en-usMikroTik Bugfixhttps://mikrotik.com/Copyright 2019, Mikrotikls LtdMikroTik Rss60Feed for newest RouterOS updates.RouterOS 6.42.12 [Long-term]https://mikrotik.com/download/changelogs/long-term

6.42.12 changelog:

*) ipsec - accept only valid path for "export-pub-key" parameter in "key" menu;
*) quickset - fixed "country" parameter not properly setting regulatory domain configuration;
*) smb - fixed possible buffer overflow;
*) w60g - fixed disconnection issues in PtMP setups;
*) winbox - improvements in connection handling to router with open winbox service;
*) wireless - improved antenna gain setting for devices with built in antennas;
*) wireless - show indoor/outdoor frequency limitations under "/interface wireless info country-info" command;

Download the new 'RouterOS 6.42.12' version here: https://mikrotik.com/download

Long-termTue, 12 Feb 2019 11:46:00 +0200eacd70d187e61220ff7c778e1dd99756
RouterOS 6.42.11 [Long-term]https://mikrotik.com/download/changelogs/long-term

6.42.11 changelog:

!) telnet - do not allow to set "tracefile" parameter;

*) capsman - fixed "group-key-update" parameter not using correct units;
*) certificate - properly flush old CRLs when changing store location;
*) console - properly remove system note after configuration reset;
*) dhcpv6-server - properly handle DHCP requests that include prefix hint;
*) discovery - fixed malformed neighbor information for routers that has incomplete IPv6 configuration;
*) discovery - fixed neighbor discovery for PPP interfaces;
*) export - fixed "silent-boot" compact export;
*) gps - added "coordinate-format" parameter;
*) interface - improved system stability when including/excluding a list to itself;
*) kidcontrol - do not allow users with "read" policy to pause and resume kids;
*) led - fixed default LED configuration for RBMetalG-52SHPacn;
*) log - properly handle long echo messages;
*) lte - added support for more ZTE MF90 modems;
*) lte - disallow setting LTE interface as passthrough target;
*) package - use bundled package by default if standalone packages are installed as well;
*) resource - fixed "total-memory" reporting on ARM devices;
*) snmp - added "tx-ccq" ("mtxrWlStatTxCCQ") and "rx-ccq" ("mtxrWlStatRxCCQ") values;
*) snmp - do not initialise interface traps on bootup if they are not enabled;
*) switch - fixed MAC learning when disabling interfaces on devices with Atheros8327 and QCA8337 switch chips;
*) system - fixed situation when all configuration was not properly loaded on bootup;
*) timezone - fixed "Europe/Dublin" time zone;
*) upgrade - automatically uninstall standalone package if already installed in bundle;
*) webfig - do not show bogus VHT field in wireless interface advanced mode;
*) winbox - allow to change VHT rates when 5ghz-n/ac band is used;
*) winbox - renamed "Radius" to "RADIUS";
*) winbox - show "Switch" menu on RB4011iGS+5HacQ2HnD and RB4011iGS+;
*) wireless - added new "installation" parameter to specify router's location;
*) wireless - improved stability for 802.11ac;
*) wireless - improvements in wireless frequency selection;

Download the new 'RouterOS 6.42.11' version here: https://mikrotik.com/download

Long-termWed, 09 Jan 2019 13:07:06 +0200b3fcf4c773704972703c13c021be4fb6
RouterOS 6.42.10 [Long-term]https://mikrotik.com/download/changelogs/long-term

6.42.10 changelog:

!) upgrade - release channels renamed - "bugfix" to "long-term", "current" to "stable" and "release candidate" to "testing";
!) upgrade - "testing" release channel now can contain "beta" together with "release-candidate" versions;

*) bridge - do not learn untagged frames when filtering only tagged packets;
*) bridge - fixed possible memory leak when VLAN filtering is used;
*) bridge - improved packet handling when hardware offloading is being disabled;
*) bridge - properly disable dynamic CAP interfaces;
*) certificate - fixed time zone adjustment for SCEP requests;
*) crs328 - improved link status update on disabled SFP and SFP+ interfaces;
*) crs328 - improved link status update on disabled SFP+ interface when using DAC;
*) crs3xx - fixed possible memory leak when disabling bridge interface;
*) defconf - automatically accept default configuration if reset done by holding button;
*) defconf - properly load default configuration after reset (introduced in v6.42.9);
*) health - fixed bad voltage readings on RB493G;
*) ipsec - fixed hw-aead (H) flag presence under Installed SAs on startup;
*) ipsec - improved stability when uninstalling multiple SAs at once;
*) ipsec - properly update warnings under peer menu;
*) led - added "dark-mode" functionality for LHG and LDF series devices;
*) led - fixed default LED configuration for SXT LTE kit and wAP 60G AP devices;
*) led - fixed power LED turning on after reboot when "dark-mode" is used;
*) ntp - fixed possible NTP server stuck in "started" state;
*) ospf - improved stability while handling type-5 LSAs;
*) romon - improved packet processing when MTU in path is lower than 1500;
*) routerboard - renamed SIM slots to "a" and "b" on SXT LTE kit;
*) routerboard - show "boot-os" and "force-backup-booter" options only on devices that have such feature;
*) timezone - updated timezone information from tzdata2018g release;
*) traffic-flow - fixed post NAT port reporting;
*) traffic-flow - fixed "src-mac-address" and added "post-src-mac-address" fields;
*) tunnel - made "ipsec-secret" parameter sensitive;
*) usb - fixed power-reset for hAP ac^2 devices;
*) w60g - fixed misleading license level requirement log message;
*) w60g - fixed "scan" functionality when in bridge mode;
*) w60g - renamed "frequency-list" to "scan-list";
*) winbox - allow to specify SIM slot on LtAP mini;
*) winbox - enabled "fast-forward" by default when adding new bridge;
*) winbox - show "System/Health" only on boards that have health monitoring;
*) winbox - show "W60G" wireless tab on wAP 60G AP;

Download the new 'RouterOS 6.42.10' version here: https://mikrotik.com/download

Long-termTue, 20 Nov 2018 08:05:58 +02002e64cdac8d9c457bad0d7389b5d49389
RouterOS 6.42.9 [Long-term]https://mikrotik.com/download/changelogs/long-term

6.42.9 changelog:

Important note!!! Backup before upgrade!
RouterOS v6.41 and above contains new bridge implementation that supports hardware offloading (hw-offload).
This update will convert all interface "master-port" configuration into new bridge configuration, and eliminate "master-port" option as such.
Bridge will handle all Layer2 forwarding and the use of switch-chip (hw-offload) will be automatically turned on based on appropriate conditions.
The rest of RouterOS Switch specific configuration remains untouched in usual menus.
Please, note that downgrading below RouterOS v6.41 will not restore "master-port" configuration, so use backups to restore configuration on downgrade.

*) bridge - ignore tagged BPDUs when bridge VLAN filtering is used;
*) bridge - improved packet handling when hardware offloading is being disabled;
*) crs317 - fixed packet forwarding on bonded interfaces without hardware offloading;
*) crs326/crs328 - fixed packet forwarding when port changes states with IGMP Snooping enabled;
*) defconf - properly clear global variables when generating default configuration after RouterOS upgrade;
*) dns - fixed DNS cache service becoming unresponsive when active Hotspot server is present on the router (introduced in 6.42);
*) filesystem - fixed NAND memory going into read-only mode (requires "factory-firmware" >= 3.41.1 and "current-firmware" >= 6.43);
*) health - added missing parameters from export;
*) health - fixed voltage measurements for RB493G devices;
*) hotspot - properly update dynamic "walled-garden" entries when changing "dst-host";
*) ike2 - fixed rare authentication and encryption key mismatches after rekey with PFS enabled;
*) ike2 - improved subsequent phase 2 initialization when no child exist;
*) ipsec - improved invalid policy handling when a valid policy is uninstalled;
*) ipsec - improved stability when using IPsec with disabled route cache;
*) led - added "dark-mode" functionality for wsAP ac lite, RB951Ui-2nD, hAP, hAP ac lite and LtAP mini devices;
*) lte - fixed LTE interface not working properly after reboot on RBSXTLTE3-7;
*) lte - fixed LTE registration in 2G/3G mode;
*) ospf - improved link-local LSA flooding;
*) ospf - improved stability when originating LSAs with OSPFv3;
*) routerboard - fixed memory tester reporting false errors on IPQ4018 devices ("/system routerboard upgrade" required);
*) routerboard - show "boot-os" option only on devices that have such feature;
*) routerboot - fixed RouterOS booting on devices with particular NAND memory;
*) sniffer - made "connection", "host", "packet" and "protocol" sections read-only;
*) supout - added "files" section to supout file;
*) upgrade - fixed RouterOS upgrade process from RouterOS v5 on PowerPC;
*) upnp - improved UPnP service stability when handling HTTP requests;
*) userman - fixed "shared-secret" parameter requiring "sensitive" policy;
*) w60g - added "frequency-list" setting;
*) w60g - fixed interface LED status update on connection;
*) w60g - fixed random disconnects;
*) w60g - general stability and performance improvements;
*) webfig - fixed time interval settings not applied properly under "IP/Kid Control/Kids" menu;
*) webfig - fixed www service becoming unresponsive;
*) winbox - show "System/RouterBOARD/Mode Button" on devices that has such feature;
*) wireless - accept only valid path for sniffer output file parameter;
*) wireless - fixed "/interface wireless sniffer packet print follow" output;

What's new in 6.42.8 (2018-Sep-21 13:30):

(factory only release)

Download the new 'RouterOS 6.42.9' version here: https://mikrotik.com/download

Long-termMon, 01 Oct 2018 10:05:45 +03002a33bc6ba0eb0a8ed97e20143764bc9a
RouterOS 6.40.9 [Long-term]https://mikrotik.com/download/changelogs/long-term

6.40.9 changelog:

!) security - fixed vulnerabilities CVE-2018-1156, CVE-2018-1157, CVE-2018-1158, CVE-2018-1159;

*) certificate - fixed "add-scep" template existence check when signing certificate;
*) defconf - fixed wAP LTE kit default configuration;
*) ethernet - improved large packet handling on ARM devices with wireless;
*) ethernet - removed obsolete slave flag from "/interface vlan" menu;
*) filesystem - fixed NAND memory going into read-only mode;
*) hotspot - fixed user authentication when queue from old session is not removed yet;
*) interface - fixed interface configuration responsiveness;
*) ipsec - fixed policies becoming invalid if added after a disabled policy;
*) ldp - properly load LDP configuration;
*) ppp - fixed "hunged up" grammar to "hung up" within PPP log messages;
*) sfp - hide "sfp-wavelength" parameter for RJ45 transceivers;
*) snmp - added remote CAP count OID for CAPsMAN;
*) supout - added "partitions" section to supout file;
*) tile - fixed Ethernet interfaces becoming unresponsive;
*) tr069-client - fixed unresponsive tr069 service when blackhole route is present;
*) userman - fixed compatibility with PayPal TLS 1.2;
*) userman - improved unique username generation process when adding batch of users;
*) winbox - added missing "dscp" and "clamp-tcp-mss" settings to IPv6 tunnels;
*) winbox - allow to specify full URL in SCEP certificate signing process;
*) winbox - by default specify keepalive timeout value for tunnel type interfaces;
*) winbox - show firmware upgrade message at the bottom of "System/RouterBOARD" menu;
*) winbox - show "scep-url" for certificates;
*) winbox - show "sector-writes" on ARM devices that have such counters;
*) winbox - show "sector-writes" on devices that have such counters;
*) winbox - show "System/Health" only on boards that have health monitoring;
*) wireless - added option to disable PMKID for WPA2;
*) wireless - enable all chains by default on devices without external antennas after configuration reset;
*) wireless - fixed packet processing after removing wireless interface from CAP settings;
*) wireless - improved client "channel-width" detection;
*) wireless - improved Nv2 PtMP performance;
*) wireless - increased stability on hAP ac^2 and cAP ac with legacy data rates;
*) wireless - updated "united-states" regulatory domain information;

Download the new 'RouterOS 6.40.9' version here: https://mikrotik.com/download

Long-termWed, 22 Aug 2018 12:35:26 +030098fcacc936930532f2c000c672b3d7ca
RouterOS 6.40.8 [Long-term]https://mikrotik.com/download/changelogs/long-term

6.40.8 changelog:

!) winbox - fixed vulnerability that allowed to gain access to an unsecured router;
*) certificate - fixed incorrect SCEP URL after an upgrade;
*) health - fixed empty measurements on CRS328-24P-4S+RM;
*) ike2 - use "policy-template-group" parameter when picking proposal as initiator;
*) ipv6 - fixed IPv6 behaviour when bridge port leaves bridge;
*) routerboard - fixed "mode-button" support on hAP lite r2 devices;
*) ssh - fixed SSH service becoming unavailable;
*) traffic-flow - fixed IPv6 destination address value when IPFIX protocol is used;
*) winbox - show "Switch" menu on cAP ac devices;
*) wireless - improved compatibility with BCM chipset devices;

Download the new 'RouterOS 6.40.8' version here: https://mikrotik.com/download

Long-termTue, 24 Apr 2018 12:18:25 +03008dd3e08e9cdfe487bbfa5321c681d3bd
RouterOS 6.40.7 [Long-term]https://mikrotik.com/download/changelogs/long-term

6.40.7 changelog:

!) smb - fixed buffer overflow vulnerability, everyone using this feature is urged to upgrade;
*) console - do not allow variables that start with digit to be referenced without "$" sign;
*) led - fixed unused "link-act-led" LED trigger on RBLHG 2nD, RBLHG 2nD-XL and RBSXTsq 2nD;
*) netinstall - sign Netinstall executable with an Extended Validation Code Signing Certificate;
*) romon - make "secret" field sensitive in console;
*) tr069-client - fixed TR069 service becoming unavailable when related service package is not installed;
*) winbox - fixed "/tool e-mail send" attachment behavior;
*) winbox - fixed maximal ID for Traffic Generator stream;
*) winbox - made UDP local and remote TX size parameter optional in Bandwidth Test tool;
*) winbox - removed "Enable" and "Disable" buttons from IPsec "mode-config" list;
*) winbox - show "D" flag under "/ip dhcp-client" menu;
*) winbox - use proper graph name for HDD graphs;
*) wireless - enable all chains by default on devices without external antennas after configuration reset;

Download the new 'RouterOS 6.40.7' version here: https://mikrotik.com/download

Long-termFri, 20 Apr 2018 13:13:14 +03004a598743b9849c546682cddbb01825bc
RouterOS 6.40.6 [Long-term]https://mikrotik.com/download/changelogs/long-term

6.40.6 changelog:

*) btest - fixed TCP test accuracy when low TX/RX rates are used;
*) certificate - do not use UTF-8 for SCEP challenge password;
*) certificate - fixed PKCS#10 version;
*) chr - generate new system ID on first boot;
*) crs317 - fixed reliability on FAN controller;
*) defconf - fixed DISC Lite5 LED default configuration;
*) dhcpv4-server - fixed framed and classless route received from RADIUS server;
*) disk - fixed disk detach process;
*) dude - fixed e-mail notifications when default port is not used;
*) export - fixed "/system routerboard mode-button" compact export;
*) filesystem - implemented additional system integrity checks on reboots;
*) firewall - limited maximum "address-list-timeout" value to “35w3d13h13m56s”;
*) hotspot - fixed "dst-port" to require valid "protocol" in "walled-garden ip";
*) hotspot - fixed Walled Garden IP functionality when address-list is used;
*) ike1 - fixed crash on XAUTH if user does not exist;
*) ike1 - fixed memory corruption when IPv6 is used;
*) ike1 - improved stability on phase1 rekeying;
*) ike2 - added support for multiple split networks;
*) ike2 - delay rekeyed peer outbound SA installation;
*) ike2 - improve half-open connection handling;
*) ike2 - kill connection when peer changes address;
*) ike2 - use peer configuration address when available on empty TSi;
*) ipsec - fixed incorrect esp proposal key size usage;
*) ipsec - properly update IPsec secret for IPIP/EoIP/GRE dynamic peer;
*) l2tp - improved reliability on packet processing in FastPath;
*) netinstall - improved LTE package description;
*) netinstall - properly generate skins folder when branding package is installed;
*) ovpn - fixed resource leak on systems with high CPU usage;
*) ovpn-server - do not periodically change automatically generated server MAC address;
*) ppp - do not disconnect active PPP connection after "idle-timeout";
*) ppp - do not lose "/ppp profile" script configuration after other profile parameters are edited;
*) ppp - fixed "change-mss" functionality when MSS is not set on forwarded packets;
*) ppp - fixed L2TP and PPTP encryption negotiation process on configuration changes;
*) pppoe-client - properly re-establish MLPPP session when one of the lines stopped transmitting packets;
*) quickset - do not automatically change mode to CPE;
*) quickset - renamed router IP static DNS name to "router.lan";
*) route - fixed DHCP/PPP “add-default-route” “distance” minimal value to 1;
*) route - improved reliability on routing table update;
*) routerboard - properly report warnings under "/system routerboard" menu;
*) scheduler - properly display long scheduler configuration;
*) sfp - improved SFP module compatibility;
*) sms - fixed minor problem for SMS delivery;
*) snmp - added IPv6 addresses support on default "public" community;
*) snmp - fixed bulk requests when non-repeaters are used;
*) snmp - fixed consecutive OID bulk get from the same table;
*) traceroute - fixed "/tool traceroute" results print;
*) traffic-flow - do not count single extra packet per each flow;
*) webfig - added support for proper default policies when adding script or scheduler job;
*) webfig - fixed backup loading from Webfig on RouterBOARD running default configuration;
*) webfig - fixed bridge port sorting order by name;
*) webfig - fixed MAC address ordering;
*) webfig - fixed router getting reset to default configuration;
*) webfig - fixed column ordering;
*) winbox - allow to specify "to-ports" for "action=masquerade";
*) wireless - fixed wireless protocol mode restrictions if lockpack is installed and has limits for it;
*) wireless - removed unused monitor command from CLI;
*) wireless - updated "Australia", "Czech Republic", "UK 5.8 Fixed" and "United Kingdom" regulatory domain information;

Download the new 'RouterOS 6.40.6' version here: https://mikrotik.com/download

Long-termThu, 01 Mar 2018 14:39:04 +02000b9a1c5f82652a3b3c87461820aa8132
RouterOS 6.39.3 [Long-term]https://mikrotik.com/download/changelogs/long-term

6.39.3 changelog:

*) arp - properly update dynamic ARP entries after interface related changes;
*) bonding - fixed 802.3ad mode on RB1100AHx4;
*) bonding - improved reliability on bonding interface removal;
*) console - fixed different command auto complete;
*) crs1xx/2xx - fixed 1 Gbps forced mode for several SFP modules;
*) crs317 - added L2MTU support;
*) crs3xx - improved packet processing in slowpath;
*) dhcp - fixed downgrade from RouterOS v6.41 or higher;
*) dhcpv4-server - fixed lease renew for DHCP clients that sends renewal with "ciaddr =";
*) dhcpv6-client - do not run DHCPv6 client when IPv6 package is disabled;
*) dhcpv6-client - fixed IA evaluation order;
*) dhcpv6-client - require pool name to be unique;
*) dhcpv6-server - do not release address of static binding from pool after server removal;
*) discovery - fixed timeouts for LLDP neighbours;
*) ethernet - fixed occasional broken interface order after reset/first boot;
*) ethernet - fixed rare linking problem with forced 10Mbps full-duplex mode;
*) export - fixed export for PoE-OUT related settings;
*) export - fixed wireless "ssid" and "supplicant-identity" compact export;
*) fasttrack - fixed fasttrack over interfaces with dynamic MAC address;
*) firewall - fixed bridge "action=log" rules;
*) firewall - fixed crash on fasttrack dummy rule manual change attempt;
*) firewall - properly remove "address-list" entry after timeout ends;
*) firewall - removed unique address list name limit;
*) hAP ac lite - removed nonexistent "wlan-led";
*) hotspot - improved user statistics collection process;
*) hotspot - require "dns-name" to contain "." symbol under Hotspot Server Profile configuration;
*) ike1 - fixed initiator ID comparison to NAT-OA;
*) interface - improved interface state change handling when multiple interfaces are affected at the same time;
*) ipsec - do not deduct "dst-address" from "sa-dst-address" for "/0" policies;
*) ipv6 - fixed IPv6 address request from pool;
*) metarouter - fixed display of bogus error message on startup;
*) ntp-client - properly start NTP client after reboot if manual server IP is not configured;
*) ovpn - added support for "push-continuation";
*) ovpn - added support for topology subnet for IP mode;
*) ovpn - fixed duplicate default gateway presence when receiving extra routes;
*) ovpn - improved performance when receiving too many options;
*) ping - fixed ping getting stuck (after several thousands of ping attempts);
*) ppp - fixed non-standart PAP or CHAP packet handling;
*) pppoe-client - fixed incorrectly formed PADT packet;
*) pppoe-client - fixed wrong MRU detection over VLAN interfaces;
*) proxy - fixed rare program crash after closing client connection;
*) quickset - fixed incorrect VPN address value on arm and tilera;
*) rb1100ahx4 - fixed HW acceleration fragmented packet decryption when fragment is smaller than 64 bytes;
*) rb1100ahx4 - fixed startup problems (requires additional reboot after upgrade);
*) rb2011 - fixed possible LCD blinking along with ethernet LED;
*) rb3011 - fixed packet passthrough on switch2 while booting;
*) rb922 - restored missing wireless interface on some boards;
*) safe-mode - fixed session handling when Safe Mode is used on multiple sessions at the same time;
*) sfp - fixed invalid temperature readings when ambient temperature is below 0C;
*) sfp - fixed OPTON module DDM information readings;
*) sfp - fixed temperature readings for various SFP modules;
*) sniffer - do not skip L2 packets when "all" interface mode was used;
*) snmp - fixed "/caps-man registration-table" uptime values;
*) snmp - fixed "/system license" parameters for CHR;
*) snmp - fixed "/system resource cpu print oid";
*) snmp - fixed crash on interface table get;
*) ssh - do not execute command if it starts with "-" symbol;
*) supout - fixed IPv6 firewall section;
*) switch - fixed multicast forwarding on CRS326;
*) tile - fixed copying large amount of text over serial console;
*) tile - improved reliability on MPLS package processing;
*) traffic-flow - fixed reboots when IPv6 address has been set as target address without active IPv6 package;
*) trafficgen - fixed "lost-ratio" showing incorrect statistics after multiple sequences;
*) userman - do not send disconnect request for user when "simultaneous session limit reached";
*) userman - fixed "limitation" and "profile-limitation" update;
*) userman - fixed CoA packet processing after changes in "/tool user-manager router" configuration;
*) userman - lookup language files also in "/flash" directory;
*) vlan - do not allow VLAN MTU to be higher than L2MTU;
*) vlan - do not delete existing VLAN interface on "failure: already have such vlan";
*) webfig - allow to unset "rate-limit" for DHCP leases;
*) webfig - fixed wireless "scan-list" parameter not being saved after applying changes;
*) webfig - improved reliability of login process;
*) winbox - added possibility to define "comment" for "/routing bgp network" entries;
*) winbox - added support for certificate CRL list;
*) winbox - do not show LCD menu for devices which does not have it;
*) winbox - fixed ARP table update after entry changes state to incomplete;
*) winbox - hide "level" and "tunnel" parameters for IPSec policy templates;
*) winbox - hide FAN speed if it is 0RPM;
*) winbox - make IPSec policies table an ordered list;
*) winbox - properly show "dhcp-server" warnings;
*) winbox - show "/interface wireless cap print" warnings;
*) winbox - show "/system health" only on boards that have health monitoring;
*) winbox - show "D" flag under "/interface mesh port" menu;
*) wireless - added "etsi1" and "russia3" regulatory domain information;
*) wireless - fixed compatibility with "AR5212" wireless chips;
*) wireless - improved WPA2 key exchange reliability;
*) wireless - updated "china", "norway" and "new-zealand" regulatory domain information;

Download the new 'RouterOS 6.39.3' version here: https://mikrotik.com/download

Long-termMon, 16 Oct 2017 08:57:36 +030042f908b443356f9c6855f21f9b1323aa
RouterOS 6.38.7 [Long-term]https://mikrotik.com/download/changelogs/long-term

6.38.7 changelog:

!) bridge - fixed BPDU rx/tx when “protocol-mode=none”;
!) bridge - reverted bridge BPDU processing back to pre-v6.38 behaviour (v6.40 will have another separate VLAN-aware bridge implementation);
*) 6to4 - fixed wrong IPv6 "link-local" address generation;
*) arp - fixed "make-static";
*) bonding - do not add bonding interface if "could not set MTU" error is received;
*) console - fixed "/ip neighbor discovery" export;
*) console - fixed unexpected console crash when using variables as functions;
*) console - instead of true/false report yes/no as LCD enabled state;
*) defconf - discard default configuration startup query with configuration change from Webfig;
*) defconf - discard default configuration startup query with RouterOS upgrade;
*) defconf - fixed default configuration generation when wireless package is disabled;
*) defconf - fixed Groove 52 ac band settings;
*) dns - made loading thousands of static entries faster;
*) ethernet - fixed "loop-protect" on "master-port";
*) ethernet - fixed rare switch chip hang (could cause port flapping);
*) fetch - fixed download issue over HTTPS;
*) firewall - do not allow to set "rate" value to 0 for "limit" parameter;
*) firewall - fixed "address-list" entry "creation-time" adjustment to timezone;
*) firewall - fixed "address-list" entry changing from IP to DNS and vice versa;
*) firewall - fixed cosmetic "invalid" flag when item was disabled;
*) ike1 - fixed crash on xauth message;
*) ike2 - allow multiple child SA traffic selectors on re-key;
*) ike2 - fixed last EAP authentication payload type;
*) ike2 - fixed policy release during SA negotiation;
*) ike2 - fixed RSA authentication without EAP;
*) ike2 - fixed situation when traffic selector prefix was parsed incorrectly;
*) ipsec - do not deduct policy src/dst address for tunnel policies;
*) ipsec - fixed generated policy priority;
*) ipsec - fixed peer "my-id" address reset;
*) ipv6 - fixed address becoming invalid when interface was removed from bridge/mesh;
*) led - fixed turning off LED when interface is lost;
*) log - added missing "license limit exceeded" log entry;
*) log - work on false CPU/RAM overclocked alarms;
*) netinstall - fixed typos in Netinstall status messages;
*) ntp - restart NTP client when it is stuck in error state;
*) ppp - fixed IPv6 address receiving on PPP interface;
*) pppoe - added warning on PPPoE client/server, if it is configured on slave interface;
*) pppoe-server - fixed "one-session-per-host" issue where 2 simultaneous sessions were possible from the same host;
*) queue - fixed queuing when at least one child queue has "default-small" and other/s is/are different (introduced in 6.35);
*) quickset - fixed LTE "signal-strength" graphs;
*) smb - fixed share path on devices with "/flash" directory;
*) sniffer - fixed VLAN tags when sniffing all interfaces;
*) snmp - added fan-speed OIDs in "/system health print oid";
*) snmp - fixed limited walk;
*) switch - fixed disabling of MAC learning on CRS1xx/CRS2xx;
*) tile - fixed EoIP keepalive when tunnel is made over VLAN interface;
*) traffic-flow - fixed IPFIX IPv6 data reporting;
*) upnp - fixed firewall NAT rule update when external IP address changes;
*) userman - allow "name-for-user" to be empty and not unique;
*) userman - fixed rare GUI crash when User Manager files are not accessible;
*) webfig - allow to enter frequency ranges in wireless “scan-list”;
*) webfig - allow to select "default-encryption" profile on PPP tunnels;
*) webfig - correctly specify routing filter prefix;
*) webfig - do not allow to reorder items if table is sorted by some column;
*) webfig - fixed "last-link-up" & "last-link-down" time information;
*) webfig - fixed Bridge Filter properties display when there are more than one Filter available;
*) webfig - show all available options under "Advanced Mode" for wireless interfaces;
*) winbox - added "Flush" button under “unicast-fdb” menu;
*) winbox - added "memory-scroll", "filter-cpu", "filter-ipv6-address", "filter-operation-between-entries" Sniffer parameters;
*) winbox - added “protected-routerboard” parameters under RouterBOARD settings menu;
*) winbox - allow shorten bytes to k,M,G in firewall "connection-bytes" and "connection-rates";
*) winbox - do not allow Packet Sniffer "memory-limit" and "file-limit" lower than 10KiB;
*) winbox - do not allow to open multiple same sub-menus at the same time;
*) winbox - do not show "dpd-max-failures" on IKEv2;
*) winbox - do not start Traffic Generator automatically when opening "Quick Start";
*) winbox - fixed "Montly" typo to "Monthly" in Graphing menu;
*) winbox - fixed firewall port selection with Winbox v2;
*) winbox - fixed IPSec "mode-config" DNS settings;
*) winbox - fixed issue when working IPSec policies were shown as invalid;
*) winbox - fixed switch ACL Policer statistics;
*) winbox - fixed typo in BGP advertisements menu Aggragator->Aggregator;
*) winbox - hide "wps-mode" & "security-profile" in wireless nv2 mode;
*) winbox - properly show "dhcp-server" warnings;
*) winbox - removed spare values from "loop-protect" setting for EoIPv6 tunnels;
*) winbox - removed unnecessary "/system health" menu on "hAP ac lite" and “RB450”;
*) winbox - show "A" flag for IPSec policies;
*) wireless - reduced load on CPU for high speed wireless links;

Download the new 'RouterOS 6.38.7' version here: https://mikrotik.com/download

Long-termWed, 21 Jun 2017 11:00:11 +0300eb4f3eab521c0584fa3099d5e6e7e2c9