RouterOS 6.10 released

February 14, 2014, 4:11 am

≫ Next: RouterOS 6.11 released

≪ Previous: RouterOS 6.9 released

$

0

0

Download the new RouterOS 6.10 release over the torrent network: http://www.mikrotik.com/download/routeros-ALL-6.10.torrent
Otherwise please visit http://www.mikrotik.com/download to pick exact version!

6.10 changelog:

*) fix autosupout.rif generation after kernel panic;
*) ovpn - make it work again;
*) ovpn client - remove cipher=any & auth=any options, protocol does not support them;
*) pptp - fixed where Windows & MacOS clients were disconnecting all the time;
*) sstp - make it work with Windows client with AES encryption;
*) ipv6 pool - fix dynamic prefix disappearing which may influence large VPNs with IPv6;
*) ssh client - fix key agreement when sometimes wrong DH algorithm was selected;
*) bgp - multipath eBGP now does not propagate BGP nexthop unless forced in configuration;
*) removed 10/100 half duplex from autonegotiation advertisement on CCR;

---

RouterOS 6.11 released

March 21, 2014, 1:15 am

≫ Next: RouterOS 6.12 released

≪ Previous: RouterOS 6.10 released

$

0

0

Download the new RouterOS 6.11 release over the torrent network: http://www.mikrotik.com/download/routeros-ALL-6.11.torrent
Otherwise please visit http://www.mikrotik.com/download to pick exact version!

6.11 changelog:

*) ipsec - fix aes-cbc hardware acceleration on CCR with key sizes 192 and 256;
*) wireless - add auto frequency feature;
*) ovpn - fixed TLS renegotiation;
*) ovpn - make bridge mode work with big packets (do not leave extraneous padding);
*) ovpn - fixed require-client-certifcate;
*) ppp - revert RADIUS NAS-Port behaviour, report tunnel interface id;
*) ppp - mppe encryption together with mrru locked the router;
*) dhcp - added support for DHCP option 138 - list of CAPWAP IPv4 servers;
*) quickset - added Guest Network setup to Home AP mode;
*) console - no longer required to supply value of '/routing bgp instance vrf' property 'instance' for 'add' command;
*) ethernet - added option to enable rx/tx flow control (will be disabled by default);
*) ethernet - added ability to specify advertised modes for copper ports;
*) fixed 100% cpu usage on CCRs;
*) ssl - not finding CRL in local store for any certificate in trust chain will cause connection to fail;
*) lte - support for Huawei ME609 and ME909u-521;

RouterOS 6.12 released

April 15, 2014, 3:56 am

≫ Next: RouterOS 6.13 released

≪ Previous: RouterOS 6.11 released

$

0

0

Download the new RouterOS 6.12 release over the torrent network: http://www.mikrotik.com/download/routeros-ALL-6.12.torrent
Otherwise please visit http://www.mikrotik.com/download to pick exact version!

6.12 changelog:

*) l2tp - fixed "no buffer space available" problem;
*) ipsec - support IPv4 over IPv6 and vice versa;
*) pppoe - report correctly number of active links;
*) updated timezone information;
*) many fixes for CRS managed switch functionality - particularly improved VLAN support, port isolation, defaults;
*) added trunk support for CRS switches;
*) added policing support for CRS switches;
*) www - added support for HTTP byte ranges;
*) lte - provide signal strength using snmp and make 'info once' work in console;

RouterOS 6.13 released

May 16, 2014, 12:06 am

≫ Next: RouterOS 6.14 released

≪ Previous: RouterOS 6.12 released

$

0

0

Download the new RouterOS 6.13 release over the torrent network: http://www.mikrotik.com/download/routeros-ALL-6.13.torrent
Otherwise please visit http://www.mikrotik.com/download to pick exact version!

6.13 changelog:

*) console - comments are now accepted where new command can start, that is, where '/' or ':' characters can be used to start new command, e.g. /interface { # comment until the end of the line print }
*) backup - backups by default are encrypted now (with user password). To use backup on older versions, you should disable encryption with dont-encrypt flag when creating it;
*) files with '.sensitive.' in the filename require 'sensitive' permission to manipulate;
*) lcd - reduce CPU usage when displaying static screens;
*) l2tp - fixed occasional server lockup;
*) pptp - fixed memory leak;
*) sstp - fixed crashes;

RouterOS 6.14 released

June 9, 2014, 4:44 am

≫ Next: RouterOS 6.15 released

≪ Previous: RouterOS 6.13 released

$

0

0

Download the new RouterOS 6.14 release over the torrent network: http://www.mikrotik.com/download/routeros-ALL-6.14.torrent
Otherwise please visit http://www.mikrotik.com/download to pick exact version!

6.14 changelog:

*) sntp - 'mode' now is a read-only property, it is set to broadcast if no server ip address is specified;
*) smb - fixed some SMB1 errors;
*) wireless-fp package is now included in routeros one (disabled by default);
*) webfig - fixed quickset, it didn't work with disabled wireless pacakge;
*) sstp - fixed problem where session was closed every 2min;
*) pptp,l2tp,pppoe - fixed problem where some of the static bindings become dynamic interfaces;
*) eoip - lowered default MTU to avoid IP packet fragmentation;
*) eoip - added clamp-tcp-mss setting with default=yes for new tunnels to avoid IP packet fragmentation;
*) fixed - bridge could sometimes get added without "running" flag;
*) fixed - simple queues could sometimes crash router;
*) fixed - simple queue stats freeze (empty winbox queue window);
*) ssh server - allow none cipher;
*) proxy - added 'anonymous' option which will skip adding X-* and Via headers;
*) dhcp server - added option use-framed-as-classless and added support for DHCP-Classless-Static-Route RADIUS attribute;
*) quickset - fixed problem where address mode selection did not work in bridge mode;
*) ipv6 address - fixed problem where changing advertise lost ipv6 connected route;CAVEAT: CAPsMAN Layer3 doesn’t work if IPv6 package enabled either on CAPsMAN or CAP device;

RouterOS 6.15 released

June 12, 2014, 6:47 am

≫ Next: RouterOS 6.40rc21 [Release candidate]

≪ Previous: RouterOS 6.14 released

$

0

0

Download the new RouterOS 6.15 release over the torrent network: http://www.mikrotik.com/download/routeros-ALL-6.15.torrent
Otherwise please visit http://www.mikrotik.com/download to pick exact version!

6.15 changelog:

*) fixed upgrade from v5 - on first boot all the optional packages were disabled;
*) fixed problem where sntp server could not be specified in winbox & webfig;
*) metarouter - make openwrt work on ppc metarouter again;

RouterOS 6.40rc21 [Release candidate]

June 14, 2017, 5:34 am

≫ Next: RouterOS 6.40rc24 [Release candidate]

≪ Previous: RouterOS 6.15 released

$

0

0

6.40rc21 changelog:

*) capsman - added "current-registered-clients" and "current-authorized-clients" count for CAP interfaces (CLI only);
*) certificate - added "crl-use" setting to disable CRL use (CLI only);
*) crs212 - fixed Optech sfp-10G-tx module compatibility with SFP ports;
*) dude - fixed server crash;
*) export - added default "init-delay" setting for "/routerboard settings" menu;
*) ping - fixed ping getting stuck (after several thousands of ping attempts);
*) rb750gr3 - fixed USB power;
*) userman - lookup language files also in "/flash" directory;

Other changes since 6.39.2:

*) btest - fixed crash when packet size has been changed during test;
*) capsman - fixed EAP identity reporting in "registration-table";
*) capsman - set minimal "caps-man-names" and "caps-man-certificate-common-names" length to 1 char;
*) chr - maximal system disk size now limited to 16GB;
*) conntrack - fixed IPv6 connection tracking enable/disable;
*) defconf - added IPv6 default firewall configuration (IPv6 package must be enabled on reset);
*) defconf - improved IPv4 default firewall configuration;
*) defconf - renamed 192.168.88.1 address static DNS entry from "router" to "router.lan";
*) dhcp - added "debug" logs on MAC address change;
*) dhcpv4-server - fixed server state on interface change in Winbox and Webfig;
*) dns - remove all dynamic cache RRs of same type when adding static entry;
*) ethernet - fixed forced 10Mbps full-duplex linking on 100Mbps Ethernet ports;
*) export - added "terse" option;
*) fastpath - improved performance when packets for slowpath are received;
*) fetch - added "src-address" parameter for HTTP and HTTPS;
*) firewall - fixed cosmetic "inactive" flag when item was disabled;
*) hotspot - added "address-list" support in "walled-garden" IP section;
*) hotspot - require "dns-name" to contain "." symbol under Hotspot Server Profile configuration;
*) ike1 - added support for "framed-pool" RADIUS attribute;
*) ike1 - fixed minor memory leak on peer configuration change;
*) ike1 - kill phase1 instead of rekey if "mode-config" is used;
*) ike1 - removed SAs on DPD;
*) ike1 - send phase1 delete;
*) ike2 - added RADIUS attributes "Framed-Pool", "Framed-Ip-Address", "Framed-Ip-Netmask";
*) ike2 - added pfkey kernel return checks;
*) ike2 - added support for "Mikrotik_Address_List" RADIUS attribute;
*) ike2 - added support for "mode-config" static address;
*) ike2 - by default use "/24" netmask for peer IP address in split net;
*) ike2 - prefer traffic selector with "mode-config" address;
*) ipsec - added "firewall=add-notrack" peer option (CLI only);
*) ipsec - added information in console XML for "mode-config" menu;
*) ipsec - enabled modp2048 DH group by default;
*) ipsec - fixed connections cleanup on policy or proposal modification;
*) ipsec - optimized logging under IPSec topic;
*) ipsec - removed policy priority;
*) l2tp - fixed handling of pre-authenticated L2TP sessions with CHAP authentication;
*) l2tp-server - added "one-session-per-host" option;
*) log - added "poe-out" topic;
*) log - improved "l2tp" logs;
*) log - optimized "wireless,info" topic logs;
*) log - work on false CPU/RAM overclocked alarms;
*) lte - added "accounting" logs for LTE connections;
*) lte - added additional driver support for DWR-910;
*) lte - added initial support for "NTT DoCoMo" modem;
*) lte - improved SMS delivery report;
*) lte - improved reliability on SXT LTE;
*) ovpn - improved performance when receiving too many options;
*) ppp - improved MLPPP packet forwarding performance;
*) proxy - fixed potential crash;
*) quickset - added "Band" setting to "CPE" and "PTP CPE" modes;
*) quickset - use active user name and permissions when applying changes;
*) routing - allow to disable "all" interface entry in BFD;
*) snmp - fixed crash on interface table get;
*) snmp - added "ifindex" on interface traps;
*) snmp - added ability to set "src-address";
*) socks - fixed crash while processing many simultaneous sessions;
*) tr069-client - fixed lost HTTP header on authorization;
*) ups - show correct "line-voltage" value for usbhid UPS devices;
*) winbox - added "eap-identity" to CAPsMAN registration table;
*) winbox - added "no-dad" setting to IPv6 addresses;
*) winbox - added "reselect-channel" to CAPsMAN interfaces;
*) winbox - added TR069 support;
*) wireless - NAK any methods except MS-CHAPv2 as inner method in PEAP;
*) wireless - added option to change "nv2-downlink-ratio" for nv2 protocol;
*) wireless - added option to set "fixed-downlink" mode for nv2 protocol;
*) wireless - allow VirutalAP on Level0 (24h demo) license;
*) wireless - always use "multicast-helper" when DHCP is being used;
*) wireless - do not skip >2462 channels if interface is WDS slave;
*) wireless - fixed 802.11u wireless request processing;
*) wireless - fixed EAP PEAP success processing;
*) wireless - fixed compatibility with "AR5212" wireless chips;
*) wireless - fixed rare crash on cap disable;
*) wireless - fixed registration table "signal-strength" reporting for chains when using nv2;

Download the new 'RouterOS 6.40rc21' version here: https://www.mikrotik.com/download

RouterOS 6.40rc24 [Release candidate]

June 20, 2017, 4:36 am

≫ Next: RouterOS 6.38.7 [Bugfix only]

≪ Previous: RouterOS 6.40rc21 [Release candidate]

$

0

0

6.40rc24 changelog:

*) capsman - added "current-registered-clients" and "current-authorized-clients" count for CAP interfaces;
*) discovery - fixed timeouts for LLDP neighbours;
*) ethernet - fixed rare linking problem with forced 10Mbps full-duplex mode;
*) metarouter - fixed display of bogus error message on startup;
*) modem - added support for ZTE TE W120;
*) ovpn - added support for topology subnet for IP mode;
*) ovpn - added support for "push-continuation";
*) ovpn - fixed duplicate default gateway presence when receiving extra routes;
*) packages - increased automatic download retry interval to 5 minutes if there is no free disk space;
*) ppp - use interface name instead of IP as default route gateway;
*) proxy - fixed rare program crash after closing client connection;
*) quickset - added special firewall exception rules for IPSec;
*) quickset - fixed incorrect VPN address value on arm and tilera;
*) routerboard - added "caps-mode" option for "reset-configuration" (CLI only);
*) routerboard - added "caps-mode-script" for default-configuration print;
*) sms - decode reports in readable format;
*) snmp - added CAPsMAN interface statistics;
*) snmp - fixed wireless interface walk table id ordering;
*) winbox - added "session-uptime" to LTE interface;
*) winbox - added "src-address-list" & "dst-address-list" to HotSpot Walled Garden;
*) winbox - fixed wireless interface "amsdu-threshold" max limit;
*) winbox - moved LTE info fields to status tab;

Other changes since 6.39.2:

!) wireless - added Nv2 AP synchronization feature (for experimental use)(CLI only);
*) btest - fixed crash when packet size has been changed during test;
*) capsman - added "current-registered-clients" and "current-authorized-clients" count for CAP interfaces (CLI only);
*) capsman - fixed EAP identity reporting in "registration-table";
*) capsman - set minimal "caps-man-names" and "caps-man-certificate-common-names" length to 1 char;
*) certificate - added "crl-use" setting to disable CRL use (CLI only);
*) chr - maximal system disk size now limited to 16GB;
*) conntrack - fixed IPv6 connection tracking enable/disable;
*) crs212 - fixed Optech sfp-10G-tx module compatibility with SFP ports;
*) defconf - added IPv6 default firewall configuration (IPv6 package must be enabled on reset);
*) defconf - improved IPv4 default firewall configuration;
*) defconf - renamed 192.168.88.1 address static DNS entry from "router" to "router.lan";
*) dhcp - added "debug" logs on MAC address change;
*) dhcpv4-server - fixed server state on interface change in Winbox and Webfig;
*) dns - remove all dynamic cache RRs of same type when adding static entry;
*) dude - fixed server crash;
*) ethernet - fixed forced 10Mbps full-duplex linking on 100Mbps Ethernet ports;
*) export - added "terse" option;
*) export - added default "init-delay" setting for "/routerboard settings" menu;
*) fastpath - improved performance when packets for slowpath are received;
*) fetch - added "src-address" parameter for HTTP and HTTPS;
*) firewall - fixed cosmetic "inactive" flag when item was disabled;
*) hotspot - added "address-list" support in "walled-garden" IP section;
*) hotspot - require "dns-name" to contain "." symbol under Hotspot Server Profile configuration;
*) ike1 - added support for "framed-pool" RADIUS attribute;
*) ike1 - fixed minor memory leak on peer configuration change;
*) ike1 - kill phase1 instead of rekey if "mode-config" is used;
*) ike1 - removed SAs on DPD;
*) ike1 - send phase1 delete;
*) ike2 - added RADIUS attributes "Framed-Pool", "Framed-Ip-Address", "Framed-Ip-Netmask";
*) ike2 - added pfkey kernel return checks;
*) ike2 - added support for "Mikrotik_Address_List" RADIUS attribute;
*) ike2 - added support for "mode-config" static address;
*) ike2 - by default use "/24" netmask for peer IP address in split net;
*) ike2 - prefer traffic selector with "mode-config" address;
*) ipsec - added "firewall=add-notrack" peer option (CLI only);
*) ipsec - added information in console XML for "mode-config" menu;
*) ipsec - enabled modp2048 DH group by default;
*) ipsec - fixed connections cleanup on policy or proposal modification;
*) ipsec - optimized logging under IPSec topic;
*) ipsec - removed policy priority;
*) l2tp - fixed handling of pre-authenticated L2TP sessions with CHAP authentication;
*) l2tp-server - added "one-session-per-host" option;
*) log - added "poe-out" topic;
*) log - improved "l2tp" logs;
*) log - optimized "wireless,info" topic logs;
*) log - work on false CPU/RAM overclocked alarms;
*) lte - added "accounting" logs for LTE connections;
*) lte - added additional driver support for DWR-910;
*) lte - added initial support for "NTT DoCoMo" modem;
*) lte - improved SMS delivery report;
*) lte - improved reliability on SXT LTE;
*) ovpn - improved performance when receiving too many options;
*) ping - fixed ping getting stuck (after several thousands of ping attempts);
*) ppp - improved MLPPP packet forwarding performance;
*) proxy - fixed potential crash;
*) quickset - added "Band" setting to "CPE" and "PTP CPE" modes;
*) quickset - use active user name and permissions when applying changes;
*) rb750gr3 - fixed USB power;
*) routing - allow to disable "all" interface entry in BFD;
*) snmp - added "ifindex" on interface traps;
*) snmp - added ability to set "src-address";
*) snmp - fixed crash on interface table get;
*) socks - fixed crash while processing many simultaneous sessions;
*) tr069-client - fixed lost HTTP header on authorization;
*) ups - show correct "line-voltage" value for usbhid UPS devices;
*) userman - lookup language files also in "/flash" directory;
*) winbox - added "eap-identity" to CAPsMAN registration table;
*) winbox - added "no-dad" setting to IPv6 addresses;
*) winbox - added "reselect-channel" to CAPsMAN interfaces;
*) winbox - added TR069 support;
*) wireless - NAK any methods except MS-CHAPv2 as inner method in PEAP;
*) wireless - added option to change "nv2-downlink-ratio" for nv2 protocol;
*) wireless - added option to set "fixed-downlink" mode for nv2 protocol;
*) wireless - allow VirutalAP on Level0 (24h demo) license;
*) wireless - always use "multicast-helper" when DHCP is being used;
*) wireless - do not skip >2462 channels if interface is WDS slave;
*) wireless - fixed 802.11u wireless request processing;
*) wireless - fixed EAP PEAP success processing;
*) wireless - fixed compatibility with "AR5212" wireless chips;
*) wireless - fixed rare crash on cap disable;
*) wireless - fixed registration table "signal-strength" reporting for chains when using nv2;

Download the new 'RouterOS 6.40rc24' version here: https://www.mikrotik.com/download

---

RouterOS 6.38.7 [Bugfix only]

June 21, 2017, 1:00 am

≫ Next: RouterOS 6.40rc25 [Release candidate]

≪ Previous: RouterOS 6.40rc24 [Release candidate]

$

0

0

6.38.7 changelog:

*) 6to4 - fixed wrong IPv6 "link-local" address generation;
*) arp - fixed "make-static";
*) bonding - do not add bonding interface if "could not set MTU" error is received;
*) console - fixed "/ip neighbor discovery" export;
*) console - fixed unexpected console crash when using variables as functions;
*) console - instead of true/false report yes/no as LCD enabled state;
*) defconf - discard default configuration startup query with configuration change from Webfig;
*) defconf - discard default configuration startup query with RouterOS upgrade;
*) defconf - fixed default configuration generation when wireless package is disabled;
*) defconf - fixed Groove 52 ac band settings;
*) dns - made loading thousands of static entries faster;
*) ethernet - fixed "loop-protect" on "master-port";
*) ethernet - fixed rare switch chip hang (could cause port flapping);
*) fetch - fixed download issue over HTTPS;
*) firewall - do not allow to set "rate" value to 0 for "limit" parameter;
*) firewall - fixed "address-list" entry "creation-time" adjustment to timezone;
*) firewall - fixed "address-list" entry changing from IP to DNS and vice versa;
*) firewall - fixed cosmetic "invalid" flag when item was disabled;
*) ike1 - fixed crash on xauth message;
*) ike2 - allow multiple child SA traffic selectors on re-key;
*) ike2 - fixed last EAP authentication payload type;
*) ike2 - fixed policy release during SA negotiation;
*) ike2 - fixed RSA authentication without EAP;
*) ike2 - fixed situation when traffic selector prefix was parsed incorrectly;
*) ipsec - do not deduct policy src/dst address for tunnel policies;
*) ipsec - fixed generated policy priority;
*) ipsec - fixed peer "my-id" address reset;
*) ipv6 - fixed address becoming invalid when interface was removed from bridge/mesh;
*) led - fixed turning off LED when interface is lost;
*) log - added missing "license limit exceeded" log entry;
*) log - work on false CPU/RAM overclocked alarms;
*) netinstall - fixed typos in Netinstall status messages;
*) ntp - restart NTP client when it is stuck in error state;
*) ppp - fixed IPv6 address receiving on PPP interface;
*) pppoe - added warning on PPPoE client/server, if it is configured on slave interface;
*) pppoe-server - fixed "one-session-per-host" issue where 2 simultaneous sessions were possible from the same host;
*) queue - fixed queuing when at least one child queue has "default-small" and other/s is/are different (introduced in 6.35);
*) quickset - fixed LTE "signal-strength" graphs;
*) smb - fixed share path on devices with "/flash" directory;
*) sniffer - fixed VLAN tags when sniffing all interfaces;
*) snmp - added fan-speed OIDs in "/system health print oid";
*) snmp - fixed limited walk;
*) switch - fixed disabling of MAC learning on CRS1xx/CRS2xx;
*) tile - fixed EoIP keepalive when tunnel is made over VLAN interface;
*) traffic-flow - fixed IPFIX IPv6 data reporting;
*) upnp - fixed firewall NAT rule update when external IP address changes;
*) userman - allow "name-for-user" to be empty and not unique;
*) userman - fixed rare GUI crash when User Manager files are not accessible;
*) webfig - allow to enter frequency ranges in wireless “scan-list”;
*) webfig - allow to select "default-encryption" profile on PPP tunnels;
*) webfig - correctly specify routing filter prefix;
*) webfig - do not allow to reorder items if table is sorted by some column;
*) webfig - fixed "last-link-up" & "last-link-down" time information;
*) webfig - fixed Bridge Filter properties display when there are more than one Filter available;
*) webfig - show all available options under "Advanced Mode" for wireless interfaces;
*) winbox - added "Flush" button under “unicast-fdb” menu;
*) winbox - added "memory-scroll", "filter-cpu", "filter-ipv6-address", "filter-operation-between-entries" Sniffer parameters;
*) winbox - added “protected-routerboard” parameters under RouterBOARD settings menu;
*) winbox - allow shorten bytes to k,M,G in firewall "connection-bytes" and "connection-rates";
*) winbox - do not allow Packet Sniffer "memory-limit" and "file-limit" lower than 10KiB;
*) winbox - do not allow to open multiple same sub-menus at the same time;
*) winbox - do not show "dpd-max-failures" on IKEv2;
*) winbox - do not start Traffic Generator automatically when opening "Quick Start";
*) winbox - fixed "Montly" typo to "Monthly" in Graphing menu;
*) winbox - fixed firewall port selection with Winbox v2;
*) winbox - fixed IPSec "mode-config" DNS settings;
*) winbox - fixed issue when working IPSec policies were shown as invalid;
*) winbox - fixed switch ACL Policer statistics;
*) winbox - fixed typo in BGP advertisements menu Aggragator->Aggregator;
*) winbox - hide "wps-mode" & "security-profile" in wireless nv2 mode;
*) winbox - properly show "dhcp-server" warnings;
*) winbox - removed spare values from "loop-protect" setting for EoIPv6 tunnels;
*) winbox - removed unnecessary "/system health" menu on "hAP ac lite" and “RB450”;
*) winbox - show "A" flag for IPSec policies;
*) wireless - reduced load on CPU for high speed wireless links;

Download the new 'RouterOS 6.38.7' version here: https://www.mikrotik.com/download

RouterOS 6.40rc25 [Release candidate]

June 27, 2017, 5:15 am

≫ Next: RouterOS 6.40rc28 [Release candidate]

≪ Previous: RouterOS 6.38.7 [Bugfix only]

$

0

0

6.40rc25 changelog:

*) chr - fixed MAC address assignment when hot plugging NIC on XenServer;
*) fastpath - fixed router rebooting itself (introduced in 6.40rc24);
*) firewall - added "none-dynamic" and "none-static" options for "address-list-timeout" parameter (CLI only);
*) firewall - removed unique address list name limit;
*) ipsec - do not deduct "dst-address" from "sa-dst-address" for "/0" policies;
*) lte - added support for Huawei E3531-6;
*) modem - fixed info command when it is executed at the same time as modem restarts/disconnects;
*) tile - fixed copying large amount of text over serial console;
*) trafficgen - added "lost-ratio" to statistics;
*) webfig - fixed wireless "scan-list" parameter not being saved after applying changes;

Other changes since 6.39.2:

!) wireless - added Nv2 AP synchronization feature (for experimental use)(CLI only);
*) btest - fixed crash when packet size has been changed during test;
*) capsman - added "current-registered-clients" and "current-authorized-clients" count for CAP interfaces (CLI only);
*) capsman - added "current-registered-clients" and "current-authorized-clients" count for CAP interfaces;
*) capsman - fixed EAP identity reporting in "registration-table";
*) capsman - set minimal "caps-man-names" and "caps-man-certificate-common-names" length to 1 char;
*) certificate - added "crl-use" setting to disable CRL use (CLI only);
*) chr - maximal system disk size now limited to 16GB;
*) conntrack - fixed IPv6 connection tracking enable/disable;
*) crs212 - fixed Optech sfp-10G-tx module compatibility with SFP ports;
*) defconf - added IPv6 default firewall configuration (IPv6 package must be enabled on reset);
*) defconf - improved IPv4 default firewall configuration;
*) defconf - renamed 192.168.88.1 address static DNS entry from "router" to "router.lan";
*) dhcp - added "debug" logs on MAC address change;
*) dhcpv4-server - fixed server state on interface change in Winbox and Webfig;
*) discovery - fixed timeouts for LLDP neighbours;
*) dns - remove all dynamic cache RRs of same type when adding static entry;
*) dude - fixed server crash;
*) ethernet - fixed forced 10Mbps full-duplex linking on 100Mbps Ethernet ports;
*) ethernet - fixed rare linking problem with forced 10Mbps full-duplex mode;
*) export - added "terse" option;
*) export - added default "init-delay" setting for "/routerboard settings" menu;
*) fastpath - improved performance when packets for slowpath are received;
*) fetch - added "src-address" parameter for HTTP and HTTPS;
*) firewall - fixed cosmetic "inactive" flag when item was disabled;
*) hotspot - added "address-list" support in "walled-garden" IP section;
*) hotspot - require "dns-name" to contain "." symbol under Hotspot Server Profile configuration;
*) ike1 - added support for "framed-pool" RADIUS attribute;
*) ike1 - fixed minor memory leak on peer configuration change;
*) ike1 - kill phase1 instead of rekey if "mode-config" is used;
*) ike1 - removed SAs on DPD;
*) ike1 - send phase1 delete;
*) ike2 - added RADIUS attributes "Framed-Pool", "Framed-Ip-Address", "Framed-Ip-Netmask";
*) ike2 - added pfkey kernel return checks;
*) ike2 - added support for "Mikrotik_Address_List" RADIUS attribute;
*) ike2 - added support for "mode-config" static address;
*) ike2 - by default use "/24" netmask for peer IP address in split net;
*) ike2 - prefer traffic selector with "mode-config" address;
*) ipsec - added "firewall=add-notrack" peer option (CLI only);
*) ipsec - added information in console XML for "mode-config" menu;
*) ipsec - enabled modp2048 DH group by default;
*) ipsec - fixed connections cleanup on policy or proposal modification;
*) ipsec - optimized logging under IPSec topic;
*) ipsec - removed policy priority;
*) l2tp - fixed handling of pre-authenticated L2TP sessions with CHAP authentication;
*) l2tp-server - added "one-session-per-host" option;
*) log - added "poe-out" topic;
*) log - improved "l2tp" logs;
*) log - optimized "wireless,info" topic logs;
*) log - work on false CPU/RAM overclocked alarms;
*) lte - added "accounting" logs for LTE connections;
*) lte - added additional driver support for DWR-910;
*) lte - added initial support for "NTT DoCoMo" modem;
*) lte - improved SMS delivery report;
*) lte - improved reliability on SXT LTE;
*) metarouter - fixed display of bogus error message on startup;
*) modem - added support for ZTE TE W120;
*) ovpn - added support for "push-continuation";
*) ovpn - added support for topology subnet for IP mode;
*) ovpn - fixed duplicate default gateway presence when receiving extra routes;
*) ovpn - improved performance when receiving too many options;
*) packages - increased automatic download retry interval to 5 minutes if there is no free disk space;
*) ping - fixed ping getting stuck (after several thousands of ping attempts);
*) ppp - improved MLPPP packet forwarding performance;
*) ppp - use interface name instead of IP as default route gateway;
*) proxy - fixed potential crash;
*) proxy - fixed rare program crash after closing client connection;
*) quickset - added "Band" setting to "CPE" and "PTP CPE" modes;
*) quickset - added special firewall exception rules for IPSec;
*) quickset - fixed incorrect VPN address value on arm and tilera;
*) quickset - use active user name and permissions when applying changes;
*) rb750gr3 - fixed USB power;
*) routerboard - added "caps-mode" option for "reset-configuration" (CLI only);
*) routerboard - added "caps-mode-script" for default-configuration print;
*) routing - allow to disable "all" interface entry in BFD;
*) sms - decode reports in readable format;
*) snmp - added "ifindex" on interface traps;
*) snmp - added CAPsMAN interface statistics;
*) snmp - added ability to set "src-address";
*) snmp - fixed crash on interface table get;
*) snmp - fixed wireless interface walk table id ordering;
*) socks - fixed crash while processing many simultaneous sessions;
*) tr069-client - fixed lost HTTP header on authorization;
*) ups - show correct "line-voltage" value for usbhid UPS devices;
*) userman - lookup language files also in "/flash" directory;
*) winbox - added "eap-identity" to CAPsMAN registration table;
*) winbox - added "no-dad" setting to IPv6 addresses;
*) winbox - added "reselect-channel" to CAPsMAN interfaces;
*) winbox - added "session-uptime" to LTE interface;
*) winbox - added "src-address-list" & "dst-address-list" to HotSpot Walled Garden;
*) winbox - added TR069 support;
*) winbox - fixed wireless interface "amsdu-threshold" max limit;
*) winbox - moved LTE info fields to status tab;
*) wireless - NAK any methods except MS-CHAPv2 as inner method in PEAP;
*) wireless - added option to change "nv2-downlink-ratio" for nv2 protocol;
*) wireless - added option to set "fixed-downlink" mode for nv2 protocol;
*) wireless - allow VirutalAP on Level0 (24h demo) license;
*) wireless - always use "multicast-helper" when DHCP is being used;
*) wireless - do not skip >2462 channels if interface is WDS slave;
*) wireless - fixed 802.11u wireless request processing;
*) wireless - fixed EAP PEAP success processing;
*) wireless - fixed compatibility with "AR5212" wireless chips;
*) wireless - fixed rare crash on cap disable;
*) wireless - fixed registration table "signal-strength" reporting for chains when using nv2;

Download the new 'RouterOS 6.40rc25' version here: https://www.mikrotik.com/download

RouterOS 6.40rc28 [Release candidate]

June 30, 2017, 6:07 am

≫ Next: RouterOS 6.40rc32 [Release candidate]

≪ Previous: RouterOS 6.40rc25 [Release candidate]

$

0

0

6.40rc28 changelog:

*) console - fixed different command auto complete on ;
*) ethernet - fixed occasional broken interface order after reset/first boot;
*) export - added router model and serial number to configuration export;
*) export - fixed "/interface list" verbose export;
*) export - fixed "/ipv6 route" compact export;
*) export - fixed MPLS "dynamic-label-range" export;
*) export - fixed SNMP "src-address" for compact export;
*) fastpath - improved removing process of dynamic interface;
*) hAP ac lite - removed nonexistent "wlan-led";
*) lte - added info command support for the Jaton LTE modem;
*) ppp - added initial support for ZTE K4203-Z;
*) ppp - added initial support for ZTE ME3630-E;
*) safe-mode - fixed session handling when Safe Mode is used on multiple sessions at the same time;
*) supout - fixed IPv6 firewall section;

Other changes since 6.39.2:

!) wireless - added Nv2 AP synchronization feature (for experimental use)(CLI only);
*) btest - fixed crash when packet size has been changed during test;
*) capsman - added "current-registered-clients" and "current-authorized-clients" count for CAP interfaces (CLI only);
*) capsman - added "current-registered-clients" and "current-authorized-clients" count for CAP interfaces;
*) capsman - fixed EAP identity reporting in "registration-table";
*) capsman - set minimal "caps-man-names" and "caps-man-certificate-common-names" length to 1 char;
*) certificate - added "crl-use" setting to disable CRL use (CLI only);
*) chr - fixed MAC address assignment when hot plugging NIC on XenServer;
*) chr - maximal system disk size now limited to 16GB;
*) conntrack - fixed IPv6 connection tracking enable/disable;
*) crs212 - fixed Optech sfp-10G-tx module compatibility with SFP ports;
*) defconf - added IPv6 default firewall configuration (IPv6 package must be enabled on reset);
*) defconf - improved IPv4 default firewall configuration;
*) defconf - renamed 192.168.88.1 address static DNS entry from "router" to "router.lan";
*) dhcp - added "debug" logs on MAC address change;
*) dhcpv4-server - fixed server state on interface change in Winbox and Webfig;
*) discovery - fixed timeouts for LLDP neighbours;
*) dns - remove all dynamic cache RRs of same type when adding static entry;
*) dude - fixed server crash;
*) ethernet - fixed forced 10Mbps full-duplex linking on 100Mbps Ethernet ports;
*) ethernet - fixed rare linking problem with forced 10Mbps full-duplex mode;
*) export - added "terse" option;
*) export - added default "init-delay" setting for "/routerboard settings" menu;
*) fastpath - fixed router rebooting itself (introduced in 6.40rc24);
*) fastpath - improved performance when packets for slowpath are received;
*) fetch - added "src-address" parameter for HTTP and HTTPS;
*) firewall - added "none-dynamic" and "none-static" options for "address-list-timeout" parameter (CLI only);
*) firewall - fixed cosmetic "inactive" flag when item was disabled;
*) firewall - removed unique address list name limit;
*) hotspot - added "address-list" support in "walled-garden" IP section;
*) hotspot - require "dns-name" to contain "." symbol under Hotspot Server Profile configuration;
*) ike1 - added support for "framed-pool" RADIUS attribute;
*) ike1 - fixed minor memory leak on peer configuration change;
*) ike1 - kill phase1 instead of rekey if "mode-config" is used;
*) ike1 - removed SAs on DPD;
*) ike1 - send phase1 delete;
*) ike2 - added RADIUS attributes "Framed-Pool", "Framed-Ip-Address", "Framed-Ip-Netmask";
*) ike2 - added pfkey kernel return checks;
*) ike2 - added support for "Mikrotik_Address_List" RADIUS attribute;
*) ike2 - added support for "mode-config" static address;
*) ike2 - by default use "/24" netmask for peer IP address in split net;
*) ike2 - prefer traffic selector with "mode-config" address;
*) ipsec - added "firewall=add-notrack" peer option (CLI only);
*) ipsec - added information in console XML for "mode-config" menu;
*) ipsec - do not deduct "dst-address" from "sa-dst-address" for "/0" policies;
*) ipsec - enabled modp2048 DH group by default;
*) ipsec - fixed connections cleanup on policy or proposal modification;
*) ipsec - optimized logging under IPSec topic;
*) ipsec - removed policy priority;
*) l2tp - fixed handling of pre-authenticated L2TP sessions with CHAP authentication;
*) l2tp-server - added "one-session-per-host" option;
*) log - added "poe-out" topic;
*) log - improved "l2tp" logs;
*) log - optimized "wireless,info" topic logs;
*) log - work on false CPU/RAM overclocked alarms;
*) lte - added "accounting" logs for LTE connections;
*) lte - added additional driver support for DWR-910;
*) lte - added initial support for "NTT DoCoMo" modem;
*) lte - added support for Huawei E3531-6;
*) lte - improved SMS delivery report;
*) lte - improved reliability on SXT LTE;
*) metarouter - fixed display of bogus error message on startup;
*) modem - added support for ZTE TE W120;
*) modem - fixed info command when it is executed at the same time as modem restarts/disconnects;
*) ovpn - added support for "push-continuation";
*) ovpn - added support for topology subnet for IP mode;
*) ovpn - fixed duplicate default gateway presence when receiving extra routes;
*) ovpn - improved performance when receiving too many options;
*) packages - increased automatic download retry interval to 5 minutes if there is no free disk space;
*) ping - fixed ping getting stuck (after several thousands of ping attempts);
*) ppp - improved MLPPP packet forwarding performance;
*) ppp - use interface name instead of IP as default route gateway;
*) proxy - fixed potential crash;
*) proxy - fixed rare program crash after closing client connection;
*) quickset - added "Band" setting to "CPE" and "PTP CPE" modes;
*) quickset - added special firewall exception rules for IPSec;
*) quickset - fixed incorrect VPN address value on arm and tilera;
*) quickset - use active user name and permissions when applying changes;
*) rb750gr3 - fixed USB power;
*) routerboard - added "caps-mode" option for "reset-configuration" (CLI only);
*) routerboard - added "caps-mode-script" for default-configuration print;
*) routing - allow to disable "all" interface entry in BFD;
*) sms - decode reports in readable format;
*) snmp - added "ifindex" on interface traps;
*) snmp - added CAPsMAN interface statistics;
*) snmp - added ability to set "src-address";
*) snmp - fixed crash on interface table get;
*) snmp - fixed wireless interface walk table id ordering;
*) socks - fixed crash while processing many simultaneous sessions;
*) tile - fixed copying large amount of text over serial console;
*) tr069-client - fixed lost HTTP header on authorization;
*) trafficgen - added "lost-ratio" to statistics;
*) ups - show correct "line-voltage" value for usbhid UPS devices;
*) userman - lookup language files also in "/flash" directory;
*) webfig - fixed wireless "scan-list" parameter not being saved after applying changes;
*) winbox - added "eap-identity" to CAPsMAN registration table;
*) winbox - added "no-dad" setting to IPv6 addresses;
*) winbox - added "reselect-channel" to CAPsMAN interfaces;
*) winbox - added "session-uptime" to LTE interface;
*) winbox - added "src-address-list" & "dst-address-list" to HotSpot Walled Garden;
*) winbox - added TR069 support;
*) winbox - fixed wireless interface "amsdu-threshold" max limit;
*) winbox - moved LTE info fields to status tab;
*) wireless - NAK any methods except MS-CHAPv2 as inner method in PEAP;
*) wireless - added option to change "nv2-downlink-ratio" for nv2 protocol;
*) wireless - added option to set "fixed-downlink" mode for nv2 protocol;
*) wireless - allow VirutalAP on Level0 (24h demo) license;
*) wireless - always use "multicast-helper" when DHCP is being used;
*) wireless - do not skip >2462 channels if interface is WDS slave;
*) wireless - fixed 802.11u wireless request processing;
*) wireless - fixed EAP PEAP success processing;
*) wireless - fixed compatibility with "AR5212" wireless chips;
*) wireless - fixed rare crash on cap disable;
*) wireless - fixed registration table "signal-strength" reporting for chains when using nv2;

Download the new 'RouterOS 6.40rc28' version here: https://www.mikrotik.com/download

RouterOS 6.40rc32 [Release candidate]

July 4, 2017, 2:09 am

≫ Next: RouterOS 6.40rc36 [Release candidate]

≪ Previous: RouterOS 6.40rc28 [Release candidate]

$

0

0

6.40rc32 changelog:

*) dhcpv4-client - added "gateway-address" script parameter;
*) dhcpv4-server - fixed lease renew for DHCP clients that sends renewal with "ciaddr = 0.0.0.0";
*) fasttrack - fixed fasttrack over interfaces with dynamic MAC address;

Other changes since 6.39.2:

!) wireless - added Nv2 AP synchronization feature (for experimental use)(CLI only);
*) btest - fixed crash when packet size has been changed during test;
*) capsman - added "current-registered-clients" and "current-authorized-clients" count for CAP interfaces;
*) capsman - fixed EAP identity reporting in "registration-table";
*) capsman - set minimal "caps-man-names" and "caps-man-certificate-common-names" length to 1 char;
*) certificate - added "crl-use" setting to disable CRL use (CLI only);
*) chr - fixed MAC address assignment when hot plugging NIC on XenServer;
*) chr - maximal system disk size now limited to 16GB;
*) conntrack - fixed IPv6 connection tracking enable/disable;
*) console - fixed different command auto complete on ;
*) crs212 - fixed Optech sfp-10G-tx module compatibility with SFP ports;
*) defconf - added IPv6 default firewall configuration (IPv6 package must be enabled on reset);
*) defconf - improved IPv4 default firewall configuration;
*) defconf - renamed 192.168.88.1 address static DNS entry from "router" to "router.lan";
*) dhcp - added "debug" logs on MAC address change;
*) dhcpv4-server - fixed server state on interface change in Winbox and Webfig;
*) discovery - fixed timeouts for LLDP neighbours;
*) dns - remove all dynamic cache RRs of same type when adding static entry;
*) dude - fixed server crash;
*) ethernet - fixed forced 10Mbps full-duplex linking on 100Mbps Ethernet ports;
*) ethernet - fixed occasional broken interface order after reset/first boot;
*) ethernet - fixed rare linking problem with forced 10Mbps full-duplex mode;
*) export - added "terse" option;
*) export - added default "init-delay" setting for "/routerboard settings" menu;
*) export - added router model and serial number to configuration export;
*) export - fixed "/interface list" verbose export;
*) export - fixed "/ipv6 route" compact export;
*) export - fixed MPLS "dynamic-label-range" export;
*) export - fixed SNMP "src-address" for compact export;
*) fastpath - fixed router rebooting itself (introduced in 6.40rc24);
*) fastpath - improved performance when packets for slowpath are received;
*) fastpath - improved removing process of dynamic interface;
*) fetch - added "src-address" parameter for HTTP and HTTPS;
*) firewall - added "none-dynamic" and "none-static" options for "address-list-timeout" parameter (CLI only);
*) firewall - fixed cosmetic "inactive" flag when item was disabled;
*) firewall - removed unique address list name limit;
*) hAP ac lite - removed nonexistent "wlan-led";
*) hotspot - added "address-list" support in "walled-garden" IP section;
*) hotspot - require "dns-name" to contain "." symbol under Hotspot Server Profile configuration;
*) ike1 - added support for "framed-pool" RADIUS attribute;
*) ike1 - fixed minor memory leak on peer configuration change;
*) ike1 - kill phase1 instead of rekey if "mode-config" is used;
*) ike1 - removed SAs on DPD;
*) ike1 - send phase1 delete;
*) ike2 - added RADIUS attributes "Framed-Pool", "Framed-Ip-Address", "Framed-Ip-Netmask";
*) ike2 - added pfkey kernel return checks;
*) ike2 - added support for "Mikrotik_Address_List" RADIUS attribute;
*) ike2 - added support for "mode-config" static address;
*) ike2 - by default use "/24" netmask for peer IP address in split net;
*) ike2 - prefer traffic selector with "mode-config" address;
*) ipsec - added "firewall=add-notrack" peer option (CLI only);
*) ipsec - added information in console XML for "mode-config" menu;
*) ipsec - do not deduct "dst-address" from "sa-dst-address" for "/0" policies;
*) ipsec - enabled modp2048 DH group by default;
*) ipsec - fixed connections cleanup on policy or proposal modification;
*) ipsec - optimized logging under IPSec topic;
*) ipsec - removed policy priority;
*) l2tp - fixed handling of pre-authenticated L2TP sessions with CHAP authentication;
*) l2tp-server - added "one-session-per-host" option;
*) log - added "poe-out" topic;
*) log - improved "l2tp" logs;
*) log - optimized "wireless,info" topic logs;
*) log - work on false CPU/RAM overclocked alarms;
*) lte - added "accounting" logs for LTE connections;
*) lte - added additional driver support for DWR-910;
*) lte - added info command support for the Jaton LTE modem;
*) lte - added initial support for "NTT DoCoMo" modem;
*) lte - added support for Huawei E3531-6;
*) lte - improved SMS delivery report;
*) lte - improved reliability on SXT LTE;
*) metarouter - fixed display of bogus error message on startup;
*) modem - added support for ZTE TE W120;
*) modem - fixed info command when it is executed at the same time as modem restarts/disconnects;
*) ovpn - added support for "push-continuation";
*) ovpn - added support for topology subnet for IP mode;
*) ovpn - fixed duplicate default gateway presence when receiving extra routes;
*) ovpn - improved performance when receiving too many options;
*) packages - increased automatic download retry interval to 5 minutes if there is no free disk space;
*) ping - fixed ping getting stuck (after several thousands of ping attempts);
*) ppp - added initial support for ZTE K4203-Z;
*) ppp - added initial support for ZTE ME3630-E;
*) ppp - improved MLPPP packet forwarding performance;
*) ppp - use interface name instead of IP as default route gateway;
*) proxy - fixed potential crash;
*) proxy - fixed rare program crash after closing client connection;
*) quickset - added "Band" setting to "CPE" and "PTP CPE" modes;
*) quickset - added special firewall exception rules for IPSec;
*) quickset - fixed incorrect VPN address value on arm and tilera;
*) quickset - use active user name and permissions when applying changes;
*) rb750gr3 - fixed USB power;
*) routerboard - added "caps-mode" option for "reset-configuration" (CLI only);
*) routerboard - added "caps-mode-script" for default-configuration print;
*) routing - allow to disable "all" interface entry in BFD;
*) safe-mode - fixed session handling when Safe Mode is used on multiple sessions at the same time;
*) sms - decode reports in readable format;
*) snmp - added "ifindex" on interface traps;
*) snmp - added CAPsMAN interface statistics;
*) snmp - added ability to set "src-address";
*) snmp - fixed crash on interface table get;
*) snmp - fixed wireless interface walk table id ordering;
*) socks - fixed crash while processing many simultaneous sessions;
*) supout - fixed IPv6 firewall section;
*) tile - fixed copying large amount of text over serial console;
*) tr069-client - fixed lost HTTP header on authorization;
*) trafficgen - added "lost-ratio" to statistics;
*) ups - show correct "line-voltage" value for usbhid UPS devices;
*) userman - lookup language files also in "/flash" directory;
*) webfig - fixed wireless "scan-list" parameter not being saved after applying changes;
*) winbox - added "eap-identity" to CAPsMAN registration table;
*) winbox - added "no-dad" setting to IPv6 addresses;
*) winbox - added "reselect-channel" to CAPsMAN interfaces;
*) winbox - added "session-uptime" to LTE interface;
*) winbox - added "src-address-list" & "dst-address-list" to HotSpot Walled Garden;
*) winbox - added TR069 support;
*) winbox - fixed wireless interface "amsdu-threshold" max limit;
*) winbox - moved LTE info fields to status tab;
*) wireless - NAK any methods except MS-CHAPv2 as inner method in PEAP;
*) wireless - added option to change "nv2-downlink-ratio" for nv2 protocol;
*) wireless - added option to set "fixed-downlink" mode for nv2 protocol;
*) wireless - allow VirutalAP on Level0 (24h demo) license;
*) wireless - always use "multicast-helper" when DHCP is being used;
*) wireless - do not skip >2462 channels if interface is WDS slave;
*) wireless - fixed 802.11u wireless request processing;
*) wireless - fixed EAP PEAP success processing;
*) wireless - fixed compatibility with "AR5212" wireless chips;
*) wireless - fixed rare crash on cap disable;
*) wireless - fixed registration table "signal-strength" reporting for chains when using nv2;

Download the new 'RouterOS 6.40rc32' version here: https://www.mikrotik.com/download

RouterOS 6.40rc36 [Release candidate]

July 7, 2017, 5:17 am

≫ Next: RouterOS 6.40rc38 [Release candidate]

≪ Previous: RouterOS 6.40rc32 [Release candidate]

$

0

0

6.40rc36 changelog:

*) filesystem - improved error correcting process on tilera and RB1100Dx4 storage;
*) firewall - fixed bridge "action=log" rules;
*) health - fixed memory leak on devices that have "/system health" menu (introduced in 6.40rc30);
*) ikev1 - added log error message if netmask was not provided by "mode-config" server;
*) ipsec - added support for "key-id" peer identification type;
*) rb3011 - fixed packet passthrough on switch2 while booting;
*) sniffer - do not skip L2 packets when "all" interface mode was used;
*) snmp - fixed "/system resource cpu print oid" menu;
*) switch - fixed "loop-protect" on CRS SFP/SFP+ ports;
*) trafficgen - added "lost-ratio" to statistics;
*) vlan - do not delete existing VLAN interface on "failure: already have such vlan";
*) winbox - do not autoscale graphs outside known maximums;
*) winbox - hide LCD menu on CRS112-8G-4S;
*) winbox - show "/system health" only on boards that have health monitoring;
*) winbox - show "D" flag under "/interface mesh port" menu;

Other changes since 6.39.2:

!) wireless - added Nv2 AP synchronization feature (for experimental use)(CLI only);
*) btest - fixed crash when packet size has been changed during test;
*) capsman - added "current-registered-clients" and "current-authorized-clients" count for CAP interfaces;
*) capsman - fixed EAP identity reporting in "registration-table";
*) capsman - set minimal "caps-man-names" and "caps-man-certificate-common-names" length to 1 char;
*) certificate - added "crl-use" setting to disable CRL use (CLI only);
*) chr - fixed MAC address assignment when hot plugging NIC on XenServer;
*) chr - maximal system disk size now limited to 16GB;
*) conntrack - fixed IPv6 connection tracking enable/disable;
*) console - fixed different command auto complete on ;
*) crs212 - fixed Optech sfp-10G-tx module compatibility with SFP ports;
*) defconf - added IPv6 default firewall configuration (IPv6 package must be enabled on reset);
*) defconf - improved IPv4 default firewall configuration;
*) defconf - renamed 192.168.88.1 address static DNS entry from "router" to "router.lan";
*) dhcp - added "debug" logs on MAC address change;
*) dhcpv4-client - added "gateway-address" script parameter;
*) dhcpv4-server - fixed lease renew for DHCP clients that sends renewal with "ciaddr = 0.0.0.0";
*) dhcpv4-server - fixed server state on interface change in Winbox and Webfig;
*) discovery - fixed timeouts for LLDP neighbours;
*) dns - remove all dynamic cache RRs of same type when adding static entry;
*) dude - fixed server crash;
*) ethernet - fixed forced 10Mbps full-duplex linking on 100Mbps Ethernet ports;
*) ethernet - fixed occasional broken interface order after reset/first boot;
*) ethernet - fixed rare linking problem with forced 10Mbps full-duplex mode;
*) export - added "terse" option;
*) export - added default "init-delay" setting for "/routerboard settings" menu;
*) export - added router model and serial number to configuration export;
*) export - fixed "/interface list" verbose export;
*) export - fixed "/ipv6 route" compact export;
*) export - fixed MPLS "dynamic-label-range" export;
*) export - fixed SNMP "src-address" for compact export;
*) fastpath - fixed router rebooting itself (introduced in 6.40rc24);
*) fastpath - improved performance when packets for slowpath are received;
*) fastpath - improved removing process of dynamic interface;
*) fasttrack - fixed fasttrack over interfaces with dynamic MAC address;
*) fetch - added "src-address" parameter for HTTP and HTTPS;
*) firewall - added "none-dynamic" and "none-static" options for "address-list-timeout" parameter (CLI only);
*) firewall - fixed cosmetic "inactive" flag when item was disabled;
*) firewall - removed unique address list name limit;
*) hAP ac lite - removed nonexistent "wlan-led";
*) hotspot - added "address-list" support in "walled-garden" IP section;
*) hotspot - require "dns-name" to contain "." symbol under Hotspot Server Profile configuration;
*) ike1 - added support for "framed-pool" RADIUS attribute;
*) ike1 - fixed minor memory leak on peer configuration change;
*) ike1 - kill phase1 instead of rekey if "mode-config" is used;
*) ike1 - removed SAs on DPD;
*) ike1 - send phase1 delete;
*) ike2 - added RADIUS attributes "Framed-Pool", "Framed-Ip-Address", "Framed-Ip-Netmask";
*) ike2 - added pfkey kernel return checks;
*) ike2 - added support for "Mikrotik_Address_List" RADIUS attribute;
*) ike2 - added support for "mode-config" static address;
*) ike2 - by default use "/24" netmask for peer IP address in split net;
*) ike2 - prefer traffic selector with "mode-config" address;
*) ipsec - added "firewall=add-notrack" peer option (CLI only);
*) ipsec - added information in console XML for "mode-config" menu;
*) ipsec - do not deduct "dst-address" from "sa-dst-address" for "/0" policies;
*) ipsec - enabled modp2048 DH group by default;
*) ipsec - fixed connections cleanup on policy or proposal modification;
*) ipsec - optimized logging under IPSec topic;
*) ipsec - removed policy priority;
*) l2tp - fixed handling of pre-authenticated L2TP sessions with CHAP authentication;
*) l2tp-server - added "one-session-per-host" option;
*) log - added "poe-out" topic;
*) log - improved "l2tp" logs;
*) log - optimized "wireless,info" topic logs;
*) log - work on false CPU/RAM overclocked alarms;
*) lte - added "accounting" logs for LTE connections;
*) lte - added additional driver support for DWR-910;
*) lte - added info command support for the Jaton LTE modem;
*) lte - added initial support for "NTT DoCoMo" modem;
*) lte - added support for Huawei E3531-6;
*) lte - improved SMS delivery report;
*) lte - improved reliability on SXT LTE;
*) metarouter - fixed display of bogus error message on startup;
*) modem - added support for ZTE TE W120;
*) modem - fixed info command when it is executed at the same time as modem restarts/disconnects;
*) ovpn - added support for "push-continuation";
*) ovpn - added support for topology subnet for IP mode;
*) ovpn - fixed duplicate default gateway presence when receiving extra routes;
*) ovpn - improved performance when receiving too many options;
*) packages - increased automatic download retry interval to 5 minutes if there is no free disk space;
*) ping - fixed ping getting stuck (after several thousands of ping attempts);
*) ppp - added initial support for ZTE K4203-Z;
*) ppp - added initial support for ZTE ME3630-E;
*) ppp - improved MLPPP packet forwarding performance;
*) ppp - use interface name instead of IP as default route gateway;
*) proxy - fixed potential crash;
*) proxy - fixed rare program crash after closing client connection;
*) quickset - added "Band" setting to "CPE" and "PTP CPE" modes;
*) quickset - added special firewall exception rules for IPSec;
*) quickset - fixed incorrect VPN address value on arm and tilera;
*) quickset - use active user name and permissions when applying changes;
*) rb750gr3 - fixed USB power;
*) routerboard - added "caps-mode" option for "reset-configuration" (CLI only);
*) routerboard - added "caps-mode-script" for default-configuration print;
*) routing - allow to disable "all" interface entry in BFD;
*) safe-mode - fixed session handling when Safe Mode is used on multiple sessions at the same time;
*) sms - decode reports in readable format;
*) snmp - added "ifindex" on interface traps;
*) snmp - added CAPsMAN interface statistics;
*) snmp - added ability to set "src-address";
*) snmp - fixed crash on interface table get;
*) snmp - fixed wireless interface walk table id ordering;
*) socks - fixed crash while processing many simultaneous sessions;
*) supout - fixed IPv6 firewall section;
*) tile - fixed copying large amount of text over serial console;
*) tr069-client - fixed lost HTTP header on authorization;
*) ups - show correct "line-voltage" value for usbhid UPS devices;
*) userman - lookup language files also in "/flash" directory;
*) webfig - fixed wireless "scan-list" parameter not being saved after applying changes;
*) winbox - added "eap-identity" to CAPsMAN registration table;
*) winbox - added "no-dad" setting to IPv6 addresses;
*) winbox - added "reselect-channel" to CAPsMAN interfaces;
*) winbox - added "session-uptime" to LTE interface;
*) winbox - added "src-address-list" & "dst-address-list" to HotSpot Walled Garden;
*) winbox - added TR069 support;
*) winbox - fixed wireless interface "amsdu-threshold" max limit;
*) winbox - moved LTE info fields to status tab;
*) wireless - NAK any methods except MS-CHAPv2 as inner method in PEAP;
*) wireless - added option to change "nv2-downlink-ratio" for nv2 protocol;
*) wireless - added option to set "fixed-downlink" mode for nv2 protocol;
*) wireless - allow VirutalAP on Level0 (24h demo) license;
*) wireless - always use "multicast-helper" when DHCP is being used;
*) wireless - do not skip >2462 channels if interface is WDS slave;
*) wireless - fixed 802.11u wireless request processing;
*) wireless - fixed EAP PEAP success processing;
*) wireless - fixed compatibility with "AR5212" wireless chips;
*) wireless - fixed rare crash on cap disable;
*) wireless - fixed registration table "signal-strength" reporting for chains when using nv2;

Download the new 'RouterOS 6.40rc36' version here: https://www.mikrotik.com/download

RouterOS 6.40rc38 [Release candidate]

July 12, 2017, 2:48 am

≫ Next: RouterOS 6.40rc41 [Release candidate]

≪ Previous: RouterOS 6.40rc36 [Release candidate]

$

0

0

6.40rc38 changelog:

*) certificate - update and reload old certificate with new one if SKID matches;
*) email - added support for multiple attachments;
*) firewall - added "none-dynamic" and "none-static" options for "address-list-timeout" parameter;
*) firewall - fixed crash on fasttrack dummy rule manual change attempt;
*) ikev2 - fixed duplicate policy checking with "0.0.0.0/0" policies;
*) lte - added initial fastpath support (except SXT LTE and Sierra modems);
*) mmips - added support for NVME disks;
*) ppp - added output values for "info" command for finding the GSM base station's location ("LAC" and "IMSI");
*) ppp - fixed "user-command" output;
*) quickset - simplified LTE status monitoring;
*) rb1100ahx4 - fixed startup problems (requires additional reboot after upgrade);
*) ssl - added Wildcard support for "left-most" DNS label (will allow to use signed Wildcard certificate on VPN servers);
*) userman - do not send disconnect request for user when "simultaneous session limit reached";
*) userman - added "/tool user-manager user clear-profiles" command;

Other changes since 6.39.2:

!) bridge - implemented software based "igmp-snooping" (untested, undocumented, CLI only);
!) bridge - implemented software based MSTP (untested, undocumented, CLI only);
!) bridge - implemented software based vlan-aware bridges;
!) switch - "master-port" conversion into a bridge with hardware offload "hw" option (undocumented, CLI only);
!) switch - CRS3xx switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
!) wireless - added Nv2 AP synchronization feature (for experimental use)(CLI only);
*) btest - fixed crash when packet size has been changed during test;
*) capsman - added "current-registered-clients" and "current-authorized-clients" count for CAP interfaces;
*) capsman - fixed EAP identity reporting in "registration-table";
*) capsman - set minimal "caps-man-names" and "caps-man-certificate-common-names" length to 1 char;
*) certificate - added "crl-use" setting to disable CRL use (CLI only);
*) chr - fixed MAC address assignment when hot plugging NIC on XenServer;
*) chr - maximal system disk size now limited to 16GB;
*) conntrack - fixed IPv6 connection tracking enable/disable;
*) console - fixed different command auto complete on ;
*) crs212 - fixed Optech sfp-10G-tx module compatibility with SFP ports;
*) defconf - added IPv6 default firewall configuration (IPv6 package must be enabled on reset);
*) defconf - improved IPv4 default firewall configuration;
*) defconf - renamed 192.168.88.1 address static DNS entry from "router" to "router.lan";
*) dhcp - added "debug" logs on MAC address change;
*) dhcpv4-client - added "gateway-address" script parameter;
*) dhcpv4-server - fixed lease renew for DHCP clients that sends renewal with "ciaddr = 0.0.0.0";
*) dhcpv4-server - fixed server state on interface change in Winbox and Webfig;
*) discovery - fixed timeouts for LLDP neighbours;
*) dns - remove all dynamic cache RRs of same type when adding static entry;
*) dude - fixed server crash;
*) ethernet - fixed forced 10Mbps full-duplex linking on 100Mbps Ethernet ports;
*) ethernet - fixed occasional broken interface order after reset/first boot;
*) ethernet - fixed rare linking problem with forced 10Mbps full-duplex mode;
*) export - added "terse" option;
*) export - added default "init-delay" setting for "/routerboard settings" menu;
*) export - added router model and serial number to configuration export;
*) export - fixed "/interface list" verbose export;
*) export - fixed "/ipv6 route" compact export;
*) export - fixed MPLS "dynamic-label-range" export;
*) export - fixed SNMP "src-address" for compact export;
*) fastpath - fixed router rebooting itself (introduced in 6.40rc24);
*) fastpath - improved performance when packets for slowpath are received;
*) fastpath - improved removing process of dynamic interface;
*) fasttrack - fixed fasttrack over interfaces with dynamic MAC address;
*) fetch - added "src-address" parameter for HTTP and HTTPS;
*) filesystem - improved error correcting process on tilera and RB1100Dx4 storage;
*) firewall - fixed bridge "action=log" rules;
*) firewall - fixed cosmetic "inactive" flag when item was disabled;
*) firewall - removed unique address list name limit;
*) hAP ac lite - removed nonexistent "wlan-led";
*) health - fixed memory leak on devices that have "/system health" menu (introduced in 6.40rc30);
*) hotspot - added "address-list" support in "walled-garden" IP section;
*) hotspot - require "dns-name" to contain "." symbol under Hotspot Server Profile configuration;
*) ike1 - added support for "framed-pool" RADIUS attribute;
*) ike1 - fixed minor memory leak on peer configuration change;
*) ike1 - kill phase1 instead of rekey if "mode-config" is used;
*) ike1 - removed SAs on DPD;
*) ike1 - send phase1 delete;
*) ike2 - added RADIUS attributes "Framed-Pool", "Framed-Ip-Address", "Framed-Ip-Netmask";
*) ike2 - added pfkey kernel return checks;
*) ike2 - added support for "Mikrotik_Address_List" RADIUS attribute;
*) ike2 - added support for "mode-config" static address;
*) ike2 - by default use "/24" netmask for peer IP address in split net;
*) ike2 - prefer traffic selector with "mode-config" address;
*) ikev1 - added log error message if netmask was not provided by "mode-config" server;
*) ipsec - added "firewall=add-notrack" peer option (CLI only);
*) ipsec - added information in console XML for "mode-config" menu;
*) ipsec - added support for "key-id" peer identification type;
*) ipsec - do not deduct "dst-address" from "sa-dst-address" for "/0" policies;
*) ipsec - enabled modp2048 DH group by default;
*) ipsec - fixed connections cleanup on policy or proposal modification;
*) ipsec - optimized logging under IPSec topic;
*) ipsec - removed policy priority;
*) l2tp - fixed handling of pre-authenticated L2TP sessions with CHAP authentication;
*) l2tp-server - added "one-session-per-host" option;
*) log - added "poe-out" topic;
*) log - improved "l2tp" logs;
*) log - optimized "wireless,info" topic logs;
*) log - work on false CPU/RAM overclocked alarms;
*) lte - added "accounting" logs for LTE connections;
*) lte - added additional driver support for DWR-910;
*) lte - added info command support for the Jaton LTE modem;
*) lte - added initial support for "NTT DoCoMo" modem;
*) lte - added support for Huawei E3531-6;
*) lte - improved SMS delivery report;
*) lte - improved reliability on SXT LTE;
*) metarouter - fixed display of bogus error message on startup;
*) modem - added support for ZTE TE W120;
*) modem - fixed info command when it is executed at the same time as modem restarts/disconnects;
*) ovpn - added support for "push-continuation";
*) ovpn - added support for topology subnet for IP mode;
*) ovpn - fixed duplicate default gateway presence when receiving extra routes;
*) ovpn - improved performance when receiving too many options;
*) packages - increased automatic download retry interval to 5 minutes if there is no free disk space;
*) ping - fixed ping getting stuck (after several thousands of ping attempts);
*) ppp - added initial support for ZTE K4203-Z;
*) ppp - added initial support for ZTE ME3630-E;
*) ppp - improved MLPPP packet forwarding performance;
*) ppp - use interface name instead of IP as default route gateway;
*) proxy - fixed potential crash;
*) proxy - fixed rare program crash after closing client connection;
*) quickset - added "Band" setting to "CPE" and "PTP CPE" modes;
*) quickset - added special firewall exception rules for IPSec;
*) quickset - fixed incorrect VPN address value on arm and tilera;
*) quickset - use active user name and permissions when applying changes;
*) rb3011 - fixed packet passthrough on switch2 while booting;
*) rb750gr3 - fixed USB power;
*) routerboard - added "caps-mode" option for "reset-configuration" (CLI only);
*) routerboard - added "caps-mode-script" for default-configuration print;
*) routing - allow to disable "all" interface entry in BFD;
*) safe-mode - fixed session handling when Safe Mode is used on multiple sessions at the same time;
*) sms - decode reports in readable format;
*) sniffer - do not skip L2 packets when "all" interface mode was used;
*) snmp - added "ifindex" on interface traps;
*) snmp - added CAPsMAN interface statistics;
*) snmp - added ability to set "src-address";
*) snmp - fixed "/system resource cpu print oid" menu;
*) snmp - fixed crash on interface table get;
*) snmp - fixed wireless interface walk table id ordering;
*) socks - fixed crash while processing many simultaneous sessions;
*) supout - fixed IPv6 firewall section;
*) switch - fixed "loop-protect" on CRS SFP/SFP+ ports;
*) tile - fixed copying large amount of text over serial console;
*) tr069-client - fixed lost HTTP header on authorization;
*) trafficgen - added "lost-ratio" to statistics;
*) ups - show correct "line-voltage" value for usbhid UPS devices;
*) userman - lookup language files also in "/flash" directory;
*) vlan - do not delete existing VLAN interface on "failure: already have such vlan";
*) webfig - fixed wireless "scan-list" parameter not being saved after applying changes;
*) winbox - added "eap-identity" to CAPsMAN registration table;
*) winbox - added "no-dad" setting to IPv6 addresses;
*) winbox - added "reselect-channel" to CAPsMAN interfaces;
*) winbox - added "session-uptime" to LTE interface;
*) winbox - added "src-address-list" & "dst-address-list" to HotSpot Walled Garden;
*) winbox - added TR069 support;
*) winbox - do not autoscale graphs outside known maximums;
*) winbox - fixed wireless interface "amsdu-threshold" max limit;
*) winbox - hide LCD menu on CRS112-8G-4S;
*) winbox - moved LTE info fields to status tab;
*) winbox - show "/system health" only on boards that have health monitoring;
*) winbox - show "D" flag under "/interface mesh port" menu;
*) wireless - NAK any methods except MS-CHAPv2 as inner method in PEAP;
*) wireless - added option to change "nv2-downlink-ratio" for nv2 protocol;
*) wireless - added option to set "fixed-downlink" mode for nv2 protocol;
*) wireless - allow VirutalAP on Level0 (24h demo) license;
*) wireless - always use "multicast-helper" when DHCP is being used;
*) wireless - do not skip >2462 channels if interface is WDS slave;
*) wireless - fixed 802.11u wireless request processing;
*) wireless - fixed EAP PEAP success processing;
*) wireless - fixed compatibility with "AR5212" wireless chips;
*) wireless - fixed rare crash on cap disable;
*) wireless - fixed registration table "signal-strength" reporting for chains when using nv2;

Download the new 'RouterOS 6.40rc38' version here: https://www.mikrotik.com/download

RouterOS 6.40rc41 [Release candidate]

July 17, 2017, 5:36 am

≫ Next: RouterOS 6.40 [Current]

≪ Previous: RouterOS 6.40rc38 [Release candidate]

$

0

0

6.40rc41 changelog:

*) bonding - fixed 802.3ad mode on RB1100AHx4;
*) export - fixed export to a file (introduced in v6.40rc39);
*) hotspot - added "address-list" support in "walled-garden" IP section;
*) hotspot - fixed firewall accept rules created by "/ip hotspot walled garden ip" (introduced in v6.40rc18);
*) ike1 - create tunnel policy when no split net provided;
*) ike1 - wait for cfg set reply before ph2 creation with xAuth;
*) ipsec - allow to specify chain in "firewall" peer option;
*) ppp - fixed non-standard PAP or CHAP packet handling;
*) pppoe-server - fixed situation when some of 100+ pppoe-servers can become invalid on reboot;
*) routerboard - added "caps-mode" option for "reset-configuration";
*) sfp - fixed invalid temperature reporting when ambient temperature is less than 0;
*) winbox - make IPSec policies table an order list;
*) winbox - show "/interface wireless cap print" warnings;

Other changes since 6.39.2:

*) btest - fixed crash when packet size has been changed during test;
*) capsman - added "current-registered-clients" and "current-authorized-clients" count for CAP interfaces;
*) capsman - fixed EAP identity reporting in "registration-table";
*) capsman - set minimal "caps-man-names" and "caps-man-certificate-common-names" length to 1 char;
*) certificate - added "crl-use" setting to disable CRL use (CLI only);
*) certificate - update and reload old certificate with new one if SKID matches;
*) chr - fixed MAC address assignment when hot plugging NIC on XenServer;
*) chr - maximal system disk size now limited to 16GB;
*) conntrack - fixed IPv6 connection tracking enable/disable;
*) console - fixed different command auto complete on ;
*) crs212 - fixed Optech sfp-10G-tx module compatibility with SFP ports;
*) defconf - added IPv6 default firewall configuration (IPv6 package must be enabled on reset);
*) defconf - improved IPv4 default firewall configuration;
*) defconf - renamed 192.168.88.1 address static DNS entry from "router" to "router.lan";
*) dhcp - added "debug" logs on MAC address change;
*) dhcpv4-client - added "gateway-address" script parameter;
*) dhcpv4-server - fixed lease renew for DHCP clients that sends renewal with "ciaddr = 0.0.0.0";
*) dhcpv4-server - fixed server state on interface change in Winbox and Webfig;
*) discovery - fixed timeouts for LLDP neighbours;
*) dns - remove all dynamic cache RRs of same type when adding static entry;
*) dude - fixed server crash;
*) email - added support for multiple attachments;
*) ethernet - fixed forced 10Mbps full-duplex linking on 100Mbps Ethernet ports;
*) ethernet - fixed occasional broken interface order after reset/first boot;
*) ethernet - fixed rare linking problem with forced 10Mbps full-duplex mode;
*) export - added "terse" option;
*) export - added default "init-delay" setting for "/routerboard settings" menu;
*) export - added router model and serial number to configuration export;
*) export - fixed "/interface list" verbose export;
*) export - fixed "/ipv6 route" compact export;
*) export - fixed MPLS "dynamic-label-range" export;
*) export - fixed SNMP "src-address" for compact export;
*) fastpath - improved performance when packets for slowpath are received;
*) fastpath - improved removing process of dynamic interface;
*) fasttrack - fixed fasttrack over interfaces with dynamic MAC address;
*) fetch - added "src-address" parameter for HTTP and HTTPS;
*) filesystem - improved error correcting process on tilera and RB1100Dx4 storage;
*) firewall - added "none-dynamic" and "none-static" options for "address-list-timeout" parameter;
*) firewall - fixed bridge "action=log" rules;
*) firewall - fixed cosmetic "inactive" flag when item was disabled;
*) firewall - fixed crash on fasttrack dummy rule manual change attempt;
*) firewall - removed unique address list name limit;
*) hAP ac lite - removed nonexistent "wlan-led";
*) hotspot - require "dns-name" to contain "." symbol under Hotspot Server Profile configuration;
*) ike1 - added log error message if netmask was not provided by "mode-config" server;
*) ike1 - added support for "framed-pool" RADIUS attribute;
*) ike1 - fixed minor memory leak on peer configuration change;
*) ike1 - kill phase1 instead of rekey if "mode-config" is used;
*) ike1 - removed SAs on DPD;
*) ike1 - send phase1 delete;
*) ike2 - added RADIUS attributes "Framed-Pool", "Framed-Ip-Address", "Framed-Ip-Netmask";
*) ike2 - added pfkey kernel return checks;
*) ike2 - added support for "Mikrotik_Address_List" RADIUS attribute;
*) ike2 - added support for "mode-config" static address;
*) ike2 - by default use "/24" netmask for peer IP address in split net;
*) ike2 - fixed duplicate policy checking with "0.0.0.0/0" policies;
*) ike2 - prefer traffic selector with "mode-config" address;
*) ipsec - added "firewall=add-notrack" peer option (CLI only);
*) ipsec - added information in console XML for "mode-config" menu;
*) ipsec - added support for "key-id" peer identification type;
*) ipsec - do not deduct "dst-address" from "sa-dst-address" for "/0" policies;
*) ipsec - enabled modp2048 DH group by default;
*) ipsec - fixed connections cleanup on policy or proposal modification;
*) ipsec - optimized logging under IPSec topic;
*) ipsec - removed policy priority;
*) l2tp - fixed handling of pre-authenticated L2TP sessions with CHAP authentication;
*) l2tp-server - added "one-session-per-host" option;
*) log - added "poe-out" topic;
*) log - improved "l2tp" logs;
*) log - optimized "wireless,info" topic logs;
*) log - work on false CPU/RAM overclocked alarms;
*) lte - added "accounting" logs for LTE connections;
*) lte - added additional driver support for DWR-910;
*) lte - added info command support for the Jaton LTE modem;
*) lte - added initial fastpath support (except SXT LTE and Sierra modems);
*) lte - added initial support for "NTT DoCoMo" modem;
*) lte - added support for Huawei E3531-6;
*) lte - improved SMS delivery report;
*) lte - improved reliability on SXT LTE;
*) metarouter - fixed display of bogus error message on startup;
*) mmips - added support for NVME disks;
*) modem - added support for ZTE TE W120;
*) modem - fixed info command when it is executed at the same time as modem restarts/disconnects;
*) ovpn - added support for "push-continuation";
*) ovpn - added support for topology subnet for IP mode;
*) ovpn - fixed duplicate default gateway presence when receiving extra routes;
*) ovpn - improved performance when receiving too many options;
*) packages - increased automatic download retry interval to 5 minutes if there is no free disk space;
*) ping - fixed ping getting stuck (after several thousands of ping attempts);
*) ppp - added initial support for ZTE K4203-Z;
*) ppp - added initial support for ZTE ME3630-E;
*) ppp - added output values for "info" command for finding the GSM base station's location ("LAC" and "IMSI");
*) ppp - fixed "user-command" output;
*) ppp - improved MLPPP packet forwarding performance;
*) ppp - use interface name instead of IP as default route gateway;
*) proxy - fixed potential crash;
*) proxy - fixed rare program crash after closing client connection;
*) quickset - added "Band" setting to "CPE" and "PTP CPE" modes;
*) quickset - added special firewall exception rules for IPSec;
*) quickset - fixed incorrect VPN address value on arm and tilera;
*) quickset - simplified LTE status monitoring;
*) quickset - use active user name and permissions when applying changes;
*) rb1100ahx4 - fixed startup problems (requires additional reboot after upgrade);
*) rb3011 - fixed packet passthrough on switch2 while booting;
*) rb750gr3 - fixed USB power;
*) routerboard - added "caps-mode-script" for default-configuration print;
*) routing - allow to disable "all" interface entry in BFD;
*) safe-mode - fixed session handling when Safe Mode is used on multiple sessions at the same time;
*) sms - decode reports in readable format;
*) sniffer - do not skip L2 packets when "all" interface mode was used;
*) snmp - added "ifindex" on interface traps;
*) snmp - added CAPsMAN interface statistics;
*) snmp - added ability to set "src-address";
*) snmp - fixed "/system resource cpu print oid" menu;
*) snmp - fixed crash on interface table get;
*) snmp - fixed wireless interface walk table id ordering;
*) socks - fixed crash while processing many simultaneous sessions;
*) ssl - added Wildcard support for "left-most" DNS label (will allow to use signed Wildcard certificate on VPN servers);
*) supout - fixed IPv6 firewall section;
*) switch - fixed "loop-protect" on CRS SFP/SFP+ ports;
*) tile - fixed copying large amount of text over serial console;
*) tr069-client - fixed lost HTTP header on authorization;
*) trafficgen - added "lost-ratio" to statistics;
*) ups - show correct "line-voltage" value for usbhid UPS devices;
*) userman - added "/tool user-manager user clear-profiles" command;
*) userman - do not send disconnect request for user when "simultaneous session limit reached";
*) userman - lookup language files also in "/flash" directory;
*) vlan - do not delete existing VLAN interface on "failure: already have such vlan";
*) webfig - fixed wireless "scan-list" parameter not being saved after applying changes;
*) winbox - added "eap-identity" to CAPsMAN registration table;
*) winbox - added "no-dad" setting to IPv6 addresses;
*) winbox - added "reselect-channel" to CAPsMAN interfaces;
*) winbox - added "session-uptime" to LTE interface;
*) winbox - added "src-address-list" & "dst-address-list" to HotSpot Walled Garden;
*) winbox - added TR069 support;
*) winbox - do not autoscale graphs outside known maximums;
*) winbox - fixed wireless interface "amsdu-threshold" max limit;
*) winbox - hide LCD menu on CRS112-8G-4S;
*) winbox - moved LTE info fields to status tab;
*) winbox - show "/system health" only on boards that have health monitoring;
*) winbox - show "D" flag under "/interface mesh port" menu;
*) wireless - NAK any methods except MS-CHAPv2 as inner method in PEAP;
*) wireless - added option to change "nv2-downlink-ratio" for nv2 protocol;
*) wireless - added option to set "fixed-downlink" mode for nv2 protocol;
*) wireless - allow VirutalAP on Level0 (24h demo) license;
*) wireless - always use "multicast-helper" when DHCP is being used;
*) wireless - do not skip >2462 channels if interface is WDS slave;
*) wireless - fixed 802.11u wireless request processing;
*) wireless - fixed EAP PEAP success processing;
*) wireless - fixed compatibility with "AR5212" wireless chips;
*) wireless - fixed rare crash on cap disable;
*) wireless - fixed registration table "signal-strength" reporting for chains when using nv2;

Download the new 'RouterOS 6.40rc41' version here: https://www.mikrotik.com/download

---

RouterOS 6.40 [Current]

July 26, 2017, 3:21 am

≫ Next: RouterOS 6.41rc3 [Release candidate]

≪ Previous: RouterOS 6.40rc41 [Release candidate]

$

0

0

6.40 changelog:

*) bonding - fixed 802.3ad mode on RB1100AHx4;
*) btest - fixed crash when packet size has been changed during test;
*) capsman - added "current-registered-clients" and "current-authorized-clients" count for CAP interfaces;
*) capsman - fixed EAP identity reporting in "registration-table";
*) capsman - set minimal "caps-man-names" and "caps-man-certificate-common-names" length to 1 char;
*) certificate - added "crl-use" setting to disable CRL use (CLI only);
*) certificate - update and reload old certificate with new one if SKID matches;
*) chr - fixed MAC address assignment when hot plugging NIC on XenServer;
*) chr - maximal system disk size now limited to 16GB;
*) conntrack - fixed IPv6 connection tracking enable/disable;
*) console - fixed different command auto complete on ;
*) crs212 - fixed Optech sfp-10G-tx module compatibility with SFP ports;
*) defconf - added IPv6 default firewall configuration (IPv6 package must be enabled on reset);
*) defconf - improved IPv4 default firewall configuration;
*) defconf - renamed 192.168.88.1 address static DNS entry from "router" to "router.lan";
*) dhcp - added "debug" logs on MAC address change;
*) dhcpv4-client - added "gateway-address" script parameter;
*) dhcpv4-server - fixed lease renew for DHCP clients that sends renewal with "ciaddr = 0.0.0.0";
*) dhcpv4-server - fixed server state on interface change in Winbox and Webfig;
*) discovery - fixed timeouts for LLDP neighbours;
*) dns - remove all dynamic cache RRs of same type when adding static entry;
*) dude - fixed server crash;
*) email - added support for multiple attachments;
*) ethernet - fixed occasional broken interface order after reset/first boot;
*) ethernet - fixed rare linking problem with forced 10Mbps full-duplex mode;
*) export - added "terse" option;
*) export - added default "init-delay" setting for "/routerboard settings" menu;
*) export - added router model and serial number to configuration export;
*) export - fixed "/interface list" verbose export;
*) export - fixed "/ipv6 route" compact export;
*) export - fixed MPLS "dynamic-label-range" export;
*) export - fixed SNMP "src-address" for compact export;
*) fastpath - improved performance when packets for slowpath are received;
*) fastpath - improved process of removing dynamic interfaces;
*) fasttrack - fixed fasttrack over interfaces with dynamic MAC address;
*) fetch - added "src-address" parameter for HTTP and HTTPS;
*) filesystem - improved error correcting process on tilera and RB1100AHx4 storage;
*) firewall - added "none-dynamic" and "none-static" options for "address-list-timeout" parameter;
*) firewall - fixed bridge "action=log" rules;
*) firewall - fixed cosmetic "inactive" flag when item was disabled;
*) firewall - fixed crash on fasttrack dummy rule manual change attempt;
*) firewall - removed unique address list name limit;
*) hAP ac lite - removed nonexistent "wlan-led";
*) hotspot - added "address-list" support in "walled-garden" IP section;
*) hotspot - require "dns-name" to contain "." symbol under Hotspot Server Profile configuration;
*) ike1 - added log error message if netmask was not provided by "mode-config" server;
*) ike1 - added support for "framed-pool" RADIUS attribute;
*) ike1 - create tunnel policy when no split net provided;
*) ike1 - fixed minor memory leak on peer configuration change;
*) ike1 - kill phase1 instead of rekey if "mode-config" is used;
*) ike1 - removed SAs on DPD;
*) ike1 - send phase1 delete;
*) ike1 - wait for cfg set reply before ph2 creation with xAuth;
*) ike2 - added RADIUS attributes "Framed-Pool", "Framed-Ip-Address", "Framed-Ip-Netmask";
*) ike2 - added pfkey kernel return checks;
*) ike2 - added support for "Mikrotik_Address_List" RADIUS attribute;
*) ike2 - added support for "mode-config" static address;
*) ike2 - by default use "/24" netmask for peer IP address in split net;
*) ike2 - fixed duplicate policy checking with "0.0.0.0/0" policies;
*) ike2 - prefer traffic selector with "mode-config" address;
*) ipsec - added "firewall=add-notrack" peer option (CLI only);
*) ipsec - added information in console XML for "mode-config" menu;
*) ipsec - added support for "key-id" peer identification type;
*) ipsec - allow to specify chain in "firewall" peer option;
*) ipsec - do not deduct "dst-address" from "sa-dst-address" for "/0" policies;
*) ipsec - enabled modp2048 DH group by default;
*) ipsec - fixed connections cleanup on policy or proposal modification;
*) ipsec - optimized logging under IPSec topic;
*) ipsec - removed policy priority;
*) l2tp - fixed handling of pre-authenticated L2TP sessions with CHAP authentication;
*) l2tp-server - added "one-session-per-host" option;
*) log - added "poe-out" topic;
*) log - improved "l2tp" logs;
*) log - optimized "wireless,info" topic logs;
*) log - work on false CPU/RAM overclocked alarms;
*) lte - added "accounting" logs for LTE connections;
*) lte - added additional driver support for DWR-910;
*) lte - added info command support for the Jaton LTE modem;
*) lte - added initial support for "NTT DoCoMo" modem;
*) lte - added support for Huawei E3531-6;
*) lte - added support for ZTE TE W120;
*) lte - fixed info command when it is executed at the same time as modem restarts/disconnects;
*) lte - improved SMS delivery report;
*) lte - improved reliability on SXT LTE;
*) metarouter - fixed display of bogus error message on startup;
*) mmips - added support for NVME disks;
*) ovpn - added support for "push-continuation";
*) ovpn - added support for topology subnet for IP mode;
*) ovpn - fixed duplicate default gateway presence when receiving extra routes;
*) ovpn - improved performance when receiving too many options;
*) packages - increased automatic download retry interval to 5 minutes if there is no free disk space;
*) ping - fixed ping getting stuck (after several thousands of ping attempts);
*) ppp - added initial support for ZTE K4203-Z and ME3630-E;
*) ppp - added output values for "info" command for finding the GSM base station's location ("LAC" and "IMSI");
*) ppp - fixed "user-command" output;
*) ppp - fixed non-standart PAP or CHAP packet handling;
*) ppp - improved MLPPP packet forwarding performance;
*) ppp - use interface name instead of IP as default route gateway;
*) proxy - fixed potential crash;
*) proxy - fixed rare program crash after closing client connection;
*) quickset - added "Band" setting to "CPE" and "PTP CPE" modes;
*) quickset - added special firewall exception rules for IPSec;
*) quickset - fixed incorrect VPN address value on arm and tilera;
*) quickset - simplified LTE status monitoring;
*) quickset - use active user name and permissions when applying changes;
*) rb1100ahx4 - fixed startup problems (requires additional reboot after upgrade);
*) rb3011 - fixed packet passthrough on switch2 while booting;
*) rb750gr3 - fixed USB power;
*) routerboard - added "caps-mode" option for "reset-configuration";
*) routerboard - added "caps-mode-script" for default-configuration print;
*) routing - allow to disable "all" interface entry in BFD;
*) safe-mode - fixed session handling when Safe Mode is used on multiple sessions at the same time;
*) sfp - fixed invalid temperature reporting when ambient temperature is less than 0;
*) sms - decode reports in readable format;
*) sniffer - do not skip L2 packets when "all" interface mode was used;
*) snmp - added "ifindex" on interface traps;
*) snmp - added CAPsMAN interface statistics;
*) snmp - added ability to set "src-address";
*) snmp - fixed "/system resource cpu print oid" menu;
*) snmp - fixed crash on interface table get;
*) snmp - fixed wireless interface walk table id ordering;
*) socks - fixed crash while processing many simultaneous sessions;
*) ssl - added Wildcard support for "left-most" DNS label (will allow to use signed Wildcard certificate on VPN servers);
*) supout - fixed IPv6 firewall section;
*) switch - fixed "loop-protect" on CRS SFP/SFP+ ports;
*) switch - fixed multicast forwarding on CRS326;
*) tile - fixed copying large amount of text over serial console;
*) tr069-client - fixed lost HTTP header on authorization;
*) trafficgen - added "lost-ratio" to statistics;
*) ups - show correct "line-voltage" value for usbhid UPS devices;
*) userman - added "/tool user-manager user clear-profiles" command;
*) userman - do not send disconnect request for user when "simultaneous session limit reached";
*) userman - lookup language files also in "/flash" directory;
*) vlan - do not delete existing VLAN interface on "failure: already have such vlan";
*) webfig - fixed wireless "scan-list" parameter not being saved after applying changes;
*) winbox - added "eap-identity" to CAPsMAN registration table;
*) winbox - added "no-dad" setting to IPv6 addresses;
*) winbox - added "reselect-channel" to CAPsMAN interfaces;
*) winbox - added "session-uptime" to LTE interface;
*) winbox - added TR069 support;
*) winbox - do not autoscale graphs outside known maximums;
*) winbox - fixed wireless interface "amsdu-threshold" max limit;
*) winbox - hide LCD menu on CRS112-8G-4S;
*) winbox - make IPSec policies table an order list;
*) winbox - moved LTE info fields to status tab;
*) winbox - show "/interface wireless cap print" warnings;
*) winbox - show "/system health" only on boards that have health monitoring;
*) winbox - show "D" flag under "/interface mesh port" menu;
*) wireless - NAK any methods except MS-CHAPv2 as inner method in PEAP;
*) wireless - added option to change "nv2-downlink-ratio" for nv2 protocol;
*) wireless - added option to set "fixed-downlink" mode for nv2 protocol;
*) wireless - allow VirutalAP on Level0 (24h demo) license;
*) wireless - always use "multicast-helper" when DHCP is being used;
*) wireless - do not skip >2462 channels if interface is WDS slave;
*) wireless - fixed 802.11u wireless request processing;
*) wireless - fixed EAP PEAP success processing;
*) wireless - fixed compatibility with "AR5212" wireless chips;
*) wireless - fixed rare crash on cap disable;
*) wireless - fixed registration table "signal-strength" reporting for chains when using nv2;

Download the new 'RouterOS 6.40' version here: https://www.mikrotik.com/download

RouterOS 6.41rc3 [Release candidate]

July 26, 2017, 4:36 am

≫ Next: RouterOS 6.41rc4 [Release candidate]

≪ Previous: RouterOS 6.40 [Current]

$

0

0

6.41rc3 changelog:

*) CRS3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) bonding - improved relialibility on bonding interface removal;
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - implemented software based "igmp-snooping" (CLI only);
*) bridge - implemented software based MSTP (CLI only);
*) bridge - removed "frame-types" and "ingress-filtering" for bridge interfaces (introduced in v6.40rc36);
*) certificate - show "Expired" flag when initial CRL fetch fails;
*) e-mail - do not show errors when sending e-mail from script;
*) firewall - properly remove "address-list" entry after timeout ends;
*) hotspot - improved user statistics collection process;
*) interface - improved interface state change handling when multiple interfaces are affected at the same time;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) lte - allow to specify the MAC address for passthrough mode;
*) ppp - added client support for Sierra MC7750;
*) rb2011 - fixed possible LCD blinking along with Ethernet LED;
*) rb922 - restored missing wireless interface on some boards;
*) sftp - added functionality which imports ".auto.rsc" file or reboots router on ".auto.npk" upload;
*) trafficgen - fixed "lost-ratio" showing incorrect statistics after multiple sequences;

Download the new 'RouterOS 6.41rc3' version here: https://www.mikrotik.com/download

RouterOS 6.41rc4 [Release candidate]

July 30, 2017, 11:48 pm

≫ Next: RouterOS 6.41rc6 [Release candidate]

≪ Previous: RouterOS 6.41rc3 [Release candidate]

$

0

0

6.41rc4 changelog:

*) bridge - show "admin-mac" only if "auto-mac=no";
*) rb922 - restored missing wireless interface on some boards;

Other changes since 6.40:

*) CRS3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) bonding - improved relialibility on bonding interface removal;
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - implemented software based "igmp-snooping" (CLI only);
*) bridge - implemented software based MSTP (CLI only);
*) bridge - removed "frame-types" and "ingress-filtering" for bridge interfaces (introduced in v6.40rc36);
*) certificate - show "Expired" flag when initial CRL fetch fails;
*) e-mail - do not show errors when sending e-mail from script;
*) firewall - properly remove "address-list" entry after timeout ends;
*) hotspot - improved user statistics collection process;
*) interface - improved interface state change handling when multiple interfaces are affected at the same time;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) lte - allow to specify the MAC address for passthrough mode;
*) ppp - added client support for Sierra MC7750;
*) rb2011 - fixed possible LCD blinking along with Ethernet LED;
*) sftp - added functionality which imports ".auto.rsc" file or reboots router on ".auto.npk" upload;
*) trafficgen - fixed "lost-ratio" showing incorrect statistics after multiple sequences;

Download the new 'RouterOS 6.41rc4' version here: https://www.mikrotik.com/download

RouterOS 6.41rc6 [Release candidate]

August 1, 2017, 5:06 am

≫ Next: RouterOS 6.41rc7 [Release candidate]

≪ Previous: RouterOS 6.41rc4 [Release candidate]

$

0

0

6.41rc6 changelog:

*) btest - improved reliability on Bandwidth Test when device`s RAM is almost full;
*) dhcpv6-client - do not run DHCPv6 client when IPv6 package is disabled;
*) ipv6 - fixed IPv6 address request from pool (introduced in 6.41rc1);
*) lte - added support for Novatel (Verizon) USB730L;
*) lte - fixed LTE not passing any traffic while in running state;
*) ppp - added support for Sierra MC7750;
*) torch - fixed Torch on PPP tunnels (introduced in 6.40);

Other changes since 6.40:

!) bridge - implemented software based vlan-aware bridges;
https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_VLAN_Filtering
!) switch - "master-port" conversion into a bridge with hardware offload "hw" option (CLI only);
https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features#Bridge_Hardware_Offloading
!) bridge - general development of hw-offload bridge implementation (introduced in v6.40rc36);
*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) bonding - improved relialibility on bonding interface removal;
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - implemented software based "igmp-snooping" (CLI only);
*) bridge - implemented software based MSTP (CLI only);
*) bridge - removed "frame-types" and "ingress-filtering" for bridge interfaces (introduced in v6.40rc36);
*) bridge - show "admin-mac" only if "auto-mac=no";
*) certificate - show "Expired" flag when initial CRL fetch fails;
*) CRS3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) e-mail - do not show errors when sending e-mail from script;
*) firewall - properly remove "address-list" entry after timeout ends;
*) hotspot - improved user statistics collection process;
*) interface - improved interface state change handling when multiple interfaces are affected at the same time;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) lte - allow to specify the MAC address for passthrough mode;
*) rb2011 - fixed possible LCD blinking along with Ethernet LED;
*) rb922 - restored missing wireless interface on some boards;
*) sftp - added functionality which imports ".auto.rsc" file or reboots router on ".auto.npk" upload;
*) trafficgen - fixed "lost-ratio" showing incorrect statistics after multiple sequences;

Download the new 'RouterOS 6.41rc6' version here: https://www.mikrotik.com/download

RouterOS 6.41rc7 [Release candidate]

August 2, 2017, 4:30 am

≫ Next: RouterOS 6.41rc9 [Release candidate]

≪ Previous: RouterOS 6.41rc6 [Release candidate]

$

0

0

6.41rc7 changelog:

*) export - fixed export for different parameters where numerical range or constant string is expected;
*) ovpn-client - fixed incorrect netmask usage for pushed routes;
*) pppoe-client - fixed incorrectly formed PADT packet;
*) winbox - added "none-dynamic" and "none-static" options for "address-list-timeout" parameter under NAT, Mangle and RAW rules;
*) winbox - do not show duplicate filter parameters "Published" in ARP list;
*) winbox - show warnings under "/system routerboard settings" menu;

Other changes since 6.40:

!) bridge - implemented software based vlan-aware bridges;
https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_VLAN_Filtering
!) switch - "master-port" conversion into a bridge with hardware offload "hw" option (CLI only);
https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features#Bridge_Hardware_Offloading
!) bridge - general development of hw-offload bridge implementation (introduced in v6.40rc36);
*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) bonding - improved relialibility on bonding interface removal;
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - implemented software based "igmp-snooping" (CLI only);
*) bridge - implemented software based MSTP (CLI only);
*) bridge - removed "frame-types" and "ingress-filtering" for bridge interfaces (introduced in v6.40rc36);
*) bridge - show "admin-mac" only if "auto-mac=no";
*) btest - improved reliability on Bandwidth Test when device`s RAM is almost full;
*) certificate - show "Expired" flag when initial CRL fetch fails;
*) CRS3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) dhcpv6-client - do not run DHCPv6 client when IPv6 package is disabled;
*) e-mail - do not show errors when sending e-mail from script;
*) firewall - properly remove "address-list" entry after timeout ends;
*) hotspot - improved user statistics collection process;
*) interface - improved interface state change handling when multiple interfaces are affected at the same time;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) ipv6 - fixed IPv6 address request from pool (introduced in 6.41rc1);
*) lte - allow to specify the MAC address for passthrough mode;
*) lte - added support for Novatel (Verizon) USB730L;
*) lte - fixed LTE not passing any traffic while in running state;
*) ppp - added support for Sierra MC7750;
*) rb2011 - fixed possible LCD blinking along with Ethernet LED;
*) rb922 - restored missing wireless interface on some boards;
*) sftp - added functionality which imports ".auto.rsc" file or reboots router on ".auto.npk" upload;
*) torch - fixed Torch on PPP tunnels (introduced in 6.40);
*) trafficgen - fixed "lost-ratio" showing incorrect statistics after multiple sequences;

Download the new 'RouterOS 6.41rc7' version here: https://www.mikrotik.com/download