8.2.3 EA Release and Downloads

Added the ability to have NSProxy send RST packets for 'non-decrypted' deny decisions, so the browser does not retry the HTTPS request.

All [apiname]_count queries would load the entire data structure into memory causing possible memory limit exceptions to be hit with large datasets.

Client key in ClientHello can cause a fragmented ClientHello, which can cause the SNI name parsing to fail. Which can lead to the Policy Service to failing open, resulting in unfiltered requests.

The 'Anyone can view this report' ownership option has been replaced with the 'Share with' option.

We now trigger a log-only event when we detect 'decrypt://denied' but we do not get a corresponding HTTP request and the client connection is closed, (which indicates our CA certificate is not installed).

Administration > Translations > Extract Catalog would display a blank screen when exporting.

When the Reporter generates a report with no data, we now remove the empty report output file.

The Policy Service must set a Client Filter cookie to indicate which protocol is used, allowing the nMonitor API to parse and use the appropriate username.

The nMonitor API can no longer use the 'request information' without performing a Policy Service lookup to validate the case and other information.

Live Request Logs could cause session overwrite issues when a slow server or down server was being probed.

We now clear any prior errors from Request Logs window when the 'Search' button is selected.

Request Logs window would show a Session ID error once opened.

The Request Logs would reload all screenshot images when a new 'row' was added, as the screenshots are index by row.

Sysops without List Permissions are able to modify the list settings because of the changes to assume identity which include loading their last page and breadcrumbs.

Deny Pages created and linked by SysOps were not being displayed in Tools > Deny Page > Content.

If you had the Category view set to both 'WebAdmin' and 'Reporter,' and you attempted to deselect one, your changes would not save.

WebAdmin Log message for "Allowed request from IPADDRESS with valid server guid 'XXX'" has been removed.

The user_groups table and user_restrictions table could become out of sync.

If you disable the Protocol Detection Engine some traffic will not go into passthru mode properly and no Unknown Event will be triggered.

The nMonitor API did not respond with the 'OK:' response when we properly processed the event, returning an empty page instead.

NSUP2Date did not set the hostname for the service to send to the WebAdmin for improved validation.

Directory Sync will now only add the missing Accounts to the Groups and not replace all Accounts in the Groups during the Sync process.

Improved the WebAdmin GUID remote server and configuration identification process.

libwebdb was not validating Account type correctly, potentially allowing Accounts to download information it did not have permission to access.

WebDB required undefined session variables.

Report templates with custom Category filters added category numbers to the Report name errantly.

Parsing the X-Forwarded-For header for Client Filter processing could cause the Policy Service to restart.

When updating the static filter for reports, we did not check for the 'Manage all Groups' permission.

Added new token support for the API Test tool in the Webadmin.

Improved the ability to process CNS requests without adding any latency.

SQL was giving an error when attempting to delete Deny Page content.

Resolved an issue where users could not deselect the 'Default Request Log Server' option in the Administration > Services window.

We now close the session after updating the filters in all tables, so long queries and slow WebAdmin systems cannot cause filter update issues.

Profile Manager: When the user changes the categories for a profile, it won't set the category template, just changes the categories.

We now import the 'Next Run Time' status when importing schedule Reports, including any 'temporarily stopped' statuses.

The Client Filter Exceptions List now encodes spaces to %20 in the entry, as the file we export to is space encoded.

Function iplist_ipv6_iprange_to_subnets could cause stack underflow when adding q.

The weekly Report date-dropdown list was inconsistent between the Report dropdown and the Report instance views.

Running a Complete Sync could remove all of the configured Directory Sync options.

Running the nsdctl chown nsd_* command could take a very long time to complete if the file sizes at the /usr/local/netsweeper/logs directory grew too large.

Sysops do not have permission to access the specific group after being modified.

CNS servers resolving to IPv6 addresses can cause 7.2, 8.1 and 8.2 releases to abort. Customers should upgrade to 7.2.15, 8.1.10, and 8.2.3 to avoid future stability issues.

Resolved an issue where database errors would occur when SysOps would add Clients to a Group.

Added a series of onGuard Permissions to the available Account Permissions.