[Packetfence-announce] PacketFence 1.7.2 released

[Dominik G. <dg...@in...>]

The Inverse Team is pleased to announce the release of PacketFence  
1.7.2.
This is a maintainance release of the 1.7 branch of PacketFence.


What is PacketFence ?

PacketFence is a Free and Open Source network access control (NAC)  
system.
It can be used to effectively secure networks - from small to very large
heterogeneous networks. PacketFence has been deployed in production
environments where thousands of users are involved.

PacketFence provides an impressive list of supported features. Among  
them,
there are:
* NAC-oriented functionalities such as
   * Registration of new network devices
   * Detection of abnormal network activities (computer virus, worms,
     spyware, etc.) using Snort sensors
   * Registration-based and scheduled vulnerability scans using Nessus
   * Isolation of problematic devices
   * Remediation through a captive portal
* VLAN isolation with VoIP support (even in heterogeneous  
environments) for
   multiple switch vendors such as Cisco, Edge-Core, HP, LinkSys, Nortel
   Networks and more
* Support for 802.1X through a FreeRADIUS module
* Wireless integration with FreeRADIUS which allows you to secure your
   wired and wireless networks the same way
* DHCP fingerprinting which can be used to automatically register VoIP
   phones, game consoles and more
* Web-based and command-line interfaces for management tasks


Getting PacketFence

PacketFence is free software and is distributed under the GNU GPL. As
such, you are free to download and try it by either getting the new
release from :
http://prdownloads.sourceforge.net/packetfence/packetfence-1.7.2.tar.gz?download

or by getting the sources from the official monotone server using the
instructions at http://www.packetfence.org/development/monotone.html

Documentation about the installation and configuration of VLAN
Isolation is available from :
http://www.packetfence.org/dokuwiki/doku.php?id=1.7
and
http://www.packetfence.org/dokuwiki/doku.php?id=config_1.7.1


How can I help ?

PacketFence is a collaborative effort in order to create the best Open
Source NAC solution. There are multiple ways you can contribute to the
project:
* Documentation reviews, enhancements and translations:
   http://www.packetfence.org/wiki.html
* Feature requests: http://www.packetfence.org/development/roadmap.html
* Participate to the discussion in the mailing lists:
   http://www.packetfence.org/support/community.html
* Patches for bugs or enhancements


Getting Support

For any questions, do not hesitate to contact us by writing an email
to : su...@in...

Inverse offers professional services around PacketFence to help
organizations deploy the solution and migrate from their legacy systems.


Changes

* added RHEL5 to supported operating systems
* stopped to distribute jpgraph with PF; the installer
   will now download jpgraph
* `pfcmd service pf status` now indicates
   * if service should be started according to configuration file
   * all pids (in case several processus are running)
* clean PID files in /usr/local/pf/var when necessary after service stop
* unified pfcmd service and pfcmd control
* replaced bin/pfwatcher with pfcmd service pf watch
* added trapping.redirlocal parameter which is used by
   bin/ip2interface.pl
* removed conf/ssl/server.crt and conf/ssl/server.key from
   distribution and added code to generate them to installer.pl
* added DHCP fingerprint update to configurator.pl
* configurator.pl reference to registration.authentication
   (http://www.packetfence.org/mantis/view.php?id=342)
* port 162 is opened on internal interface instead of management
   interface
   (http://www.packetfence.org/mantis/view.php?id=344)
* removed configurator.pl reference to arp.listendevice
* perl-IPTables-IPv4 conflicts with PacketFence RPM
   (http://www.packetfence.org/mantis/view.php?id=348)
* added authorizedips variable to each interface to customize
   IPTables rules
   (http://www.packetfence.org/mantis/view.php?id=345)
* representation of adjustswitchportvlan reasons in web admin GUI
   (http://www.packetfence.org/mantis/view.php?id=343)
* default values for multi config options are correctly shown in
   web admin GUI
   (http://www.packetfence.org/mantis/view.php?id=350)
* added functionality to reset switch ports in case of desaster
   (http://www.packetfence.org/mantis/view.php?id=349)
* parse for local trap OID instead of only 127.0.0.1
   (http://www.packetfence.org/mantis/view.php?id=341)
* iptables FORWARD ACCEPT chains in passive mode
   (http://www.packetfence.org/mantis/view.php?id=314)
* wrong comparison in iplog_cleanup_sql
   (http://www.packetfence.org/mantis/view.php?id=352)
* VLAN isolation should verify violation action parameter
   (http://www.packetfence.org/mantis/view.php?id=353)
* support for linkup/linkdown traps on HP switches
* administration/adduser.php - alignment of version information
   (http://www.packetfence.org/mantis/view.php?id=354)