Archived News

showing 20 - 25 of 93
 <<-backNext->> 
DHCPatriot 6.0.0 enters beta2016-02-03 10:17:50
DHCPatriot 6.0.0 has entered beta. We will be contacting specific system owneres and asking them to join our beta test period. If you would like to be a beta tester, please contact us at dhcpatriot@network1.net or 800-578-6381 opt. 3

Here are the changes in 6.0.0:

  1. Updated Linux OS build. All new compiled from bootstrap. The OS is now 64 bit. DHCPatriot systems prior to model 2008-x may not be compatible.
  2. DHCPatriot news on the home screen (Screen you see upon login to the web administration interface) is now pre-loaded. Previously, the news would be loaded at the time of display. This could cause issues if there was no network connection available or DNS servers were not available for some reason (such as at install time). Now, it will just immediately display either old news or a message that news could not be retrieved.
  3. Search Sessions now has a view logs link as appears in View Authenticated Users for quick searching logs of the mac address of the session.
  4. Device import now restarts DHCP upon a successful upload. Previously, the device import did not trigger a restart of DHCP as it should have.
  5. Updated NTP to 4.2.8p4 to mitigate the KOD exploit that is a DoS attack on the NTP server.
  6. Repaired a bug in Standard DHCP Actions -> TFTP File Maintenance that prevented filenames with spaces or other special characters from being viewed or deleted.
  7. OUI lookup previously used an external page: standards.ieee.org Now uses internal database as that external tool is somewhat unreliable.
  8. Previous change to remove check if user is online before allowing authentication has been reverted. The reason for this is that it causes to many problems with strange sessions that make no sense and can even cause sessions to continue in someone else`s name.
  9. View Authenticated Users has had several columns that had data defined inside of paragraph tags redefined to span tags to facilitate easier copy and pasting.
  10. Repaired a problem where Auth DHCP Actions -> Authorize Customer did not honor network specific settings when authenticating with something other than the DEFAULT RADIUS server. For example, if DEFAULT was set to strip @domain, and a network specific setting was to NOT strip @domain, the Authorize Customer would ignore this override. It now correctly mashes the settings as is done throughout the rest of the system.
  11. Enhanced log messages that appear when the DHCPatriot system gets behind processing events. It now shows how many KB/MB it is behind as well as an approximate amount of events.
  12. Enlarged the pop-up screen for graphs so that all major browsers show the graphs without scroll bars.
  13. A note on uptime via SNMP: Please use the hrSystemUptime (1.3.6.1.2.1.25.1.1.0) instead of sysUpTimeInstance (1.3.6.1.2.1.1.3.0) when getting uptime from the DHCPatriot system. The latter reports only how long snmpd has been running while the former reports the actual time that the system has been running.
  14. VRRP previously required an undocumented restart if the address was changed. It now recognizes that the address has changed and automatically removes the old address and uses the new address.
  15. Addressed a possible inflation in DHCP QPS count. If a system was exceptionally busy, it was possible for the system to count more DHCP QPS than occurred in the current 5 minute period then divide by 300 seconds thusly inflating the QPS for that period.
  16. DHCP dont-use-fsync option has been added. This is strictly for performance in certain situations. This should not be used without a full understanding of what the implications are, which are noted with the setting. For the most part, this option should only be used by FNGi personnel.
  17. A setting has been added to System Configuration -> General Setup that allows hiding of Shared Network from the list views on the Sticky IP, Exclude IP, Users Using Multiple IPs and Hijacked IP function pages. This is necessary on some systems for performance reasons on those screens. Particularly if there are a large number of entries on any of those screens.
  18. Added Shared Network info to the lists on Exclude IP, Users Using Multiple IPs and Hijacked IP function pages. This can be turned off in System Configuration -> General Setup if it causes performance issues.
  19. Added remote syslogging capability. To enable this, go to System Configuration -> General Setup and place an IP address to log to in 11) Remote Syslog IP (optional). DHCP server and general logs (like available under System Configuration -> System logs) will be sent to the syslog server.
  20. Added Misc DHCP Values to Static DHCP subnet config. Did not add Pool DHCP Values here as there is no pool for Static DHCP subnet. This box works the same as the others. Place DHCP configs in here that work inside the subnet{} blocks on ISC DHCP. These configs will be placed inside the relevant static subnet{} block in the config.
  21. Added Misc and Pool DHCP Values to Unauthenticated subnet config. Place DHCP configs in here that work inside the subnet{} and pool{} blocks on ISC DHCP. These configs will be placed inside the relevant static subnet{} and pool{} blocks in the config.
  22. Added Misc and Pool DHCP Values to Authenticated Dynamic subnet config. Place DHCP configs in here that work inside the subnet{} and pool{} blocks on ISC DHCP. These configs will be placed inside the relevant static subnet{} and pool{} blocks in the config.
  23. Added Misc DHCP Values to Authenticated Static subnet config. Place DHCP configs in here that work inside the subnet{} blocks on ISC DHCP. These configs will be placed inside the relevant static subnet{} blocks in the config.
  24. Added a mass delete of suspended users in Auth DHCP Actions -> Built-in Authentication: User Maintenance. The delete suspended users link appears if there are suspended users. Once the delete is performed, a CSV of the deleted users is saved. This CSV can be downloaded and re-imported via Auth DHCP Actions -> Built-in Authentication: User Import if a mistake was made. Also, the CSV will remain unless it is removed. Remove and download links appear if the CSV exists. Only one CSV is kept. If more suspended users are removed at a later time, the CSV is replaced with a newer one.
  25. API: Added mass suspend of authenticated devices by username. This would be analogous to accessing Auth DHCP Actions -> Suspend User and clicking "Suspend Multiple Users". Access the API feature by submitting to a URL similar to the following:

    https://patriot.network1.net/cli/?function=AuthMassSuspend&username=apiuser&password=apipass¬e=This%20Would%20Be%20A%20Note

    POST data must be sent containing the list of usernames for which you want devices suspended. There should be one username per line.
-Darren
DHCPatriot 5.5.2 released2015-06-18 14:39:19
A small bug fix version has been released due to some small issues that were discovered. Patch notes below:

# Version 5.5.2 introduced the following:
# Release Month-Year: June 2015
    1. Repaired a problem with the lease length box on some screens. Sometimes it would show incorrect choices. It was a problem of two select box on screen with same keys (ids) if a large amount of shared networks were configured or if reconfiguration had occurred frequently enough that the shared network ID could reach a number of seconds from the lease length box (30 being the lowest number).
    2. Fixed a problem where sometimes the wrong image would display on the Captive Portal pages for specific networks (as opposed to the DEFAULT Captive Portal that shows for all networks - unless there exists a network specific page).
    3. Repaired a problem where if you had a total replacement Captive portal screen in the DEFAULT, and you had a replacement Captive Portal Protection screen, and you also were trying to preview a different Captive Portal screen (for a specific network), then you would see only the DEFAULT Captive Portal Screen. Please note that this did not affect the end customer, only the preview on the admin screen.
-Darren
DHCPatriot 5.5.0 released2015-04-16 09:09:34
DHCPatriot 5.5.0 has been released. We will be contacting customers with in-force maintenance contracts to schedule updates of their DHCPatriot systems to this version of software. Patch notes are shown in the posting about entering beta below this news posting. An updated manual is available here.
-Darren
DHCPatriot 5.5.0 enters beta2015-03-10 10:10:44
DHCPatriot 5.5.0 has entered beta. We will be contacting specific system owners and asking them to join our beta test period. If You would like to be a beta tester, please contact us at dhcpatriot@network1.net or 800-578-6381 opt. 3

Here are the changes in 5.5.0:

  1. API: A new API feature allows the retrieval of the entire list of users from Built-in Authentication: User Maintenance (or some sub-set thereof) from the DHCPatriot. The results can be limited by Identifier, username, static IP, simuse and status. Here is an example URL of the API call:
    https://patriot.network1.net/cli/BuiltInAuthAPI.php? function=BASearchCustomers&username=apiuser&password=apipass&identifier=Jim%20Smith&user=jsmith&staticip=1.3.5.7&simu se=3&status=Active
  2. API: A new API feature,GetNetworkConfig, provides all of the DHCP subnets in one xml return. Here is an example URL of the API call:
    https://patriot.network1.net/cli/?function=GetNetworkConfig&username=apiuser&password=apipass
  3. API: Added a new set of API calls that provide the ability to add, edit, delete and list the known client entries. This is basically an API interface that lets you perform all of the known client (Standard DHCP Actions -> Known Client) operations. See below for example API calls:
    Add: https://patriot.network1.net/cli/? function=KnownClient&username=apiuser&password=apipass&ACTION=ADD&mac=01:03:05:11:10:09&IDENT=Jose%20Aldo&TFT Pfile=some.file
    Edit: https://patriot.network1.net/cli/? function=KnownClient&username=apiuser&password=apipass&ACTION=EDIT&mac=01:03:05:11:10:45&IDENT=John%20Doe&TFT Pfile=some.other.file&id=5
    Delete: https://patriot.network1.net/cli/? function=KnownClient&username=apiuser&password=apipass&ACTION=DELETE&id=5
    List: https://patriot.network1.net/cli/? function=KnownClient&username=apiuser&password=apipass&ACTION=LIST
  4. API: Added a set of API calls to allow manipulation of Standard DHCP Actions -> Static IP Assignment via the API. See below for example API calls:
    Add: https://patriot.network1.net/cli/? function=StaticIPassign&username=apiuser&password=apipass&ACTION=ADD&StaticSubnetID=3&Ident=Jose%20Aldo&IP=10.22. 22.3&MatchType=REMOTE_MAC&MatchString=99:98:97:00:01:02&TFTPfile=PlusSign.png
    Edit: https://patriot.network1.net/cli/? function=StaticIPassign&username=apiuser&password=apipass&ACTION=EDIT&StaticSubnetID=4&Ident=John%20Doe&IP=10.23. 23.12&MatchType=agent_circuit_id&MatchString=chassis12:vlan4:port1&TFTPfile=UserManual-v.5.4.pdf&id=34292
    Delete: https://patriot.network1.net/cli/? function=StaticIPassign&username=apiuser&password=apipass&ACTION=DELETE&id=34292
    List: https://patriot.network1.net/cli/? function=StaticIPassign&username=apiuser&password=apipass&ACTION=LIST
  5. Implemented an easier method for FNGi personnel to set partner-down on the system in the event of problems. Also made recovery time quicker by setting a lower value for MCLT.
  6. Fixed mis-spelling when unsuspending a user. The success message used to say unsupsended, now correctly says unsuspended.
  7. It is now possible to tail DHCP logs and system logs from the menu config interface available via SSH or on serial console. Options 10 and 11 on that interface will show the current running logs for DHCP and the system respectively.
  8. Disabled nightly restart of the SQL server. This was no longer necessary.
  9. The secure web server on the DHCPatriot now uses 2048 bit sha256 encryption. After the upgrade, you may have to accept the certificate again to enter the administration interface.
  10. NTP 4.2.8 has been installed to fix a security issue with earlier versions.
  11. Removed extra column in configuration list under Auth DHCP Config -> Shared Network and Standard DHCP Config -> Shared Network.
  12. Corrected an error where the MAC address was not clickable for the manufacturer popup.
  13. If an assigned sticky IP belongs to a shared network then the name of that shared network will be shown in Auth DHCP Config -> Sticky IP Address and Standard DHCP Config -> Sticky IP Address.
  14. View Address Usage in both Auth DHCP Reports and Standard DHCP Reports now shows a warning if any grouping of Dynamic Subnets are using more than 95% of their address space.
  15. There is now a default timezone setting in System Configuration -> General Setup that lets a default timezone be selected for the DHCPatriot system. If users have not selected a timezone at the bottom of current screens or have pressed reset at the bottom of same screens, then the default timezone will be used.
  16. View Authenticated Users results now has a new column for quick viewing DHCP logs for each device. Clicking View in the Logs column will bring up a quick look at the last days DHCP logs for that device.
  17. Most data tables are now sortable by the column name. Some tables remain unsortable as it would make no sense (only one column, for example). The current sort is indicated by a ▲ (asc.) and ▼ (desc). Click the column to reverse the search order.
  18. When setting a TFTP server on the DHCPatriot system, previously only sname was set in the DHCP packet header. This led to problems on some systems as they would be expecting option 66 (tftp-server-name) as option payload in the packet. Now the DHCPatriot actually sets both. It sets the sname in the packet header and also makes option 66 available if the client asks for it. (see RFC 2132 for further information)
  19. Setting a file for download via tftp by the client on the DHCPatriot GUI used to only set the file option in the packet header. Some clients need option 67 bootfile-name instead. Setting a tftp file in the DHCPatriot GUI now sets both the file parameter in the DHCP header and option 67 bootfile-name is made available if the client asks for it. (see RFC 2132 for further information)
  20. Added a manufacturer hint to the View Authenticated Users. In the report, it now shows a shortened maufacturer name after the mac address like so: 00:04:5a:f6:61:a1 (Linksys). The mac may still be clicked to get the normal report on the manufacturer from the IEEE.
  21. Removed the 24 hour restriction on searching system logs (System Configuration -> System Logs).
  22. Sticky IP under both Auth and Standard DHCP Config have had their success messages updated to include the IP / MAC / USERNAME that was added, edited, or deleted. This will cause this information to appear in the System Logs.
  23. The DHCPatriot now supports running inside a VMware Virtual Machine. Contact FNGi for further details.
  24. Repaired a problem where the AFOR (Accounting Forwarding) server type (Auth DHCP Config -> Authentication) would not retain and send the Class attribute (25) when forwarding accounting start packets to a device.
-Darren
DHCPatriot 5.4.0 released2014-09-30 10:51:19
DHCPatriot 5.4.0 has been released. We will be contacting customers with in-force maintenance contracts to schedule updates of their DHCPatriot systems to this version of software. The changes are below:

# Version 5.4.0 introduced the following:
# Release Month-Year: September 2014
    1. When unsuspending a user device in Auth DHCP Actions -> Suspend User, the limit displayed entries was not saved during the unsuspend process. This has been corrected and list limits are now remembered as user devices$
    2. IPv6 logins to the web administration interface were impossible. This was traced to storage of the remote IP address being to small. The size has been increased so that it can store IPv6 addresses. The DHCPatriot s$ administered from an IPv6 address.
    3. Discovered that there was a problem where sometimes cron would no longer rotate logs or database files until it was restarted. Cron now restarts once per day to avoid this situation.
    4. Both IPv4 and IPv6 versions of Firewall setup under System Configuration now support assigning several services to an IP address simultaneously. Previously you had to repeat the process several times to open the fire$ one service to a specific IP or subnet.
    5. IPv6 Ping and Trace route are now supported in the web administration interface as well as the CLI admin menu. Options 12 and 13 are ping6 and trace6 respectively. Reboot and shutdown have moved to options 14 and 15$
    6. API: Unsuspending via the API can now perform a RADIUS authentication check as the web administration interface does if the parameter AuthTest=true is passed to the API. Example: https://patriot.network1.net/cli/?function=SuspendEnable&username=apiuser&password=apipass&action=unsuspend&user=bobaaron&AuthTest=true
    7. API: StickyIP ADD: It is now possible to add a sticky IP via the API by using a URL of the following format: https://patriot.network1.net/cli/?username=&password=&function=StickyIPs&action=ADD&Stickymac=&Stickyusername=&Stickyip=&Stickynote=
    8. API: StickyIP DELETE: It is now possible to delete a sticky IP via the API by using a URL of the following format: https://patriot.network1.net/cli/?username=&password=&function=StickyIPs&action=DELETE&Stickymac=&Stickyusername=
    9. API: StickyIP LIST: It is now possible to list sticky IP assignments via the API by using a URL of the following format: https://patriot.network1.net/cli/?username=&password=&function=StickyIPs&action=LIST An XML list is returned.
    10. API: Its now possible to authenticate a user device using the current pre-auth IP address of the device by using the parameter ip= in place of the MAC= parameter as in this example: https://patriot.network1.net/cli/?username=&password=&function=AuthorizeCustomer&user=exampleuser&pass=examplepass&ip=exampleip
    11. API: A new api call has been added to find authenticated devices. This is accessed in the same way as the rest of the API and returns results in XML format. All authenticated devices may be returned, or the search m$ The URL should have the following format: https://patriot.network1.net/cli/?function=SearchAuthDevices&username=&password=@&mac=&AdminNote=&user=&ShowOnlyOnline=(TRUE)&AddressType= (STATIC/DYNAMIC)
    12. Default DNS servers (when a DHCPatriot has first been installed but not yet configured) have been changed to 8.8.8.8 and 8.8.4.4.
    13. It is now possible to exclude a range of IP addresses in Auth DHCP Config -> Exclude IP Address in the GUI.
    14. There is a new list that can be maintained in Auth DHCP Config -> Deny MAC Address as well as Standard DHCP Config -> Deny MAC Address. This list prevents mac addresses entered within from getting an IP address.
    15. The DHCPatriot no longer prevents authentication if there is a current authenticated lease for the device. The reason it did this in the first place was to prevent sim-use violations. Logic dictates that the device $ however, so there really wasn`t a reason to prevent authentication. Authentication still isn`t allowed if the device is a valid authenticated device that is not suspended.
    16. It is now possible to delete suspended devices that do not currently have an IP address in View Authenticated Users.
    17. Optional lease length overrides have been added to the dynamic subnets in standard and authenticated. This allows an administrator to set a different lease length for a certain dynamic subnet for maintenance purposes$
    18. OpenSSL has been updated to fix the somewhat obscure security issue reported in: http://www.openssl.org/news/secadv_20140605.txt
    19. A feature has been added that lets an admin add DHCP configs to the pool {} statement. This is needed by some customers to replicate custom ISC DHCP configs in specific environments.
    20. A new feature called Built-in Authentication: User Import under Auth DHCP Actions allows the import of a list of users using a comma separated value (CSV) file upload in a specific format.
    21. A new feature called Device Import under Auth DHCP Actions allows the import of a list of authenticated devices using a comma separated value (CSV) file upload in a specific format.
    22. Repaired a problem where the Request Assistance under Main linked to a non-existant page.
    23. Captive portal protection has gained the ability for the administrator to supply their own page to be used to protect the DHCPatriot from automated programs that use web. A new setting box appears in System Configuration -> General Setup allowing an administrator to supply their own HTML for the protection page if they don`t want to use the math problem.
    24. It was discovered that Internet Explorer was not following the 404 redirect on the DHCPatriot. Instead of showing the login page, it would show an Internet Explorer specific "Webpage not found" error page. This meant that if the home page of the user was set to something like http://www.sony.com/ps4 that instead of redirecting back to the login page, the user would get an Internet Explorer generated error page that looked similar to the "page cannot be displayed" error page. We have taken steps to rectify this and Internet Explorer is now being properly redirected to the login page.
    25. Keepalive with one second timeout has been enabled on the DHCPatriot system web server. This affects the login page as well as the admin interface.
    26. It was discovered that DHCPRELEASE log entries were not being recorded in the logs. This wasn`t so much a bug as an oversite. These log entries would not have appeared in the logs at any time with version 5 as no routines for parsing them ever existed. This has been rectified and log messages about DHCPRELEASE now appear in the logs.
-Darren