The Inverse Team is pleased to announce the immediate availability of
PacketFence 3.2.0. This is a major release with new features, new
hardware support, enhancements, bug fixes (including a security fix) and
updated translations. This release is considered ready for production use.

=== What is PacketFence ? ===

PacketFence is a fully supported, trusted, Free and Open Source network
access control (NAC) system. Boosting an impressive feature set including:

 * Registration and remediation through a captive portal
 * Detection of abnormal network activities using Snort IDS
 * Proactive vulnerability scans using Nessus
 * Isolation of problematic devices
 * 802.1X for wired and wireless networks
 * Wireless integration for all provided features
 * Supports complex and heterogeneous environments
 * VoIP / IP Telephony support and more!

A complete overview of the solution is available from

=== Changes Since Previous Release ===

 * Reflected Cross-site scripting (XSS) in Web Admin printing system (#1362)

New Hardware Support
 * Ruckus wireless controllers

New Features
 * OpenVAS Vulnerability Assessment integration for client-side policy
 * Bandwidth violations based on RADIUS accounting information
 * Billing engine integration for allowing the use of a payment gateway
to gain network access

 * Migrated our documentation from a binary-only ODT to a flexible
asciidoc format
 * Code and tests refactoring
 * Minor documentation update for Aruba Controllers
 * Performance: avoiding some redundant operations on startup
 * A DHCP listener will run by default on the management interface
 * pfcmd_vlan is now able to run arbitrary methods on network devices
 * Debug statement with the resolved SSID now available to troubleshoot
SSID problems live
 * Added getSwitchLocation to pfcmd_vlan which fetches SNMP sysLocation
on switch (#1250, Thanks to Maikel!)
 * Introduced more aggressive exception-based configuration error handling
 * Introduced new trigger types (nessus and openvas) and removed the
scan type
 * Added the capability to use dots in trigger id
 * Added a new config flag: registration.guests_self_registration to
control if self-registered guests are enabled (#1361)
 * Made it easier to override preregistered guest usernames (default is
 * Added a new config flag: vlan.trap_limit to enable/disable the trap
limit feature
 * RADIUS captive portal authentication can now target several RADIUS
servers for fault tolerance
 * Added a multi-threaded EAP test script in t/stress-test/
 * Performance: node_view query optimized for 100x+ gain in environments
where MySQL is taking a lot of CPU
 * Performance: faster command line response time (15%+ with bin/pfcmd)
 * Our FreeRADIUS module now logs in radius' log instead
of syslog (related to #1377)
 * Performance: ~2x FreeRADIUS performance by avoiding superfluous queries

Bug Fixes
 * Buttons in graphs.php of type ifoctetshistoryswitch,
ifoctetshistoryuser, ifoctetshistorymac (#1110)
 * Web Admin usability fixes (#1071)
 * Small typo error in log message (#1357)
 * Interpolation issue in pf::web::custom's code which is disabled by
default (#1358)
 * Allow more than one SNMPv3 EngineID per user (#1354)
 * OS and violation classes properly displayed in printer-friendly
tables in the Web Admin
 * Disabled config ownership tests because of too many false positives
 * Pass-through doesn't work with domains without an ending slash (#1368)
 * Returning exit status 0 on command line tools when asked to show help
 * pfcmd's general help is now sent to standard ouput instead of
standard error
 * Globally disabled privilege detection in hardware requiring Telnet /
SSH. All except Trapeze. (#1370)
 * Thread crash with floating network devices with VoIP through SSH
transport (#1369)
 * MAC authentication / 802.1X translation fixes for the Cisco Catalyst 3550
 * No more obscure error message if no management interface is defined
in pf.conf
 * pfcmd exit status now more consistent regarding config
 * No more "Can't call method "tag" on an undefined value" on broken
pf.conf configuration (#1352)
 * More reliable SSID extraction in Called-Station-Id (#1379)
 * Fixed FreeRADIUS crashes in heavily loaded environments (#1377)

 * Updated Brazilian Portuguese (pt_BR) translation (Thanks to Diego de
Souza Lopes)
 * Updated Brazilian Portuguese (pt_BR) Admin guide translation (Thanks
to Diego de Souza Lopes)

... and more. See the ChangeLog file for the complete list of changes
and the UPGRADE file for notes about upgrading. Both files are in the
PacketFence distribution.

=== Getting PacketFence ===

PacketFence is free software and is distributed under the GNU GPL. As
such, you are free to download and try it by either getting the new
release from:

or by getting the sources from the official monotone server using the
instructions at

Documentation about the installation and configuration of PacketFence is
available from:

=== How Can I Help ? ===

PacketFence is a collaborative effort in order to create the best Free
and Open Source NAC solution. There are multiple ways you can contribute
to the project:

 * Documentation reviews, enhancements and translations
 * Feature requests or by sharing your ideas
 * Participate in the discussion on mailing lists
 * Patches for bugs or enhancements
 * Provide new translations of remediation pages

=== Getting Support ===

For any questions, do not hesitate to contact us by writing to

You can also fill our online form
( and a representative from
Inverse will contact you.

Inverse offers professional services to organizations willing to secure
their wired and wireless networks with the PacketFence solution.

Enjoy PacketFence's finest iteration yet!
Olivier Bilodeau  ::  +1.514.447.4918 *115  ::
Inverse inc. :: Leaders behind SOGo ( and PacketFence

Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing 
also focuses on allowing computing to be delivered as a service.
Packetfence-announce mailing list

Reply via email to