7.1.2 EA Release
Netsweeper 7.1.2 EA is now available.
This release is based on CentOS6 but we are working hard to port the entire product to CentOS 8. Over the course of the 7.1 release cycle we will be making CentOS 8 porting advancements and will be making a 7.1.X build available for both CentOS 6 and CentOS 8. The features and bug fixes we add will be available in both builds once we make them public.
Features in 7.1.2 EA include:
NSProxy:
- Protocol detection engine and can now provide the protocol name as the scheme in the unknown protocol policy request if it is allowed
- Can detect the eSNI header and create a custom protocol request
- Added av_block_encrypted and av_detect_broken that allow you to configure virus scanning to mark encrypted files as a virus
Deny Pages:
- Can now allow Reporter Categories to be selected
PF Ring:
- Upgraded from 7.4.0 to 7.6.0 release for improved performance.
- Support on CentOS8 has been added to the 7.1.2 release
Additional Features:
- WebAdmin can now generate a certificate for WebAdmin with Letsencrypt
- libadns has been removed from the Netsweeper distribution in 7.1.2 for both CentOS 6 and CentOS 8
- New HTTP Header lookup module has been added that can extract group and username from the complete HTTP request headers if they are available
Customers can access our community site for more information.
Change Log 7.1.2:
| Ticket | Description |
| 18473 | FEATURE: The Protocol detection engine for NSProxy has been improved. It can now provide the protocol name as the scheme in the unknown protocol policy request if it is allowed. |
| 22468 | FEATURE: There is now the ability for NSProxy to detect the eSNI header and create a custom protocol request. |
| 22948 | FEATURE: The WebAdmin can now generate a certificate for WebAdmin with Letsencrypt. |
| 23200 | BUG: The ‘Run Only on Server’ option was not working correctly for Quick Demand Reports and the Create Report button in Report Templates. |
| 23211 | FEATURE: libadns has been removed from the Netsweeper distribution in 7.1.2 for both CentOS 6 and CentOS 8. |
| 23212 | UPDATE: libadns in nslistrdns has been replaced with c-ares. A new -n option has been added to nslistrdns to poll all name servers in the /etc/resolv.conf. |
| 23217 | BUG: With CentOS 8, we have replaced Tree::Trie to List::Util to validate the domains with Reporter Domain list in nslistsanitize tool. |
| 23258 | FEATURE: Deny Pages now allow Reporter Categories to be selected. |
| 23261 | FEATURE: A new HTTP Header lookup module has been added that can extract group and username from the complete HTTP request headers if they are available. |
| 23262 | BUG: When sending LogMod5 logs to Syslog, an empty field was logged as an empty string. We will now replace any empty string with a dash – in order to make for easier log file parsing when using processors that interpret multiple spaces as a single space causing field count corruption. |
| 23263 | FEATURE: Two new options have been added to NSProxy: av_block_encrypted and av_detect_broken that allow you to configure virus scanning to mark encrypted files as a virus. |
| 23282 | FEATURE: PF_RING has been upgraded from 7.4.0 to 7.6.0 release. This includes fixes and updates along with improved performance. Customers running Zero Copy licenses should make sure that their license is valid before upgrading to the 7.1.2 to above release. |
| 23296 | BUG: In the Directory Sync, some user groups were not updating when they have different appends. |
| 23298 | BUG: in CentOS 8, NSProxy could consume 100% CPU on startup due to the threading init process. |
| 23299 | FEATURE: The $FILTER_MESSAGE was not translated to the Group language for the Deny Page. |
| 23301 | BUG: NSProxy could have stability issues when used as an explicit proxy when invalid hostnames are sent it due to changes to c-ares DNS library. This impacts version 6.4.5 to 6.4.9. |
| 23307 | UPDATE: The new el8 build of Netsweeper includes the updated pdns-recursor 4.4 and dnsdist 1.5 releases. |
| 23317 | BUG: If all file descriptors are used in NSProxy the listener threads would abort. This could cause a denial of service. When all file descriptors are used, we will continue waiting for more requests and accept when more file descriptors are available. This impacted MacOS when the default file descriptors were set very low at the default 256. |
| 23319 | BUG: The Policy Service would abort and restart when using the Deny Page Redirect URL option with no CGI arguments. |
| 23327 | FEATURE: PF_RING support on CentOS8 has been added to the 7.1.2 release. |