اعلان

  • اخر الأخبار

    نسخة مايكروتيك اصلية كاملة اخر اصدار 6.35rc1

    نقدم لكم في هذه التدوينة اخر اصدار من مايكروتيك كاملة واصلية من مصدرها الرسمي شركة MikroTik

    لتحميل النسخة من خلال هذا الرابط
    http://download2.mikrotik.com/routeros/6.35rc1/all_packages-mipsbe-6.35rc1.zip


    لتقوم بتثبيت النسخة يمكنك الاستعانة في هذا الشرح المقدم من طرفنا..

    تحديث راوتر المايكروتيك الخاص بك لاخر اصدار بكل سهولة



    النسخة متوافقة مع اصدار:
     mipsbe

    للراوترات التالية فقط:
    BaseBox, CRS series, NetBox, NetMetal, PowerBox, QRT, RB4xx series, RB7xx series, RB9xx series, cAP, mAP, hEX, DynaDish, RB2011 series, SXT, OmniTik, Groove, Metal, Sextant



     للعلم النسخة لا تعمل الا على الراوترات الموضحة اعلاه ولايمكن ان تعمل على راوتر من نوع اخر

     الجديد في النسخة..



    What's new in 6.35rc1 (2016-Jan-29 13:59):
    
    *) route - do not show duplicate gateway on connected route;
    *) wireless - added new package "wireless-rep";
    *) wireless-rep - initial support for station roaming for station mode in 802.11 protocol;
    *) wireless-rep - added support for wireless repeater mode for 802.11 protocol;
    *) wireless-rep - added support for wireless background scan;
    *) wireless-rep - added support for saving wireless scan results to file;
    *) wireless-rep - added support for wireless scan rounds setting;
    *) wireless-rep - added WPS client support;
    *) wireless-rep - added STEP feature for the scan-list;
    *) wireless-rep - packages are available for download, http://www.mikrotik.com/download/share/wireless_rep_all.zip
    
    What's new in 6.34 (2016-Jan-29 10:25):
    
    *) mipsle - architecture support dropped (last fully supported version 6.32.x);
    *) dude - The reports of my death have been greatly exaggerated;
    *) dude - dude RouterOS package added for tile and x86 (CHR) architecture;
    *) dude - package included by default to all CHR images;
    *) dude - initial work on dude integration into RouterOS;
    *) bgp vpls  - fixed initialization after reboot;
    *) mpls - forwarding of VRF over TE tunnel stopped working after BGP peer reset;
    *) ipsec - improved TCP performance on CCRs;
    *) btest - significantly increased TCP bandwidth test performance;
    *) winbox - fixed possible busy-loop on v2.x with latest 6.34RC versions;
    *) cerm - allow to sign certificates from imported CAs created with RouterOS;
    *) ldp - fix MPLS PDU max length;
    *) net - improve 64bit interface stats support;
    *) routerboard - print factory-firmware version in routerboard menu;
    *) snmp - add oid from ucd mib for total cpu load OID 1.3.6.1.4.1.2021.11.52.0;
    *) winbox - add extra items automatically to multi-line fields if at least one of them is required;
    *) winbox - implemented full ipv6 dhcp client;
    *) winbox - update blocked flag if user changed blocked field in dhcp server lease;
    *) mac-telnet - fixed backspace when typing login username;
    *) sstp - allow ECDHE when pfs enabled;
    *) lte - fixed info command for Cinterion EHS5-E modem;
    *) fast-path - fixed kernel crash on on/off;
    *) licensing - fixed that some old 7 symbol keys could not be upgraded;
    *) ssh - fixed possible kernel crash;
    *) console - fixed crash on creating variable with "?" in it;
    *) chr - fix SSH key import on AWS;
    *) crs212 - fix 1Gbps ether1 linking problem;
    *) timezone - use backward timezone aliases;
    *) lte - support serial port for DellWireless 5570;
    *) lte - improved dhcp handling on interfaces that doesn't support it;
    *) ipsec - allow my-id address specification in main mode;
    *) dhcpv6 client - fix remove when client reappears on restart;
    *) default config - fix hAP lite with one wireless;    
    *) firewall - added inversion support for "limit" option;
    *) firewall - added bit rate matching for "limit" option;
    *) firewall - improved performance for "limit" option;
    *) dhcpv6-client - fix ia lifetime check;
    *) ipsec - prioritize proposals;
    *) ipsec - support multiple DH groups for phase 1;
    *) netinstall - fix apply default config;
    *) tile -  make sure that SFP rj45 modules that use forced 1G FD settings work correctly after system reboot;
    *) wireless - added WPS buttons support on hAP and hAP ac lite;
    *) upnp - added comment for dynamic dst-nat rules to inform what host/program required it;
    *) webfig - recognize properly CHR;
    *) chr - license fix for AWS and similar solutions;
    *) arm - fix usb modem modules on ARM;
    *) dhcpv6-client - fixed stopped state;
    *) netinstall - sort packages by name;
    *) firewall - do not allow to add new rule before built-in (reverted);
    *) winbox - include FP in fast-path column names;
    *) ipsec - fix phase2 hmac-sha-256-128 truncation len from 96 to 128
    This will break compatibility with all previous versions and any other
    currently compatible software using sha256 hmac for phase2;
    *) ssh, ftp - make read, write user group policy aware;
    *) tunnel - fix keep-alive (introduced in 6.34rc);
    *) cerm - show last crl update time;
    *) quicket - support CAP mode on all existing wireless packages;
    *) wlan - add united states3 country;
    *) fast-path - fix locking issue which could lead to reboot loop (introduced in 6.34rc20);
    *) userman4 - try loading signup files from db path first;
    *) sstp - allow to limit tls version to v1.2 only;
    *) chr - make tool profile work on 64bit x86;
    *) dhcpv6-server - added binding server=all option;
    *) hotspot - added html-directory-override & recognize default hotspot user;
    *) hotspot - fixed export of default trial user;
    *) hotspot - fixed memory leak on https requests;
    *) winbox - allow to specify amsdu-limit & amsdu-threshold on 11n wifi cards;
    *) winbox - added multicast-buffering & keepalive-frames settings to wireless interfaces;
    *) CHR - implemented trial support for different CHR speed tiers;
    *) dhcpv6-client - fix add route/address;
    *) usb - enable ch341 serial module;
    *) lte - make sure that both LTE miniPCI-e cards are recognized;
    *) winbox - show Common-Name of certificates in certificate list;
    *) winbox - added units to PCQ queue fields;
    *) net - do not break connection when interface is added to bridge;
    *) hotspot - show cookie add/remove events in hotspot,debug log;
    *) hotspot - allow static entries with the same mac on multiple hotspot servers;
    *) hotspot - do not remove mac-cookie in case of radius timeout;
    *) hotspot - added byte limits option for default-trial users;
    *) ipsec - make sure that dynamic policy always has dynamic flag;
    *) CAPsMAN - use CAP name in log when remote-cap is deleted (wireless-cm2);
    *) hotspot - fixed login by mac-cookie when roaming among hotspot servers;
    *) hotspot - add html-directory-override for read-only directory on usb flash;
    *) hotspot - add uptime, byte and packet counter variables to logout script;
    *) net - fix statistics counters jumping up to 4G;
    *) firewall - SIP helper update for newer Cisco phones;
    *) usermanager - fixed usermanager web page crash;
    *) ipsec - fixed active SAs flushing;
    *) hotspot - added option to login user manually from cli;
    *) hotspot - fixed trial-uptime parsing from CLI to Winbox/Webfig;
    *) lte - added support for multiple E3372 on the same device;
    *) modem - added wpd-600n ppp support;
    *) console - fixed incorrect disabled firewall rule matching to "invalid flag";
    *) dns - fix for situation when dynamic dns servers could disappear;
    *) sfp - fix 10g ports in 1g mode (introduced in 6.34rc1);
    *) CCR1072 - added support for S-RJ01 SFP modules;
    *) trafficgen - fixed issue that traffic-generator could not be started twice without reboot;
    *) dhcpv6-server - replace delay option with preference option.
    
    --
    
    *) winbox - show properly route-distinguisher for bgp vpn4;
    *) winbox - show dhcp server name in dhcp leases;
    *) ppp - make CoA work correctly with address-lists;
    *) winbox - fixed tab names to correspond to console;
    *) winbox - show only actual switch-cpu ports in switch setting combobox;
    *) winbox/webfig - fixed version column ordering in ip neighbors list;
    *) webfig - fixed switch port "default vlan id" has missing "auto" value;
    *) webfig - fixed firewall connection-bytes option;
    *) ipsec - fixed kernel failure after underlying tunnel has been disabled/enabled;
    *) romon - allow to see device identity if it is longer than 31 character;
    *) fastpath - show fp counters in /interface monitor aggregate;
    *) bridge firewall - fix  chain check (broken since 6.33.2);
    *) bridge firewall - fixed crash when jump rule points to disabled custom chain;
    *) smb - fix crash when changing user which has open session;
    *) address-list - properly remove unused address-lists from drop-downs;
    *) fetch - fixed closure after 30 seconds;
    *) capsman - fix radius accounting stop message;
    *) log - reopen log file if deleted;
    *) packing - fix tcp/udp checksums when simple packing is used;
    *) tile - fix ipsec freeze after SA updates;
    *) upnp - fixed missing in-interface option for dynamic dst-nat rules;
    *) tunnel - fix complaining about loop after ~248 days;
    *) vrrp - make sure that VRRP gets state on bootup;
    *) ppp - fixed rare kernel crash (introduced in v6.33);
    *) ppp - do not allow empty name ppp secrets;
    *) ssh - fix active user accounting.
    
    What's new in 6.33.5 (2015-Dec-28 09:13):
    
    *) mipsle - architecture support dropped (last fully supported version 6.32.3);
    *) wireless - regular “wireless” package is now retired and replaced by "wireless-fp" and "wireless-cm2";
    *) arp - show incomplete ARP entries;
    *) btest - fix potential crash after btest release;
    *) btest - improve UDP tx rate precision;
    *) crypto - fixed kernel failure in talitos HW encryption;
    *) dhcpv6-client - fix DNS address assignement;
    *) dhcpv6-client - set correct parameters when rapid commit is used
    *) e-mail - do not reset server address after changing configuration;
    *) fastpath - fixed possible kernel failure on multi core systems;
    *) fetch - added 30 second connection time-out;
    *) hotspot - added missing favicon.ico in hotspot html pages;
    *) kernel - general improvement for core process scheduling;
    *) led - add WLAN led to RB951Ui
    *) log - log link up/down events only when link actually has changed its state;
    *) lte - improve support Sierra Wireless 320U;
    *) lte - speed up first time connection to LTE network on SXT LTE;
    *) net - apply slave config only if master config has been changed;
    *) net - do not show L2MTU in VLAN compact export;
    *) netwatch - make work with ping time-out more precise;
    *) ppp - make PPP active print radius & !radius conditions work;
    *) romon - do not accept multicast id;
    *) romon - fixed crash on RoMON if fast-path was active;
    *) smb - show correct interface name in SMB debug logs;
    *) ssh - fix session clean-up;
    *) sshd - resolved shared secret mismatch issue;
    *) tile - fixed kernel failure on HW encryption;
    *) webfig  - didn't show zero values in CRS ingress/egress VLAN translation rules;
    *) winbox - added + & - to IGMP proxy MFC;
    *) winbox - added LCD menu for RB3011;
    *) winbox - allow to specify traffic-monitor threshold in k & M units + specify that those are bits;
    *) winbox - show fast-path per interface counters.
    
    What's new in 6.33.3 (2015-Dec-03 16:08):
    
    *) ethernet - fixed 10/100Mbps auto-negotiation fails on RB922UAGS ether1 (introduced in v6.33.2);
    *) upnp - fixed memory leak;  
    *) ssh - avoid double session clean-up;  
    *) email - make password field sensitive in console.
    
    What's new in 6.33.2 (2015-Nov-27 15:00):
    
    *) bridge - fixed power-cycle-ping for bridge ports (was affecting all bridge);
    *) ethernet - fixed link resetting on power-cycle-ping value change;
    *) ppp - fixed dynamic filter rule adding on some firewall filter configurations;
    *) pppoe - improved MTU discovery compatibility with other vendors;
    *) pppoe - made MTU discovery more robust;
    *) pppoe - fixed compliance to RFC4638 (MTU larger than 1488) again;
    *) vrrp - fix arp=reply-only;
    *) vrrp - do not warn about version mismatch if VRID does not match;
    *) vrrp - allow VRRP to work behind firewall and NAT rules;
    *) vrrp - fixed on-backup script;
    *) dhcpv4 server - fix kernel crash when restoring lease with queue for non-existent server;
    *) dhcpv4-client - support /32 address assignment;
    *) ssh - fix key exchange when first kex packet follows.
    
    What's new in 6.33.1 (2015-Nov-17 09:55):
    
    *) licensing - fix unneeded connection attempts to 169.254.x.x must be CHR only (introduced in 6.33);
    *) pppoe - fixed compliance to RFC4638 for MTU larger than 1488 (introduced in 6.33);
    *) CRS2xx - fixed occasional switchip resets (broken in 6.33);
    *) fastpath - fixed wireless interface fastpath (broken in 6.33);
    *) smb - fixed SMB share crash when connection was cancelled;
    *) lcd - fixed LCD crash on fast disable/enable;
    *) lcd - refresh LCD after display command is executed;
    *) vrrp - fix enabling disabled vrrp interface when vrrp program has exited;
    *) winbox - do not send any changes on OK button press if nothing has been changed;
    *) www - put correct path to Winbox v3.0 for new installations with branding package;
    *) webfig - show correctly SFP Tx/Rx;
    *) winbox - renamed power-cycle-ping-interval to power-cycle-ping-timeout;
    *) hotspot - fixed missing image at login;
    *) netinstall - fix branding pack parsing;
    *) packages - show version tag when no bundle is installed.
    
    What's new in 6.33 (2015-Nov-06 12:49):
    
    *) dns - initial fix for situation when dynamic dns servers could disappear;
    *) winbox - dropped support for winbox v3.0beta and v3.0rc (use winbox v3.0);
    *) dhcpv6 - various improvement and fixes for dhcp-pd client and ippool6;
    *) defconf - fixed rare situation where configuration was only partially loaded;
    *) net - fix possible never ending loop when bad CDP discovery packet is received;
    *) log - make default disk file name to reside in flash dir if it exists;
    *) romon - change port list to be not ordered in export;
    *) capsman - limit number of simultaneous DTLS handshakes;
    *) capsman - fixed memory leak on CAP joining CAPsMAN when ssld is used;
    *) winbox - added allow-fast-path to eoip, gre & ipip;
    *) winbox - do not show power-cycle properties on non poe ports;
    *) l2tp: implemented PPPoE over L2TP in LNS mode, RFC3817;
    *) webfig - some of the setting were shifted to the right;
    *) packages - allow to reinstall from bundle to separate packages & vice versa;
    *) packages - prefer out of bundle packages when both of them are installed;
    *) packages - fix a problem of upgrading bundle package to non bundled ones;
    *) ipsec - force flow cache validation once in 1h;
    *) winbox - make sure that all setting names get shown in full;
    *) winbox - added poe power-cycle-ping settings to ethernet interfaces;
    *) ppp - handle properly case were ppp client is given same address for local & remote end;
    *) winbox - added vlan-mode & vlan-id to virtual-ap interface;
    *) winbox - added timeout column to ipv6 address lists;
    *) winbox - show SFP Tx/Rx Power properly;
    *) winbox - added min-links to bonding interface;
    *) winbox - do not show health menu on RB951Ui-2HnD;
    *) winbox - added support for Login-Timeout & MAC-Auth-Mode in hotspot;
    *) cerm - added option to disable crl download in '/certificate settings';
    *) winbox - make user ssh key import work again;
    *) webfig - make "Copy to Access List" work in CAPsMAN Registration Table;
    *) userman - fix report generation problem which could result in some users being skipped from it;
    *) winbox - fix to allow cpu-port as mirror-target
    *) proxy - error.html parsing enhancement to improve performance
    *) CCR1072 - improve ether1 performance under heavy load
    *) routerboard - indicate RouterBOOT type in /system routerboard print;
    *) mpls - properly use mpls mtu for routes;
    *) cerm - fix key description for signed certificates;
    *) trafflow - report flow addresses in v1 and v5 without NAT awareness;
    *) hotspot - add mac-auth-mode setting for mac-as-passwd option;
    *) hotspot - add login-timeout setting to force login for unauth hosts;
    *) auto-upgrade - fixed auto upgrade for smipsbe;
    *) dns - do not create duplicate entries for same dynamic dns server addresses;
    *) ipsec - fix set on multiple policies which could result in adding non existent dynamic policies to the list;
    *) email - allow server to be specified as fqdn which is resolved on each send;
    *) fastpath - eoip,gre,ipip tunnels support fastpath (new per tunnel setting "allow-fast-path");
    *) ppp, pptp, l2tp, pppoe -  fix ppp compression related crashes;
    *) cerm - also accept downloaded CRLs in PEM format;
    *) userman - added 'history clear' to allow flushing undo history, which may take up significant amount of memory for huge databases with hundreds of users;
    *) health - fix voltage for CRS109, CRS112 and CRS210 if powered from external adapter;
    *) userman - added phone number support to signup form;
    *) ip pool6 - try to acquire the same prefix if info matches recently freed;
    *) ipsec - fix transport mode ph2 ID ports when policy selects specific ip protocol on initiator;
    *) ipsec - use local-address for phase 1 matching and initiation;
    *) route - fixed crash on removing route that was aggregated;
    *) ipsec - fix replay window, was accidentally disabled since version 6.30;
    *) ssh - allow host key import/export;
    *) ssh - use 2048bit RSA host key when strong-crypto enabled;
    *) ssh - support RSA keys for user authentication;
    *) wlan - improved WMM-PowerSave support in wireless-cm2 package;
    *) pptp & l2tp - fixed problem where android client could not connect if both dns names were not provided (was broken since v6.30);
    *) auto-upgrade - added ability to select which versions to select when upgrading;
    *) quickset - fixed HomeAP mode;
    *) lte - improved modem identification to better support multiple identical modems;
    *) snmp - fix system scripts table;
    *) tunnels - eoip,eoipv6,gre,gre6,ipip,ipipv6,6to4 tunnels now support dns name as remote address;
    *) fastpath - active mac-winbox or mac-telnet session no longer suspends fastpath;
    *) fastpath - added per interface fastpath counters;
    *) fastpath - added trafflow support in basic ipv4 and fasttrack ipv4 fastpath;
    *) ppp - added on-up & on-down scripts to ppp profile;
    *) winbox - allow to specify dns name in all the tunnels;
    *) pppoe - added support for MTU > 1492 on PPPoE;
    *) cerm - fix scep server certificate-reply degenerate PKCS#7 signed-data content;
    *) ppp-client - added default channels for Alcatel OneTouch L100V;
    *) defconf - fix for boards that had bridge with only wlan ports;
    *) ovpn: support OpenWRT ovpn clients (or any other with enable-small option enabled);
    *) cerm - use certificate file name for imported cert name;
    *) fetch - fixed error message when error code 200 was received;
    *) cerm - rebuild crl for local ca if crl file does not exist;
    *) winbox - make directed broadcasts work for neighbor discovery;
    *) upnp: automatically adjust mappings to new external ip change;
    *) ppp - added ppp interface to upnp internals/externals if requested;
    *) ppp - when adding ipv6 default route use user provided distance;
    *) userman - allow to correctly enable CoA on router;
    *) cerm - show crl nextupdate time;
    *) ppp - added CoA support to PPPoE, PPTP & L2TP (Mikrotik-Recv-Limit, Mikrotik-Xmit-Limit, Mikrotik-Rate-Limit, Ascend-Data-Rate, Ascend-XMit-Rate, Session-Timeout);
    *) ppp - added new option under "ppp aaa" - "use-circuit-id-in-nas-port-id";
    *) userman - refresh active sessions/users view dynamically;
    *) package - added version tag and show everywhere alongside of version number;
    *) wlan - improved 802.11 protocol single connection TCP performance for ac chipset with cm2 package.
    
    What's new in 6.32.2 (2015-Sep-17 15:20):
    
    *) cerm - guard template from parallel use
    *) mipsle - fixed missing second level menu in CLI;
    *) sstp - avoid routing loops on client when adding default route;
    *) sstp - fixed problem where sometimes sstp ip addresses were invalid;
    *) switch - fixed bogus log messages about excessive broadcasts/multicasts on master-port;
    *) tftp - fix request file name reading from packet
    *) pptp encryption - better handling for out-of-order packets;
    *) ethernet - added support for new ASIX USB Ethernet dongles;
    *) CAPsMAN - fix 100% CPU usage when trying to upgrade RouterOS on CAP;
    *) upgrade - fixed default configuration export;
    *) ppp - fixed ppp interface stuck in not running state;
    *) ipsec - fixed kernel failure when packets were not ordered on first call;
    *) upnp - randomize action urls to fix "filet-o-firewall" vulnerability;
    *) RB532/RB564 - fixed no link after ethernet disable/enable;
    *) romon - fixed default configuration export;
    *) tile - fixed occasional deadlock on module unload;
    *) mesh - fix router lock-up when interface is added/removed;
    *) ipsec - fix sockaddr buf size on id generation for ipv6 address;
    *) health - show correct voltage for CRS109,CRS112,CRS210 when powered through PSU and show voltage up to 27V when powered through PoE;
    *) email - resolve server address;
    *) snmp - show firmware upgrade info;
    *) upgrade - report status in check-for-updates.
    
    What's new in 6.32.1 (2015-Sep-07 13:03):
    
    *) RB911/912 - fixed lock-up;
    *) RB493G - fixed reboot loop;
    *) firewall - do not lose firewall mangle rules on start-up;
    *) defconf - fix default configuration for routers without wireless package.
    
    What's new in 6.32 (2015-Aug-31 14:47):
    
    *) trafflow - added support for IPv6 targets;
    *) switch - fixed port flapping on switch ports of RB750, RB750UP, RB751U-2HnD and RB951-2N (introduced in 6.31)
    *) ipsec - added compatibility option skip-peer-id-check;
    *) flash - fix kernel failure (exposed by 6.31);
    *) bridge firewall - add ipv6 src/dst addr, ip protocol, src/dst port matching to bridge firewall;
    *) RB911/RB912 - fix SPI bus lock after fast led blink;
    *) ipsec - fix potential memory leak;
    *) bridge firewall - vlan matchers support service tag - 0x88a8;
    *) ippool6 - try to acquire the same prefix if info matches recently freed;
    *) crs switch - allow to unset port learn-limit, new default is unset to allow more than 1023 hosts per port;
    *) x86 - fixed 32bit multi-cpu kernel support;
    *) chr - add hotspot,btest,traffgen support;
    *) revised change that caused reboot by watchdog problems introduced in v6.31;
    *) ipsec - use local-address for phase 1 matching and initiation;
    *) ipsec - fix transport mode ph2 ID ports when policy selects specific ip protocol on initiator;
    *) certificates -fixed bug where crl stopped working after a while;
    *) ip accounting - fixed kernel crash;
    *) snmp - fix system scripts get;
    *) hotspot - ignore PoD remote requests if no HotSpot configured;
    *) hotspot - fix kernel failure when www plugin aborts on broken html source;
    *) torch - add invert filter for src/dst/src6/dst6 addresses ;
    *) bonding - add min_links property for 802.3ad mode;
    *) snmp - get vlan speed from master interface;
    *) hotspot - fix html-directory path on small flash devices;
    *) mipsbe - make system shutdown work again;
    *) lcd - fixed parallel port LCD display support on multi-cpu x86;
    *) bridge - fixed use-ip-firewall-for-vlan in setups with multiple bridges;
    *) ipv6 - fixed DHCP-PD client skips some steps when renewing lease;
    *) upnp - fixed protocol port selection for upnp protocol comunications;
    *) firewall - fixed limit and dst-limit options.
    *) winbox - fixed wireless interface l2mtu (VirtualAP and WDS interface creation in winbox)
    *) winbox - fixed multiple firewall rule moving in Winbox 2
    *) simple queues - restrict all changes in dynamic simple queues
    
    What's new in 6.31 (2015-Aug-14 15:42):
    
    *) check-for-update - added ability to select versions channel to check
    (bugfix, current, RC or development)
    *) demo mode of Cloud Hosted Router (CHR) added
    *) chr - added x86_64 image for use in virtual environments
    *) chr - added support for VMware SCSI virtual disks
    *) chr - added support for VMware vmxnet3 network card
    *) chr - added support for HyperV SCSI disks
    *) chr - added support for HyperV Ethernet interfaces
    *) chr - added support for virtio disks
    *) fixed occasional interface resetting on CRS switches
    *) fixed ethernet stopping on RB NetMetal / SXTG-5HPacD 10Mbit and 100Mbit links
    *) ipsec - fixed crash in when gcm encryption was used
    *) ipsec - allow to set peer address as "::/0"
    *) ipsec - fixed empty sa-src address on acquire in tun mode
    *) ipsec - show proposal info in export ipsec section
    *) ipsec - preserve port wildcard when generating policy without port override
    *) ipsec - fixed replay window, was accidentally disabled since version 6.30;
    *) certificate manager - fixed memory leak
    *) ssh - allow host key import/export
    *) ssh - use 2048bit RSA host key when strong-crypto enabled
    *) ssh - support RSA keys for user authentication
    *) conntrack - fixed problem with manual connection removal
    *) conntrack - added tcp-max-retrans-timeout and tcp-unacked-timeout
    *) wireless - implemented l2mtu update if wireless-cm2 is enabled
    *) wireless - improved WMM-PowerSave support in wireless-cm2 package
    *) mpls - better multicore support for VPLS ingress/egress
    *) ovpn - better multicore support for interface initialization/authentication/creation.
    *) mesh - performance improvement
    *) pptp & l2tp - fixed problem where android client could not connect if both dns names were not provided (was broken since v6.30)
    *) user-manager - fixed username was not shown in /tool user-manager user
    *) user-manager - fixed zoom for user-manager homepage when mobile devices used
    *) winbox - restrict change dynamic interface fields
    *) winbox - also hide passphrase in CAPsMAN with "Hide Password"
    *) winbox - restrict reversed ranges in dst-port under firewall
    *) quickset - fixed HomeAP mode
    *) lcd - added LCD package for all architectures (for serial port LCD modules)
    *) lcd - fixed crash (and 100% cpu usage) when interface gets removed from "stats-all" screen
    *) tool fetch - fixed incomplete ftp download
    *) tool fetch - don't trim [t]ftp leading slashes
    *) proxy - adjust time according to time-zone settings in proxy cache contents.
    *) bridge fastpath - fixed updating bridge FDB on receive (could cause TX traffic flooding on all bridge ports)
    *) bonding fastpath - fixed possible crash when bonding master was also a bridge port
    *) route - fixed crash on removing route that was aggregated
    *) romon - fixed crash on SACKed tx segments
    *) lte - improved modem identification to better support multiple identical modems
    *) snmp - fixed system scripts table
    *) traffic flow - fixed dynamic input/output interface reporting
    *) ipv6 dhcp-relay - fixed problem loading configuration
    
    known issue:
    *) Dynamic DNS servers can disappear when "allow-remote-requests" are not enabled
    
    What's new in 6.30 (2015-Jul-08 09:07):
    
    *) wireless - added WMM power save suport for mobile devices;
    *) firewall - sip helper improved, large packets no longer dropped;
    *) fixed encryption 'out of order' problem on SMP systems;
    *) email - fix sending multiple consecutive emails;
    *) fixed router lockup on leap seconds with installed ntp package;
    *) ccr - made hardware watchdog work again (was broken since v6.26);
    *) console - allow users with 'policy' policy to change script owner;
    *) icmp - use receive interface address when responding with icmp errors;
    *) ipsec - fail ph2 negitioation when initiator proposed key length
       does not match proposal configuration;
    *) timezone - updated timezone information to 2015e release;
    *) ssh - added option '/ip ssh stong-crypto'
    *) wireless - improve ac radio coexistence with other wireless clients, optimized 
        transmit times to not interfere with other devices;
    *) console - values of $".id", $".nextid" and $".dead" are avaliable for
        use in 'print where' expressions;
    *) console - ':execute' command now accepts script source in "{}" braces,
        like '/system scripts add source=' does;
    *) console - ':execute' command now returns internal number of running job,
        that can be used to check and stop execution. For example:
          :local j [:execute {/interface print follow where [:log info "$name"]}]
          :delay 10s
          :do { /system script job remove $j } on-error={}
    *) console - firewall 'print' commands now show all entries including
        dynamic, 'all' argument now has no effect;
    *) ipsec - increase replay window to 128;
    *) fixed file transfer on devices with large RAM memory;
    *) pptp - fixed "encryption got out of sync" problem;
    *) ppp - disable vj tcp header compression;
    *) api - reduce api tcp connection keepalive delay to 30 seconds,
       will timeout idle connections in about 5 minutes;
    *) pptp & l2tp & sstp client: support the case were server issues its tunnel
       ip address the same as its public one;
    *) removed wireless package from routeros bundle package,
       new wireless-fp is left in place and wireless-cm2 added as option;
    *) pptp & l2tp client: when adding default route, add special exception route for
       a tunnel itself (no need to add it manually anymore);
    *) improved connection list: added connection packet/byte counters,
       added separate counters for fasttrack, added current rate display,
       added flag wheather connection is fasttracked/srcnated/dstnated,
       removed 2048 connection entry limit;
    *) tunnels - eoip, eoipv6, gre,gre6, ipip, ipipv6, 6to4 tunnels
       have new property - ipsec-secret - for easy setup of ipsec
       encryption and authentication;
    *) firewall - added ipsec-policy matcher to check wheather packet
       was/will be ipsec processed or not;
    *) possibility to disable route cache - improves DDOS attack
       handling performance up to 2x (note that ipv4 fastpath depends on route cache);
    *) fasttrack - added dummy firewall rule in filter and mangle tables
       to show packets/bytes that get processed in fasttrack and bypass firewall;
    *) fastpath - vlan interfaces support fastpath;
    *) fastpath - partial support for bonding interfaces (rx only);
    *) fastpath - vrrp interfaces support fastpath;
    *) fixed memory leak on CCR devices (introduced in 6.28);
    *) lte - improved modem identification to better support multiple identical modems;
    *) snmp - fix system scripts table;
    
    What's new in 6.29 (2015-May-27 11:19):
    
    *) ssh server - use custom generated DH primes when possible;
    *) ipsec - allow to specify custom IP address for my_id parameter;
    *) ovpn server - use subnet topology in ip mode if netmask is provided (makes android & ios 
       clients work);
    *) console - allow '-' characters in unknown command argument names;
    *) snmp - fix rare bug when some OIDs where skipped;
    *) ssh - added aes-ctr cipher support;
    *) mesh - fixed kernel crash;
    *) ipv4 fasttrack fastpath - accelerates connection tracking and nat for marked
       connections (more than 5x performance improvement compared to regular slow
       path conntrack/nat) - currently limited to TCP/UDP only;
    *) added ~fasttrack-connection~ firewall action in filter/mangle tables for marking
       connections as fasttrack;
    *) added fastpath support for bridge interfaces - packets received and transmitted
       on bridge interface can go fastpath (previously only bridge forwarded packets
       could go fastpath);
    *) packets now can go half-fastpath - if input interface supports fastpath and
       packet gets forwarded in fastpath but output interface does not support fastpath
       or has interface queue other than only-hw-queue packet gets converted
       to slow path only at the dst interface transmit time;
    *) trafflow: add natted addrs/ports to ipv4 flow info;
    *) tilegx: enable autoneg for sfp ports in netinstall;
    *) health - fix voltage on some RB4xx;
    *) romon - fix 100% CPU usage;
    *) romon - moved under tools menu in console;
    *) email - store hostname for consistency;
    *) vrrp - do not reset interface when no interesting config changes;
    *) fixed async. ppp server;
    *) sstp - fixed router lockup.
    *) queue tree: some queues would stop working after some configuration changes;
    *) fixed CRS226 10G ports could lose link (introduced in 6.28);
    *) fixed FREAK vulnerability in SSL & TLS;
    *) firewall - fixed sector writes rising starting since 6.28;
    *) improved support for new hEX lite;
    
    What's new in 6.28 (2015-Apr-15 15:18):
    
    *) email - increase server greeting timeout to 60s;
    *) lte - ZTE MF823 may loose configuration;
    *) userman - update paypal root certificate;
    *) timezone - updated timezone information to 2015b release;
    *) cm2 - fixed capsman v2 100% CPU and other stability improvements;
    *) route - using ldp could cause connected routes with
        invalid interface nexthop;
    *) added support for SiS 190/191 PCI Ethernet adapter;
    *) made metarouter work on boards with 802.11ac support or usb LTE;
    *) sstp server - allow ADH only when no certificate set;
    *) make fat32 disk formatting support disks bigger than 134GiB;
    *) fixed tunnels - could crash when clamp-tcp-mss was enabled;
    *) added basic counters for ipv4/bridge fast path, also show status wether fast
       path is active at all;
    *) trafflow: - fixed crash on disable;
    *) pppoe over eoip - fixed crash with large packets;
    *) tilegx - fixed memory leak when queue settings are changed;
    *) ar9888 - fixed crash when hw reports invalid rate;
    *) console - fixed "in" operator in console;
    *) console - make "/system package update print" work again.
    *) tile - rare situation when CCR devices failed to auto-negotiate ethernet link (introduced in v6.25);
    *) dhcpv4 client - it is now possible to unset default clientid and hostname options
    *) initial RoMon (Router Management Overlay Network) support added.
    
    What's new in 6.27 (2015-Feb-11 13:24):
    
    *) console - added 'comment' parameter for '/system script'
    *) api - return sentences can have property ".section" that groups values
       from commands such as "monitor", "traceroute",
       "print" (with non-zero 'interval' value);
    *) cloud - add time zone detection feature "/system clock time-zone-autodetect";
    *) cloud - rename "/ip cloud enabled" to "/ip cloud ddns-enabled";
    *) cloud - make "/ip cloud update-time" independent from "/ip cloud ddns-enabled"
    *) cloud - when setting "/ip cloud ddns-enabled" to "no" router will send
               message to server to disable DNS name for this routerboard;
    *) cloud - "/ip cloud force-update" command now will work also when
               "/ip cloud ddns-enabled = no". usefull if user wants to disable DDNS;
    *) RB4xxGL - improved ethernet throughput (less dropped packets);
    *) RouterBOARD - fixed health reporting;
    *) check-installation: fixed wrong kernel crc on powerpc boards
    *) watchdog: fix software watchdog for x86
    *) ssh - check conn state before sending disconnect message;
    *) ipsec - fixed crash that happened in specific situation;

    ليست هناك تعليقات

    اعلان اعلى الموضوع

    اعلان اسفل الموضوع