Version: 7.8
Stable141 changelog entries across 48 component(s)
2023-Feb-24 (2 years ago)
| Component | Change |
|---|---|
| bgp | fixed setting of "default-prepend" parameter; |
| bridge | fixed adding disabled MSTI; |
| bridge | fixed DHCP packet flow when using DHCP snooping, HW offloading and "use-ip-firewall"; |
| bridge | fixed possible DHCP packet corruption when using DHCP snooping; |
| bridge | fixed PVID warning typo; |
| bridge | improved HW offloading logic; |
| certificate | fixed export of a certificate when the last line of the certificate is exactly 64 bytes long; |
| certificate | fixed PBES2 certificate import; |
| certificate | improved certificate management, signing and storing processes; |
| certificate | improved multiple certificate import process; |
| conntrack | improved system stability when changing connection tracking state; |
| conntrack | improved system stability when PPTP helper is used; |
| console | added "as-string" parameter to the ":execute" command; |
| container | added authentication option for registry (CLI only); |
| container | fixed ".type" file ownership; |
| container | fixed file ownership after system upgrade for containers running on internal disk; |
| container | fixed multiple container automatic startup on boot; |
| dhcpv4-client | send DHCPv4 unicast requests to DHCPv4 relay, instead of server when it is being used; |
| disk | limit maximum TMPFS size; |
| dns | added configurable DoH concurrent query limitation parameters; |
| dns | do not cache results from ":resolve" command with specific server; |
| dns | fixed CNAME reading from the cache; |
| dns | limited "DoH max concurrent queries reached" logging messages to once per minute; |
| dns | respond with "NOERROR" to DNS requests for static domain names when appropriate type record is not configured or found on upstream server; |
| firewall | fixed bridge priority target; |
| firewall | fixed DSCP priority target for IPv6 Mangle; |
| firewall | fixed netmap range maximum address calculation for IPv6 NAT; |
| graphing | fixed hiding of target queues when "allow-target" is disabled; |
| graphing | fixed sorting of interface and queue graphs; |
| graphing | properly handle disabled and static-binding interface graphs; |
| graphing | removed "move" command for graphing rules; |
| health | fixed "temperature" and "power-consumption" readings for RB1100AHx4; |
| hotspot | fixed setting of "address" parameter for IP binding; |
| hotspot | restore cookie timeout on reboot; |
| ike2 | added support for "address", "key-id" and "dn" for Remote ID matching (CLI only); |
| ike2 | fixed active SA flush on responder after an unsuccessful peer connection attempt; |
| ipsec | added support for "Framed-Route" RADIUS attribute support; |
| ipsec | do not match incoming IKE requests by unresolved DNS name peers; |
| ipsec | fixed peer matcher for incoming connection with unresolved DNS; |
| ipv6 | added "pref64" option configuration for RA; |
| ipv6 | improved handling of "advertise" IPv6 address status changes; |
| ipv6 | limited "hop-limit" parameter value range to 255; |
| ipv6 | made distributed DNS lifetime RFC8106 compliant; |
| l3hw | added destination MAC address check for offloaded FastTrack connections; |
| led | fixed signal reading for KNOT device; |
| leds | always require to set interface name when setting "modem-signal" indication; |
| lte | added AT support for Telit LE910C4 in MBIM mode; |
| lte | fixed APN setting usage on initial connection attempt for AT based Quectel and Neoway modems; |
| lte | fixed automatic antenna selection on Chateau LTE12/LTE18; |
| lte | fixed dialing for Fibocom L850-GL module; |
| lte | fixed displaying of "subscriber-number"; |
| lte | fixed possible memory leak when using passthrough mode on Chateau 5G; |
| lte | improved AT port matching for SIMCom, Huawei, WeLink, Cinterion, BandLuxe and Sierra modems; |
| lte | improved modem detection speed in lower mini-PCIe slot on LtAP; |
| lte | improved stability for R11e-LTE6, skip connection reset on first EEMGINFO command timeout; |
| lte | LtAP improved modem detection in lower mini-PCie slot ("/system routerboard upgrade" required); |
| lte | parse USSD even if encoding is unsupported; |
| mpls | fixed handling of more than 9 VRF's; |
| mpls | fixed LDP listen socket creation before IPv6 address is ready for use; |
| mpls | improved stability when neighboring router reboots; |
| ospf | fixed "ospf-type" parameter for OSPFv3 routes; |
| ospf | fixed simple auth for OSPFv3; |
| ovpn | added AES-GCM and multicore encryption support; |
| ovpn | improved server stability; |
| ovpn | improved TLS-related error logging; |
| pimsm | improved system stability; |
| poe | added LLDP power management support for 802.3at PSE; |
| poe | properly turn off power when link not detected on hAP ax2 and hAP ax3; |
| port | fixed modem channel number on KNOT; |
| pppoe | fixed PPPoE client scan showing only one server; |
| resource | show filesystem related statistics on CCR2004; |
| route | fixed IPv6 default route presence when received from RA; |
| route | fixed printing of routing table's "count-only" parameter; |
| route | show hoplimit and MTU properties under the "/routing route" menu for SLAAC routes; |
| routerboot | fixed format storage for RBM33G device ("/system routerboard upgrade" required); |
| routerboot | fixed protected routerboot for RBM33G device ("/system routerboard upgrade" required); |
| sfp | fixed false link detection with S+RJ10 on RB5009; |
| sfp | fixed reading of SFP EEPROM on single SFP port devices; |
| sfp | improved optical modules SFP compatibility on CCR2004-16G-2S+, CCR2004-1G-12S+2XS, CCR2116-12G-4S+ devices; |
| sms | improved reporting of SMS sending errors; |
| sms | log USSD response when USSD is sent over MBIM; |
| sniffer | added additional filtering parameters; |
| snmp | do not show identity in LLDP when branding is used with hide SNMP data; |
| snmp | fixed handling of disabled routes; |
| snmp | fixed reporting of total number of routes counter; |
| ssh | hard-coded "localhost" address for forwarding requests; |
| ssh | improved system stability when processing none-crypto SSH connection; |
| sstp | fixed TLS session establishment when "connect-to" is DNS name; |
| switch | fixed SFP rate select for CRS354 devices; |
| switch | improved 10G, 25G, 40G and 100G interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 switches; |
| switch | improved system stability for 98DXxxxx switch chips; |
| swos | removed "/system swos" menu for CRS5xx series switches; |
| torch | allow "without-paging" parameter for Torch; |
| traffic-generator | increased maximum allowed stream count; |
| upgrade | show error message when license prohibits upgrade; |
| usb | changed USB auto detect behavior to default to the external USB, when no internal USB devices detected; |
| vxlan | added "dont-fragment" setting that allows managing fragmentation; |
| vxlan | added "max-fdb-size" parameter; |
| vxlan | added FastPath support; |
| webfig | allow setting numeric values in time interval fields; |
| webfig | fixed accessing of WebFig when "Interface" menu is disabled by skin; |
| webfig | fixed editing of multi-field parameters with "not" checkbox; |
| webfig | fixed handling of empty skin files; |
| webfig | improved navigation responsiveness; |
| webfig | improved skin file parsing; |
| webfig | improved terminal operation; |
| webfig | properly escape all reserved URI characters; |
| webfig | updated WebFig and graph web pages to HTML5; |
| wifiwave2 | added wireless sniffer tool to capture wireless transmissions (CLI only); |
| wifiwave2 | adjust monitoring of station interfaces to report when an interface is authorized, not just connected; |
| wifiwave2 | enabled additional channels in UNII-3 and UNII-4 bands for Europe and USA on hAP ax^2, hAP ax^3 and Chateau ax; |
| wifiwave2 | fixed compatibility with third-party devices when using SAE hash-to-element authentication with DH groups 20 and 21; |
| wifiwave2 | fixed SAE authentication for interfaces in station mode when trying to connect to APs which require an anti-clogging token (introduced in RouterOS 7.4); |
| wifiwave2 | implement 802.11w management protection SA Query procedures; |
| wifiwave2 | improve protections from denial-of-service attacks on WPA3; |
| winbox | added "Connect" button under "WifiWave2/Scan" menu; |
| winbox | added "Disable/Enable" buttons under "WifiWave2" menu; |
| winbox | added "Match Subdomain" parameter under "IP/DNS/Static" menu; |
| winbox | added "Provision" button under "WifiWave2" menu; |
| winbox | added "Start On Boot" checkbox under "Container" menu; |
| winbox | added "Tx Rate" and "Rx Rate" columns under "WifiWave2/Registration" menu; |
| winbox | added missing properties when setting "Use DoH Server"; |
| winbox | added missing WifiWave2 related parameters under "WifiWave2" menu; |
| winbox | added support for manual RAM file system (TMPFS) creation under "System/Disk" menu; |
| winbox | added Type "https-get" parameter under "Tools/Netwatch" menu; |
| winbox | allow selecting bridge for static entries under "Bridge/MDB" menu; |
| winbox | fixed displaying of "Default Prepend" value under "Routing/BGP/Sessions" menu; |
| winbox | fixed displaying of "Tx/Rx CCQ" values under "Wireless/Registration" menu; |
| winbox | fixed displaying of flags under "System/Console" menu; |
| winbox | fixed displaying of multiple character flags; |
| winbox | fixed usage of IPv6 family addresses under "IP/Web Proxy/Access" menu; |
| winbox | hide "TTL" value for static DNS entries with FWD type; |
| winbox | hide unnecessary properties for virtual interfaces under "WifiWave2" menu; |
| winbox | improved mouseover hint for "local" policy under "System/Users/Groups" menu; |
| winbox | rename "Multicast Router" monitoring property to "Is Multicast Router" under "Bridge" menu; |
| winbox | show "Gateway" column by default under "IPv6/Routes" menu; |
| x86 | added support for TP-Link TG-3468; |
| x86 | fixed SR-IOV support for Intel X710 series NIC; |
| x86 | improved Intel 500 series 10G SFP module support; |
| x86 | improved stability for Intel X550 series NIC with SR-IOV; |
| zerotier | fixed routes after VRF change; |