|
arm64
|
fixed possible transmit queue timeout on CCR2216, CCR2116, RDS2216; |
|
arp
|
added warning, when "Published" ARP entry used on an interface with "reply-only" ARP mode enabled; |
|
bgp
|
added input.filter-community; |
|
bgp
|
fixed excessive CPU usage; |
|
bgp
|
fixed input.accept-community; |
|
bgp
|
fixed memory leak on receiving notify and closing session; |
|
bgp
|
improved performance on BGP input; |
|
bonding
|
added setting for LACP active/passive modes; |
|
bridge
|
added new STP monitoring fields for bridge and ports (Tx/Rx BPDU, Tx/Rx TC, forward/discard transitions, last topology change, message-age, max-age, remaining-hops, bridge-id); |
|
bridge
|
fixed bridge port hang when using invalid port IDs; |
|
bridge
|
fixed dhcp-snooping in QinQ setups; |
|
bridge
|
fixed issue when local MACs were removed unnecessarily; |
|
bridge
|
fixed minor memory leak on link down; |
|
bridge
|
fixed multicast packet flow on hardware offloaded bridge which acts as "multicast-router"; |
|
bridge
|
improved default bridge and port layout on console and GUI; |
|
bridge
|
improved stability in case of configuration error (introduced in v7.15); |
|
bridge
|
moved "TCHANGE" logs from bridge,stp to bridge,stp,debug; |
|
bridge
|
offload VXLAN only if another HW offloaded port exists in the bridge; |
|
bridge
|
properly flush bridge hosts when bonding is used as bridge port and loses hw-offloading status; |
|
bridge
|
rename "ports" to "interface" under MDB table for configuration consistency with other menus; |
|
bridge
|
renamed STP monitor fields (port-number to port-id, designated-port-number to designated-port-id, designated-bridge to designated-bridge-id); |
|
bridge
|
show designated-* monitor field for all port roles; |
|
bridge
|
show warning instead of causing error when using multicast MAC as admin-mac (introduced in v7.17); |
|
bth
|
properly specify "in-interface" when adding dynamic firewall NAT rule; |
|
capsman
|
fixed "undo" command for cap interfaces; |
|
certificate
|
added built-in root certificate authorities store; |
|
certificate
|
do not include CA identity in SCEP POST requests; |
|
certificate
|
fixed cloud-dns challenge validation for sn.mynetname.net (CLI only); |
|
certificate
|
improve error message when trying to use certificate; |
|
certificate
|
optimize trust store; |
|
cloud
|
fixed issues when BTH is toggled fast between enable/disable; |
|
cloud
|
improved "BTH Files" web page design; |
|
conntrack
|
improved stability on busy systems; |
|
console
|
added on-error to "for" and "foreach" loops; |
|
console
|
added proplist to monitor command; |
|
console
|
disallow incomplete double-quoted arguments (allows multiline string pasting); |
|
console
|
do not treat return values as errors in scripts run from scheduler; |
|
console
|
enabled verbose error logging for non-scripted/non-verbose imports; |
|
console
|
fixed issue with file-name completion (introduced in v7.18); |
|
console
|
fixed issue with files when using scripts (introduced in v7.18); |
|
console
|
fixed misaligned multiline in brief print mode; |
|
console
|
improve time value handling; |
|
console
|
improved file add/remove process stability; |
|
console
|
print large number argument values in proper format in export output; |
|
console
|
set "/system/note show-at-login=yes" the default value after configuration reset; |
|
console
|
validate script arguments (do, on-error, etc.) and reject invalid values; |
|
container
|
allow changing container name; |
|
container
|
fixed repository name handling to prevent redirect issues when basic authentication is used; |
|
container
|
try to derive a user readable container name from remote image or file; |
|
defconf
|
added DHCP Client on RDS2216 MGMT interface; |
|
defconf
|
increased PPP interface wait time; |
|
device-mode
|
added new "rose" mode where "container" feature is enabled by default; |
|
dhcpv4
|
improved outgoing packet logging; |
|
dhcpv4-client/server
|
added support for DHCPv4 reconfigure messages; |
|
dhcpv4-server
|
"Relay-Agent-Information" (82) option moved at the end of option list in response packets; |
|
dhcpv4-server
|
accept packets with htype 6; |
|
dhcpv4/v6-client
|
added check-gateway parameter; |
|
dhcpv4/v6-client
|
fixed default route when DHCP client interface is in VRF; |
|
dhcpv6-client
|
allow selecting to which routing tables add default route; |
|
dhcpv6-relay
|
clear saved routes on DHCP release; |
|
dhcpv6-relay
|
show client address; |
|
dhcpv6-server
|
allow unsetting prefix-pool for static bindings and show warning if prefix is not in selected prefix-pool; |
|
dhcpv6-server
|
change bound status to waiting on binding disable; |
|
dhcpv6-server
|
change static binding bound status to waiting on server disable; |
|
dhcpv6-server
|
fix when expired static binding is declined with false "binding belongs to another server" reason; |
|
dhcpv6-server
|
improved stability when disabled server have static bindings; |
|
dhcpv6-server
|
improved stability when disabling server with active bindings; |
|
disk
|
add "sector-size" property in print detail; |
|
disk
|
add reset-counters to /disk btrfs filesystem; |
|
disk
|
renamed "eject-drive" command to "eject" (CLI only); |
|
disk
|
renamed "format-drive" command to "format" (CLI only); |
|
dlna
|
improved folder indexing behavior; |
|
dns
|
improved DNS server service stability; |
|
dot1x
|
fixed dynamic switch ACL rules on boards with a lot of ports (e.g. CRS520); |
|
ethernet
|
improved Ethernet and PoE port mapping to ensure a consistent and reliable interface order; |
|
fetch
|
fixed false successful messages in FTP mode; |
|
file
|
added show-hidden parameter to /file/print, allowing referencing and deleting hidden files; |
|
file
|
fixed missing files from The Dude (introduced in v7.18); |
|
file
|
improved responsiveness on slow filesystems; |
|
firewall
|
always show "passthrough" when exporting mangle table; |
|
firewall
|
detect VRF addresses as local; |
|
firewall
|
fixed IP/Settings "ipv4-fasttrack-active" status showing as inactive when it is active; |
|
general
|
system – added new "switch-marvell" and "wifi-mediatek" packages to support upcoming products; |
|
general
|
vxlan -improved system stability when using IPv6 VTEP; |
|
health
|
hide settings in CLI if there is nothing to show; |
|
health
|
improved performance on devices with simple voltage sensors; |
|
hotspot
|
improvements to memory usage; |
|
igmp-proxy
|
do not try to send leave message for multicast groups that the device itself has joined on the upstream interface (cosmetic fix for proxy error logs); |
|
ike2
|
improved initial key exchange process on slow or unreliable connections; |
|
iot
|
improvement to LoRa dev-addr-validation behavior; |
|
iot
|
improvement to LoRa join eui/net id filtering behavior; |
|
iot
|
improvement to LoRa stability and functionality; |
|
iot
|
improvement to LoRa whitelist/blacklist support; |
|
iot
|
iot-bt-extra package stability improvement; |
|
ip-service
|
show all TCP/UDP connections on the system; |
|
ip-service
|
show all TCP/UDP ports on system, including ports in containers; |
|
ip-service
|
show error message when service enable fails; |
|
ippool6
|
properly free IPv6 pool used prefix when it is not used any more; |
|
ipsec
|
fixed system failure on MMIPS devices when using IPsec services; |
|
ipsec
|
lower standalone cipher, hash priority when using ctr aead; |
|
ipv6
|
avoid watchdog reboot due to link-local IPv6 address reconfiguration on thousand of interfaces at once; |
|
ipv6
|
fixed EUI-64 false error message on address update when "from-pool" option is used; |
|
isis
|
properly validate 3-way hello handshake; |
|
l2tp-ether
|
improved stability when trying to connect to disabled L2TP server with IPsec; |
|
l3hw
|
remove VLAN tag before VXLAN encapsulation (fixes pvid behavior for bridged VXLAN); |
|
log
|
added additional CEF fields from firewall and login logs; |
|
log
|
fixed remote logging after reboot when hostname is forwarded to a DNS server; |
|
log
|
populate in/out fields in firewall CEF logs with correct data; |
|
lte
|
added UICC parameter in LTE monitor for R11e-4G modem; |
|
lte
|
additional fixes for eSIM management support; |
|
lte
|
AT modems, improved redialing when modem lost connectivity without notifying host about APN status change; |
|
lte
|
automatically enable roaming for known roaming only SIM/eSIM profiles; |
|
lte
|
Chateau 5G R16 fix DHCP relay packet forwarding using LTE interface; |
|
lte
|
deactivate current eSIM profile before activating new profile; |
|
lte
|
fixed default APN for configless modems; |
|
lte
|
fixed EC200A-EU APN authentication; |
|
lte
|
fixed initialization for Neoway N75 modem; |
|
lte
|
fixed initialization for R11e-LTE6 modem; |
|
lte
|
fixed LTE passthrough activation issue when IPv6 APN is used; |
|
lte
|
fixed LTE status update or possible crash when modem is unexpectedly removed from system; |
|
lte
|
fixed MBIM modem recovery after modem unexpected restart; |
|
lte
|
fixed modem recovery after firmware upgrade for R11e-LTE modem; |
|
lte
|
fixed possible crash or missing IPv6 address on first APN activation when IPv6 capable APN is used; |
|
lte
|
fixed Router Advertisement processing issue for AT modems when an APN with "ip-type=ipv6" was configured; |
|
lte
|
improved dialer for EC200A-EU modem; |
|
lte
|
improved R11e-LTE6 link recovery delay time after unexpected modem registration status changes; |
|
lte
|
initial support for user settable modem redial timer; |
|
lte
|
initialize Quectel modems as soon as they are ready after unexpected restart; |
|
lte
|
reset internal link-recovery-timer on sim slot change; |
|
lte
|
set apn profile name the same as apn if no name specified when creating the profile; |
|
lte
|
show correct value for 5G SA "current-cellid"; |
|
net
|
remove support for automatic multicast tunneling (AMT) interface (introduced in v7.18); |
|
netinstall
|
improved network socket re-opening when NIC status changes while running the server; |
|
netinstall
|
provide warning if memory on installed router is full after installation; |
|
netinstall
|
show warning when network configuration on PC might not be appropriate for installation; |
|
netinstall-cli
|
check for other running Netinstall servers on startup; |
|
netinstall-cli
|
clear old configuration before user script using "-s"; |
|
netinstall-cli
|
fixed issue with applying the branding package; |
|
ospf
|
fixed "mismatch" typo in logs; |
|
ospf
|
make auth-key parameter sensitive; |
|
ovpn
|
properly match GCM hardware acceleration capabilities (introduced in v7.17); |
|
ovpn-server
|
do not reset active connections when changing comment or name; |
|
ovpn-server
|
fixed server start-up after a reboot; |
|
ovpn-server
|
properly show "username" in log when authentication fails; |
|
pimsm
|
fixed issue where own query caused querier detection; |
|
poe-out
|
upgraded firmware for 802.3at/bt PSE controlled boards (the update will cause brief power interruption to PoE-out interfaces); |
|
port
|
added support for Huawei E3372-325 variant (vendor-id="0x3566" device-id="0x2001"); |
|
port
|
added USB mode switch support for "huawei-alt-mode"; |
|
port
|
fixed KNOT BG77 modem port lost after RouterOS upgrade from previous versions; |
|
port
|
improvements to KNOT BG77 modem port channel handling; |
|
ppc
|
fixed VLAN TCP packet transmit on PPC devices; |
|
profiler
|
improved process classification; |
|
ptp
|
added "ptp" logging topic; |
|
ptp
|
allow multiple instances; |
|
ptp
|
fixed PTP on 2.5G links; |
|
ptp
|
fixed PTP on QSFP ports for CRS326, CRS510, CRS520, CCR2216 devices; |
|
queue
|
fixed system failure when CAKE kind queue was configured but queue type definition does not exist anymore (introduced in v7.18); |
|
queue
|
speed-up queue addition/removal process; |
|
quickset
|
improved system stability; |
|
rose-storage
|
added Btrfs disk balance command (CLI only); |
|
rose-storage
|
added degraded Btrfs mount option (CLI only); |
|
rose-storage
|
fixed mounting Btrfs subvolumes using macOS SMB client; |
|
rose-storage
|
fixes for Btrfs; |
|
rose-storage
|
improved system stability when removing NVMe disks; |
|
rose-storage
|
rename default RAID device name from "raid" to "raid-array"; |
|
rose-storage
|
show Btrfs balance and scrub errors if any; |
|
route
|
added options to set dynamic-in and connected-in chains in /routing/settings; |
|
route
|
fixed stuck output when calling prints from multiple routing menus; |
|
route
|
fixed route rule "min-prefix" unset; |
|
route
|
improve stability on BGP reconnect; |
|
route
|
make AFI naming consistent; |
|
route
|
show "routing-table" by default on console print output; |
|
route
|
show BGP session name instead of cache-id; |
|
route-filter
|
fixed the "blackhole" option setting process; |
|
route-filter
|
improved performance; |
|
sfp
|
added sfp-encoding data output from EEPROM; |
|
sfp
|
improved QSFP link stability for CRS354 devices; |
|
sniffer
|
add max-packet-size (2k-64k) setting to be able to sniffer more than 2k data per packet; |
|
snmp
|
fixed v2 getnext noSuchName error when OID with requested key does not exist; |
|
ssh
|
fixed authorization with SSH key when multiple user SSH public keys are imported; |
|
ssl/tls
|
respond with more precise alert error messages; |
|
ssl/tls
|
send certificate authority in Certificate message even if it is not trusted; |
|
switch
|
do not count rx-too-long multiple times on 100Gbps QSFP28; |
|
switch
|
fixed egress mirroring for packets coming from external CPU port (e.g. CRS520, CCR2216, CCR2116); |
|
switch
|
fixed switch name for hEX Refresh; |
|
switch
|
flush CPU port FDB entries on switch disable; |
|
switch
|
improve rate limit accuracy for MT7531, MT7621, EN7562CT; |
|
switch
|
improved boot stability on devices with Alpine CPU and switch chip; |
|
switch
|
improved stability when enabling IGMP snooping with VXLAN (introduced in v7.18); |
|
switch
|
properly match IPv6 packets with empty ACL rule on CRS3xx, CRS5xx, CCR2004, CCR2116, CCR2216, RDS devices; |
|
system
|
fixed "/system reboot" when the system disk is completely full; |
|
system
|
improved internal "flash/" prefix handling for different file path related settings; |
|
system
|
improved system stability when sending TCP data from the router; |
|
timezone
|
updated timezone information from "tzdata2025b" release; |
|
torch
|
improved data reporting; |
|
upgrade
|
improved free disk space calculation; |
|
upgrade
|
improved upgrade procedure reliability; |
|
vrrp
|
fixed detection of connection tracking after reboot (introduced in v7.17); |
|
webfig
|
allow table column resize over side toolbar; |
|
webfig
|
don't reorder rows when selecting header cells with Alt+click; |
|
webfig
|
show IPv6 firewall connections; |
|
webfig
|
show missing data in "IP/DNS/Cache" records; |
|
wifi
|
add channel.reselect-time parameter which allows to perform channel re-selection at given time of day (CLI only); |
|
wifi
|
add information on CAP uptime and connection uptime in "Remote CAP" list; |
|
wifi
|
added "eap-identity" to registration table; |
|
wifi
|
added SSID to logs; |
|
wifi
|
display error when trying to run snooper on interface which does not support wireless packet capture (sniffer); |
|
wifi
|
fix authentication of clients which omit some RSN information at association; |
|
wifi
|
fix incorrect info about current channel for station interfaces after AP has switched channel (introduced in v7.17); |
|
wifi
|
fix possible snooper crash when parsing frames with malformed headers; |
|
wifi
|
fixed 5GHz chain enumeration on Chateau PRO ax; |
|
wifi
|
implement WPA2 PSK authentication with key derivation using SHA256 (CLI only); |
|
wifi
|
improve parsing of captured frames which have nested flags in radiotap header; |
|
wifi
|
improved stability for wifi interfaces; |
|
wifi
|
improved stability when doing SNMP query; |
|
wifi
|
improved wifi connection stability when used as a station for "b" mode access point; |
|
wifi
|
re-word log entries about disconnections which are likely caused by peer using a wrong passphrase; |
|
wifi
|
use at least TLS 1.2 for securing connection between CAPsMAN manager and CAPs; |
|
wifi-qcom
|
fix inability of interfaces in station mode to connect if they do not support full bandwidth of AP; |
|
wifi-qcom
|
fix OWE authentication for 802.11ac interfaces in station mode; |
|
winbox
|
added "MAC Telnet" under "Wifi/Registration" menu; |
|
winbox
|
added "Multi Passphrase Group" for wifi; |
|
winbox
|
added "Reset MAC address" for legacy wireless and wifi; |
|
winbox
|
added comment fields for WiFi "Multi Passphrase Group" menu; |
|
winbox
|
added comment under "User Manager/Routers" menu; |
|
winbox
|
added country to wireless setup-repeater; |
|
winbox
|
added missing "Switch" menu for RDS; |
|
winbox
|
added missing file systems for disk formatting; |
|
winbox
|
added missing parameters for BTRFS related action functions; |
|
winbox
|
added mount-point parameter under "Disk/Settings" menu; |
|
winbox
|
added netmask support for switch rule Src/Dst IPv6 Address settings; |
|
winbox
|
allow opening BTRFS menu entries; |
|
winbox
|
changed default wireless wds-cost-range values; |
|
winbox
|
do not show not relevant values for certificate template; |
|
winbox
|
fixed "Multi Passphrase Group" setting for wifi; |
|
winbox
|
fixed "registry-url" field under "Containers" configuration menu; |
|
winbox
|
fixed missing SMB client on non-ROSE devices; |
|
winbox
|
fixed several statistics counters not being read only; |
|
winbox
|
fixed switch menu for Chateau 5G; |
|
winbox
|
fixed time interval type fields precision under "Disks" menu; |
|
winbox
|
hide container File/Remote Image fields only when instance added; |
|
winbox
|
improve graphing efficiency when communicating with WinBox; |
|
winbox
|
make BTRFS "Parent" and "Send Parent" options optional; |
|
winbox
|
properly show/hide OSPF, RIP and BGP tabs for IPv6 routes; |
|
winbox
|
renamed "raid-member" to "raid member" flag for consistency; |
|
winbox
|
show eSIM profiles under eSIM menu without manual refresh; |
|
wireguard
|
add wg-import config-string parameter to import config directly from terminal; |
|
wireguard
|
update peer info on "get" command; |
|
wireless
|
added "eap-identity" to registration table; |
|
wireless
|
implement handling of RADIUS disconnect messages by CAPsMAN; |
|
wireless
|
suggest all legitimate frequencies for interfaces with 20/40mhz-XX channel width in GUI; |
|
x86
|
added support for Emulex NIC; |
|
x86
|
i40e updated driver to 2.27.8 version; |
|
x86
|
remove unnecessary console output on shutdown; |