Release Notes

Current FUSION build: 8.306
Current OS release: 10.1-RELEASE-p29

Build Release Notes

8.306
Fix bug causing display issues in the default portal for mobile devices.
8.303
Fix bug causing exception for some web-service-based PMS interfaces.
8.302
Fix bug where the RADIUS server did not correctly include an Account’s group in the Class attribute of an Access-Accept response.
8.301
Update FreeBSD to latest patch level 10.1-RELEASE-p29 to address non-critical security vulnerabilities, including OpenSSL
CVE-2015-3197.
8.300
Add the ability to configure whether or not a new VLAN Tag Assignment inherits the static attribute of an existing shared VLAN. The previous behavior was to always inherit the static setting of an existing VTA when assigning the same VLAN to a shared device.
8.299
Fix bug that caused the Ethernet Interfaces scaffold to not display correctly after restoring a backup to a system with a different set of network interfaces.Fix bug where the Admin used to initiate a backup restore can change during the restore process because of differences in the old and new databases, sometimes causing the Admin to be logged out, or locked out of the Ethernet Interfaces scaffold when a physical interface change is detected. The same Admin login must still exist in both databases to successfully complete a restore.
8.292
Update NTP server to address recent security vulnerabilities.
8.291
Fix bug in the factory reset process that could require the operator to have to manually restart the web server.
8.286
Automatically copy existing custom portal mobile-format view and layout files (.mobile.erb) to their tablet equivalent (.tablet.erb).
8.285
Upgrade web server application framework to Ruby on Rails 3.2.22.1 to address the following security vulnerabilities: CVE-2015-7576, CVE-2016-0751, CVE-2015-7577, CVE-2016-0752, CVE-2016-0753, CVE-2015-7581.
8.284
Remove the “Debug Popup” link when the web server is in development mode and replace it with a footer containing more useful debugging information.
8.282
Add the ability to have “tablet” specific views and layouts in custom portals in addition to the existing “mobile” format. A tablet-specific view or layout will be rendered by devices classified as “tablets” (e.g., Apple iPad, Amazon Kindle, Samsung Galaxy Tab).
8.281
Improve the performance of the web admin console.
8.279
Update the BIND DNS server to the latest patch version 9.10.3-P3 to address security issues described in CVE-2015-8704 and CVE-2015-8705, and a regression in authoritative server selection.
8.278
Fix bug that could cause graph data loss on certain systems under heavy load.
8.277
Update FreeBSD to latest patch level 10.1-RELEASE-p27 to address minor security and stability issues.
8.271
Fix memory leak in the SNMP server.
8.269
Randomly generate the default SNMP community string.
8.268
Upgrade ISC DHCP server to latest version 4.3.3-P1 to address
security vulnerability CVE-2015-8605.
8.265
Fix bug that allowed an Admin with read-only permission to batch destroy a record in some scaffolds.
8.264
Add a “System Info” scaffold containing useful hardware and other information to the Instruments->System page of the web admin console.
8.256
The conference tool now correctly limits Switch Port VLAN configuration changes to only the related Infrastructure Device (switch).
8.255
Prevent configuring more local autoincrement network subnets than the licensed Transit IPs limit.
8.254
Fix bug causing a fatal PF error when there are many network addresses configured with large autoincrement values.
8.253
The Transaction (transactions) model/table/scaffold has been renamed to MerchantTransaction (merchant_transactions). Typical source code in existing custom emails and portals is updated automatically during the upgrade process. This change affects RESTful API consumers relying on the transactions resource.
8.249
Fix bug that caused the rules for a Remote DPI Signature or Content Filter Blacklist to be removed after it was downloaded.
8.247
Fix rare bug that could cause the build upgrade process to fail.
8.243
Fix bug that caused a fatal exception in the portal when trying to authenticate via a Shared Credential Group from a device in a Group that lacked a configured Policy and/or Splash Portal.
8.241
Fix bug affecting SMB server operation.
8.240
Add new “automatic login fallback” checkbox option to the PMS Servers scaffold that controls whether or not the system looks for an existing Account via the portal’s desired automatic login behavior (MAC and/or cookie) when one for a PMS guest/room does not already exist.
8.238
Fix bug where configured Remote DPI Signatures and Content Filter Blacklists were not downloaded immediately after restoring a backup to a clean system.
8.236
Add a “count_only” parameter to the RESTful API index action that returns only a count of the number of records in the given scaffold resource instead of the actual records.
8.234
Update the BIND DNS server to the latest patch version 9.10.3-P2 to address security issues described in CVE-2015-3193 (OpenSSL), CVE-2015-8000 and CVE-2015-8461
8.230
Fix bug that caused an Account to be missing from the “Daily Data Usage By Account” report when said Account had been used after the desired time range.
8.226
Update FreeBSD to latest patch level 10.1-RELEASE-p25 to fix multiple security vulnerabilities in OpenSSL: CVE-2015-3194, CVE-2015-3195, CVE-2015-3196.
8.222
Shift4 Merchant gateways are no longer supported.
8.220
Include a ‘kern.cam.devlist’ variable in the kernel_states table, containing a comma-delimited list of CAM devices as a way to retrieve the list of disk drives programmatically via API.
8.219
Various SOAP webservice improvements.
8.208
Backend automatic login now will not automatically re-login an end-user to a previously-used Shared Credential Group that is not configured in her current effective Splash Portal (i.e., IP Group and Policy).
8.207
Upgrade the web caching proxy with stability improvements.
8.204
Retry sending commands to a Ruckus ZoneDirector or SmartZone device up to three times when its CLI connection count is exceeded.
8.202
Fix bug that broke use of the First Data offsite payments gateway.
8.200
Update HTTP user agent OS and browser identification database. Update IEEE OUI (MAC address) vendor lookup database. Update IANA port service lookup database.
8.199
A device belonging to a Link Control Policy that currently has no online/connected Uplinks available will no longer fallback to using the default, highest-priority Uplink.
8.184
Add dmidecode CLI tool to report information about the system’s hardware as described in its system BIOS according to the SMBIOS/DMI standard.
8.183
Fix Fatal Exception error on the System->Certificates page of the web admin console.
8.182
Upgrade the web caching proxy including numerous stability improvements.
8.180
Add a debug mode option to the IPsec Server configuration scaffold for increasing logging verbosity when debugging connection problems.
8.179
Add Xirrus as an available Infrastructure Device option, which enables sending a “clear authentication” command to an AP for the purpose of changing an end-user device’s VLAN assignment.
8.176
Conferences now utilize Access Points configured in an associated Infrastructure Area. The SSID for a conference will only be configured on the desired Access Points. This requires a WLAN group configuration in a Zone Director that matches the name of the conference WLAN. Those WLAN groups should contain the conference WLANs as well as any other WLAN that should be present on the given APs, such as a Guest WiFi WLAN.
8.174
Update FreeBSD to latest patch level 10.1-RELEASE-p24 to fix rare stability issues.
8.172
Fix bug that affected PMS room/guest lookup behavior for certain webservice-based PMS interfaces.
8.171
An HP switch Infrastructure Device now properly cycles a port having a MAC address associated with a VLAN ID that has changed because of dynamic per-Account configuration.Automatically delete related switch ports and access points when removing an Infrastructure Device.
8.166
Upgrade the PostgreSQL object-relational database system to version 9.4.5, including stability fixes.
8.165
Improve the display of time durations throughout the web admin console and default portal.
8.164
Update ruby payment gateway library, improving stability of and adding support for additional direct and offsite merchants.
8.161
Update HTTP User Agent database. Update IEEE and IANA databases for MAC address vendor and port service lookup.
8.160
Improve web server error pages.
8.155
Configuring a new Infrastructure Device now automatically builds out the appropriate IP Group, Policy, and RADIUS Server Option configuration to permit it access to the RADIUS server.
8.154
Update NTP server to address recent security vulnerabilities.
8.153
Fix issue where the web server could restart too frequently when running in development mode in a production environment for too long.
8.151
Fix bug that caused a fatal error when accessing the System->Backup page of the web admin console after creating a Routine Backup with the number of local backups set to zero.
8.148
Fix bug causing instances of error “PG::TRDeadlockDetected: ERROR: deadlock detected”.
8.147
Fix rare bug that caused the system default route to be incorrect when an Uplink configured for DHCP could not communicate with a DHCP server.
8.143
Fix rare bug that broke DNS server functionality after an improper shutdown.
8.141
Fix bug that affected the conference tool’s ability to automatically configure ports on an HP switch via telnet.
8.130
Add PMS Server interface support for the HTNG Property Web Services Single Guest Itinerary Message Specification (HTNG2008B and HTNG2008BExt).
8.129
Fix bug that created a new create/update Admin Write Log entry for invalid records.
8.128
New default portal. Single responsive design that works for mobile and non-mobile browsers. Mobile framework still supported. Menu and login forms dynamically generated based on configuration. Changing logo and slideshow images will result in a portal that meets most operators needs.
8.127
Add support for the AES 256 encryption algorithm in IPsec specification configuration. The existing AES option defaults to 128 bit.
8.124
Inbound packet forwarding policies now support the ability to optionally configure a specific original uplink destination address to forward on, allowing the operator to override the old behavior, which acted upon all non-BiNAT uplink IPs.
8.122
Fix bug where especially-large remote DPI signatures could overflow the /usr filesystem on systems with smaller than average disk drives.
8.115
Fix bug that caused the built-in NTP server to fail as a time source for
external clients when all uplinks are offline.
8.114
Fix bug that broke the Innsist PMS Server interface.
8.112
Fix bug that broke the Network dashboard graph for cluster deployments with atypical Cluster Node record names.
8.111
Add the ability to include related objects in RESTful API responses.
8.110
Include an artificial pms_room_id attribute in the XML/JSON/YAML responses to the pms_guests API resource for backwards compatibility with old API consumers. A PMS guest may now belong to multiple rooms, so the included pms_room_id refers to the room that was first created.
8.109
Fix bug causing a cluster node to be incorrectly marked as a zombie RADIUS server for an indefinite period of time.
8.107
Fix bug causing a “Request Failed” error when manually creating many Accounts and AR Transactions at the same time via the Identities page of the web admin console.
8.105
Add timestamps to the RADIUS server log file.
8.091
Upgrade the web caching proxy including numerous stability improvements.
8.089
The default idle timeout configured in the active Network Option is now enforced upon IP Sessions (managed local IP addresses) that lack a corresponding Login Session and are behind a Landing Portal configured with an unlimited idle timeout. Fixes an issue where the IP Sessions table can bloat indefinitely when there are many unique managed IPs that are not required to login, but belong to a Group/Policy with no idle timeout.
8.088
Update the BIND DNS server to the latest patch version 9.10.2-P4
to address security vulnerabilities CVE-2015-5722 and CVE-2015-5986.
8.087
Add support for the Infor PMS Generic Inquiry and Posting Interface.
8.082
Update FreeBSD to latest patch level 10.1-RELEASE-p19 to address
potential security vulnerabilities, including CVE-2015-5675.
8.080
Enable resizing the categories select list in the Content Filters, Remote
Content Filter Blacklists, and Remote DPI Signatures scaffolds.
8.079
Fix bug that caused a fatal error when viewing the RADIUS server log via
the web admin console.
8.078
Fix bug that prevented including numbers in a Custom Portal’s controller name.
8.077
Update FreeBSD to latest patch level 10.1-RELEASE-p18 to address
potential security vulnerability.
8.076
Fix bug that prevented associating a new Admin Role with a list of scaffold
exceptions via API.
8.068
Fix bug that broke WYSIWYG editing of conference tool portal modifications.
8.066
Add keepalive behavior to the Marriott PMS interface.
8.065
Truncate a DHCP client’s identifier (uid) to 255 characters when
instrumenting leases. Fixes rare bug causing error: “DBD::Pg::db
pg_putcopyend failed: ERROR: value too long for type character varying(255)
CONTEXT: COPY dhcp_leases, line 1, column uid”.
8.063
Update HTTP User Agent database. Update IEEE and IANA databases for MAC
address vendor and port service lookup.
8.059
Add the ability to configure an IPsec Tunnel with a domain name as the
remote gateway.
8.056
Add a new health notice type for DHCP server DoS detection warnings.
8.055
Improve PMS Guest duplicate account ID detection. Fixes issue that causes
confusion when looking at an Account’s guest relation when a PMS interface
does not correctly implement unique IDs for each guest (e.g., RoomKey’s
Comtrol UHLL interface).
8.054
Fix Mail Queue Entry instrumentation when there are multiple recipients.
8.053
Fix bug that broke searching in the PMS Rooms and PMS Guests scaffolds.
8.050
In the FIAS PMS interface, do not respond to a Link Alive (LA) record with
a Database Resync (DR) request unless it is the first LA record received
after the initial connection.
8.044
Upgrade the web caching proxy including numerous stability improvements.
8.043
Update FreeBSD to latest patch level 10.1-RELEASE-p17 to address numerous
non-critical security vulnerabilities.
8.042
Add the ability to configure a limit on the number of unique VLAN IDs that
are assigned to a single RADIUS Called-Station-Id MAC address (e.g., an
access point). This facilitates the deployment of a large number of VLANs
throughout a WiFi network even when the hardware VLAN ID limit of a single
access point (e.g., 32) could otherwise be exceeded in high density areas.RADIUS Accounting should be enabled on the WLAN NAS for optimal control.
RADIUS Server Accounting Logs are now created for requests that do not have
an associated Account (e.g., when using “MAC auth” for dynamic VLANs).
8.033
Add new “Log Hits Trigger” feature to detect malicious behavior from
end-user devices against the FUSION’s HTTP(S) and SSH services. The trigger
enforces a configurable maximum number of HTTP(S) requests to the web
portal and/or admin console, or failed SSH authentication attempts, within
a configurable window of time.Max Connections and DPI Triggers may now be configured with a MAC Group as
the Transient Group Membership target.

The RADIUS server now recognizes if a MAC address associated with a request
is a member of a MAC Group via Transient Group Membership. This enables all
event trigger types to change a device’s effective RADIUS Policy, and thus
VLAN assignment or lack-thereof.

All Triggers may now be configured to optionally flush a device’s packet
states, DHCP leases, ARP entries, and/or VLAN assignments when
transitioning to/from a Transient Group Membership. Previously, only packet
states were always flushed by default.

8.031
Add the ability to block access to the internal HTTP(S) server from the LAN
and/or WAN independently via an Admin ACL.Add the ability to block access to the internal DNS server from the LAN by
setting the active DNS Server Option’s visibility to blank.
8.018
Fix bug where log file pagination within Archives->Logs of the web admin
console could display an unusable number of pages for large log files.
8.011
Update the BIND DNS server to 9.10.2-P3 to address critical security
vulnerability CVE-2015-5477.
8.008
Fix bug that prevented Application Filters from correctly blocking packets.
8.002
Improve how quickly the web server responds with the Error 503 “RESTARTING
SERVER” page after a web server restart is initiated.
8.000
Update FreeBSD to latest patch level 10.1-RELEASE-p15 to address a security
and stability issue in the TCP stack that could cause resource exhaustion
due to sessions stuck in the LAST_ACK state under very rare circumstances.
7.999
Upgrade the RADIUS server including numerous stability improvements.
7.997
Fix bug that introduced duplicate attribute elements in XML/JSON responses
to API resources.
7.996
Fix bug that prevented listing all Admin objects via the admins scaffold
API resource.
7.995
Improve PMS interface behavior to better support situations where a single
guest entity in the PMS is checked into more than one room at the same
time. If per-Guest Account sharing is enabled, guests with multiple rooms
who purchase usage and create an Account for one room now correctly reuse
that Account when signing in with the other room number.Fix bug where per-Room Account sharing allowed the same logical PMS Guest
with different PMS Rooms to use the same Account.

Add per-Guest as a Dynamic VLAN assignment option, enabling the grouping of
devices into a single VLAN for each logical PMS Guest name instead of by
PMS Room number.

7.993
Update IEEE and IANA databases for MAC address vendor and port service lookup.
7.991
Custom Email substitution objects are now available as local ruby variables
within ERB context. For example: “<%= device_option.domain_name %>” is now
equivalent to “%device_option.domain_name%”.
7.987
Update FreeBSD to latest patch level 10.1-RELEASE-p14 to fix numerous
rare stability issues.
7.985
Fix bug that caused new Routine Backups to occur more frequently than
configured.
7.983
Fix bug causing intermittent invalid PMS room inquiry responses for some
Marriott portals.
7.980
Upgrade the web caching proxy including numerous stability improvements.
7.979
Fix bug that broke PMS Guest match behavior from restricting the list of
available Usage Plans in the default captive portal.
7.978
Fix bug that caused a Comtrol PMS room inquiry to return invalid room even
when the room was valid.
7.976
Fix issue that caused the XML response to the pms_rooms RESTful API list
action to be unnecessarily large.
7.975
Prevent multiple build upgrades from running at the same time when the
device_options/upgrade_build API resource is hit again during an existing
upgrade process, which can break the upgrade.
7.973
Update the BIND DNS server to 9.10.2-P2 to address security vulnerability
CVE-2015-4620.
7.972
Fix bug causing “fatal error in packet filter configuration” and “illegal
tos value 0x00” errors on systems with multiple Uplinks.
7.969
Fix bug where configuring a manual “domain-name-servers” DHCP option would
not always override the usual list of servers comprised of the local
interface address and configured DNS Servers.
7.967
Fix bug that broke the use of web proxy services (content filter, cache,
and/or rewrite) when using multiple Uplinks having a configured span
greater than one (i.e., multiple usable public IPs).
7.965
Exclude RADIUS Server Accounting Logs from backups when including historical
user activity is not desired.
7.962
SSL Certificate Signing Requests, Certificate Authorities, and self-signed
certificates are now signed with an SHA-256 hash instead of SHA-1. Local
Certificate Authorities now employ a 2048-bit key length.
7.959
Add support for recurring Usage Plans to charge against a PMS Server.Add the ability to configure a finite expiration period for recurring Usage
Plans (e.g., stop billing after 12 months), which previously would recur
indefinitely until the Account was switched to a different plan.
7.958
To facilitate the creation of a Cluster Controller, the Cluster Nodes
scaffold is now accessible via the System->Cluster page of the web admin
console on a standalone device.
7.953
Fix bug that broke the manage devices page of the default portal.
7.950
Fix bug that prevented configuring a VLAN as an Uplink.
7.949
Record the DHCP “Parameter Request List” option 55 in leases instrumentation and archives. Make the dhcp-parameter-request-list option available in a DHCP Match Rule.
7.945
Upgrade web server application framework to Ruby on Rails 3.2.22 to address the following security vulnerabilities: CVE-2015-3227, CVE-2015-1840, CVE-2015-3225. Various scaffold UI performance improvements and bug fixes.
7.943
Upgrade the PostgreSQL object-relational database system to version 9.4.4, including stability fixes.
7.942
Update FreeBSD to latest patch level 10.1-RELEASE-p12 to fix multiple security vulnerabilities in OpenSSL: CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2015-4000.
7.941
Fix bug that prevented instrumentation of a DHCP lease’s “agent circuit ID”
and “agent remote ID” fields.
7.940
Updating the system build of a Cluster Controller now automatically
upgrades the nodes in parallel. Updating a node of a cluster directly is no
longer supported, except for OS updates.
7.939
Fix bug where throughput and traffic rate dialogs computed 1 kb/s as 1024 b/s
instead of 1000.Improve display of byte and packet rates to be more readable throughout the
web admin console.
7.938
Fix bug where the configured time of a Routine Backup could be gradually
skewed away from the desired hour/minute/second.
7.937
Fix bug where interface transfer rate was not reported correctly for PPPoE
Uplinks in the throughput dialog and Interface Rates scaffold.
7.934
Improve database purger performance.
7.933
Add the ability to configure whether a Usage Plan’s name or description is
sent as the “description” field to a PMS Server. The previous behavior was
always the plan’s name.
7.932
Correctly utilize the “payment” field as the guest’s “no post” flag in the
Marriott PMS interface.
7.931
Greatly reduce the amount of time it takes to backup and restore systems
with very large databases.
7.929
Add Ruckus RuckOS as an available Infrastructure Device type to support
SmartCell Gateway (SCG) WLAN controllers.
7.928
Update and fix issues with the SIP proxy server.
7.925
Upgrade the PostgreSQL object-relational database system to version 9.4.4,
including stability fixes.
7.920
Fix bug that broke direct DNS requests to Uplink DNS servers from a device
having a BiNAT assignment (e.g., DNS requests to a secondary server that is
not the FUSION).
7.919
Add new API resource actions to admin/scaffolds/device_options for dealing
with system build and operating system upgrade automation.
7.913
Automatically logging in a previously-authenticated Shared Credential
Group, RADIUS Realm, or LDAP Domain device will now logout the device’s
previous session. Fixes issue where more than one session could exist for
the same MAC address when non-Account based automatic login is employed.
7.911
Upgrade the PostgreSQL object-relational database system to version 9.4.2,
including security and stability fixes.
7.910
Add a total utilization summary field to the Token scaffold’s show option.
7.909
Fix bug that caused incorrect revenue values to appear in some reports.
7.908
Add the following additional fields to DHCP Leases instrumentation and
archives: shared network, agent circuit ID, agent remote ID, user class,
and vendor class identifier.
7.904
Fix bug causing erroneous “nightly database vacuum failed” error.
7.902
Fix bug that caused the portal to hang when a Device was added to an
Account that exceeded the max number of BiNATs the Account should support.
7.901
Fix bug that prevented configuring the same switch port for more than one
Infrastructure Device.
7.900
Fix rare condition with the Comtrol PMS interface where we received data
for a room that was not the room requested as part of a room inquiry.
7.899
Add new API resource actions.admin/scaffolds/pms_servers/find_matching_guests: Find matching PMS Guest
records for a given name and room.

admin/scaffolds/pms_servers/post_charge: Post a charge to PMS Guest’s folio.

admin/scaffolds/*/execute: Execute an arbitrary class or instance method
against the scaffold’s model.

7.895
OEM customization now supports overriding the support and licenses URLs
used when clicking on various Health Notices.
7.894
Fix issue where the operating system’s password database could become corrupt
or missing after an improper shutdown.
7.892
Fix bug causing a backend exception when a static BiNAT configuration
existed for a local network that no longer existed.
7.891
Add the ability to configure the logic operator (AND/OR) for Usage Plans
configured with more than one PMS Guest Match.
7.890
OEM customization now supports overriding the favicon.ico of the web admin
console.
7.887
Stop creating NAT assignments for end-user device IPs on Uplinks the device
is not assigned to.
7.884
Add Account, MAC, and hostname fields to the Uplink Assignments instruments
scaffold.
7.881
Fix bug that caused issues with NAT for configurations with multiple Uplinks.Fix bug that caused backend exception “Can’t use an undefined value as an
ARRAY reference at …” after deleting an existing Uplink configuration.
7.878
When restoring a backup from a system with a different set of ethernet
interface types (i.e., port names), ensure the operator selects appropriate
physical ports for the existing interface configurations when clicking the
“COMMIT CHANGES” button. Fixes issue where the operator could be locked out
of the system if the restored configuration was not correctly mapped to the
new set of ethernet ports.
7.877
Re-organize and add additional help to locate the MAC address of a device
on the manage devices view of the default portal.
7.876
Fix bug that broke WAN Target whitelists for Admin ACLs that restricted SSH
and/or web access on the WAN.
7.875
Fix issue causing “the working directory is not writable” error to appear
in the console.
7.874
Update MAC address vendor lookup table with latest IEEE OUI listing.
7.873
Fix bug causing error: “DBD::Pg::db pg_putcopyend failed: ERROR: numeric
field overflow DETAIL: A field with precision 4, scale 2 must round to an
absolute value less than 10^2.”
7.871
Improve security of the DNS server (BIND).
7.869
Add the ability to dynamically assign Bidirectional NATs (BiNATs) to
devices in desired Groups/Policies via a new configuration scaffold named
“Dynamic BiNAT Pools”.All Devices of an Account are NATed to the same public IP as the first
Device with a dynamic BiNAT assignment. This allows the Account’s desired
BiNAT Device to behave similar to a typical residential gateway’s “DMZ”
function.

Accounts and Usage Plans now have a “max BiNATs” configuration parameter to
limit the number of Devices in a given Account that may be assigned a
BiNAT. Devices now have a BiNAT checkbox configuration, which permits the
Device to be assigned a BiNAT from an appropriate Dynamic BiNAT Pool. This
checkbox may be set by the operator via the Account and Device scaffolds,
or by the end-user as a “Public IP” or “DMZ” checkbox in the manage devices
view of the portal application.

Add a new “NAT” view under “Instruments” of the web admin console.
Includes a new “NAT Assignments” scaffold indicating which device IPs are
NATed or BiNATed to which public IPs. Also includes new “NAT Pool Stats”
and “BiNAT Pool Stats” scaffolds indicating NAT and BiNAT assignment usage
for each Uplink and Dynamic BiNAT Pool.

7.868
Fix bug that could cause some systems to hang during reboot after OS
patches were installed. Requires updating to latest kernel patch level first.Fix issue that caused system shutdown to take longer than it should.
7.866
Upgrade ruby to version 2.1.6 to address a security vulnerability.Upgrade the samba SMB server to address a security vulnerability.

Upgrade the SNMP server with numerous bug fixes.

Upgrade the RADIUS server including numerous stability and performance
improvements.

Upgrade the web caching proxy including numerous stability and performance
improvements.

Update the root SSL certificates.

7.864
Add a “description” column to the PMS Transactions table, which records the
name of the purchased Usage Plan, such that behavior is consistent with
Merchant Transactions.
7.863
Fix bug causing erroneous error ‘infrastructure device “…” flush MAC
command returned error 1: invalid script arguments’ when an Infrastructure
Device (e.g., ZoneDirector) experienced a connectivity problem. The error
now indicates an appropriate connectivity problem, which may happen when
the device (e.g., ZoneDirector) is rebooted while processing a VLAN Tag
Assignment flush request.
7.862
Fix bug where the nightly database maintenance routines were run at an
incorrect time if the configured time zone was changed without rebooting
the system.
7.859
Fix issue possibly causing reduced RADIUS server performance during the
overnight database maintenance window.
7.858
Add a ruby OAuth library to facilitate custom portal login integration w/
Facebook, Twitter, LinkedIn, etc.
7.842
Install a symlink to the root SSL certificate bundle where third-party
applications expect it to be. Facilitates development of custom portals
that integrate with external HTTPS services.
7.838
Alleviate rare issue where the web server would return a Fatal Error 500
when unable to connect to the database.
7.836
Fix possible issue with the SNMP server periodically not responding on some
systems.
7.834
Fix bug that prevented configuring a VLAN as an Uplink.
7.833
The RADIUS server now responds to accounting packets even when the request
does not match a valid Account of a configured RADIUS Server Realm.
7.831
Automatically strip leading and trailing whitespace when configuring RADIUS
server attributes.
7.830
Add default RADIUS server attributes for VLAN assignment, and default DHCP
option 43 custom options for Ruckus discovery.
7.825
Fix scaffold RESTful API actions to return all record attributes when
accessed via JSON or YAML.
7.824
Update FreeBSD to latest patch level 10.1-RELEASE-p9 to address
the following non-critical security vulnerabilities: CVE-2015-2923,
CVE-2014-9297, CVE-2015-1798, CVE-2015-1799, CVE-2015-1415,
CVE-2015-1414.
7.823
Improve the reliability of flushing an end-user device’s MAC from a WLAN
Infrastructure Device after logging in when per-Account dynamic VLANs are
configured.Add a “portal login at” field to the Login Sessions table that records the
time when an end-user’s device loads the login success page after the
spinning please wait animation.
7.821
Update the RESTful API SDK with examples that demonstrate changes to policy
enforcement and usage plan pricing.
7.818
Add ‘dynamic-bootp-lease-length’ as an available DHCP Option.
7.816
Fix bug affecting RADIUS server functionality on cluster controllers
running FreeBSD 10.1.
7.815
BOOTP requests are now correctly recorded as DHCP Messages.
7.812
Add the ability to redeem a coupon as part of the quick purchase sign-up
process. The quick purchase form requires coupon_code HTML input.
7.811
Fix bug that prevented peforming an OS upgrade for someone with certain
special characters in the support credential password.
7.810
Fix bug that could cause false-positive critical IP health notices such as
“detected potential problem(s) pertaining to critical host(s)”.
7.809
Add the ability to configure the DHCP server to ignore BOOTP requests.
7.807
Include an ‘rxg_build’ variable in the kernel_states table as a way to
retrieve the current software build programmatically via API.
7.806
Update Facebook login code to the latest JavaScript API release.
7.805
Prevent configuring a Landing Portal with a post-login redirect URL when
the affected Policies perform per-room/account VLAN assignment. This is to
ensure the end-user receives the message from the portal about having to
reconnect her WiFi after logging in.
7.804
Prevent configuring BGP and RIP routing simultaneously. Listening for routes
from both protocols is not supported.
7.802
Fix rare bug causing a portal failure exception of “Validation failed:
Device MAC has already been taken”.
7.801
Decrease likelihood of erroneous error “filesystem partition “/usr” is over
85% utilization”.
7.799
Fix bug where active Accounts with expired and/or no usage would get
automatically logged in and stuck at the please wait page without the ability
to purchase more usage.
7.798
Add the ability to configure if an HTTP Virtual Host is HTTPS capable or
not. Previously this was controlled by configuring a local server port of
443 or 8443.
7.796
Fix rare bug causing Custom Portal asset precompile errors when critical
directories were removed from a portal on the filesystem.
7.795
Update the base operating system to FreeBSD 10.1.In addition to many security, stability, and performance related
improvements across the board, noteworthy changes include:

The packet filtering (pf) firewall now supports fine-grain locking and
better utilization on multi-CPU machines, resulting in significant
improvements in packet forwarding performance.

OpenSSL has been updated to version 1.0.1l, containing numerous security
improvements. The HTTPS web admin console and captive portal now support
TLS v1.2 and TLS v1.1 for better encryption in all browsers.

Updated ethernet drivers for better performance and stability, including
support for newer Intel chipsets.

Add support for the new Intel on-CPU Bull Mountain random number generator
found on IvyBridge and later CPUs.

Upgrade the PostgreSQL object-relational database system to version 9.4.0,
including significant performance improvements that benefit the entire
system.

Upgrade the ISC DHCP server to version 4.3.2, including numerous stability
improvements.

Upgrade the ISC BIND DNS server to version 9.10.2, including numerous
stability and security improvements.

Upgrade the squid web caching proxy to version 3.4.12, including numerous
stability and performance improvements.

Upgrade the FreeRADIUS RADIUS server to version 3.0.7, including numerous
stability improvements. RADIUS server performance has been significantly
improved under heavy load when handling many simultaneous requests.

Upgrade the samba SMB server to version 4.1.16, including numerous
stability and performance improvements. The integrated SMB file server now
supports the SMB 3.0 protocol for better performance and interoperability
with newer operating systems such as Windows 8.1 and OS X Yosemite.

Upgrade ruby to version 2.1.5p273 for increased web admin console and
captive portal security, stability, and performance. The web server now
loads (starts/restarts) much faster.

Upgrade perl to version 5.18.4.

Upgrade python to version 2.7.9.

Upgrade other various third-party software packages to their latest stable
versions for increased performance, security, and stability.

Add the nano text editor to the CLI environment.

Add the rsync tool to the CLI environment.

Add the git and subversion SCM tools to the CLI environment.

Many improvements to the FUSION and OS upgrade process. Remote software
packages are now compressed more efficiently.

Requires explicitly performing an OS upgrade on existing installations.

7.793
Fix rare bug causing errors such as: ‘DBD::Pg::st execute failed: ERROR:
value “268545632037” is out of range for type integer at …’.
7.790
Add a Devices scaffold to the Identities->Individuals page of the web admin
console. Facilitates searching for Accounts and Devices by MAC address.
7.789
Add the ability to configure a PMS Guest Match against a guest’s room number.
7.786
Fix bug causing a success message to be displayed to the end-user when an
offsite merchant payment was not verified with the merchant. An appropriate
error message is now displayed.
7.783
Content Filtering performance improvements.
7.782
Fix bug causing erroneous blips in aggregate graphs, particularly in
cluster deployments.
7.781
Add the ability to authenticate and authorize Administrators via the
TACACS+ protocol, thereby allowing centralized TACACS+ database users to
access the web admin console without having to configure them locally. The
desired Administrative Role may be statically configured or authorized
dynamically by the TACACS+ server via the use of a custom authorization
attribute.
7.779
Fix bug where a cluster node enforced the maximum number of identities from
the node’s license and not the controller, which is always lower, resulting
in premature “Not licensed for more than … stored identities” errors.
7.778
Fix bug where computing the number of minutes left in a PMS Guest’s stay
did not take Daylight Saving Time changes into account. This prevented some
plans from being displayed in the portal for some guests under certain
deployment configurations.
7.777
Fix bug that prevented configuring HTTP Virtual Hosts for “.global” domains.
7.776
Fix rare bug causing “mail sender error: No recipient!” errors when
attempting to send an email notification to Admins because the backend
cannot connect to its database (e.g., a cluster node is not able to
communicate with the controller).
7.773
Colorize the output of ls and grep commands in the SSH terminal.
7.771
Fix bug that prevented configuring Device Options with “.global” domain
names.
7.770
Fix bug causing rare error: “DBD::Pg::st execute failed: ERROR: could not
open relation with OID …”.
7.767
Prevent restoring a backup from a system with a newer database schema
version to a system with an older version. Fixes issue where restoring a
backup taken from a system running a newer build than the system being
restored can cause fatal errors in the web admin console.
7.757
Allow span to consume entire usable space of a public WAN address. This
accommodates the case where a public block is routed to an FUSION through its
primary WAN address, then used for NAT/BiNAT.
7.756
Prevent configuring an Uplink VLAN on the same physical interface as a LAN
port, which could cause a fatal packet filter error.
7.754
Fix bug that caused a 5 second delay when sending an email.
7.752
Fix behavior where searching for a MAC in the footer of the web admin
console should pre-populate the Device field with the MAC when clicking on
Create New within the Accounts scaffold.
7.751
Fix bug where a Custom Portal with a controller name containing a number
could be configured, yielding a broken portal.
7.748
Add secret question/answer logic to the quick purchase charge portal action.
7.746
Update MAC address vendor lookup table with latest IEEE OUI listing.
7.745
Add the ability to block SSH and/or web traffic terminating at the FUSION via
Admin ACLs.
7.740
OEM customization ability now requires a unique license.
7.738
A DHCP Uplink now sends an appropriate “host-name” and
“dhcp-client-identifier (uid)” attribute when requesting a lease, which can
improve interoperability with some DHCP servers.
7.733
Fix bug causing error ‘DBD::Pg::db pg_putcopyend failed: ERROR: value
“4294967348” is out of range for type integer CONTEXT: COPY pf_connection_logs’.
7.731
Add close button to the HTML Injection “virtual frames” recipe.
7.727
Fix issue where the nightly database maintenance routine could cause
excessive CPU consumption on busy cluster controllers.
7.722
Ignore DHCP utilization health notices for shared networks and pools
smaller than 14 maximum hosts (i.e., smaller than a /28).
7.720
Prevent configuring a HTTP Virtual Host record that conflicts with the FUSION’s’s
hostname.
7.714
Fix bug where trying to initiate an upgrade via the web admin console after
a failed attempt (e.g., invalid credentials) would fail and display a blank
upgrade log unless it was at least 5 minutes after the first attempt.
7.705
Add CLI script that automates the installation of VMware Tools.
7.703
Fix rare bug where a DHCP Uplink’s IP could change, among other undesirable
behavior, when reconnecting its physical interface.
7.700
Ensure the web server backend restarts when its version changes. Fixes rare
issue causing SSL connection errors.
7.694
Fix bug causing a fatal error when running the “Utilization Summary” report
under some configurations.
7.688
Fix bug where the system clock may have become out of sync with upstream NTP
servers after an Uplink’s IP changed.
7.678
Fix bug that caused RIP to not announce routes properly.
7.677
Add NAS-Port-Type to the set of configurable RADIUS Attribute Patterns.
7.674
Improve performance when sorting and searching some Archive scaffolds by
time in the web admin console.
7.672
Fix bug causing fatal portal exception “Validation failed: Expiration must
be left blank if never is checked” when an end-user switches between a plan
having unlimited usage lifetime to a plan with finite usage lifetime.
7.671
Add the ability to batch edit the Bill date in the Accounts scaffold.
7.666
Update NTP server to address recent security vulnerabilities.
7.655
Add the ability to configure the service code sent to a Innsist PMS Server.
7.654
The Report “Past Time” configuration is now relative to the current time
instead of the beginning of the current day.
7.652
Fix bug causing intermittent SSL connection errors for some browsers under
certain conditions.
7.651
The Splash Portal remote URL, Landing Portal remote and redirect URL, and
Interstitial Redirect URL may now exceed 255 characters.
7.649
Fix bug where clicking on Show in the Interface Rates scaffold could result
in a Request Failed error.
7.645
Fix bug where an Account Group’s Policy was mislabeled as “active” in the
Policy diagram after searching for an IP/MAC belonging to an Account that
is not logged in.
7.644
Fix bug that could prevent deleting an Account having a Device and VLAN Tag
Assignment for the same MAC address.
7.643
The Comtrol UHLL PMS Server interface implementation now supports sending
the two-way, interactive posting message “POS Post Request (61)” in
addition to the previous behavior of sending a one-way, non-interactive
“Post (38)” message. This allows the PMS to reject charge postings for
various reasons even when a guest’s “inhibit” (no post) flag is unchecked
in their folio, such as a guest not having sufficient available balance.
Configurable via a new checkbox in the PMS Servers UI scaffold.
7.641
Fix issue affecting NTP time synchronization reliability.
7.639
Add the ability to configure Custom DHCP Option Spaces, enabling the DHCP
server to issue DHCP Option 43 to Ruckus APs.
7.631
Upgrade web server application framework to Ruby on Rails 3.2.21.
7.630
PMS Server duplicate transaction detection now operates against
webservice-based PMS interfaces (i.e., RG Nets FUSION API, Innsist).
7.628
PortalController#quick_purchase_charge now creates a SurveyResult if
necessary when logging in an existing Account.
7.615
Fix bug that caused Accounts not associated with a PMS Guest to be
overwritten by the PMS guest signup process.
7.605
The Innsist and RG Nets FUSION PMS webservice clients now include the currency
code configured in the end-user’s Usage Plan when posting a charge to a PMS
server.
7.604
Fix incorrect media speed detection for some 10G network interfaces.
7.600
Change the default search filter from one month to three months for various
Archive UI scaffolds.
7.597
Improve NTP server reliability.
7.594
Fix bug that prevented configuring an Application and/or WAN Target specific
Bandwidth Queue that was faster than the non-specific queue.
7.593
Update HTTP User Agent database. Update MAC address vendor lookup table with
latest IEEE OUI listing.
7.592
Fix bug where a Usage Plan’s lifetime or expiration would not be applied to
an Account with no expiration set.
7.591
Add mail and content filter logs to the Archives->Logs page in the web admin
console.
7.575
Improvements to RADIUS Server Realm proxying behavior. Realm selection for
the purposes of proxying RADIUS authentication requests is now consistent
with normal, non-proxy authentication requests. Previously a realm was
selected for proxying only if a matching Account was found, and did not
consider configured RADIUS Attribute Patterns or MAC Groups. Proxying also
now supports appending dynamic attributes to the reply.
7.560
Fix bug causing a fatal error when running the “Utilization Summary” report
under some configurations.
7.559
Fix issue where sometimes a device not behind a captive portal is
temporarily assigned to th wrong Uplink, which can persist incorrectly for
connection states that last a long time (e.g., VoIP sessions).
7.557
Update the bash shell to the latest version to address concern over the
“Shellshock” vulnerability. Note that the FUSION platform was never vulnerable
to Shellshock and other similar exploits because bash is not utilized for
anything other than the Admin SSH environment. Attempting to sneak
maliscious code into environment variables and execute it via the web server
or other services is not and never was possible.
7.556
Add the ability to disable sending database resync request messages to
Comtrol UHLL PMS Servers.
7.554
Fix bug that caused portal failure health notice: “undefined method `to_sym'”
when a device was added through the manage devices page and the specified
MAC address could not be added to the account.
7.553
Improve security of the SSL web server:Disable SSLv3 to address “POODLE” vunlerability (CVE-2014-3566).

Disable TLS 1.0 compression to further address “CRIME” vulnerability (CVE-2012-4929).

SSLv2 is now explicitly disabled in addition to the previous behavior of not
allowing any SSLv2 supported ciphers.

Disable additional weak ciphers and prefer modern ciphers and protocols to
facilitate using the best possible encryption in all browsers.

7.551
Add the ability to configure a Database Purger for MAC Group members (“macs”
table). MAC Group members are purged only if the MAC address has not been
seen on the network and the record has not been updated within the
configured time.
7.549
Add the ability to configure a Database Purger for graphing data (RRDs).
7.548
Backend performance improvements.
7.543
Fix bug that broke Triggers when used in conjunction with Account sharing
Bandwidth Queues.
7.538
The list of available time zones in Device Options is now more
user-friendly, including and sorted by the GMT offset.
7.536
Remove restriction on Infrastructure Device IP address having to fall within
a LAN network or static route.
7.532
Network I/O performance enhancements. Requires reboot to take full effect.
7.525
AR Transactions are now automatically deleted along with an Account.
7.521
Add support for utilizing ruby MS SQL client library for custom portal
integration with third-party database servers.
7.519
Add the ability to configure an IP Group and/or MAC Group in a Quota Trigger.
7.518
Fix bug where graphs could be sized incorrectly when zooming into the web
admin console with a browser.
7.515
Fix issue that broke IPsec functionality when thousands of VLANs were
configured.
7.505
Fix bug that negatively affected backend login times for some deployments.
7.502
Add NAS-Identifier, NAS-IP-Address, and NAS-Port as valid RADIUS Attribute
Patterns.
7.497
Fix issue where CPU temperature was not reported on some AMD-based systems.
Requires kernel upgrade.
7.491
Fix issue that caused some cluster controller upgrades to fail.
7.490
Performance improvements for deployments without the use of a captive portal.Add the ability to configure the default idle timeout via the Network
Options scaffold, which is a fallback setting for devices not behind a
Landing Portal. Previously this was hardcoded to 15 minutes.
7.489
Fix bug causing ‘integer out of range CONTEXT: COPY ip_traffic_rates” …’
errors on some deployments.
7.487
Update “Utilization Summary” report.Add new “RADIUS Server Accounting Summary” report.
7.485
Various scaffold UI performance improvements and bug fixes.
7.484
Improve performance of various reports, fixing issue where viewing a report
could eventually generate an internal server error (500).Fix bug causing fatal error when generating the “Monthly Guest Statistics”
and “Heavy Accounts Summary” reports.

Long integers in generated reports are now more human-readable.

7.481
Fix bug that caused portal failure Health Notice “undefined method
‘lock_devices?’ for nil:NilClass”.
7.478
Increase web server performance in development mode.
7.475
Add a precedence field to RADIUS Attribute Pattern configuration, which
enables the operator to assign priorities to different RADIUS attributes
when matching authentication requests to RADIUS Server Realm configurations.The RADIUS server now enforces Account Group, MAC Group, and RADIUS
Attribute Pattern precedences relative to each other when matching a request
to a configured realm, instead of the previous behavior where the precedence
order was always Account, then MAC Group, and lastly RADIUS Attribute
Pattern. This enables the operator to have greater control over how dynamic
VLANs are assigned based on the RADIUS request.

Accounts belonging to a Policy without a configured RADIUS Server Realm are
now ignored when matching RADIUS authentication requests to a realm (e.g., a
MAC Group or RADIUS Attribute Pattern matching the request is used instead).

7.470
Fix bug affecting RADIUS Realm logins.
7.469
Add the ability to search the various Transaction scaffolds by amount via a
range operator (e.g., >=).
7.468
Fix bug affecting URL rewrite and interstitial redirection functionality.
7.466
RADIUS accounting packets received from an Infrastructure Device (e.g., a
ZoneDirector on the LAN) no longer affects Login Sessions. RADIUS Server
Accounting Logs now record the related RADIUS Server Realm. Improve RADIUS
Server Accounting Logs scaffold.
7.461
VLAN Tag Assignments are now expired when there is still a DHCP lease on the
related VLAN when reuse VLANs is enabled in the RADIUS Server.
7.459
Add duplicate transaction detection feature to Merchant gateways. Charge
attempts for the same Account, Usage Plan, and Merchant within the last 60
seconds are now ignored by default. The timeout is configurable via the
Merchants scaffold. Similarly, duplicate charge detection for PMS Servers is
now configured as a operator-defined timeout instead of a checkbox. A
timeout of zero disables duplicate charge detection.
7.458
Fix fatal PF error when there are many groups and/or addresses configured
under certain circumstances.
7.455
Add the ability to configure an end date/time for periodic Email Campaigns.
7.450
Fix bug causing performance issues for RADIUS server accounting requests.
Improve performance when dealing with accounting Start messages.
7.444
Fix bug where a downed Uplink in a Link Control setup caused the WAN load
balancer to become out of balance for the rest of the day after the Uplink
came back online.
7.443
Update HTTP User Agent database. Update MAC address vendor lookup table with
latest IEEE OUI listing.
7.437
Backend performance improvements.
7.432
Add the ability to configure individual Access Points belonging to an
Infrastructure Device (e.g., ZoneDirector). Add the ability to group Access
Points and Switch Ports together as Infrastructure Area configuration
records, which are now available in the conference tool configuration to
associate a conference with an area covered by specific Access Points and
Switch Ports.
7.429
Fix bug where changing a PPPoE Uplink’s username or password did not restart
the PPP session.
7.427
Fix bug where hitting the conference tool via browser before authenticating
as an Administrator would incorrectly redirect to the web admin console
instead of the conference tool after login.
7.424
Fix rare bug where adding/removing/updating a Network Address was not
reflected in the live Interface/VLAN configuration.
7.423
Increase VLAN Tag Assignment timeout maximum from one day to two months.
7.422
Fix fatal error on old systems with 2GB of memory. Minimum for new licenses
is now 4GB of total system memory.
7.420
Fix bug where accessing the web admin console via HTTP instead of HTTPS
caused the operator’s browser to enter a redirect loop instead of correctly
redirecting to HTTPS.
7.416
Add the ability to add multiple sales contacts to a Conference.
7.415
Performance improvements for cluster deployments.
7.414
Improve web admin console performance when accessed via IP address or the
hostname ‘rxg.local’.
7.410
Change virtual frames HTML Injection recipe to appear on mobile format web
pages.
7.391
Fix bug causing intermittent fatal PF error under rare conditions involving
a configured FUSION Forward.
7.390
Add the ability to graph backend login seconds via a System Graph.
7.381
Fix bug causing ‘integer out of range CONTEXT: COPY interface_rates” …’
errors on some deployments.
7.380
Fix issue causing memory exhaustion on some systems.
7.376
Fix bug that caused multiple transaction records to be created for a single
transaction under certain configurations using First Data.
7.375
Fix bug where searching Admin Logs by Scaffold name sometimes did not yield
the expected result.
7.372
The web proxy services now initiate connections from more than one IP
address when multiple addresses are configured for an Uplink. End-user
devices now use their assigned NAT IP when accessing websites via the
persistent web cache, content filtering, and/or HTML rewriting proxy
services.
7.363
Login Sessions created by the RADIUS server now store the Acct-Session-Id
attribute.
7.351
Many backend performance improvements.
7.342
Add ruby rrd-ffi and librrd gems to rails environment.
7.339
Upgrade web server application framework to Ruby on Rails 3.2.19.
7.338
Various conference tool UI tweaks.
7.334
Fix bug causing some systems to crash when accessing an Admin SMB server
fileshare.
7.332
Update MAC address vendor lookup table with latest IEEE OUI listing.
7.331
Add the ability to configure a remote logging server via the Device Options
scaffold.
7.329
Add the ability to authenticate Administrators via RADIUS. The operator may
now configure a RADIUS Realm to point to a single Administrative Role,
thereby allowing any valid remote RADIUS users to act as Administrators
without having to configure them locally. The desired Administrative Role
may be overridden by the Class attribute in the RADIUS Access-Accept packet,
where the attribute’s value matches the name of a configured role.
7.328
Add Current, Average, and Maximum readouts to all Graph labels, displaying
the corresponding values over the duration of the graph time. For example, a
“24 hour” Uplink Network Graph now includes the instantaneous upload and
download rate along with the average and maximum throughput over the 24 hour
period.Graph titles have been simplified and now include the configured name of the
Graph record.
7.327
Update Reports for new Marriott standards: Add new “Realtime Guest
Statistics” report. Rewrite the “Daily Bandwidth Utilization” (Marriott
“Bandwidth Consumption Summary”) report. Add new required “peak throughput”
columns to the “Daily Conference Statistics” report.
7.323
Fix bug where flushing an individual DHCP Lease via UI scaffold could result
in a fatal error.
7.322
Fix broken “Hourly Data Usage” and “Daily Data Usage” reports.
7.319
Fix bug that caused a Usage Plans with unlimited time configured
to not be shown as a PMS Guest Match for guests that should have
matched the plan.
7.318
Various performance optimizations.
7.315
Add support for utilizing ruby MySQL client library for custom portal
integration with third-party database servers.
7.314
Fix bug causing unnecessary health notices such as:”critical_ip_message (CRITICAL) – detected potential problem(s) pertaining
to critical host(s) pf: state key linking mismatch! …”.
7.312
Add support for HP switches to be configured as an Infrastructure Device,
which allows the conference tool to map switch ports to conferences and
dynamically configure desired ports to be tagged for a conference’s VLAN.
7.308
Add the ability to include Addresses in BGPs configuration as networks to
announce.
7.307
Disable NAT on Uplinks to non-default routing table entries that are not
part of an Uplink’s directly attached network (e.g., BGP or static route
destinations traversing a WAN interface).
7.305
The Login Session Log reason of “Session-Hijack” has been renamed to
“MAC-Mismatch” for clarity reasons.
7.304
Various cluster controller performance optimizations.
7.303
Configuring a Database Purger for the dhcp_messages, pf_connection_logs,
and/or web_proxy_hits tables with an age of zero now entirely disables
logging of the records.
7.297
Upgrade web server application framework to Ruby on Rails 3.2.18, containing
important security fixes.
7.294
Improve RADIUS server performance for traditional RADIUS accounting requests
(i.e., non-DVLAN).
7.290
Fix bug in “Data Usage By Port” report that incorrectly labeled packet
counts as bytes.
7.281
Fix bug causing a fatal error when an operator exports a scaffold where the
column being sorted against is not included in the list of columns to
include in the export file.
7.279
Fix sorting by HTTP User Agent in UI scaffolds.
7.276
Fix bug where an Account was not being associated with its Device’s VLAN Tag
Assignment in certain situations.
7.274
Fix byte and duration column averages in the Web Proxy Hits scaffold to be
human-readable.
7.272
Fix bug causing the /var filesystem and/or system memory to overflow on some
systems.
7.267
Fix bug causing error: “ActiveRecord::StatementInvalid: PG::QueryCanceled:
ERROR: canceling statement due to user request”.
7.266
Fix bug causing portal error: ‘duplicate key value violates unique
constraint “index_accounts_on_login”‘.
7.264
Fix bug where changing an existing VLAN’s physical Ethernet Interface
resulted in the VLAN being disabled entirely until the FUSION was rebooted or
the backend manually restarted.
7.263
Fix bug in a cluster deployment where a VLAN tag was incorrectly reused when
there were more available VLANs.
7.261
Change the bash command-line shell’s default pager from “more” to “less”.
Add the ability for an Admin to customize their bash configuration via the
~/.bash_custom file.
7.257
Add the ability to filter by Policy in “Operating Systems” and “Web
Browsers” reports.
7.251
Fix backend issue on older systems having only two logical CPUs.
7.249
Fix rare bug causing a portal failure exception of “Validation failed:
Device MAC is invalid”.
7.246
Fix issue where some models were missing database schema information in the
manual’s API documentation.
7.243
PF Connection Logs are now archived for all protocols instead of only TCP
and UDP.
7.242
Improve NAT assignment of individual public IP addresses to LAN IPs when
there are many public NAT IPs configured, possibly more than there are
actively connected devices. Alleviates issue where two or more active device
IPs could be sub-optimally assigned to the same public NAT IP under certain
circumstances.
7.236
Update the HTTP User Agent database used to record an end-user’s browser
type. Fixes issue with reporting the User Agent as “Other” for common
devices.
7.233
A Device’s existing VLAN Tag Assignment is now automatically flushed upon
Account creation/login if the Device is no longer assigned to the correct
RADIUS Server Realm as configured by the Account’s Policy.
7.232
Fix issue where an Account’s VLAN Tag Assignment could be flushed from WLAN
infrastructure before the end-user was finished loading the login success
portal page.
7.227
Increase CPU coretemp thresholds to reduce frequency of false-positive
health notice alerts.
7.226
Fix cosmetic issue when displaying long backup filenames in the Restore
dialog of the System->Backup page of the web admin console.
7.224
Fix issues causing excessive memory utilization in recent builds.
7.214
Fix bug causing instances of error “PG::TRDeadlockDetected: ERROR: deadlock
detected”.
7.213
Fix bug causing two PF Connection Logs to be recorded for the same
connection under some circumstates.
7.211
A payment method’s stored credit card number is no longer displayed within
update forms in the web admin console and default portal.
7.209
Fix bug causing network and system graphs to break when the SNMP listen port
was configured to something other than the standard port (161).
7.208
Add support for the Aerohive Access Point Hive as an Infrastructure Device,
allowing the configuration of per-Account dynamic VLAN’s with Aerohive
equipment.
7.200
Fix bug causing error ‘duplicate key value violates unique constraint
“dead_ips_pkey”‘.
7.193
Add “Data Usage By Port” and “Data Usage By Destination” Reports.
7.192
Add the ability to configure Reports as “human readable”, which indicates
whether or not numbers in a report are formatted or converted into
human-consumable values (e.g., GB instead of bytes).The “Daily Data Usage By Account” report now contains separate columns for
bytes/packets up and down.
7.190
Fix bug where an IP’s existing states were not flushed after exceeding a
configured Trigger’s parameters (e.g., Max Connections Trigger).
7.188
Backend performance improvements.
7.186
When removing an Account’s Device, automatically purge any VLAN Tag
Assignments having the same MAC address.
7.173
Fix bug affecting the accuracy of Account, Login Session, and PF Queue Log
byte and packet counters and their related graphs.
7.165
Enable support for high resolution graphs on HiDPI / retina displays.
7.158
Add the ability to skip sending a Custom Email based on coded logic in the
email subject/body.
7.157
Fix bugs causing error emails from “Cron” containing: “Check rxgd detects
that rxgd may be hung.”
7.155
Dont start or configure any of the web proxy services unless they have at
least one Policy configured.
7.151
Improve backend performance on systems with many configured VLANs and ARP
entries.
7.145
Fix issues with and improve display of the “Daily Data Usage By Account”
report.
7.144
Improve packet filter states instrumentation scaffold to include the related
Login Session, Account, expiration timestamp, and byte/packet counts.Archive metadata of all connections that transit through or terminate at the
FUSION, including start/end times, duration, source/destination/NAT address and
port, protocol, MAC address, Login Session, Account, and byte/packet totals.
This adds a new Archives->Connections page in the web admin console.
7.139
Fix bug where “PayPal Express Checkout for Digital Goods” was incorrectly
listed as a supported direct Merchant gateway.
7.132
Archives (e.g., Login Session Logs, Expired DHCP Leases) and Transactions UI
scaffolds now load with a default search filter of the previous month, week,
or day, depending on what is appropriate for a given scaffold. The date
range may be changed via the first field in the Search form. This increases
the loading performance of some pages and makes the initial summary columns
more useful to the operator.
7.127
Fix performance issue with various utilization reports, where running
the report could result in a server error.
7.126
Update MAC address vendor lookup table with latest IEEE OUI listing.
7.117
Improve search feature for PF States, Login Sessions, and VLAN Tag
Assignments scaffolds to be able to filter against specific fields.Various minor enhancements and bug fixes to UI scaffolds.
7.113
Fix bug causing a fatal exception in a conference portal when a Portal
Modification is configured without any custom HTML.
7.099
Improve NTP server time synchronization reliability.
7.096
Fix bug causing missing data-points in Uplink graphs when a network
interface’s data rate approached the configured speed of its Uplink.
7.090
Fix bug causing false-positive “DHCP server incoming message rate exceeded
limit – possible DHCP DOS attack detected!” warnings.
7.089
Fix bug where clicking “Graph” or “Web” for an existing ARP Entry could
result in a RecordNotFound error.
7.085
Fix bug causing Fatal Error 500 in the Archives->Logs page for the PMS
log when a PMS Server includes invalid UTF-8 characters in a response.
7.084
Many backend performance improvements.
7.073
Sort labels by name in generated accounting/network/system graphs.
7.072
Fix rare bug where a misconfigured application port forward with
autoincrement enabled could increment the destination port beyond the legal
port range, causing a fatal PF configuration error.
7.067
Fix issue where a PMS guest could post duplicate charges by logging in with
their name/room on more than one device at the same time.
7.066
Fix issue where meeting the intersession limit of one Shared Credential
Group prevented an end-user from logging in with a different shared
credential.
7.065
Disable health notices with a severity of warning for the web cache
filesystem because it being around 85% full is normal behavior. The web
cache is still automatically flushed if the filesystem reaches 93% usage
instead of issuing a critical overflow health notice at 95%.
7.064
Update MAC address vendor lookup table with latest IEEE OUI listing.
7.059
Fix bug causing Fatal Error 500 for PMS guests that had invalid data in
the response from the PMS server.
7.040
Fix bug that prevented the proper idle timeout of Login Sessions that were
created by background automatic login and never initiated outbound
connections to the WAN.
7.033
Improve dynamic VLAN assignment algorithm to better distribute VLAN IDs
amongst cluster nodes. Automatically expire VLAN Tag Assignments for
inactive (downed) cluster nodes.
7.023
Improve RADIUS Server performance for busy cluster deployments.RADIUS Server Options tuneables (e.g., max servers) are no longer
configurable by the operator and are instead appropriately tuned
automatically based on system hardware and expected number of connected
devices.
7.018
Fix bug causing prorated credit to be granted to users whos previous
usage plan had already expired.
7.013
Add support for facebook login to default mobile portal.
7.010
Significant improvement to ad element overlay HTML Injection recipe.
ADWIDTH and ADHEIGHT will be substituted for actual ad width and height.
7.009
Fix bug causing fatal error for some systems on the Archives->Admins page of
the web admin console.
7.007
Conference Tool improvements:Add checkbox to Custom Portal and IP Group to identify with a conference
instead of having to include “conference” in the name.

Automatically create a Subnets Filter when creating a conference.

It is now safe to change the name of an existing conference record.

7.006
Add checkbox to the PMS Servers configuration scaffold that toggles whether
or not Usage Plans without a configured PMS Guest Match are displayed in the
portal when a guest matches at least one plan. The default behavior is to
now hide plans without a configured match if a guest matches at least one
other plan with a PMS Guest Match configured.
7.005
The set of Usage Plans offered to a PMS Guest end-user via the portal is now
correctly limited to the plans configured in the effective Splash or Landing
Portal.
7.004
Fix bug causing fatal error when searching for a MAC address via web admin
console global search on a cluster controller.
7.003
Fix minor display bug with generated policy and network diagrams.
7.000
Fix issue where a Health Notice caused by a custom portal exception repeated
many times can adversely affect database performance and possibly cause
filesystem overflow.
6.999
The Infrastructure Devices configuration scaffold has been moved to the
Network/LAN page of the web admin console.
6.998
Detect and fix a rare situation where the backend process is running without
logging.
6.996
Fix bug causing instances of error “PG::TRDeadlockDetected: ERROR: deadlock
detected”.
6.993
Change the default portal to allow PMS guests with “no post” set to purchase
free plans.
6.990
Fix bug where the original page an Admin tried to surf to was not remembered
after logging into the admin console.
6.987
Improve admin conference tool to hide an inactive conference’s SSID.
6.984
Fix bug with that prevented some Android devices from redirecting to the
portal immediately after connecting to a Wi-Fi network.
6.983
Improve nightly database maintenance routines. Fixes issue on some systems
causing error emails from “Cron” containing: “Check rxgd detects that rxgd
may be hung.”
6.981
Clicking an event in the conference tool calendar now downloads the event as
an ICS file.
6.978
Many usability improvements to the admin conference tool.
6.976
Add the ability to configure a RUCKUS ZoneDirector’s WLAN SSID via the admin
conference tool.
6.954
Fix issue where having configured and deleted many Remote DPI Signatures
could cause the /usr disk partition to consume too much space.
6.952
Add the ability to configure basic modifications to portals via the admin
conference tool interface. Allows for easy customizations to a captive
portal by uploading logo files and making WYSIWYG edits to portal views.
6.940
Fix bug causing ‘integer out of range CONTEXT: COPY pf_queue_logs” …’
errors on some large deployments.
6.938
Add the ability to download Reports as simple XML documents, excluding
title lines.
6.936
Attempt to automatically repair the web cache after filesystem corruption,
which can cause the web proxy to stop functioning under very rare
circumstances.
6.932
Add new fields to the PMS Guests table that are commonly used by PMS
interfaces and were previously stored as customX fields (e.g.,
loyalty_number), making PMS Guest Matches easier to configure. Existing PMS
Guest Match configurations are updated automatically with the field changes.
6.931
Add admin conference tool feature.
6.921
Fix issue with the Agilysys PMS interface causing some guest change records
to be ignored.
6.920
Many backend performance improvements.
6.914
Fix bug causing an exception when an invalid HTTP request generated by
the GoPro iOS app was redirected to the captive portal.
6.897
Store the appropriate Account Group in the following records, allowing the
operator to search and sort by it in UI scaffolds and API/database
integrations: AR Transactions, Expired VLAN Tag Assignments, PMS
Transactions, RADIUS Server Accounting Logs, Redeemed Coupons, Survey
Results, Merchant Transactions, Triggers, and VLAN Tag Assignments.
6.894
Add the ability to configure the number of archived log files to retain on
the filesystem.
6.893
Add the ability to display more than the default 20 rows in the second level
domains report of the web proxy archives page.
6.886
Allow the use of free plans in the quick_purchase_charge portal action.
6.885
Fix bug that sometimes caused a fatal exception when clicking on a zoomed-in
graph image.
6.881
Add the ability to configure RADIUS attribute pattern matches in RADIUS Server
Realms, which will authenticate requests containing a matching attribute. For
example, the operator may match against the WiFi SSID contained within the
Called-Station-Id attribute to assign different VLANs depending upon which
SSID an end-user connects to.
6.877
Fix bug causing portal exception errors such as: “Validation failed: MAC
“aa:bb:cc:dd:ee:ff” is not allowed because it conflicts with account “nick”.
Trying to login to a different Account than the one a device is locked to
will now produce a graceful error in the portal. Requires adding a new error
symbol (:device_locked) to the flash view in existing custom portals.
6.875
Fix bug where deleting a configuration row in a scaffold could cause its
associated configurations to remain unavailable for new records of the same
type as the configuration that was deleted.
6.871
Update MAC address vendor lookup table with latest IEEE OUI listing.
6.870
Add the ability to configure the number of months, weeks, or years for Usage
Plan relative lifetime in addition to minutes, hours, or days. Allows the
operator to configure more accurate monthly plans instead of specifying the
number of days in a month. The usage expiration date/time set in the Account
ends on the same day and time of the month/week/year that the plan is
applied.
6.867
Update the default portal to allow provisioning Accounts to PMS guests
supporting more than one device per Account.Add an “Account sharing” option to the PMS Servers scaffold to configure how
Accounts are shared between multiple registered guests in a room’s folio.
The available options are:

per-Device – an Account is created for every device (old behavior).
per-Guest – an Account is created for each unique guest name checked into a
room and shared by all devices that supplied the same name and room.
per-Room – an Account is created for each set of guest names checked into a
room at the same time and shared between all devices.

6.856
Upgrade web server application framework to Ruby on Rails 3.2.16, containing
important security fixes.
6.849
Add the label of the selected menu item to the HTML title in the web admin
console pages.
6.840
Add support for proxying RADIUS Server requests to other remote RADIUS
servers.
6.837
Add the ability to disable posting zero amount charges to a PMS Server.
Add the ability to disable duplicate charge prevention for a PMS Server.
6.831
Add the ability to configure dynamic VLAN deployments to share VLAN IDs
between Accounts or Rooms, in addition to the existing behavior where every
device gets its own VLAN. Configurable via RADIUS Server Realms scaffold.
Account Policies must be configured in the RADIUS Server Realm.
6.824
Rename “Users” to “Accounts” and “User Groups” to “Account Groups”.
System database table and API class names have also been renamed.
Existing custom portals on the FUSION device are upgraded automatically.
6.812
Add a Bandwidth Queue shaping mode of “Account”, where end-user accounts
with multiple Login Sessions will share a bandwidth rate limit between the
devices. “Group” and “Account” shaping are mutually exclusive for a given
Policy – only one type (“Account” or “Group”) may be configured in addition
to “Device” (IP) and “Policy”.
6.804
Improve performance on systems with thousands of VLANs.
6.802
Improve loading performance of the Archives->Web Proxy page, which could
timeout and display an internal server error on systems with millions of web
requests per day.
6.800
Add support to login from multiple devices with the same User account or
Token. A UsagePlan/User’s max sessions configuration parameter limits the
number of simultaneous login sessions per account. It is recommended that an
existing custom portal’s “already_logged_in”, “manage_devices”, and “flash”
view templates are updated to match the new default portal.
6.799
Fix bug where an Interim-Update accounting packet from a RADIUS NAS could
incorrectly alter the usage byte/packet counters of a Login Session with a
different IP address than the Framed-IP-Address of the RADIUS request.
6.792
Fix bug where the portal application would not redirect the end-user to the
correct Cluster Node if the end-user was behind a routed network configured
via a Static Route.
6.790
Add support for Facebook login integration to the default portal. Requires
configuring a Facebook App ID and Shared Credential Group in a Custom Portal
configuration.
6.787
Fix bug where an end-user’s desired URL was sometimes wrong after logging in
to the portal, usually when the end-user had previously logged in before.
6.786
Change a User’s MAC to be stored as a separate “Device” record. Allows
multiple devices/MACs to be associated with the same User, mainly for
automatic login purposes. Configurable via Users scaffold.
6.781
Add %random_number% as a substitution variable for remote captive portal and
interstitial redirector configurations, populated with a random eight digit
integer. May be used to alleviate issue where some iOS devices tend to
illegally cache remote portals.
6.780
After an Agilysys PMS performs nightly maintenance, skip the guest database
resyncronization process, which can take a long time and is unnecessary.
6.777
Update MAC address vendor lookup table with latest IEEE OUI listing.
6.776
Fix bug where the RADIUS server would fail to authenticate an end-user’s MAC
via MAC Group/Pattern matching if a User having the same MAC address was in
a Policy not associated with a RADIUS Server configuration.
6.775
Fix scaffold export bug resulting in a fatal exception when trying to export
the result of searching against a column, where that column was not selected
as a column to export. For example, searching transactions for a specific
Usage Plan and then exporting the result without selecting the Usage Plan
column.
6.774
Decrease likelihood of erroneous “killing process …” errors.
6.773
Add an “autoincrement ratio” to VLAN configuration options, which controls
the number of Address autoincrement subnets that are setup on each VLAN tag.
Allows the operator, for example, to easily configure many /30 subnets on
many VLANs to be used in conjunction with dynamic VLAN assignment when the
number of available VLANs exceeds the expected number of simultaneous
end-users, and client broadcast isolation is desired.
6.768
Enable debug mode by default in RADIUS Server Options configuration.
6.766
Add the ability to configure the number of months, weeks, or years for a
Time Plan in addition to minutes, hours, or days. Allows the operator to
configure more accurate monthly plans instead of specifying the number of
days in a month. The number of minutes allocated to the user end on the same
day and time of the month/week/year that the plan is applied.
6.763
Upgrade web server application framework to Ruby on Rails 3.2.15, containing
a minor security fix.
6.761
Fig bug where increasing the licensed maximum number of Login Sessions would
not immediately take effect for automatic login behavior.
6.760
Add a PMS webservice API specification and client that a PMS vendor may
utilize to add support for interfacing with an FUSION’s PMS Server interface.
6.757
Improve DHCP Match Rules configuration scaffold usability. Fix bug where the
operator could configure a match rule with an illegal hardware string that
caused the DHCP server to stop functioning.
6.755
Fix bug causing a user account to be deleted as the result of a
transaction failure under certain circumstances, even if that user had usage
remaining.
6.754
Fix bug where a Remote DPI Signature’s categories was not modifiable via API.
6.753
Fix bug where deleting a configuration record could time-out and result in
an error 500 if it had many associated log records (e.g., a Usage Plan with
many old Login Session Logs).
6.750
Remove support for and reliance on the Prototype JavaScript framework in
favor of only jQuery. Reduces portal delivery size and end-user browser
overhead. Improves web admin console performance.
6.747
Fix rare bug causing error emails from “Cron” containing: “Check rxgd
detects that rxgd may be hung.” on some systems in the southern hemisphere
after a Daylight Savings Time shift.
6.745
Fix bug that broke remote backups via SFTP when one or more single quote
characters were present in the password.
6.744
Add the ability to download Reports as XLSX (Excel Microsoft Office Open XML
Format Spreadsheet) files in addition to CSV. Reports are now attached to
Custom Emails as XLSX files.
6.742
Configuration export improvements:Add the ability to export scaffold data as XLSX (Excel Microsoft Office Open
XML Format Spreadsheet) files in addition to CSV. Exporting via XLSX format
is not recommended for large datasets.

Add “Select All” and “Select None” links to make selecting the desired set
of export columns easier.

Column header names now match what is shown in the UI instead of the system
database.

Improve the name of the export file to contain the system domain name and
date.

6.740
Fix bug with remote FTP backups using a full path as the destination path.
6.738
Fix duplicate key error causing excessive database re-sync requests with
the Agilysys PMS interface.
6.736
Fix bug affecting behavior of CIDR blocks larger than /30 configured in an IP
Group.
6.735
Upgrade web server application framework to Ruby on Rails 3.2.14 and ruby
gems to latest stable versions. Minor admin console and captive portal
stability and security improvements.
6.731
Add the ability to include Accounting, Network, and System graphs in Custom
Emails as attached PNG files.
6.730
The RADIUS server now authenticates requests where the Calling-Station-Id
matches a User’s MAC address.
6.728
Add “Triggered Events Summary” report.
6.727
Add the abilty to include generated Reports in Custom Emails as HTML and
attached CSV files.
6.726
Add the ability to configure a Report for various periods of time in the
past, in addition to specific start/end times. e.g., “Last 7 days”,
“Yesterday”, “Last Month”.
6.722
Improve performance and memory utilization on systems with many Users and/or
Tokens.
6.719
Fix rare issue where the backend may hang indefinitely when sending Health
Notice emails, resulting in “Check rxgd detects that rxgd may be hung” error
emails.
6.718
Fix bug that prevented a transient group membership’s IP from effectively
belonging to an IP Group, thereby breaking certain Trigger behavior.
6.717
Fix bug causing unreliable SNMP server logging.
6.716
Remove harmless warning in PMS interface log when receiving an ACK char from
Galaxy PMS.
6.715
Add support for more than one HTML Payload Rewrite configuration, allowing
the operator to create different injections for different policies.
6.710
Fix database performance issue when running newer builds on outdated
operating system FreeBSD 8.3.
6.707
Fix issue where sometimes a portal end-user needed to be redirected to a
different cluster node and was not.
6.706
Fix bug affecting IPsec tunnels when used in conjunction with autoincrement
network addresses.
6.703
Fix bug with Device Options view of the built-in manual.
6.702
Add “Daily Data Usage” report.
6.701
Add “Detailed Data Usage” report.
6.700
Fix performance issue when there is an exceedingly high DHCP server request
rate and dynamic VLANs are configured.
6.698
Fix bug affecting log rotation.
6.697
Add “Hourly Data Usage” report.
6.693
Improve performance when using certain Intel NICs at high load deployments.
6.692
Update MAC address vendor lookup table with latest IEEE OUI listing.
6.691
Fix bug that broke OS updates for some systems.
6.689
Add support for a PMS checking in multiple rooms under the same name and
guest ID/number.
6.687
Fix bug causing some POST messages to fail when using Agilysys LMS.
6.685
Make the configurable log rotation hour affect when nightly database
maintenance is performed.Resolve rare error message when performing nightly database maintenance:
‘vacuumdb: vacuuming of database “config” failed: ERROR: tuple concurrently
updated’.

Improve error detection and reporting for nightly database maintenance
operations.

6.680
Fix bug that sometimes caused the web cache to overflow the disk.
6.677
Automatic correction for various files that can be corrupted in the case of
an improper shutdown.
6.676
Fix bug that sometimes caused an incorrect IPsec configuration state when an
Uplink fails.
6.673
Better protection against excessive CPU utilization in defective custom
portals and applications in general.
6.669
Workaround for bug with Agilysys LMS that sends erroneous ‘Duplicate Ticket’
messages for POST’s that are not actually duplicates.
6.666
Fix bug causing a health notice when a RADIUS Server had more than one
VLAN configured and the number of VLAN assignments exceeded the size of a
single VLAN’s tag range.
6.662
Add automatic login capability to Shared Credential Groups.
Credential, access and session restrictions are still enforced on subsequent
automatic login attempts.
6.660
Add the ability to configure background automatic login mode for landing
portals.
6.659
Enable automatic login for Tokens.
6.658
Fix bug affecting an Infrastructure Device with a password containing
special characters and improve error handling and notification.
6.657
Fix bug that broke some statistics gathering and graphing functionality when
the SNMP community string contained an ‘@’ character.
6.655
Fix bug affecting log rotation.
6.652
Add the ability for a user to sign up for a plan that supports more than one
device. Total allowed devices is configured in the max sessions field of the
Usage Plan. Works with dynamic group generation for shared bandwidth between
the devices. Works with L2/L3 unit isolation for the devices.
6.634
Add the ability to configure the hour during which system logs are rotated
via the Device Options scaffold. Improve log rotation to reduce CPU overhead
and the amount of time it takes to restart critical services.
6.620
Store a User’s IP, MAC, and hostname when creating transaction records for
offsite merchant gateway payment notifications, instead of the remote
payment gateway’s IP.
6.612
Improve backend login time performance.
6.587
Fix exception in the portal caused when a hotel guest leaves the guest
profile page open, and attempts to re-use a connection after the guest has
checked out.
6.586
Fix bug causing the Network dashboard page not to display properly when
a PPPoE was configured without an Uplink association.
6.585
Fix bug causing the Identities->Definitions page not to display properly.
6.581
Fix bug causing duplicate parameters to be added to the URL string when
using a remote portal.
6.576
Add “Daily Guest Revenue” report.
6.566
Fix intermittent UTF-8 encoding error when viewing web server logs/reports.
6.564
Fix bug causing a user with no usage remaining to get stuck at the
please wait page in the portal when signing in.
6.560
Add range offset limit (cache range request prefetch limit) configurability
to the web cache server.
6.551
Fix bug that prevented port forwarding to idle devices on the network.
6.544
Modify PMS Guest Match behavior to be more restrictive with plan
selection. Do not count transactions for expired plans. Only match
plans from a PMS Guest Match whos group belongs to a previous transaction.
6.541
Add support to the API for altering “Secret Answers”.Add User authenticate action to the API.
6.537
Fix bug with Daily Guest Statistics report.
6.530
Add initial support for third-party infrastructure devices integration
(e.g., Ruckus ZoneDirector).
6.526
Tweak list of exportable columns in Users, Tokens, and Coupons scaffolds to
improve export performance and remove unnecessary fields from the resulting
CSV.
6.515
Enhancements to default portal to better support plan upgrades for PMS
clients.
6.510
Add portal support for per-unit VLANs when using PMS.
6.507
Update “Daily Guest Statistics” report to include totals row.
6.488
Fix bug with inline display of report in XML format.
6.482
Add “Daily Conference Statistics” and “Monthly Guest Statistics” reports.Various Report improvements.
6.477
Add checkin and checkout timestamps to PMS Guest records indicating the last
time a checkin/checkout message was received from the PMS. Facilitates
reporting against PMS servers that do not supply a guest’s arrival or
departure time (e.g., Marriott).
6.473
Add the ability to configure the DHCP server with vendor-specific options
(DHCP Option 43) via the Custom DHCP Options scaffold.
6.467
Fix bug that prevented an Admin from permanently deleting a Custom Portal
directory from the filesystem.
6.466
Tweak memory footprint of the web server.
6.464
Add system IUI (Installation Unique Identifier) and shutdown/reboot buttons
to the initial Admin creation page of the web admin console.
6.460
Fix bug where some obscure WISPr clients were not redirected to the portal.
6.458
Fix bug causing exception in captive portal when a client is missing an HTTP
user agent identifier.
6.457
Fix issue where uplinks configured with an address span greater than 1 could
switch the WAN IP an end-user was being NATed to at an undesirable time.
6.453
Fix “invalid byte sequence for encoding “UTF8″: 0x00” error when
instrumenting web proxy requests.
6.448
Improve memory utilization on systems having many Users with automatic login
enabled.
6.445
Fix bug where sometimes stale instrumentation records are leftover after
creating a cluster controller.
6.441
Fix bug where the DNS Server visibility option could not be set to include
the WAN. Limit recursive queries to only LAN clients and permit
non-recursive queries from configured WAN Targets.
6.440
Upgrade web server application framework to Ruby on Rails 3.2.13, containing
important security fixes.
6.437
Upgrade web caching/proxy software with recent security patches.
6.433
Modify quick purchase functionality to automatically detect login, password,
and password_confirmation form fields and use them if they exist for user
creation. This allows for easy modification of the quick_purchase view in a
custom portal to allow an end-user to choose her own username/password
instead of having one auto-generated.
6.430
Add “initial minutes” configurability to interstitial redirect mechanism.
This new configuration option enables the operator to override the
periodicity of the “minutes” for the first redirect. This may be set to “0”
so that the end-user will experience interstitial redirect immediately upon
login.
6.425
Add a “MAC OR cookie” automatic login mode, where an end-user will be
automatically logged into the portal if her MAC matches that of the previous
session OR her browser still has a cookie from the last time. The existing
“MAC + cookie” mode that requires the MAC to match AND an existing browser
cookie has been renamed to “MAC AND cookie”.
6.423
Ability to configure the Revenue Code of the Marriott PMS interface.
6.422
Fix blank “Charge To Property” field in Agilsys PMS charge posting messages.
6.421
Shared Credential Group enhancements:Add the ability to configure shared groups for specific Splash Portals,
allowing the operator to restrict shared credentials to certain
portals/networks.

Add the ability to limit shared credentials to specific days of the week.

Add the ability to configure recurring shared groups, where the
effective/expires time is automatically bumped based on a recurring interval
(e.g., daily, monthly, yearly).

Add a “state” configuration, allowing the operator to configure a shared
group as active or suspended.

Add fields to store general customer and sales contact information about a
scheduled hotel conference which can be useful for event planning and in a
custom portal.

Add a configurable “message of the day” field to be displayed in the captive
portal after login.

6.420
Send a “TEST” message to Galaxy PMS servers every 15 minutes as a connection
keep-alive.
6.418
Add inline “Graph” links to Network, System, and Accounting Graphs scaffolds.
6.417
Fix bug where the license QR code image was not displayed on some systems.
6.416
Add official support for the Marriott PMS interface.
6.414
Automatically generate a random alphanumeric credential when creating a new
Shared Credential Group.
6.411
Fix bug causing portal error: “Validation failed: Agent has already been
taken”.
6.410
Add “Daily Merchant Transaction Statistics” report to count and sum daily
credit card transactions for a set of policies/plans.
6.403
Record an end-users HTTP User Agent when accessing the captive portal. User
agent is recorded with every login session and transaction. Enables
reporting against browser type, version, operating system, etc. Adds a new
“User Agents” scaffold to Archives->Portal.Add “Operating Systems” and “Web Browsers” reports displaying number of
sessions for each type of OS and browser.
6.399
Fix bug causing Fatal Error (500) when attempting to run a Packet Dump on a
node via a cluster controller.
6.398
Fix bug that prevented generating a graph with an end time other than the
current time (“0 minutes ago”).
6.395
Upgrade web caching/proxy software. Fixes several major crashes of the proxy
when opening server connections. These issues affected upstream connections
when the client aborted early or timed out waiting for the final stages of
HTTP transactions to complete.
6.393
Resolve issue with rare bug where sometimes the default route is incorrectly
replaced by the operating system.
6.391
Improve packet filtering performance and resolve periodic latency issues
experienced at some deployments.
6.390
Support WISPr in conjunction with remote captive portals.
6.377
Fix bug that prevented searching for a specific room in the PMS Transactions
scaffold.
6.372
Prevent configuring DHCP Pools that conflict with the range of other pools.
6.371
Truncate host names in malformed web proxy requests. Fixes rare bug causing
error: “DBD::Pg::db pg_putcopyend failed: ERROR: value too long for type
character varying(255) CONTEXT: COPY web_proxy_hits, column host:
6.364
Do not allow configuring a WAN Address with a large enough span that it
conflicts with an Uplink’s gateway IP.
6.363
Fix bug where VLAN Uplinks were not displayed in a Cluster Node’s Uplinks
configuration scaffold.
6.362
Add the ability to configure Static Route entries as the local network for
IPsec Tunnels.
6.355
Packet filtering performance optimizations for systems with many groups.
6.354
Upgrade web server application framework to Ruby on Rails 3.2.12, containing
important security fixes.
6.351
Fix rare bug causing error emails from “Cron” containing: “rm:
/tmp/check_rxgd.pid: No such file or directory”.
6.350
Fix rare fatal packet configuration error on systems with slow uplinks and
many end-users and bandwidth queues.
6.349
Fix bug causing rare error: “DBD::Pg::db do failed: ERROR: column “_id” of
relation “pf_queues” does not exist at …”.
6.348
Fix bug causing the number of sytstem processes to not be graphed when
the number exceeded 2k on heavily loaded systems.
6.347
Fix bug that prevented FreeBSD 9.1 OS upgrades on cluster nodes.
6.343
Permit configuring a Shift4 merchant ID in the Partner field of a Merchant
configuration scaffold.
6.342
Fix bug that broke SNMP and network graphs for some systems.
6.341
Upgrade web caching/proxy software. Fixes issues with upload bandwidth
throttling and rare memory leaks.
6.338
Add the RADIUS reply message to the error displayed in the default portal
when an end-user enters invalid credentials for a RADIUS server. Also add a
new message substitution variable for use with remote portals. %message% now
contains the “Radius-Reply” attribute in the case of a login failure.
6.333
Ignore “detected potential problem regarding critical IP” health notices for
gateways of DHCP Uplinks, as they are usually ignorable false positives.
6.331
Fix performance problem with certain reports causing an error in the web
admin console.
6.328
Fix bug where day of the week configurability was missing from the Time
Triggers scaffold.
6.326
Stop allowing end-users to login to the captive portal with an expired Token.
6.325
Fix bug where the Admin Roles scaffold listing did not show configured
notification emails.
6.312
Set the Ecommerce_flag for First Data Merchant transactions. This affects
the per-transaction cost paid by the merchant account (operator).
6.310
Fix bug that broke exporting Shared Credential Groups on systems with many
Login Session Logs.
6.306
Update payment gateway library, adding support for additional Merchants.
6.300
Update base operating system to FreeBSD 9.1.Upgraded packet filtering (pf) framework yielding numerous performance and
stability improvements, including:

In pf, store routing table ID, queue ID etc directly in the packet header
mbuf instead of using mbuf tags (which use malloc’d memory). This yields a
100% improvement in packet performance.

Skip TCP/UDP/ICMP/ICMP6 checksumming when not necessary. This yields a
further 10% improvement in packet performance.

Upgraded ethernet drivers for performance and stability improvements,
including support for newer chipsets.

TCP/IP network stack and IPsec performance and stability improvements.

The OS scheduler has been improved for CPU load balancing on SMT (Simultaneous
MultiThreading) CPUs, yielding a 10-15% performance improvement when the
number of threads is less than the number of logical CPUs.

Improved ATA/SATA disk subsystem driver using a Common Access Method (cam)
based implementation.

Filesystems now implement softupdates journaling, which introduces a intent
log into the filesystem, eliminating the need for background file system
consistency check and repair (fsck), even after unclean shutdowns.

Filesystems now implement the TRIM command when freeing data blocks. TRIM
allows the filesystem to send a delete request to the underlying device for
each freed block. The TRIM command is specified as a Data Set Management
Command in the ATA8-ACS2 standard to carry the information related to
deleted data blocks to a device, especially for a SSD (Solid-State Drive)
for optimization.

Upgrade the PostgreSQL object-relational database system to version 9.2.2 for
increased database performance and stability.

Upgrade ISC DHCP server to version 4.2.5 for increased stability.

Upgrade FreeRADIUS RADIUS server to 2.2.0 for increased stability.

Upgrade ruby to version 1.9.3.327 for increased web admin console and captive
portal security and stability.

Upgrade other various third-party software packages to their latest versions
for increased performance, security, and stability.

Requires explicitly performing an OS upgrade on existing installations.

6.281
Add HTTP virtual hosts feature enabling remote access to local web servers.
6.265
Various system and network performance and security optimizations.
6.221
Improve support for certain Intel network cards (igb driver) having many
ports. Add a health notice warning for “Could not setup receive structures”
errors to detect when physical interface setup fails.
6.219
Truncate DHCP lease UIDs that are too long. Fixes rare error:
DBD::Pg::db pg_putcopyend failed: ERROR: value too long for type character
varying(255) CONTEXT: COPY dhcp_leases, column uid:
6.218
Update SOAP client, including Innsist PMS optimizations.
6.215
Packet filtering performance optimizations.
6.211
Upgrade web server application framework to Ruby on Rails 3.2.11.Improve security of web admin console and captive portals.
6.204
Fix bug that broke global footer search on a cluster controller under certain
conditions.When searching for an end-user via the global search footer, include only
the Groups the end-user is a member of in the Policy diagram, instead of
every Group associated with the Policy.
6.195
Fix bug with Agilysys LMS PMS message format.
6.192
Automatically flush the web cache before creating a CRITICAL filesystem
utilization health notice, instead of after.
6.189
Don’t create a health notice for the error “invalid request format received
from PMS client: ” when a zero byte request is made to the PMS interface,
which is likely caused by an intermittent connection error.
6.188
Fix bug causing rare error: “NoMethodError (CRITICAL) – undefined method
`valid_encoding?’ for nil:NilClass
app/controllers/portal_controller.rb:2473:in `block in
check_and_insert_desired_url'”
6.187
Fix issue with upload bandwidth throttling when utilizing the web proxy.
6.186
Improve error handling and email notifications when the database connection
fails (e.g., in a cluster environment).
6.181
Fix rare bug where the nightly database reindex routine would not run if the
nightly database cleanup routine failed.
6.180
Fix issue where application crash dumps could cause the root disk parititon
to overflow.
6.174
Add the ability to configure the DHCP server as authoritative or not
(previously was always authoritative). DHCP networks shared between two or
more cluster nodes may need to be configured as not authoritative. Fixes
issue where an inappropriate DHCPNAK message sent by a server other than the
one that assigned an address could cause some clients to not receive an IP
address.
6.171
Fix bug causing errors such as “DBD::Pg::db pg_putcopyend failed: ERROR:
invalid input syntax for integer: “a:” CONTEXT: COPY pf_states”.
6.169
Fix rare issue causing “Check rxgd detects presense of pid file but no
matching process.” error emails.
6.163
Fix bug causing error “DBD::Pg::db pg_putcopyend failed: ERROR: value too
long for type character varying(255)” when instrumenting web proxy access hits.
6.162
Fix bug causing rare error: DBD::Pg::db do failed: ERROR: zero-length
delimited identifier at or near “””””.
6.161
Fix rare fatal PF configuration error.
6.159
Try to prevent nightly “Check rxgd detects that rxgd may be hung” error
emails at some deployments with high web proxy utilization.
6.158
Improve DHCP failover and load balancing capabilities for cluster
deployments. Adds the ability to share the same DHCP pools between two nodes
by implementing the draft IETF DHCP Failover Protocol.Add more information to DHCP Leases instrumentation.
6.152
Fix bug causing error “DBD::Pg::db pg_putcopyend failed: ERROR: literal
carriage return found in data”.
6.151
Add proxy ARP functionality configurable via a Network Option setting.
6.145
Fix bug causing an uplink to be inappropriately set via a ping target that
was not associated with that uplink.
6.132
Fix bug causing exception: “ActiveRecord::RecordNotSaved: Failed to save the
new associated login_session”.
6.125
Fix bug where creating a new Journal entry for a User would cause an
exception and incorrectly create the entry when charging the user failed.
6.118
Fix bug causing error when sending RADIUS Interim-Update packets for many
sessions: “heartbeat timeout of 300s exceeded for /var/run/expire_sessions.pid …”
6.116
Add dhcp-server-identifier to list of available DHCP options.
6.115
Fix bug causing errors such as: DBD::Pg::db pg_putcopyend failed: ERROR:
invalid input syntax for type timestamp: “rxgd”
6.113
Fix bug causing redeem coupon to fail for coupons with no expiration.
6.109
Upgrade and improve performance of web cache proxy.Automatically cache Microsoft and Apple updates (requires increasing max file size option).

Support configuration of a memory-only (diskless) cache.

6.092
Fix bug where detecting certain credit card types for some Merchant gateways
was broken.
6.091
Add support for configuring CyberSource transaction key via Merchant
password field (increase size of the password field).
6.087
Fix bug where the operator was unable to remove all email notifications from
an Admin Role.
6.085
Fix bug where in a cluster deployment a node’s VLAN addresses configuration
was not displayed in the node’s web admin console Network Address scaffold.
6.083
Automatically flush the web cache if the cache’s disk partition usage
exceeds the configured cache size or is about to overflow the disk.
6.067
Fix bug where a User belonging to a recurring Usage Plan was not logged out
when her session’s quota ran out.
6.049
Add the ability to populate the “note” field for coupons and tokens.
6.027
Fix bug where an operator was allowed to delete the last remaining Admin
account, or her own account.
6.015
Upgrade web server application framework to Ruby on Rails 3.2.9.
6.011
Increase Max Connections Trigger configurable limit to 3000.
6.010
Fix bug with automatic RADIUS login, where it would unnecessarily repeat
failed login attempts.Make %notice, %exception%, and %error% strings blank in a remote portal’s
URL when redirected to by a splash portal (i.e., when there is not an error
to provide).
6.008
Add “backend_login_at” timestamp/flag attribute to the LoginSession model,
indicating when the backend has “fully logged in” a session. Useful for
remote API implementations to know when a session is fully logged in. Make
enhancement that also reduces the avarage time the portal application waits
for a session to be logged in.
6.003
Fix bug where certain portal error messages that should have been ignored
were not because of non-english locales.
5.996
Add support for configuring PKCS#8-formatted private keys in certificate
chains. Server key is automatically converted to RSA format.
5.994
Permit configuring the user id for the Elavon Virtual Merchant Gateway via
configuring the Merchant’s “signature” field.
5.993
Change Usage Plan price display method (e.g., in portal usage plan list) to
show the original plan price and the amount of a User credit consumed (if
any), instead of just “free”. Plans that were originally zero-cost still
display “free”.
5.991
Fix bug where displaying the PMS Servers scaffold (e.g., Gateways page) could
result in an error 500 when many transactions existed.
5.989
Remove spikes in Uplink network graphs that greatly exceed the configured
speed of the Uplink.
5.985
Avoid fatal packet filter errors when an Uplink is misconfigured to be
faster than its physical interface’s negotiated link speed, or a Bandwidth
Queue’s total realtime download requirement is misconfigured and exceeds a
LAN interface’s link speed. Add relevant warning health notices.
5.976
Consolidate the Archives->Graphs menu page into Archives->Reports.
5.970
Add a cookie-only automatic login mode. The “cookie” mode is similar to
“MAC + cookie”, except the end-user’s MAC address can have changed as long as
there is still a matching cookie in her browser. This is useful for
situations where a user switches between a wired and wireless connection,
thereby changing MAC address.
5.968
Fix bug where the “Flush All” button for ARP entries and DHCP leases, the
“Delete All” button for Tokens and Coupons, and other similar scaffold
buttons would not display a notice and refresh the list after completion.
5.967
Add a “Cure All” health notices button to the scaffold, which automatically
cures all uncured health notices.
5.965
Fix broken Bandwidth Queue Traffic Rates and Policy Traffic Rates scaffolds on
a cluster controller.
5.964
Fix “invalid byte sequence for encoding “UTF8″: 0x00” error when
instrumenting packet filter queues.
5.963
Fix rare, fatal packet filter configuration error when an Uplink loses its IP
address.
5.960
Add automatic login capability for RADIUS Realm and LDAP Domain
authentication methods. If configured, end-user passwords are stored in
encrypted format and used to re-authenticate returning users having the same
MAC address as their previous session.
5.957
Fix bug causing a fatal exception when a remote portal hits the FUSION’s
captive portal with an invalid RADIUS login request.
5.950
Detect the latest official FUSION build and disable the automatic update form
if the FUSION is already running the latest official build (or greater).
5.940
Add viewable and downloadable reporting functionality.
5.925
Fix bug where custom portal assets in sub-directories were not pre-compiled
when running the web server in production mode.
5.922
Fix bug where initiating a batch delete would sometimes delete records in
other scaffolds.
5.917
Work around issue where a duplicate guest number may be received by a PMS
server, causing the FUSION’s PMS interface to update the wrong PMS Guest
record. This caused some PMS Transactions to appear to be linked to the
wrong guest.
5.905
Fix bug where plans selected with a PMS Guest Match would be displayed
even if they were greater duration than the previously purchased plan, or the
previously purchased plan was expired.
5.900
Record the RADIUS request in addition to the response packet in Login Sessions
and Login Session Logs for RADIUS Realm authentication.
5.897
Fix bug where sometimes an FUSION upgrade or restore initiated from the web
admin console would prematurely report the process as being finished right
after it started.
5.894
Add the ability to configure a post login redirect URL in a Landing Portal,
which allows the operator to redirect the end-user to a configurable URL or
her originally desired URL after successful login. Requires modifications to
existing custom portals.
5.877
Fix bug where large uploads to the web admin console (e.g., a backup
restore) could cause the disk to overflow when there was actually more space
available.
5.876
Fix bug with CHKM message format in Galaxy PMS interface.
5.870
Add the ability to enforce Quota Triggers on RADIUS and LDAP authenticated
users over a configurable window of time. Also allow the time window to be
configured for normal User accounts instead of enforcing the Quota Trigger
over the entire period of time since the User last recharged.
5.868
Fix bug in PF Queue Logs instrumentation causing certain queues/users to
be ignored (byte consumption not recorded).
5.856
Fix rare portal exception: “NoMethodError cannot parse Cookie header:
undefined method `size’ for nil:NilClass”
5.854
Increase interrupt storm threshold limits on faster hardware.
5.852
Fix bug causing “invalid byte sequence for encoding “UTF8″: 0xedbf94” errors.
5.851
Add a “login” string to the Queue Logs archive and instrument scaffolds,
which is useful for reporting on per-end-user quota (byte/packet)
consumption for non-User sessions (e.g., RADIUS).
5.850
Add the ability to upgrade an FUSION’s operating system via the web admin console.
5.841
Fix bug with LDAP/AD authentication.
5.831
Fix bug causing certain manual pages not to load.
5.822
Better protection against memory leaks in defective custom portals.
5.819
Fix bug causing more local routine backup files to be kept than what was
configured.
5.818
Improve reliability of the database purger.
5.815
PPPoE reliability enhancements for certain ISPs.
5.810
Add the ability to whitelist specific rule IDs (SIDs) in a Remote DPI
Signature. Allows the operator to fine-tune the set of rules provided by the
remote signatures, choosing to ignore certain alerts without having to
exclude an entire category.
5.806
Upgrade web server application framework to Ruby on Rails 3.2.8.
5.803
Add Bandwidth Queue tree summary graph that visually represents the FUSION’s
bandwidth shaping hierarchy as configured in the Policies->Traffic Shaping
page of the web admin console.
5.799
Fix bug where a Merchant Transaction’s full response dump displayed when
clicking “Show” was no longer human readable.Improve visual layout of the Merchant and RADIUS response parameters in
their respective “Show” views.

Remove the Archives->Portal->Merchant Transactions view from the web admin
console as it was a duplicate of the Merchant Transactions scaffold under
Billing->Transactions.

5.798
Fix issue where a cluster node’s license could be temporarily disabled under
rare circumstances when the node cannot communicate with the controller due
to database connection timeout.
5.796
Fix broken Subnets Filters under certain conditions and configurations.
5.795
Fix charging a User when creating an A/R Transaction credit.
5.794
During RADIUS server authentication, try interpreting the User-Name
attribute as a MAC address and look for a User with a matching login that is
also a MAC address. MAC addresses are normalized before comparison such that
the format in the RADIUS packet and User database do not have to be the
same.
5.792
Upgrade web server application framework to Ruby on Rails 3.2.7.
5.790
A Bandwidth Queue’s speed now affects how an Uplink’s bandwidth is shared
when the link is saturated and users cannot achieve their peak speed.
End-users in a Policy with a faster Bandwidth Queue are allowed to use more
of the Uplink than users behind a slower queue. This enables the operator to
ensure policies and/or groups for a higher level of service are allocated a
larger portion of an Uplink’s bandwidth during heavy-usage times.
5.785
Optimize bandwidth queueing code when used with a slow, highly-asynchronous
uplink (e.g., DSL).
5.784
Fix bug causing incorrect remote backup files to be purged.
5.783
Add authorization code to transactions scaffolds list.
5.774
Fix bug where global search feature sometimes returned the wrong active Group.
5.768
Fix issues with broken content filtering under FreeBSD 8.3.
5.766
Improve SNMP server performance under FreeBSD 8.3.
5.757
Fix bug causing certain browsers to not correctly validate required
fields of User and other record types when created or updated.
5.741
Add hierarchal bandwidth shaping feature, where the operator may configure
caps on a Policy and/or Group’s available bandwidth in addition to per-IP
bandwidth.
5.740
Fix bug causing certain WISPr clients not to function properly.
5.729
Fix bug with custom portal upgrade script causing some portals to have a
syntax error after upgrade.
5.728
Add support for First Data as a offsite Merchant gateway.
5.723
Add Shared Credential Groups table and start/expires columns as valid Database
Purger options.
5.722
Add the ability to configure a PEM certificate for a Merchant.
5.716
Expose PMS Guest arrival and departure date columns as Database Purger options.
5.715
Fix bug that prevented a user from entering user.logout or 1.1.1.1 in their
browser to logout.
5.713
Fix bug where an end-user’s connection states were not flushed when a Trigger
created a Transient Group Membership for her IP.
5.707
Add SIP proxy service.
5.688
Fix intermittent “reservation not found” issue with Comtrol UHLL PMS interface.
5.687
Add remote DPI signatures functionality, allowing the operator to configure
the FUSION to periodically download snort rulesets from a compatible hosting
service (e.g., emergingthreats.net) and utilize them in a DPI Trigger.
5.671
Fix bug where the operator’s browser would sometimes annoying scroll to the
bottom of the web admin console after loading a page.
5.669
Automatically create a new NAT record with an empty Uplinks
configuration when creating a new Network Address for a public LAN.
5.667
Try to guarantee remote accessibility to an FUSION by always configuring the
primary, static Uplink, and SSH and DNS servers before anything else, in the
event the FUSION software fails during a reboot.
5.665
Fix broken Packet Dumps “Show Packets” feature.
5.663
Documentation additions for RESTful API.
5.661
Upgrade web server application framework to Ruby on Rails 3.2.6.
5.657
Add the ability to report on PF Queues instruments (realtime speed) and
archives (quota/transferred) by Group for group-specific queues (i.e., a
Bandwidth Queue with a sharing shaping option set to “Group” or “IP”).
Enables the operator to report on byte/packet utilization by Group in
addition to Policy, User, etc.
5.648
Replace the Bandwidth Queue per-user checkbox option with the ability to
configure how a queue configuration is provisioned and shared. Available
options are “IP”, “Group”, and “Policy”.”IP” defines a unique queue for each IP (session). This is the same as the
old “per-user” behavior.

“Group” specifies a unique queue for each Group + Policy, where each group
is provisioned its own queue.

“Policy” specifies a unique queue for each Policy, where multiple groups
having the same policy share the queue, but every policy has its own queue.
This is the same as the old aggregate behavior (“per-user” unchecked).

5.643
Support anonymous IPsec pre-shared-key authentication.
5.641
Addition of a new HTML Injection recipe: ad element overlay.This recipe will overlay a div element on top of standard IAB ad sizes
defined in the Universal Ad Package (UAP) Profile. The div element will
take up the full size of the ad. There is a 5 second delay before the ad
overlays become visible. Sizes are as follows:

320×250 : Medium Rectangle, 180×150 : Rectangle, 160×600 : Skyscraper,
728×90 : Leaderboard.

The content in the HTML injection needs to be able to self-adjust to the
size of the ad being overlayed. Optionally, the rotator service can be
used to pull content that is size specific for the ad being overlayed.

In order to use the rotator service, there needs to be a rotator setup for
each standard ad size. The name of the URNs for the rotators should be:
320×250, 180×150, 160×600, 728×90. If a URN is missing for an ad size, an
error will be displayed in the ad frame. In addition to the rotator config,
the following code needs to be placed in to the HTML Injection:

<script type=’text/javascript’>
adRotatorOverlay();
</script>

Override the default CSS for the overlay element by adding the following to
the CSS in the configuration for the HTML Injection:

#rxg_var_injected_floating_overlay {
/* Custom CSS here… */
}

By default a close button is shown on the overlayed content. To remove the
close button, add the following to the CSS in the HTML Injection:

#rxg_var_red_sphere {
display: none;
}

5.640
Upgrade web server application framework to Ruby on Rails 3.2.4.
5.639
Upgrade base OS to FreeBSD 8.3.
5.637
Move display of regular-expression-based URL rewriting GUI to the
interstitial redirection view.
5.633
Improve floating overlay injection recipe. Remove background-image from
div elements. Simplify the HTML. The position option in the configuration
now properly positions the floating element using the following:top => top, right
left => top, left
bottom => bottom, left
right => bottom, right

Override the default CSS for the floating element by adding the following to
the CSS in the configuration for the injection:

#rxg_var_injected_floating_overlay {
/* Custom CSS here… */
}

5.632
Improve virtual frames injection recipe. No longer insert banner into
windows/frames that are smaller than 640×480. This prevents the injection
from covering content within little frames/windows that are inside another
page.No longer require SSL for the rotator controller.
5.630
Fix rare fatal backend error: “avoid illegal attempt to update using time
… (minimum one second step)”
5.618
Fix “ArgumentError (invalid byte sequence in UTF-8)” errors when the portal
redirects a desired URL containing incorrectly-escaped characters.Fix “Encoding::CompatibilityError incompatible character encodings: UTF-8 and
ASCII-8BIT” errors when a portal end-user enters an invalid RADIUS username
containing non-ASCII characters (e.g., UTF-8).
5.611
Add new IPsec Entries (connections/tunnels) instrument scaffold to the
Instruments/Routes page of the web admin console.
5.610
Create a health notice when a change to an Address invalidates a DHCP Pool.Tweak Health Notices scaffold list UI.
5.607
Validate that an Admin’s password isn’t too weak.
5.603
Require that an Uplink have two Ping Targets configured before using it in a
Link Control Policy.
5.602
Improve DNS Server, Ping Target, and Uplink validation.
5.601
Automatically create a Ping Target when configuring a DNS Server or an
Uplink with a static gateway. The new Ping Target is not initialy associated
with any Uplink(s).
5.599
Fix bug where some firewire devices were detected as viable physical interfaces.
5.598
Change scaffold actions to return all record attributes when accessed via
the XML API.
5.597
Database / web admin console performance tweaks. Fix issue where sometimes
deleting a DHCP Pool could timeout.
5.594
Fix rare error when accessing the instruments dashboard of the web admin
console immediately after deleting a DHCP Pool.
5.593
Add the ability to automatically create a DHCP Pool when creating a LAN
Address. Pool is initially set to the entire available range. Default the
DHCP Pool create form with a range corresponding to the last created Address
(if one doesn’t already exists).
5.592
Detect DHCP DOS attacks.
5.591
Create a health notice when a device interrupt storm is detected.
5.589
Improve quota/queue archives and reporting. Add support for byte/packet
counter instrumentation and archiving for things other than users and login
sessions (e.g., policies, uplinks, ips, macs).Rename the Archives/Quota menu to Archives/Queues in the web admin console.
5.587
Add the ability to search on specific fields and date/time ranges for larger
scaffolds to facilitate reporting. Affects scaffolds that fall under the
Identities, Billing, and Archives pages of the web admin console.
5.579
Don’t create health notices for “ping failed to bind to address…” errors.
5.578
Add the ability to flush all packet filter states for a given IP by clicking
“flush” on a row in the States scaffold having the desired “Src IP”.
5.571
Ignore Apple and Microsoft connection-test URLs during HTML payload rewriting.
5.565
Increase security of randomly-generated passwords.
5.564
Fix bug causing multiple Help links to appear above the Health Notices scaffold.
Restore missing “HELP” link next to each Health Notice.
5.560
Fix issue where the web admin console could fail in production mode if a
custom portal’s Sass stylesheet contained invalid CSS. Create a Health
Notice when an error is detected during web server asset precompilation.
5.556
Support entering 1.1.1.1 in the URL of a users browser as a valid method for
logout. This requires that 1.1.1.1 be configured as a Network Address.
5.553
Avoid captive portal exceptions of the form: “undefined method `model_name’
for NilClass:Class” when calling fields_for on SecretQuestion and
SecretAnswer objects.
5.551
Fix bug where the date/time field could be lost when editing an existing
record via scaffold (e.g., a Shared Credential Group’s expiration time).Default a new Shared Credential Group’s lifetime to one week starting from the
current day, and enhance the scaffold UI.
5.547
Fix error when trying to create a RADIUS Server Attribute before a RADIUS
Server Realm.
5.546
Resolve issues where HTTP upload queueing and link control were not always
correctly enforced when an HTML Payload Rewrite was configured.
5.542
No longer flush all connection states when a configuration change is made.
States may need to be flushed manually for existing connections to
immediately adhere to new policy changes. Resolves issues where the web
admin console could time-out, and/or an end-user’s persistent connection
with a remote host could be cut after making certain configuration changes.
5.540
Users UI scaffold enhancements.
5.535
Add global search feature to the web admin console.
5.529
Minor database performance optimization and deadlock prevention.
5.522
Randomly generate div tag ids and other variable names within the code that
is utilized by the HTML injection feature.
5.518
Fix bug causing cached DNS lookups to fail when a primary uplink goes
down.
5.516
Ping Targets configured without Uplinks are now pinged from all available
uplinks instead of just the primary. Fixes bug where a Ping Target could be
temporarily marked as down when the primary uplink goes down.
5.512
Fix bug where Uplinks / Ping Targets would get marked down when not actually
down on systems with slower CPUs.
5.509
Fix bug where multiple Zoom buttons could appear at the top of a
configuration scaffold.
5.507
Add the ability to configure Admin Roles with fine-grain control over the
scaffolds an Admin is permitted to access. This allows the operator to
restrict an Admin to only one or more scaffolds (e.g., a support Admin
account with access to only the Users configuration scaffold).
5.504
Upgrade web server application framework to Ruby on Rails 3.2.3.
5.499
Fix bug in the default portal where new user signup could return back to the
index/previous view when there was an error with form submission.
5.498
Fix bug where the captive portal’s post-login behavior was incorrect when a
remote Splash Portal and local Landing Portal, or vice-versa, was configured.Support %render_…% variables in addition to %redirect_…% variables in
portal remote URL configurations.
5.487
Fix rare memory leak in the web admin console.
5.486
Avoid captive portal exceptions of the form: “undefined method `model_name’
for NilClass:Class” when calling form_for on User and PaymentMethod objects.
5.479
Add captive portal feature that logs-out an end-user’s session when she
surfs to “user.logout” (or a similar domain ending in “.logout”). Requires
the end-user to be using the FUSION’s built-in DNS server, which must have a
DNS zone and record configured for “user.logout” (or similar record) that
resolves to the FUSION’s IP.Automatically create a “.logout” zone and “user.logout” record by default.
5.476
Try to avoid portal exception: “ActiveRecord::RecordNotFound: Couldn’t find User with id=…”
caused by portal login race conditions.
5.475
Splash Portal whitelists now permit UDP traffic in addition to TCP.
5.473
Fix bug where configuring certain flag/boolean DHCP options (e.g.,
router-discovery) caused a fatal DHCP server error.
5.464
Fix bug where upload queueing was broken for a Policy having a WAN
Target-specific Bandwidth Queue and Web Cache enabled.
5.463
Fix portal exception: undefined method `model_name’ for NilClass:Class
when hitting the payment_method_edit action from a User without an
existing Payment Method.
5.461
PMS Server support for the Innsist SOAP interface.
5.456
Change portal failure Health Notices to be more user-friendly.
5.450
Don’t search on the encrypted columns for users, tokens, payment methods and
admins.
5.447
Support for ElevenEdge PMS XML API.
5.446
Fix bug causing portal error:
“ActionView::Template::Error: undefined method `model_name’ for NilClass:Class”
5.426
Database performance tweaks.
5.419
Tweak CPU temperature warning limits.
5.415
Fix bug that allowed users to login sooner than they should when using the
shared credential login method.
5.404
Prevent creation of a Database Purger with an invalid timestamp column for
the selected table(s).
5.396
Add RAID status monitoring for ciss0 and ar0 devices.
5.385
Add checkbox to the Web Cache Servers scaffold to configure the web cache
service to operate in a cacheless, proxy-only mode.
5.380
Add burstable Bandwidth Queue feature, where a burst speed may be configured
to provide an end-user with a higher transfer rate than normal for a
configurable period of time at the start of every new data transfer
connection.
5.375
Fix memory utilization issues when downloading many records via scaffold export.
5.365
Add ability for the operator to manually create static VLAN Tag Assignments
that never expire.
5.360
PMS Server support for the Galaxy Generic 2-Way HSIA Interface.
5.350
Add FUSION build revision to backup file names.
5.349
Omit HTML payload rewriting from sites tagged with RANGE-REQUEST. Fixes
issue where mobile devices failed to play videos from many sites when
rewriting was enabled.
5.329
Add operator-definable site-local DHCP server options feature.
5.319
Various changes to make integration with ElevenOS more seamless.Add ability to send client VLAN in NAS-Port RADIUS attribute.

Make sure client MAC address is sent as Calling-Station-Id as part of SOAP
API if configured to be sent in the web admin console.

Wait for user to be fully logged in before sending login success in SOAP API.

Various SOAP API improvements.

5.300
Upgrade web server application framework to Ruby on Rails 3.2.2 and Ruby 1.9.3.Significant memory utilization and performance improvements.

Utilize asset pipeline framework for improved captive portal and web admin
console performance.

Fix Internet Explorer 9 compatibility issues with configuration scaffolds.

Improve date/time selection popup in configuration scaffolds.

Increase development mode performance.

Various web admin console UI enhancements and fixes.

Captive portal customization enhancements:
Support ERB stylesheet and JavaScript files.
Support Sassy CSS (SASS/SCSS).
Support CoffeeScript.
Support multiple stylesheets.
Add various helper methods for easily linking assets.
Fewer changes necessary after copying and renaming a custom portal.

Requires modifications to existing custom portals, which an upgrade will
attempt to perform automatically.

5.299
Improve WAN DHCP client behavior.
5.239
Fix exception when viewing the sms view of the default captive portal.
5.227
Fix bug that sometimes caused a Login Session or Login Session Log to have a
negative byte and/or packet counter.
5.204
Fix exceptions in the captive portal when using the number_to_human_size and
other similar rails helpers with a non-english locale.
5.194
Fix bug where the first access to the web admin console could hang for up to
a minute if an NTP server was not reachable.
5.191
Fix bug causing an exception when attempting to render the pms guest
profile view.
5.190
Fix bug causing a user to be created and left on the system in the event
of a duplicate PMS transaction being detected.
5.189
Eliminate health notice due to an exception in the RADIUS send packet
function and increase its reliability.
5.183
Link the build revision at the bottom of the web admin console to the
release notes page of the manual.
5.170
Fix broken “Delete All” tokens button feature.
5.160
Fix bug where the Daily Web Proxy Requests Report did not correctly adhere
to an Admin’s “archives” role permission.
5.156
Group UI improvements:In all Group scaffolds, move the Policy option to be immediately after the
Precedence option instead of at the very end after the membership option(s).

Add “Membership” sub-form elements to the MAC Group and IP Group create/edit
views.

5.149
Ignore guest check-in messages received from a PMS Server that contain a
blank name AND ID number. Fixes issue where useless PMS Guest records end up
in the FUSION’s guest database when the PMS interface is misconfigured.
5.147
Store relevant payment method parmeters in the User record when using the
quick_purchase form of signup and payment in the captive portal.
5.145
Add the ability to configure HTML Replacement regular expression modifiers.
5.143
Fix rare exception during a quick purchase charge when the UsagePlan being
purchased has automatic login enabled.
5.142
Fix rare exception when the PMS Guest database contains a guest with a blank
name.
5.141
Fix rare exception within the defaults creation routine during an upgrade when
one or more IPsec Specification records exist without an IPsec Server option
(i.e., the operator deleted the default IPsec Server).
5.139
Include WISPr XML block in the default portal’s layout to better accommodate
non-standard WISPr clients that choose to ignore the login information
parameters presented along with the initial captive portal redirect (HTTP
status 302).
5.137
Add “twice-daily” (every 12 hours) as an available Usage Plan recurring
interval setting.
5.136
Change the JavaScript used in the default portal’s slide show to be
compatible with IE9.
5.135
Tweak memory footprint of the web server.
5.133
Add the ability to configure a Token’s usage expiration time to be
dynamically set relative to the first login event, which supersedes the
configured expiration timestamp or “no expiration” setting. This allows the
operator to create a batch of Tokens with a finite and absolute shelf-life
that also changes for an individual Token upon its first use.Improve usability of the Tokens scaffold UI.
5.130
Add a new global Network Option to disable prioritization of TCP ACKs and
packets with a TOS of lowdelay. Previously this was always enabled without
configurability and is still enabled by default. Disabling fixes issue where
packets with a non-standard TOS value may be queued incorrectly.
5.129
Fix bug where Tokens were considered for lock MAC purposes, causing an
exception when an end-user having a User account with a locked MAC address
tried to login via a Token credential.
5.127
Fix rare bug where sometimes routing was not immediately enabled after
installing a new license key.
5.126
Fix bug resulting in “execute on disconnected handle” errors after some
upgrades.
5.125
Fix rare bug where traffic statistics instrumentation for graphing purposes
could be temporarily disabled when a new license key is installed on an FUSION
shortly after generation of the license.
5.122
Fix bug where changing a User’s Group does not always affect her
existing session’s policy-enforcement behavior without having to
logout and login again.
5.121
Various bug fixes and improvements to the Policies summary graph.
5.119
Improve operator experience when restarting the web server.
5.115
Update rails gems (third-party dependencies), including web server.
5.111
Don’t issue health notices for DNS Pools with a maximum of one lease.
5.110
Tweak DNS Zone and DNS Record scaffold defaults.
5.109
Gracefully redirect a browser to an HTTPS (SSL) URL of the admin console or
captive portal if an HTTP (non-SSL) connection is attempted, instead of
outright blocking the connection.
5.105
Reduce memory footprint of the web server.
5.100
Add support for multilingual Custom Portals via the Rails
Internationalization (I18n) API.Custom localization files may now exist within a portal’s “locales”
directory and may be utilized to provide translations for strings throughout
a portal. Entire layouts and views may also be customized based upon locale.

I18n.locale is now automatically set to the end-user’s browser preference
and may be changed by including the “locale” parameter with a link. Missing
translations fallback to the english default when in production mode.

Add an initial english locale file and some examples to the default portal.

5.099
Fix for “undefined method `model_name’ for NilClass:Class” error in the
user_info view of the captive portal.
5.098
Fix bug where SOAP API requests to port 448 were being blocked.
5.097
Permit posting charges to a PMS server for a zero amount when the guest’s
folio has the “no post” flag set.
5.094
Make sure files copied via an SMB share are writable by other admins.
5.093
Permit configuring a DHCP Pool containing a single IP by specifying the same
start and end address.
5.088
Fix reliability issue with VPN connections terminated at the FUSION appliance.
5.084
Fix fatal exception when logging in with an administrator that does not have
read permissions on archives.
5.080
Fix some issues with captive portal redirection when a client’s browser
requests a MIME type resulting in a format unknown to rails.
5.079
Fix fatal exception in the captive portal while trying to render a view when
an offsite Landing Portal is configured.
5.078
Automatically forward packets destined for port 448 on the FUSION to port 80,
which is necessary to support XML SOAP API requests from Eleven Wireless
infrastructure.
5.077
When a configuration record is marked “active” or “default”, and another
active/default record already exists, automatically unset/de-activate the
other record instead of displaying a validation error. Allows the operator
to mark a configuration record the active/default for a given scaffold
without first having to modify the existing active/default record. Also
applies to configuring which Network, System, or Accounting Graph is
displayed on the Instruments dashboard.
5.076
Add an archives permission option to Admin Roles configuration and split up
permission assignment between archives and instruments accordingly, instead
of the instruments permission setting covering both.Fix bug where the Policy and Network summary diagrams, Quota Summary
report, and Web Proxy report ignored an Admin’s role permissions.
5.074
Add the ability to configure a “primary” Network Address for a particular
Interface or VLAN, thereby dictating the “first” IP to be configured on the
corresponding network adapter. For the case of an Uplink, this affects what
IP should be used to access the FUSION and which IP(s) are used as a NAT and/or
BiNat pool. Previously this behavior was determined by the order in which
Network Addresses were created via the configuration scaffold.
5.071
Fix bug causing an FUSION to become inaccessible after adding many Network
Addresses associated with a single Uplink.
5.068
Fix fatal exception in the captive portal when a User attempts to purchase a
Usage Plan without an existing Payment Method.
5.066
Fix minor bugs and layout issues with the quick_purchase template in the
default captive portal.
5.065
Fix bug causing DHCP Fixed Hosts to not work properly when configured
inside an autoincrement network having no associated DHCP Pools.
5.064
Add an SMB file share feature, providing operators with an alternative to
SSH for accessing and updating various files on the FUSION filesystem via the
SMB 2 protocol. Most importantly, this provides a simpler, although
less-secure, way of uploading changes to Custom Portals.The following named shares are available:

admin login – the admin’s home directory

“backups” – routine backups (read only)

“logs” – raw log files (read only)

“portals” – custom portals (read/write)

“tftp” – TFTP boot directory (read/write)

e.g., \\rxg.local\portals, smb://rxg.local/portals, \\rxg.local\ncr

The SMB service is disabled and blocked by default. SMB access may be
enabled for select admins via an “SMB” checkbox in the Admin Roles scaffold,
similar to allowing SSH. A new SMB Servers scaffold has been added to the
System->Admins page of the web admin console, where specific hosts must be
explicitly given access to the SMB service by configuring a new record with
the appropriate Policies and/or WAN Targets.

Existing Admins must also update their passwords for SMB access to function.

5.059
Change the default portal layouts title attributes to read the controller
name of the Custom Portal (i.e., @portal_name.titleize) instead of a static
“Default Portal” or “Default Mobile Portal”.
5.058
Fix bug where the web server could not be restarted in “development” mode
after some upgrades.
5.057
Add a “Policy mode” option to Port Forwarding scaffolds, where the operator
is able to configure how forwarding behaves when a Policy has more than one
member (a Group with more than one active IP address).Available options are:

first – Only the first member of a Policy has the forwarding applied.

round-robin – Forwarding is performed by load balancing in a round-robin
fashion, which was the old default behavior.

autoincrement – The destination port of the configured Address is
incremented by one for each member of the Policy and used to filter against
a packet’s destination port. This allows for simple configuration of a
forward that redirects packets to multiple LAN devices behind an rXg, to a
single port on the LAN device, where the target LAN device depends upon the
packet’s original destination port. e.g., configuring port forwards for
managing many WLAN APs behind a FUSION.

5.055
Tweak the amount of disk space utilized by traffic graphing statistics to
improve cluster controller performance at large deployments.
5.050
Support a single FUSION Forward or Transit Traffic Forward record with an
Application having more than one desination port or range of ports.
5.048
Duplicate some of the Identities->Definitions scaffolds throughout the admin
console. Insert an Applications scaffold in the Packet Filters and Packet
Forwards Policy pages. Insert Content Filter Lists and Remote Content Filter
Lists scaffolds in the Content Filtering Policy page. Insert a DPI
Signatures scaffold in the Event Triggers Policy page.
5.047
Fix display issue where the FUSION and Transit Traffic Forward scaffolds
contained an unconfigurable “Direction” field.
5.046
Allow the operator to configure the exact time and/or date that a Routine
Backup is executed, instead of always being relative to when the
configuration was first made.
5.045
Add a “Now” link to a Routine Backups record that immediately triggers a
backup (to the remote servers and locally). Useful for verifying a Backup
Server’s configuration after making changes.
5.043
Usability tweaks to the sizes of textarea fields throughout the admin
console.
5.041
Prevent upgrading to a new software build that exceeds the maximum build an
FUSION is currently licensed for.
5.039
Fix bug that broke uploading a Routine Backup to a Backup Server via FTP
when the remote path was blank.
5.038
Fix bug that sometimes broke searching for a Policy by IP address on the
policies summary graph page of the admin console.
5.034
Increase default size of ‘note’ field in the admin console.
5.033
Permit creation of a DNS Server record without an Uplink association.
5.031
Add a “static port” configurability checkbox to the NATs scaffold, which
allows the operator to change the behavior from symmetric NAT to cone
NAT, where a packet’s source port is never modified during translation.
5.030
Update MAC address vendor lookup table with latest IEEE OUI listing.
5.029
Add a “blanket block” mode to the content filtering feature that allows the
operator to block the end-user from all sites except those configured in a
whitelist. Also allow the page the end-user is redirected to upon denial to
be configured to a captive portal action other than the “content_filter”
view.
5.027
Fix bug that broke content filtering whitelists when configuring more than
one WAN Target per Content Filter Policy.
5.024
Fix bug causing an exception when trying to create an IP Group without an
initial name and IP member(s).
5.023
Change default Device Option backend timing from 500ms to 2500ms when
installed on hardware having an Intel Atom processor.
5.022
Fix bug that prevented administrator SSH access.
5.021
Release USB memory stick installer as an alternative to CDROM.
5.020
Fix bug that prevented PMS authentication.
5.019
Fix bug where updating a record’s note field via a nested scaffold did not
take effect (e.g., updating a MAC’s note through the MAC Groups scaffold).
5.017
Fix minor aesthetic issue with the very bottom of the web admin console.
5.016
Include support for the “music preference” field (DFID 321) in the Comtrol
UHLL PMS interface, and map it to the custom0 field of a PMS Guest.
5.015
Add the ability to configure the property, controller, store, cashier, and
terminal identifiers of a PMS Server interface. Currently used by only the
Agilysys LMS interface.
5.014
When an end-user guest inputs a room number to the portal, don’t remove
non-leading/trailing whitespace before authenticating it with the PMS
Server. Strip only leading and trailing whitespace.
5.013
Add the ability to lock a MAC address to a User, preventing the end-user
from creating another User through the same device. Adds a configurable
checkbox to the Users and Usage Plans scaffolds.May require modification of existing Custom Portal controllers to function
correctly.
5.008
Increase a LandingPortal’s maximum allowed session duration from 24 hours to
31 days.
5.007
Avoid rare database exception.
5.006
Permit configuring a PMS Guest Match to have equal minimum and maximum
transactions, allowing the operator to match just a single transaction.
5.005
Database performance optimizations and deadlock prevention.
5.003
Add unix admin accounts to the wheel group to allow root access without
prior needing to become the rgnets user.
5.002
Add a release changelog to the manual, dating back to build 4.745/FreeBSD 8.2.
5.000
Support for Comtrol UHLL specification compliant PMS interfaces.Various PMS interface enhancements.
4.988
Fix backend bill_users daemon exception when billing a User:
bill_users – error billing user: ActiveRecord::RecordInvalid: Validation failed: Time must be less than or equal to 525949.Likely caused by a UsagePlan that is set to rollover a User’s
usage_minutes, and the rollover code tried to set her usage_minutes
past the validation maximum (one year).
4.987
Fix actionwebserivce (soap API) “wsdl” action.Fix routing for /SOAP mapping to /soap.
4.983
Fix issue where sometimes web server doesn’t restart in production or
development mode correctly when the mode is toggled via System->Portals view.
4.980
Validate presence of first_name and last_name in User model, such
that corresponding field labels in the scaffold create form are
automatically bolded. Note that fields were already required
implicitly by validating the length.
4.979
Now that datetime columns in scaffold create forms default as
blank/nil (until datepicker icon is clicked), validate that a User,
Token, or UsagePlan’s absolute usage_expiration is left blank if
unlimited/never is checked. Previously, if unlimited/never was
checked, the datetime value was automatically set to nil, because
there was no way for the operator to configure a nil value via the
set of date/time select fields. This prevents the operator from
incorrectly changing a datetime configuration from unlimited/never
to an absolute value, when unlimited/never is still set.
4.976
Enabled batch update of coupon expiration, now that the calendar_date_select
form is compatible with batch_update.
4.975
Add javascript datepicker for all scaffold datetime form columns, instead of
multiple select fields.
4.973
Make html_injections.css column type “text” instead of “string”, thereby
making the corresponding scaffold form element a textarea instead of a textbox.
4.970
Wait longer for rails web server instance to load to support slow hardware.
4.969
In RedirectorController, ignore (bailout from) requests with a
format other than “html” such that the requesting client doesn’t
hit PortalController with a non-html format, sometimes resulting
in a MissingTemplate exception. Also likely increases portal performance.
4.967
Rename the CGI parameter that is read to override the rendering
format of PortalController from :format to :rails_format. e.g., to
force :mobile format, now append ?rails_format=mobile instead of
?format=mobile to the URL, and similarly for html.Necessary because “format” was too simple, and some URLs that were
redirected to the captive portal included the “format” parameter,
which caused PortalController#set_format_from_params_or_session to
change request.format to something nonsensical. this sometimes
caused ActionView::MissingTemplate exceptions (e.g., upon the index
view, because only index.html.erb and index.mobile.erb existed, and
not the other bogus/unknown format).
4.966
Fix payment_methods scaffold cc_expiration_year_form_column helper. Resolves
issue where a new PaymentMethod could not be created post rails3.
4.965
Add scaffold batch update feature.Currently implemented for only the following scaffolds:
users, tokens, coupons, and all group variants

For each scaffold, specify a set of columns for bulk_update that
is a subset of the usual update form columns and that the operator
will likely want to bulk change.

Only singular associations are batch update-able
(e.g., a User’s UsagePlan but not her user_groups).

4.964
Require a SharedCredentialGroup to have a credential
4.961
Add batch select and destroy feature to all scaffolds (having update ability)
4.956
Fix bug causing interstitial redirection to fail when the target
URL did not contain a ‘/’ character.
4.954
Fix bug causing the uplink_assignments scaffold to not have an inline
link to the related Uplink scaffold.Fix issues with WeightedUplink/UplinkAssignment
allocation algorithm. consider that a single end-user IP should be
assigned different uplinks if her Policy is related to a WeightedUplink
that is Application/WanTarget specific and contains only a single Uplink,
and another more-general Policy that includes said Uplink plus many
more uplinks (i.e., count a unique IP+Application(s)+WanTarget(s)
combination as a weight instead of just IP).
4.947
Modify credit adjustment of plans in quick_purchase_charge to allow
for % adjustments of the price for the selected usage plan.
4.946
Fix bug with display of quick_purchase view. Add ability to pass credit
parameter in quick purchase form. Allows for custom portal modifications
to modify the price of a plan on the fly (e.g. for promotional codes).
4.942
Remove AdminRole#forward_root_emails column and associated
configurability (“OS emails” checkbox).The “root” mail alias no longer exists (i.e., FUSION Admins will no longer
receive emails sent to the root unix user). this is to prevent FUSION Admins
from receiving postmaster emails, security run output, and other stuff that
gets sent to root and has been deemed useless and/or confusing for the FUSION
operator.

Add an “admin” email alias (in /etc/mail/aliases). FUSION Admins belonging to
an AdminRole that is associated with a CustomEmail for the
“health_notice_create” event will be a part of this alias.

Change root’s cron configuration to email output to the local “admin” user
(i.e., Admins alias) instead of the root user. this ensures that check_rxgd
output is still emailed to FUSION Admins that should know about it (i.e.,
receive HealthNotice creation notifications).

Change admin_roles scaffold create/update forms to use the record_select
form UI type for custom_emails, instead of the massive list of checkboxes
which is mostly unusable.

Change admin_roles scaffold’s custom_emails list column to display number of
“notification” emails and “user” emails (those having send_to_user set).

4.940
Ignore HealthNotice with “IP has already been taken” validation error from
within backend ruby daemons (e.g., race condition between backend and
frontend automatic login).
4.934
When matching end-user input against a PmsGuest’s name, check if the input
name contains the stored name. fixes issue with authenticating Hilton
interface guests when a long last name is sent as truncated from the PMS.
4.933
Change sendmail queue timeout from 5 days to 1 day.
4.928
change PmsGuest#stay_duration_days to return 30 when the PmsGuest lacks
arrival and departure dates. fixes issue where hilton interface guests cannot
see plans set for more than 1 day.
4.924
Default portal login view for mobile format should not have a picture in it.
4.920
Support the Hilton OnQ PMS interface.
4.917
Fix bug with RADIUS group selection when read group from class is selected,
but no class attribute is returned from the RADIUS server.
4.911
Fix exception in rxgd when a DHCP Relay Server is configured.
4.908
Webcache socket watchdog: restart squid if it doesn’t accept a socket connect.
4.907
Fix upload queueing under a Ppp Uplink (i.e., PPPoE). ALTQ interface
specification must be the tunnel interface and not the physical parent
interface.
4.904
Update LoginSession byte and packet counters every minute instead of only
when packet filter configuration is reloaded.
4.887
Change default unit in quota_plans scaffold create form from ‘MB’ to ‘GB’.
4.883
Change PMS Guest Matches to use a regular expression instead of an
exact match.
4.881
Fix bug in default portal quick_purchase view that didn’t list plans if only
one plan existed.
4.876
Increase web server performance on hardware with fewer CPU cores.
4.855
Upgrade web server application framework to Ruby on Rails 3.0.9.
4.853
Improve HTML Injection behavior, making the resulting injections more reliable and consistent.
4.852
Fix bug where we were ignoring a LoginSession’s radius_class_attribute set
by a RadiusRealm intending to map the LoginSession to a RadiusGroup other
than the one related to the RadiusRealm.
4.851
Make DHCP client (for WAN) much more aggressive in trying to acquire an IP
address. Attempt to alleviate support issues that arise because people say
that the DHCP client is not working and then do repeated soft or some times
hard reboots.
4.850
Fix bug where SslKeyChain (“Certificate Chain”) scaffold Expiration
column did not display number of months till expiration, only years
and days.
4.847
Support Agilysys LMS as a PMS interface.
4.845
Fix LoginSession timeout due to Interim-Update-Timeout.
4.844
Timeout “stale” RadiusServer login_sessions (i.e., try to automatically
destroy sessions on an FUSION RADIUS server that we haven’t received
an accounting Stop for).The timeout interval is currently implicitly configured by the
presence of an ‘Acct-Interim-Interval’ RadiusServerAttribute.
sessions are destroyed when we haven’t seen an accounting packet
(i.e., created a RadiusServerAccountingLog with a type of ‘Start’
or ‘Interim-Update’) for the session in the last (2 * Acct-Interim-Interval)
seconds.

This essentially completes support for interim updates on the server
side, as the last-received Interim-Update will have set the
LoginSession’s usage values to a last-known state, which will be
deducted from the User upon destruction due to timeout.

4.837
Add web admin console ACL capability.
4.832
Fix bug where radius hook running on a cluster controller was not considering
existing VTAs because they belonged to other cluster nodes.
4.831
Comment-out redirect_to_correct_cluster_node before_filter from default
PortalController.
4.829
Fix fatal DHCP server configuration bug when more than one DhcpPool was
configured for a autoincrement Vlan. Caused multiple pool definitions for
the same shared-network.
4.828
Add the FUSION’s domain name to graph titles.
4.825
Change VSAs utilized by the RADIUS NAS upon login to support User quotas of
4GB and larger.
4.822
Include byte quota VSAs in RADIUS Server Access-Accept packet, indicative of
a User’s up/down quota respectively, if the User has non-unlimited quota.
Read in RADIUS Realm/NAS logic and apply to the created LoginSession’s max
bytes up and down.Prevents a User from exceeding her byte quota when logging in via
the RADIUS server from an FUSION RADIUS NAS.
4.821
In interstitial redirection, don’t ignore a simple domain url lacking
a trailing slash (e.g., http://www.google.com instead of
http://www.google.com/). continue to ignore any other URLs NOT
ending in a trailing slash.
4.820
Prevent configuring a WanTarget with an invalid domain (e.g., ‘google.com/dfp’).Remove “cdn.msnemx.msn.com” from default WanTarget “Static Redirection Hosts” – doesn’t resolve
4.817
Create login_sessions for RADIUS server logins, more specifically,
accounting Starts. The LoginSession’s IP and MAC are derived from the
accounting packet’s Calling-Station-Id and Framed-IP-Address respectively.
hostname is always undefined. all other attributes (e.g., expiration) are
derived from the related User’s usage values.A User’s LoginSession’s byte/packet counters are updated upon
receiving an accounting Interim-Update or Stop.

An accounting Stop logs out (i.e., destroys) the LoginSession, which
deducts usage from the User, exactly like with non-RADIUS configurations.

Destroying a RadiusServer’s LoginSession does NOT notify the RADIUS NAS.

login_sessions for a RADIUS server are distinguishable by the persence of a
relation to a configured RadiusServer record (“RADIUS Server Realm”).

radius_server_accounting_logs are now related to the relevant
LoginSession and/or LoginSessionLog.

4.814
Fix searching shared_credential_groups scaffold by a LoginSession’s login.
4.812
Remove the legacy “user_charge_fatal_error” CustomEmail event.Stop rescuing billing code with logic that sends a user_charge_fatal_error
email, in favor of using the now more-prevalent HealthNotice
record+notification strategy, which actually contains the exception
string.

Permits detected race conditions in billing code due to form
double-submits (e.g., StaleObjectError exceptions) to be correctly
and silently ignored by PortalController#catch_exceptions and
elsewhere.

4.811
Fix bug in RADIUS server code where a User’s total byte and packet
counters were being overwritten upon receiving an accounting Stop
instead of being added to. didn’t affect usage quota, just the total
utilization counters.
4.810
Acct-Session-Time attribute should be present in Interim-Update packets.
4.809
Add interim updates column to radius_realms scaffold list.
4.808
RADIUS Realm (NAS) interim accounting support:Add boolean to RadiusRealm that enables sending Interim-Update
accounting packets.

Add optional integer field to RadiusRealm that configures
Acct-Interim-Interval to override that received from RADIUS server.
if unconfigured, interval sent by server is used.

Interim update packets sent out by expire_sessions daemon (when its
time on a per-LoginSession basis).

Add new model/table RadiusInterimEvent to store the time the last
Interim-Update was sent for each LoginSession.

4.807
Move vlan_tag_assignments and expired_vlan_tag_assignments scaffolds to the
top of their respective menu pages.
4.805
Fix bug where rxgd was overwriting (inadvertently unsetting) a VTA’s
“expired” column when it was “marked to expire prematurely” by the
radius hook. somtimes caused there to be two or more VTAs assigned
to a single MAC address when an end-user switched RadiusServer
policies (i.e., SSIDs).
4.803
Wait 15m after marking a VTA to expire prematurely (i.e., when an
end-user switches RadiusServer policies) to prevent immediate
re-assignment to someone else.Don’t completely destroy a “marked to expire” /30 VTA if there is somehow
still a (new) DHCP lease on its VLAN.

Add expired boolean to VTAs scaffold.

4.802
Don’t re-assign VTAs that were marked to expire.
4.801
Show seconds for start/end/flushed_at columns in dhcp_leases and
expired_dhcp_leases scaffolds.
4.798
Dynamic VLAN changes:Set the cluster_node_id of a new VlanTagAssignment to the ClusterNode of the
associatied Vlan record instead of the node running the freeradius hook.
should permit cluster nodes to expire their own VTAs.

If a RadiusServer is configured with more than one Vlan record,
balance-out vlan_tag_assignments between them all, in proportion
to the ratio of the number of existing VTAs to the number of possible
VLAN tags (i.e., select the Vlan with the most free tags or fewest
“oversubscribed” tags).

Change VTA tag selection algorithm when reuse_vlans is NOT set.
instead of always selecting the next available VLAN tag with the
lowest number, select the next available tag that is numerically
after the last assigned tag, rolling over if needed. Circumvents
issues where a VTA that was recently expired prematurely (e.g., due
to an end-user switching RadiusServer policies) is quickly re-assigned
to a new end-user, making things problematic if the original VTA
owner somehow ends up back on the VLAN without us knowing (e.g.,
due to AP hardware caching WLAN client to VLAN ID).

4.797
Permit restoring an FUSION that is not licensed.
4.790
Increase time it takes for admin menu dropdown to disappear from 500ms to 100ms.
4.788
Fix creation of ExpiredDhcpLease when flushing an active lease
4.787
Don’t assign a VTA for a /30 VLAN if there is already a DHCP lease
for the /30 client IP, which can happen when an end-user ends up
connected to a VLAN even when there is no VTA for said VLAN tag.
4.785
More-sensible scaffold create form defaults for “unit” select drop-downs:bandwidth_queues: Kbps to Mbps
usage_plans: minutes to days
time_plans: minutes to days
tokens: minutes to days, MB to GB
shared_credential_groups: minutes to hours, MB to GB
users: MB to GB
quota_triggers: MB to GB
4.784
Create ExpiredDhcpLease record when flushing a DhcpLease before it
was supposed to expire (e.g., via admin console, VTA expiration).
Store the time the lease was flushed (i.e., time DeadDhcpLease was
created) in new “flushed_at” column. add column to scaffold list.
4.783
Don’t include BiNat public IPs in the “FUSION” packet filter table.
4.782
Fix bug where packet filter configuration was not updated immediately after expiring a
TransientGroupMembership.
4.780
Add missing “note” column in pms_guest_matches table and scaffold.
4.779
Prevent configuration of an autoincrement Address/VLAN combination implying a
VLAN ID exceeding 4094
4.777
Fix bug where shared credential login allowed one more end-user to
simultaneously login than it should have.
4.776
VTA expiration / DHCP lease tweaks:When considering to expire a VTA, in addition to requiring the VTA’s
MAC doesn’t map to an IP according to MacIpMapping logic, also
require that there are no leases for the VTA’s MAC AND its IP (if
/30 VLAN). basically, don’t ever expire a VTA if there is somehow
still a DHCP lease, even if MacIpMapping is misconfigured (i.e.,
doesn’t include ‘dhcp’), or somehow there is a lease for a /30
client IP for a MAC other than that of the VTA.

Similar to above change, when pre-maturely expiring a VTA due to
the end-user switching RadiusServer policies, flush all DHCP leases
for the MAC AND the /30 client IP (if /30 VLAN).

Don’t redundantly flush DHCP leases when expiring a VTA normally, as a VTA
cannot be expired normally with leases present.

When finally deleting a VTA that was “marked to expire” due to a
RadiusServer/Policy switch, don’t flush DHCP leases again, as this could
potentially flush leases that should exist. note that this wasn’t actually
working anyways. implicitly continues to avoid primary key conflict race
condition.

Trigger ExpireVlanTagAssignments Task when expire_vlan_tags are
touched, in order to process “marked to expire” VTAs faster.

4.773
When destroying a VTA that was marked to expire at a previous time, don’t
re-flush DHCP leases for that MAC, as the client likely already has a
different lease on a different VLAN.When expiring a VTA for a /30 network, always delete any DHCP leases for the
single usable IP on the /30 subnet, in addition to any DHCP leases matching
the holder’s MAC.
4.772
Avoid rendering the current action’s view in
PortalController#render_last_action_or_default. fixes rare portal exceptions,
e.g., “NoMethodError: undefined method `sort_by!’ for #<Array:0x80efcef98>”
4.770
Go back to sorting dhcp_messages by timestamp instead of record id because
sometimes the id order is not at all representative of the timestamp. Dealing
with lack of precision beyond seconds in timestamp is preferable.
4.766
In RADIUS server, when an end-user switches between RadiusServer
policies, instead of expiring the existing VTA immediately, mark
it for rxgd to delete later during the periodic expiration task.
still mark any associated DHCP leases to be flushed immediately.
ensures rxgd flushes the DHCP lease(s) and restarts dhcpd before
the VTA is assigned to someone else. fixes issue where a VTA can
be immediately assigned to another end-user before the previous
end-user’s DHCP lease is flushed, thereby resulting in a “no free
leases” situation.
4.765
Add PMS Guest Matches feature.
4.763
If PmsGuest arrival and departure are the same, change stay_duration_days to
be 1 instead of 0.
4.762
Change PmsServer dd/ct field defaults.
4.760
Default routine backup server username to ‘backup’ in create scaffold for
easier config against secondary FUSION.
4.759
Don’t configure first and second stage boot loaders (i.e., /boot/boot.config
and /boot/loader.conf) for serial console unless a serial device is present.
package post-install script no longer deals with this (i.e., disable serial
console output on first boot after ISO install). Likely fixes issue where a
system without a serial port would not boot.
4.758
Fix bug where the “FUSION” packet filter table (i.e., <FUSION>) included only the
first address of an Uplink having a span greater than 1. fixes issue where
outbound DNS requests from a NATed end-user client to a non-FUSION DNS server
were blocked when the translation IP was not the first uplink address.
4.757
Don’t redundantly automatically login a User within PortalController if she
is already “logged in”.
4.755
Automatic login configurability in LandingPortal. Fixes issue where there
was no way for the portal to automatically login an end-user to the portal
application (i.e., set session[:user_id]) when the end-user already had an
active LoginSession.”MAC + cookie” is the current behavior.
“MAC” means set session[:user_id] based on finding a User with the client’s
MAC (i.e., ignore lack of cookie).
4.754
Remove please wait bypass link from default portal.
4.753
Add “lifetime” column to usage_plans scaffold list.Prevent configuring a UsagePlan with a relative lifetime shorter than the
length of the associated TimePlan.
4.748
DHCP server enhancements to support thousands of VLANs.
4.745
Upgrade to FreeBSD 8.2 and Ruby on Rails 2.3.11.

 

top