Version: 7.19beta2
Testing125 changelog entries across 57 component(s)
2025-Feb-28 (1 year ago)
| Component | Change |
|---|---|
| arp | added warning, when "Published" ARP entry used on an interface with "reply-only" ARP mode enabled; |
| bgp | added input.filter-community; |
| bgp | fixed input.accept-community; |
| bgp | fixed memory leak on receiving notify and closing session; |
| bgp | improved performance on BGP input; |
| bonding | added setting for LACP active/passive modes; |
| bridge | added new STP monitoring fields for bridge and ports (Tx/Rx BPDU, Tx/Rx TC, forward/discard transitions, last topology change, message-age, max-age, remaining-hops, bridge-id); |
| bridge | fixed bridge port hang when using invalid port IDs; |
| bridge | fixed dhcp-snooping in QinQ setups; |
| bridge | fixed minor memory leak on link down; |
| bridge | fixed multicast packet flow on hardware offloaded bridge which acts as "multicast-router"; |
| bridge | improved default bridge and port layout on console and GUI; |
| bridge | improved stability in case of configuration error (introduced in v7.15); |
| bridge | moved "TCHANGE" logs from bridge,stp to bridge,stp,debug; |
| bridge | rename "ports" to "interface" under MDB table for configuration consistency with other menus; |
| bridge | renamed STP monitor fields (port-number to port-id, designated-port-number to designated-port-id, designated-bridge to designated-bridge-id); |
| bridge | show designated-* monitor field for all port roles; |
| bridge | show warning instead of causing error when using multicast MAC as admin-mac (introduced in v7.17); |
| capsman | fixed "undo" command for cap interfaces; |
| certificate | added built-in root certificate authorities store; |
| certificate | do not include CA identity in SCEP POST requests; |
| certificate | improve error message when trying to use certificate; |
| certificate | optimize trust store; |
| cloud | fixed issues when BTH is toggled fast between enable/disable; |
| cloud | improved "BTH Files" web page design; |
| console | disallow incomplete double-quoted arguments (allows multiline string pasting); |
| console | fixed issue with files when using scripts (introduced in v7.18); |
| console | fixed misaligned multiline in brief print mode; |
| console | improved file add/remove process stability; |
| console | set "/system/note show-at-login=yes" the default value after configuration reset; |
| container | allow changing container name; |
| container | try to derive a user readable container name from remote image or file; |
| dhcpv4 | improved outgoing packet logging; |
| dhcpv4-server | accept packets with htype 6; |
| dhcpv4/v6-client | added check-gateway parameter; |
| dhcpv6-client | allow selecting to which routing tables add default route; |
| dhcpv6-relay | clear saved routes on DHCP release; |
| dhcpv6-relay | show client address; |
| dhcpv6-server | change bound status to waiting on binding disable; |
| dhcpv6-server | fix when expired static binding is declined with false "binding belogs to another server" reason; |
| dhcpv6-server | improved stability when disabling server with active bindings; |
| disk | add "sector-size" property in print detail; |
| disk | add reset-counters to /disk btrfs filesystem; |
| dlna | improved folder indexing behavior; |
| dns | improved DNS server service stability; |
| dot1x | fixed dynamic switch ACL rules on boards with a lot of ports (e.g. CRS520); |
| ethernet | improved Ethernet and PoE port mapping to ensure a consistent and reliable interface order; |
| file | improved responsiveness on slow filesystems; |
| firewall | always show "passthrough" when exporting mangle table; |
| firewall | detect VRF addresses as local; |
| health | hide settings in CLI if there is nothing to show; |
| health | improved performance on devices with simple voltage sensors; |
| igmp-proxy | do not try to send leave message for multicast groups that the device itself has joined on the upstream interface (cosmetic fix for proxy error logs); |
| iot | improvement to lora dev-addr-validation behavior; |
| iot | improvement to lora join eui/net id filtering behavior; |
| ip-service | show all TCP/UDP connections on the system; |
| ip-service | show all TCP/UDP ports on system, including ports in containers; |
| ip-service | show error message when service enable fails; |
| ipv6 | avoid watchdog reboot due to link-local IPv6 address reconfiguration on thousand of interfaces at once; |
| l2tp-ether | improved stability when trying to connect to disabled L2TP server with IPsec; |
| l3hw | remove VLAN tag before VXLAN encapsulation (fixes pvid behavior for bridged VXLAN); |
| log | added additional CEF fields from firewall and login logs; |
| log | populate in/out fields in firewall CEF logs with correct data; |
| lte | added UICC parameter in LTE monitor for R11e-4G modem; |
| lte | fixed modem recovery after firmware upgrade for R11e-LTE modem; |
| lte | fixed Router Advertisement processing issue for AT modems when an APN with "ip-type=ipv6" was configured; |
| lte | improved dialer for EC200A-EU modem; |
| lte | set apn profile name the same as apn if no name specified when creating the profile; |
| netinstall | improved network socket re-opening when NIC status changes while running the server; |
| netinstall | show warning when network configuration on PC might not be appropriate for installation; |
| netinstall-cli | fixed issue with applying the branding package; |
| ovpn | disable hardware accelerator for GCM on MMIPS CPUs (introduced in v7.18); |
| ovpn-server | do not reset active connections when changing comment or name; |
| pimsm | fixed issue where own query caused querier detection; |
| poe-out | upgraded firmware for 802.3at/bt PSE controlled boards (the update will cause brief power interruption to PoE-out interfaces); |
| ppc | fixed VLAN TCP packet transmit on PPC devices; |
| profiler | improved process classification; |
| ptp | added "ptp" logging topic; |
| quickset | improved system stability; |
| rose-storage | fixes for btrfs; |
| route | added options to set dynamic-in and connected-in chains in /routing/settings; |
| route | fixed stuck output when calling prints from multiple routing menus; |
| route | make AFI naming consistent; |
| route | show BGP session name instead of cache-id; |
| route-filter | improved performance; |
| sfp | added sfp-encoding data output from EEPROM; |
| sniffer | add max-packet-size (2k-64k) setting to be able to sniffer more than 2k data per packet; |
| ssh | fixed authorization with SSH key when multiple user SSH public keys are imported; |
| ssl/tls | respond with more precise alert error messages; |
| ssl/tls | send certificate authority in Certificate message even if it is not trusted; |
| switch | do not count rx-too-long multiple times on 100Gbps QSFP28; |
| switch | fixed egress mirroring for packets coming from external CPU port (e.g. CRS520, CCR2216, CCR2116); |
| switch | flush CPU port FDB entries on switch disable; |
| switch | improve rate limit accuracy for MT7531, MT7621, EN7562CT; |
| switch | improved boot stability on devices with Alpine CPU and switch chip; |
| switch | improved stability when enabling IGMP snooping with VXLAN (introduced in v7.18); |
| system | improved internal "flash/" prefix handling for different file path related settings; |
| webfig | allow table column resize over side toolbar; |
| webfig | don't reorder rows when selecting header cells with Alt+click; |
| webfig | show IPv6 firewall connections; |
| webfig | show missing data in "IP/DNS/Cache" records; |
| wifi | add channel.reselect-time parameter which allows to perform channel re-sellection at given time of day (CLI only); |
| wifi | add information on CAP uptime and connection uptime in "Remote CAP" list; |
| wifi | added "eap-identity" to registration table; |
| wifi | added SSID to logs; |
| wifi | fix authentication of clients which omit some RSN information at association; |
| wifi | fix incorrect info about current channel for station interfaces after AP has switched channel (introduced in v7.17); |
| wifi | re-word log entries about disconnections which are likely caused by peer using a wrong passphrase; |
| wifi | use at least TLS 1.2 for securing connection between CAPsMAN manager and CAPs; |
| wifi-qcom | fix inability of interfaces in station mode to connect if they do not support full bandwidth of AP; |
| winbox | added "MAC Telnet" under "Wifi/Registration" menu; |
| winbox | added "Multi Passphrase Group" for wifi; |
| winbox | added "Reset MAC address" for legacy wireless and wifi; |
| winbox | added country to wireless setup-repeater; |
| winbox | changed default wireless wds-cost-range values; |
| winbox | do not show not relevant values for certificate template; |
| winbox | fixed missing SMB client on non-ROSE devices; |
| winbox | fixed switch menu for Chateau 5G; |
| winbox | improve graphing efficiency when communicating with WinBox; |
| wireguard | add wg-import config-string parameter to import config directly from terminal; |
| wireguard | update peer info on "get" command; |
| wireless | added "eap-identity" to registration table; |
| wireless | implement handling of RADIUS disconnect messages by CAPsMAN; |
| wireless | suggest all legitimate frequencies for interfaces with 20/40mhz-XX channel width in GUI; |
| x86 | added support for Emulex NIC; |