The Inverse team is pleased to announce the immediate availability of 
PacketFence 4.2.0. This is a major release with new features, enhancements and 
important bug fixes. This release is considered ready for production use and 
upgrading from 4.1.0 is strongly advised.

What is PacketFence?

PacketFence is a fully supported, trusted, Free and Open Source Network Access 
Control (NAC) solution. Boasting an impressive feature set, PacketFence can be 
used to effectively secure small to very large heterogeneous networks.

Among the features provided by PacketFence, there are:

Powerful BYOD (Bring Your Own Device) workflows
Simple and efficient guests management
Multiple enforcement methods with Role-Based Access Control (RBAC)
Compliance checks for computers present on your network
Integration with various vulnerability scanners and intrusion detection 
Bandwidth accounting for all devices
A complete overview of the solution is available from the official website:

Changes Since Previous Release

New Features

New 'Apply violation' bulk action
The same bulk actions for nodes are now available for users
New WRIX data management
Added PacketFence provisioning agent for Android
Support Hotspot for Cisco WLC and Aruba IAP
Support for Huawei AC6605 wireless controller
Support for Enterasys V2110 wireless controller
Support for Juniper EX2200 and EX4200 switches
Inline layer 3 support
New pfbandwidthd daemon for inline layer 3 accounting
New violation type based on time usage from RADIUS accounting information
New violation type based on bandwidth usage from pfbandwidthd information
New Mirapay online payment as a billing option
Billing tiers can now be defined with a real usage duration (instead of simply 
a timeout)
Billing: A confirmation email is sent when purchasing a tier
New status page with options to extend the network access (when billing is 
enabled with access duration) and to unregister any node associated to the 
current user
Integration of mod_qos in the Apache configuration of the captive portal
New pfcmd "cache" command
New pfcmd "configreload" command

Mandatory fields during registration are now configured per portal profile
Expanded fields for person field
Allow pfcmd error/warning/success messages colors to be configurable
Allow rules on username for null authentication sources
Landing page of Web admin interface now depends on the user's access rights
Reevaluate access when changing the role of multiple nodes (#1757)
Each portal profile can now use its own set of locales
Added a new URI filter for portal profiles
Switches configuration page is now paginated
LLDP support for 3Com 4000 Series
Multiple DNS server in the network configuration
Allow alias interface as captive portal
MAC Authentication support for Enterasys D2 switch
Added support for JSON-RPC and msgpack RPC over HTTP for webservices
Made msgpack the default RPC for RADIUS
Improved performance of webservices by preloading Perl modules
Regexp filter for LDAP source is now case-insensitive
Improved maintenance database script
Preserve and restore the URL fragment when the web session expires in Web admin 
Logging is now separated and configurable for each service
Added missing 'redirect_url' paramater when editing a violation in the Web admin
Complete rewrite of captive portal as a Catalyst application
Added a section documenting eduroam support to the Admin guide
Controller IP address can be determined dynamically
Added a file backing for the cache to decrease cache misses
Allow advanced search of nodes by OS type (#1790)
The PF RPC client can be configured in the conf/radiusd/radiusd.conf
Added PacketFence RADIUS dictionary
Bug Fixes

Fixed retrieval of ifIndex in Cisco Catalyst 2950 module
Fixed Snort and Suricata services management
Fixed issue when saving a users search in Web admin
Fixed JavaScript error with IE8 on Web admin users page
Fixed Web admin access restrictions for users and nodes creation
Fixed SQL query of connection types report in Web admin
Fixed blank page with WISPr on OS X
Fixed nodes simple search by IP address
Fixed access reevaluation when changing the status of a pending node
Fixed network access for users with no "set role" action (#1778)
Fixed conversion of wildcards to regular expressions in domains passthroughs
Fixed display of last IP address of nodes when end_time is in the future
Fixed XSS issues in Web admin
Fixed extractSsid for Cisco Aironet and Cisco Aironet WDS
See the ChangeLog file for the complete list of changes:

See the UPGRADE file for notes about upgrading:

Getting PacketFence

PacketFence is free software and is distributed under the GNU GPL. As such, you 
are free to download and try it by either getting the new release or by getting 
the sources:

Documentation about the installation and configuration of PacketFence is also 

How Can I Help?

PacketFence is a collaborative effort in order to create the best Free and Open 
Source NAC solution. There are multiple ways you can contribute to the project:

Documentation reviews, enhancements and translations
Feature requests or by sharing your ideas
Participate in the discussion on mailing lists 
Patches for bugs or enhancements
Provide new translations of remediation pages

Getting Support

For any questions, do not hesitate to contact us by writing to

You can also fill our online form ( 
and a representative from Inverse will contact you.

Inverse offers professional services to organizations willing to secure their 
wired and wireless networks with the PacketFence solution.
Is your legacy SCM system holding you back? Join Perforce May 7 to find out:
• 3 signs your SCM is hindering your productivity
• Requirements for releasing software faster
• Expert tips and advice for migrating your SCM now
PacketFence-announce mailing list

Reply via email to