Version: 7.11
Stable171 changelog entries across 57 component(s)
2023-Aug-15 (2 years ago)
| Component | Change |
|---|---|
| api | disallow executing commands without required parameters; |
| bfd | fixed "actual-tx-interval" value and added "remote-min-tx" (CLI only); |
| bfd | improved system stability; |
| bluetooth | added "decode-ad" command for decoding raw Bluetooth payloads (CLI only); |
| bluetooth | added "Peripheral devices" section which displays decoded Eddystone TLM and UID, iBeacon and MikroTik Bluetooth payloads; |
| bluetooth | added new AD structure type "service-data" for Bluetooth advertisement; |
| bridge | added more STP-related logging; |
| bridge | added warning when VLAN interface list contains ports that are not bridged; |
| bridge | fixed MAC learning on "switch-cpu" port with enabled FastPath; |
| bridge | fixed MSTP BPDU aging; |
| bridge | fixed MSTP synchronization after link down; |
| bridge | prevent bridging the VLAN interface created on the same bridge; |
| certificate | allow to import certificate with DNS name constraint; |
| certificate | fixed PEM import; |
| certificate | fixed trust store CRL link if generated on an older version (introduced in v7.7); |
| certificate | improved CRL download retry handling; |
| certificate | removed request for "passphrase" property on import; |
| certificate | require CRL presence when using "crl-use=yes" setting; |
| certificate | restored RSA with SHA512 support; |
| conntrack | fixed "active-ipv4" property; |
| console | added ":convert" command; |
| console | added default value for "rndstr" command (16 characters from 0-9a-zA-Z); |
| console | fixed incorrect date when printing "value-list" with multiple entries; |
| console | fixed minor typos; |
| console | fixed missing "parent" for script jobs (introduced in v7.9); |
| console | fixed missing return value for ping command in certain cases; |
| console | fixed printing interval when resizing terminal; |
| console | improved flag printing in certain menus; |
| console | improved stability and responsiveness; |
| console | improved stability when canceling console actions; |
| console | improved stability when using fullscreen editor; |
| console | improved timeout for certain commands and menus; |
| console | improved VPLS "cisco-id" argument validation; |
| container | added IPv6 support for VETH interface; |
| container | added option to use overlayfs layers; |
| container | adjust the ownership of volume mounts that fall outside the container's UID range; |
| container | fixed duplicate image name; |
| container | fixed IP address in container host file; |
| defconf | do not change admin password if resetting with "keep-users=yes"; |
| dhcp-server | fixed setting "bootp-lease-time=lease-time"; |
| discovery | fixed "lldp-med-net-policy-vlan" (introduced in v7.8); |
| dns | improved system stability when processing static DNS entries with specified address-list; |
| ethernet | fixed forced half-duplex 10/100 Mbps link speeds on CRS312 device; |
| ethernet | improved interface stability for CRS312 device; |
| fetch | improved timeout detection; |
| firewall | added warning when PCC divider argument is smaller than remainder; |
| firewall | fixed mangle "mark-connection" with "passthrough=yes" rule for TCP RST packets; |
| firewall | improved system stability when using "endpoint-independent-nat"; |
| graphing | added paging support; |
| health | added more gradual control over fans for CRS3xx, CRS5xx, CCR2xxx devices; |
| health | fixed configuration export for "/system/health/settings" menu; |
| hotspot | allow number as a first symbol in the Hotspot server DNS name; |
| ike1 | fixed Phase 1 when using aggressive exchange mode (introduced in v7.10); |
| ike2 | improved SA rekeying reply process; |
| ike2 | improved system stability when closing phase1; |
| ike2 | improved system stability when making configuration changes on active setup; |
| ike2 | log "reply ignored" as non-debug log message; |
| ipsec | fixed public key export (introduced in v7.10); |
| ipsec | fixed signature authentication using secp521r1 certificate (introduced in v7.10); |
| ipsec | improved IKE2 rekey process; |
| ipsec | properly check ph2 approval validity when using IKE1 exchange mode; |
| l3hw | changed minimal supported values for "neigh-discovery-interval" and "neigh-keepalive-interval" properties; |
| l3hw | fixed /32 and /128 route offloading after nexthop change; |
| l3hw | fixed incorrect source MAC usage for offloaded bonding interface; |
| l3hw | improved system responsiveness during partial offloading; |
| l3hw | improved system stability during IPv6 route offloading; |
| l3hw | improved system stability; |
| led | fixed manually configured user LED for RB2011; |
| leds | blink red system-led when LTE is not connected to the network on D53 devices; |
| leds | fixed system-led color for "GSM EGPRS" RAT on D53 devices; |
| lora | added new EUI field; |
| lora | added uplink message filtering option using NetID or JoinEUI; |
| lora | moved LoRa service to IoT package; |
| lora | properly apply configuration changes when multiple LoRa cards are used; |
| lora | updated LoRa firmware for R11e-LR8, R11e-LR9 and R11e-LR2 cards; |
| lte | added "at-chat" support for Dell DW5821e-eSIM modem; |
| lte | added "at-chat" support for Dell DW5829 modem; |
| lte | added "at-chat" support for Fibocom L850-GL modem; |
| lte | added "at-chat" support for SIMCom 8202G modem; |
| lte | added "band" info to the "monitor" command for MBIM modems that support serving cell info reporting over MBIM; |
| lte | added extended support for Neoway N75 modem; |
| lte | fixed Dell DW5821e "at-chat" support; |
| lte | fixed LtAP mini default SIM slot "down" changeover to "up" after an upgrade (introduced in v7.10beta1); |
| lte | fixed NR SINR reporting for Chateau 5G; |
| lte | fixed R11e-LTE, R11e-LTE6 legacy 2G/3G RAT mode selection; |
| lte | fixed Telit LE910C4 "at-chat" support; |
| lte | improved initial interface startup time for SXT LTE 3-7; |
| lte | improved system stability when changing the "radio" state for MBIM modems; |
| lte | only listen to DHCP packets for LTE passtrough interface in auto mode when looking for the host; |
| modem | added initial support for BG77 modem DFOTA firmware update; |
| modem | changed Quectel EC25 portmap to expose DM (diag port), DM channel=0, GPS channel=1; |
| modem | fixed missing sender's last symbol in SMS inbox if the sender is an alphabetic string; |
| mpls | improved MPLS TCP performance; |
| mqtt | added more MQTT publish configuration options; |
| mqtt | added new MQTT subscribe feature; |
| netwatch | added "src-address" property; |
| netwatch | changed "thr-tcp-conn-time" argument to time interval; |
| ovpn | do not try to use the "bridge" setting from PPP/Profile, if the OVPN server is used in IP mode (introduced in v7.10); |
| ovpn | fixed OVPN server peer-id negotiation; |
| ovpn | fixed session-timeout when using UDP mode; |
| ovpn | improved key renegotiation process; |
| ovpn | include "connect-retry 1" and "reneg-sec" parameters into the OVPN configuration export file; |
| ovpn | properly close OVPN session on the server when client gets disconnected; |
| package | treat disabled packages as enabled during upgrade; |
| poe | fixed missing PoE configuration section under specific conditions; |
| poe-out | advertise LLDP power-mdi-long even if no power allocation was requested (introduced in v7.7); |
| pppoe | fixed PPPoE client trying to establish connection when parent interface is inactive; |
| profile | added "container" process classifier; |
| profile | properly classify "console" related processes; |
| qos-hw | keep VLAN priority in packets that are sent from CPU; |
| quickset | correctly apply configuration when using "DHCP Server Range" property; |
| resource | fixed erroneous CPU usage values; |
| rose-storage | added "scsi-scan" command (CLI only); |
| rose-storage | added disk stats for ramdisks; |
| rose-storage | fixed RAID 0 creation; |
| rose-storage | limit striped RAID element size to smallest disk size; |
| route | added comment for BFD configuration (CLI only); |
| route | convert BFD timers from milliseconds to microseconds after upgrade; |
| routerboard | fixed "gpio-function" setting on RBM33G ("/system routerboard upgrade" required); |
| routerboard | improved RouterBOOT stability for Alpine CPUs ("/system routerboard upgrade" required); |
| routerboard | removed unnecessary serial port for netPower16P and hAP ax lite devices ("/system routerboard upgrade" required); |
| routerboot | increased etherboot bootp timeout to 40s on MIPSBE and MMIPS devices ("/system routerboard upgrade" required); |
| sfp | fixed incorrect optical SFP temperature readings (introduced in v7.10); |
| sfp | improved interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 based switches; |
| sfp | improved optical QSFP interface handling for 98DX8332, 98DX3257, 98DX4310, 98DX8525 switches; |
| sfp | improved Q/SFP interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 switches; |
| sfp | reduce CPU load due to SFP interface handling for CCR2116, CCR2216, CCR2004-12S+2XS, CRS312, CRS518 devices (introduced in v7.9) |
| sms | increased wait time for modem startup; |
| ssh | fixed host public key export (introduced in v7.9); |
| ssh | fixed private key import (introduced in v7.9); |
| ssh | fixed SSH key agreement on the client side when ed25519 used under server settings; |
| ssh | fixed user RSA private key import; |
| switch | fixed "reset-counters" for "switch-cpu"; |
| switch | fixed BPDU packet processing on MT7621, MT7531 with HW offloaded vlan-filtering; |
| switch | improved multicast packet forwarding on MT7621; |
| system | disallow setting a non-existing CPU core number for system IRQ; |
| system | increased maximum supported CPU core count to 512 on CHR and x86; |
| system | reduced RAM usage for SMIPS devices; |
| tftp | improved file name matching; |
| user | added "sensitive" policy requirement for SSH key and certificate export; |
| w60g | improved stability for Cube 60Pro ac and CubeSA 60Pro ac devices; |
| webfig | added option to enable wide view in item list; |
| webfig | fixed "Connect To" configuration changes for L2TP client; |
| webfig | fixed gray-out italic font for entries after enable; |
| webfig | use router time zone for date and time; |
| wifiwave2 | fixed interface hangs on IPQ6010-based boards (introduced in v7.9); |
| wifiwave2 | improved stability when changing interface settings; |
| wifiwave2 | improved stability when receiving malformed WPA3-PSK authentication frames; |
| wifiwave2 | make info log less verbose during client roaming (some info moved to wireless,debug log); |
| wifiwave2 | rename "reg-info" country argument from "Macedonia" to "North Macedonia"; |
| wifiwave2 | use correct status code when rejecting WPA3-PSK re-association; |
| wifiwave2 | added "steering" parameters and menu to set up and monitor AP neighbor groups (CLI only); |
| wifiwave2 | added more information on roaming candidates to BSS transition management requests (802.11v) and neighbor report responses (802.11k); |
| wifiwave2 | added option to filter frames captured by the sniffer command (CLI only); |
| wifiwave2 | automatically add wifi interfaces to appropriate bridge VLAN when wireless clients with new VLAN IDs connect; |
| wifiwave2 | changed default behavior for handling duplicate client MAC addresses, added settings for changing it (CLI only); |
| wifiwave2 | enabled PMK caching with EAP authentication types; |
| wifiwave2 | fixed "reg-info" information for several countries; |
| wifiwave2 | fixed "security.sae-max-failure" rate not limiting authentications correctly in some cases; |
| wifiwave2 | fixed clearing CAPsMAN Common Name when disabling "lock-to-caps-man"; |
| winbox | added missing status values for Ethernet and Cable Test; |
| winbox | added warning about non-running probe due to "startup-delay"; |
| winbox | fixed "Storm Rate" property under "Switch/Port" menu; |
| winbox | fixed BGP affinity display; |
| winbox | fixed default "Ingress Filtering" value under "Bridge" menu; |
| winbox | improved supout.rif progress display; |
| winbox | rename "Group Master" property to "Group Authority" under "Interface/VRRP" menu; |
| wireguard | fixed peer connection using DNS name on IP change; |
| wireguard | fixed peer IPv6 "allowed-address" usage; |
| wireless | ignore EAPOL Logoff frames; |
| x86 | updated e1000 driver; |