Software update: PacketFence 8.0.1

To secure a network environment, a nac system can be used. With this, based on preset policies network devices can be automatically blocked if an undesirable situation occurs. Think of unknown network devices of visitors, a worm that tries to spread or an authorized device that is provided with a different operating system via a boot flop or live CD. Packet Fence is such a nac system, with support for 802.1x and vlan isolation with which a network device can be placed in the right vlan after analysis. The developers have released version 8.0.1 with the following changes:

Version 8.0.1

  • Update the computer name (host name) or a node using the Fingerbank Collector data
  • Detect uplinks based on CDP flag instead of
  • Put etcd in its own directory

Bug Fixes

  • Fixed missing timeout when performing RADIUS SSO (Forti Gate, Check Point, Watch Guard)
  • Fixed issue with API frontend when initially configuring the web services username and password
  • packetfence-haproxy-portal and packetfence-tc systemd service in a wrong target
  • Nessus 6 scanner
  • haproxy-db only listens on IPv6
  • interface (Debian) (# 3208)
  • Fixed packetfence-local-auth
  • Fixed DNS passthrough for normal domains (was considered as a wildcard)
  • Winbind fails to start because of permission issues on / var / run / samba / winbindd in the chroots
  • Update from 7.4 to 8.0 audit log file not there (# 3216)
  • Fixed unreg on RADIUS accounting stop (# 3220)
  • Allow nodes without roles to be modified when restricting allowed role (# 3217) [19659005] Fixed speed issues with node search in the admin
  • Fixed missing timeout for RADIUS sources tests in pfstats

Version 8.0.0
New Features

  • Replaced the ISC DHCP server with a new Golang-based DHCP server (PR # 2911)
  • Now supporting inline enforcement in active / active clusters (PR # 2911)
  • Replaced pfdns with a new Golang-based DNS server (PR # 2911)
  • Allow inline network to split into PacketFence allowing to put specific devices into a distinct broadcast network (PR # 2911)
  • DNS routing (PR # 2911)
  • Dashboard metrics are now based on Netdata (PR # 2935)
  • Traffic shaping support for in-line enforcement (PR # 2803)
  • Added a configuration parameter to allow to unregister a device on an accounting stop (PR # 2685)
  • Added CLI support on Aruba 5400 switches (PR # 2965)
  • Username stripping (removing the realm) is now configurable via the realms
  • PacketFence integration with JAMF API for Apple computers and mobile devices management (PR # 2797)
  • Added to HTTP JSON API


  • Distributed pfdhcplistener tasks among cluster members (PR # 2887) (# 2858)
  • Removed pfsetvlan
  • Now allowing to use the RADIUS accounting cache when in cluster mode

Bug Fixes

  • Guest Portal validate_phone_number check not work (# 2783)
  • A management user can override an account that was not created by him (# 2883)