PacketFence 5.0 发布,此版本主要功能是增加新功能和修复 Bug。主要是提升了指纹设备和监控性能,增加了消除明文密码的功能,新增了一个活跃的集群模式等等。
新增功能:
New active/active clustering mode. This allows HTTP and RADIUS load balancing and improves availability
Fingerbank integration for accurate devices fingerprinting. It is now easier than ever to share devices fingerprinting.
Built-in support for StatsD. This allows fine grained performance monitoring and can be used to create a dashboard using Graphite
Local database passwords are now encrypted using bcrypt by default on all new installations. The old plaintext mode is still supported for legacy installations and to allow migration to the new mode
Devices can now have a "bypass role" that allows the administrator to manage them completely manually. This allows for exceptions to the authorization rules
Support for ISC DHCP OMAPI queries. This allows PacketFence to dynamically query a dhcpd instance to establish IP to MAC mappings
Completely rewritten pfcmd command. pfcmd is now much easier to extend and will allow us to integrate more features in the near future
Rewritten IP/MAC mapping (iplog). Iplog should now never overflow
New admin role action USERS_CREATE_MULTIPLE for finer grained control of the admin GUI. An administrative account can now be prevented from creating more than one other account
PacketFence will no longer start MySQL when starting
PacketFence will accept to start even if there are no internal networks
Added a new listening port to pfdhcplistener to listen for replicated traffic
Added a user named "default" in replacement of the admin one
Adds support for HP ProCurve 2920 switches
Iptables will now allow access to the captive portal from the production network by default
Major documentation rewrite and improvements
Bug 修复:
Fixed violations applying portal redirection when using web authentication on a Cisco WLC
Registration and Isolation VLAN ids can now be any string allowed by the RFCs
Devices can no longer remain in "pending" state indefinitely
更多内容请看发行说明。
acketFence是开源NAC (网络接入控制) 中的佼佼者,它可靠、容易配置,且构建于未修改的开源代码之上(Fedora, LAMP, Perl, and Snort)。PacketFence的设计目的是要在不同种类的环境中运行,并且它使用了“不可知厂商隔离”( vendor-agnostic isolation)技术,其中包括DHCP范围改变和ARP高速缓存处理技术(“被动”模式)等。
软件详情:http://www.packetfence.org/news/2015/article/packetfence-v50-released.html
下载地址:http://www.packetfence.org/download/releases.html
来自:开源中国社区
