This release is considered ready for production use and upgrading from previous versions is strongly advised.

Here are the changes included in this release:

New Features

DNS based enforcement as a new enforcement mode for routed networks

Captive portal authentication now supports SAML authentication

It is now possible to search for nodes that are online based on RADIUS accounting

Integration with Suricata MD5 extraction module to scan against OPSWAT Metascan online scanner

Enhancements

Support for floating devices on HP ProCurve switches

RADIUS CoA support added to Brocade switches

The NULL authorization source can now be combined with other sources

Added possibility to trigger Firewall Single Sign-On when an endpoint changes status

The username on a captive portal will no longer be stripped unless required otherwise

Improved UDP reflector documentation

Improved vendor specific attributes in radius filters

Now able to specify on which LDAP attribute we should match for SponsorEmail

Now able to strip a username in LDAP source even if not present in RADIUS request

Bug Fixes (bug Id is denoted with #id)

Fixed incorrect provisioning that ignored broadcast state of provisioned SSID

Present a login page without login form when a blackhole source is used on the portal profile (#1021)

Fixed incorrect provisioning templates that required entering a password twice (#1119)

Fixed ambiguous SQL accounting stored procedure that could return duplicate results

Fixes incorrect IPv6 DHCP processing in pfdhcplistener

See the complete list of changes and the UPGRADE.asciidoc file for notes about upgrading.