en-usMikroTik Candidatehttps://www.mikrotik.comCopyright 2018, Mikrotikls LtdMikroTik Rss60Feed for newest RouterOS updates.RouterOS 6.44beta20 [Testing]https://www.mikrotik.com/download/changelogs/testing

6.44beta20 changelog:

MAJOR CHANGES IN v6.44:
----------------------
!) cloud - added command "/system backup cloud" for backup storing on cloud (CLI only);
!) upgrade - release channels renamed - "bugfix" to "long-term", "current" to "stable" and "release candidate" to "testing";
!) upgrade - "testing" release channel now can contain "beta" together with "release-candidate" versions;
----------------------

Changes in this release:

*) crs328 - fixed SFP+ interface linking on CRS328-24P-4S+RM (introduced in v6.44beta17);
*) crs328 - improved link status update on disabled SFP+ interface when using DAC;
*) crs3xx - properly read "eeprom" data after different module inserted in disabled interface;
*) dhcp - added "allow-dual-stack-queue" setting for IPv4/IPv6 DHCP servers to control dynamic lease/binding behaviour (CLI only);
*) dhcpv6-server - improved DHCPv6 server stability when using "print" command;
*) led - added "dark-mode" functionality for LHG and LDF series devices;
*) lte - added "firmware-upgrade" command for R11e-LTE international modems (CLI only);
*) lte - fixed connection issue when LTE modem was de-registered from network for more than 1 minute;
*) w60g - general stability and performance improvements;
*) w60g - improved stability for short distance links;

Other changes since v6.43:

*) bridge - do not learn untagged frames when filtering only tagged packets;
*) bridge - fixed packet forwarding when changing MSTI VLAN mappings;
*) bridge - fixed possible memory leak when using MSTP;
*) bridge - fixed possible memory leak when VLAN filtering is used;
*) bridge - improved packet handling when hardware offloading is being disabled;
*) bridge - improved packet processing when bridge port changes states;
*) bridge - properly forward unicast DHCP messages when using DHCP Snooping with hardware offloading;
*) chr - assign interface names based on underlying PCI device order on KVM;
*) cloud - ignore "force-update" command if DDNS is disabled;
*) cloud - improved DDNS service disabling;
*) crs3xx - fixed possible memory leak when disabling bridge interface;
*) crs3xx - improved data transmission between 10G and 1G ports;
*) dhcp - properly load DHCP configuration if options are configured;
*) dhcpv4-server - fixed service becoming unresponsive after interface leaves and enters the same bridge;
*) dhcpv4-server - use client MAC address for dual stack queue when "client-id" is not received;
*) dhcpv6-server - recreate DHCPv6 server binding if it is no longer within prefix pool when rebinding/renewing;
*) discovery - properly use Sytem ID for "software-id" value on CHR;
*) e-mail - added info log message when e-mail is sent successfully;
*) ethernet - fixed IPv6 packet forwarding on IPQ4018 devices;
*) ethernet - fixed IPv6 packet forwarding on IPQ4018 devices;
*) ethernet - fixed IPv6 packet forwarding on IPQ4018 devices;
*) health - improved fan control stability on CRS328-24P-4S+RM;
*) ike2 - added option to specify certificate chain;
*) ike2 - fixed local address lookup when initiating new connection;
*) ike2 - improved subsequent phase 2 initialization when no childs exist;
*) ipsec - added account log message when user is successfully authenticated;
*) ipsec - allow multiple peers to the same address with different local-address (introduced in v6.43);
*) ipsec - fixed stability issues after changing peer configuration (introduced in v6.43);
*) ipsec - improved invalid policy handling when a valid policy is uninstalled;
*) kidcontrol - added "reset-counters" command for "device" menu (CLI only);
*) kidcontrol - added "tur-fri", "tur-mon", "tur-sat", "tur-sun", "tur-thu", "tur-tue", "tur-wed" parameters (CLI only);
*) kidcontrol - dynamically discover devices from DNS activity;
*) kidcontrol - fixed validation checks for time intervals;
*) led - added "dark-mode" functionality for wsAP ac lite, RB951Ui-2nD, hAP and hAP ac lite devices;
*) led - fixed default LED configuration for SXT LTE kit devices;
*) led - fixed power LED turning on after reboot when "dark-mode" is used;
*) lte - added additional ID support for Novatel USB730L modem;
*) lte - added "cell-monitor" command for R11e-LTE international modem (CLI only);
*) lte - added support for JioFi JMR1040 modem;
*) lte - fixed DHCP relay packet forwarding when in passthrough mode;
*) lte - fixed Jaton/SQN modems preventing router from booting properly;
*) ntp - fixed possible NTP server stuck in "started" state;
*) proxy - removed port list size limit;
*) rb3011 - implemented multiple engine IPsec hardware acceleration support;
*) romon - improved packet processing when MTU in path is lower than 1500;
*) romon - improved reliability when processing RoMON packets on CHR;
*) routerboard - show "boot-os" option only on devices that have such feature;
*) snmp - fixed w60g station table;
*) snmp - report bridge ifSpeed as "0";
*) ssh - fixed single command execution (introduced in v6.44beta9);
*) switch - fixed ACL rules on IPQ4018 devices;
*) traffic-flow - fixed post NAT port reporting;
*) w60g - added "frequency-list" setting;
*) w60g - added interface stats;
*) w60g - fixed interface LED status update on connection;
*) w60g - renamed "mcs" to "tx-mcs" and "phy-rate" to "tx-phy-rate";
*) winbox - added 4th chain selection for "HT TX chains" and "HT RX chains" under "CAPsMAN/CAP Interface/Wireless" tab;
*) winbox - added "radio-name" setting to "CAPsMAN/CAP Interface/General" tab;
*) winbox - added "secondary-channel" setting to "CAPsMAN/CAP Interface/Channel" tab;
*) winbox - allow setting "network-mode" to "auto" under LTE interface settings;
*) wireless - improved signal strength at low TX power on LHG 5 ac, LHG 5 ac XL and LDF 5 ac ("/system routerboard upgrade" required);
*) wireless - improved stability for 802.11ac;

Download the new 'RouterOS 6.44beta20' version here: https://www.mikrotik.com/download

]]>
TestingWed, 10 Oct 2018 12:11:45 +03000428fd415dba6b35cb9374249a31daab
RouterOS 6.44beta17 [Testing]https://www.mikrotik.com/download/changelogs/testing

6.44beta17 changelog:

MAJOR CHANGES IN v6.44:
----------------------
!) cloud - added command "/system backup cloud" for backup storing on cloud (CLI only);
!) upgrade - release channels renamed - "bugfix" to "long-term", "current" to "stable" and "release candidate" to "testing";
!) upgrade - "testing" release channel now can contain "beta" together with "release-candidate" versions;
----------------------

Changes in this release:

*) bridge - fixed possible memory leak when VLAN filtering is used;
*) dhcpv4-server - use client MAC address for dual stack queue when "client-id" is not received;
*) ethernet - fixed IPv6 packet forwarding on IPQ4018 devices;
*) health - improved fan control stability on CRS328-24P-4S+RM;
*) led - fixed default LED configuration for SXT LTE kit devices;
*) led - fixed power LED turning on after reboot when "dark-mode" is used;
*) lte - added "firmware-upgrade" command for R11e-LTE international modems (CLI only);
*) wireless - improved signal strength at low TX power on LHG 5 ac, LHG 5 ac XL and LDF 5 ac ("/system routerboard upgrade" required);

Other changes since v6.43:

*) bridge - do not learn untagged frames when filtering only tagged packets;
*) bridge - fixed packet forwarding when changing MSTI VLAN mappings;
*) bridge - fixed possible memory leak when using MSTP;
*) bridge - improved packet handling when hardware offloading is being disabled;
*) bridge - improved packet processing when bridge port changes states;
*) bridge - properly forward unicast DHCP messages when using DHCP Snooping with hardware offloading;
*) chr - assign interface names based on underlying PCI device order on KVM;
*) cloud - ignore "force-update" command if DDNS is disabled;
*) cloud - improved DDNS service disabling;
*) crs3xx - fixed possible memory leak when disabling bridge interface;
*) crs3xx - improved data transmission between 10G and 1G ports;
*) dhcp - properly load DHCP configuration if options are configured;
*) dhcpv4-server - fixed service becoming unresponsive after interface leaves and enters the same bridge;
*) dhcpv6-server - recreate DHCPv6 server binding if it is no longer within prefix pool when rebinding/renewing;
*) discovery - properly use Sytem ID for "software-id" value on CHR;
*) e-mail - added info log message when e-mail is sent successfully;
*) ethernet - fixed IPv6 packet forwarding on IPQ4018 devices;
*) ethernet - fixed IPv6 packet forwarding on IPQ4018 devices;
*) ike2 - added option to specify certificate chain;
*) ike2 - fixed local address lookup when initiating new connection;
*) ike2 - improved subsequent phase 2 initialization when no childs exist;
*) ipsec - added account log message when user is successfully authenticated;
*) ipsec - allow multiple peers to the same address with different local-address (introduced in v6.43);
*) ipsec - fixed stability issues after changing peer configuration (introduced in v6.43);
*) ipsec - improved invalid policy handling when a valid policy is uninstalled;
*) kidcontrol - added "reset-counters" command for "device" menu (CLI only);
*) kidcontrol - added "tur-fri", "tur-mon", "tur-sat", "tur-sun", "tur-thu", "tur-tue", "tur-wed" parameters (CLI only);
*) kidcontrol - dynamically discover devices from DNS activity;
*) kidcontrol - fixed validation checks for time intervals;
*) led - added "dark-mode" functionality for wsAP ac lite, RB951Ui-2nD, hAP and hAP ac lite devices;
*) lte - added additional ID support for Novatel USB730L modem;
*) lte - added "cell-monitor" command for R11e-LTE international modem (CLI only);
*) lte - added support for JioFi JMR1040 modem;
*) lte - fixed DHCP relay packet forwarding when in passthrough mode;
*) lte - fixed Jaton/SQN modems preventing router from booting properly;
*) ntp - fixed possible NTP server stuck in "started" state;
*) proxy - removed port list size limit;
*) rb3011 - implemented multiple engine IPsec hardware acceleration support;
*) romon - improved packet processing when MTU in path is lower than 1500;
*) romon - improved reliability when processing RoMON packets on CHR;
*) routerboard - show "boot-os" option only on devices that have such feature;
*) snmp - fixed w60g station table;
*) snmp - report bridge ifSpeed as "0";
*) ssh - fixed single command execution (introduced in v6.44beta9);
*) switch - fixed ACL rules on IPQ4018 devices;
*) traffic-flow - fixed post NAT port reporting;
*) w60g - added "frequency-list" setting;
*) w60g - added interface stats;
*) w60g - fixed interface LED status update on connection;
*) w60g - renamed "mcs" to "tx-mcs" and "phy-rate" to "tx-phy-rate";
*) winbox - added 4th chain selection for "HT TX chains" and "HT RX chains" under "CAPsMAN/CAP Interface/Wireless" tab;
*) winbox - added "radio-name" setting to "CAPsMAN/CAP Interface/General" tab;
*) winbox - added "secondary-channel" setting to "CAPsMAN/CAP Interface/Channel" tab;
*) winbox - allow setting "network-mode" to "auto" under LTE interface settings;
*) wireless - improved stability for 802.11ac;

Download the new 'RouterOS 6.44beta17' version here: https://www.mikrotik.com/download

]]>
TestingFri, 05 Oct 2018 10:56:36 +030086d25702d7215bc852e461626fde56c4
RouterOS 6.44beta14 [Testing]https://www.mikrotik.com/download/changelogs/testing

6.44beta14 changelog:

MAJOR CHANGES IN v6.44:
----------------------
!) cloud - added command "/system backup cloud" for backup storing on cloud (CLI only);
!) upgrade - release channels renamed - "bugfix" to "long-term", "current" to "stable" and "release candidate" to "testing";
!) upgrade - "testing" release channel now can contain "beta" together with "release-candidate" versions;
----------------------

Changes in this release:

*) bridge - do not learn untagged frames when filtering only tagged packets;
*) bridge - fixed packet forwarding when changing MSTI VLAN mappings;
*) bridge - fixed possible memory leak when using MSTP;
*) bridge - improved packet processing when bridge port changes states;
*) bridge - properly forward unicast DHCP messages when using DHCP Snooping with hardware offloading;
*) cloud - improved DDNS service disabling;
*) dhcp - properly load DHCP configuration if options are configured;
*) dhcpv6-server - recreate DHCPv6 server binding if it is no longer within prefix pool when rebinding/renewing;
*) ethernet - fixed IPv6 packet forwarding on IPQ4018 devices;
*) ike2 - improved subsequent phase 2 initialization when no childs exist;
*) ipsec - added account log message when user is successfully authenticated;
*) ipsec - allow multiple peers to the same address with different local-address (introduced in v6.43);
*) ipsec - fixed stability issues after changing peer configuration (introduced in v6.43);
*) ipsec - improved invalid policy handling when a valid policy is uninstalled;
*) kidcontrol - added "reset-counters" command for "device" menu (CLI only);
*) kidcontrol - added "tur-fri", "tur-mon", "tur-sat", "tur-sun", "tur-thu", "tur-tue", "tur-wed" parameters (CLI only);
*) kidcontrol - dynamically discover devices from DNS activity;
*) kidcontrol - fixed validation checks for time intervals;
*) led - added "dark-mode" functionality for wsAP ac lite, RB951Ui-2nD, hAP and hAP ac lite devices;
*) lte - added additional ID support for Novatel USB730L modem;
*) lte - added "cell-monitor" command for R11e-LTE international modem (CLI only);
*) lte - added support for JioFi JMR1040 modem;
*) ntp - fixed possible NTP server stuck in "started" state;
*) rb3011 - implemented multiple engine IPsec hardware acceleration support;
*) romon - improved packet processing when MTU in path is lower than 1500;
*) snmp - fixed w60g station table;
*) snmp - report bridge ifSpeed as "0";
*) ssh - fixed single command execution (introduced in v6.44beta9);
*) traffic-flow - fixed post NAT port reporting;
*) w60g - added interface stats;
*) w60g - renamed "mcs" to "tx-mcs" and "phy-rate" to "tx-phy-rate";
*) wireless - improved stability for 802.11ac;

Other changes since v6.43:

*) bridge - improved packet handling when hardware offloading is being disabled;
*) chr - assign interface names based on underlying PCI device order on KVM;
*) cloud - ignore "force-update" command if DDNS is disabled;
*) crs3xx - fixed possible memory leak when disabling bridge interface;
*) crs3xx - improved data transmission between 10G and 1G ports;
*) dhcpv4-server - fixed service becoming unresponsive after interface leaves and enters the same bridge;
*) discovery - properly use Sytem ID for "software-id" value on CHR;
*) e-mail - added info log message when e-mail is sent successfully;
*) ethernet - fixed IPv6 packet forwarding on IPQ4018 devices;
*) ike2 - added option to specify certificate chain;
*) ike2 - fixed local address lookup when initiating new connection;
*) lte - fixed DHCP relay packet forwarding when in passthrough mode;
*) lte - fixed Jaton/SQN modems preventing router from booting properly;
*) proxy - removed port list size limit;
*) romon - improved reliability when processing RoMON packets on CHR;
*) routerboard - show "boot-os" option only on devices that have such feature;
*) switch - fixed ACL rules on IPQ4018 devices;
*) w60g - added "frequency-list" setting;
*) w60g - fixed interface LED status update on connection;
*) winbox - added 4th chain selection for "HT TX chains" and "HT RX chains" under "CAPsMAN/CAP Interface/Wireless" tab;
*) winbox - added "radio-name" setting to "CAPsMAN/CAP Interface/General" tab;
*) winbox - added "secondary-channel" setting to "CAPsMAN/CAP Interface/Channel" tab;
*) winbox - allow setting "network-mode" to "auto" under LTE interface settings;

Download the new 'RouterOS 6.44beta14' version here: https://www.mikrotik.com/download

]]>
TestingTue, 02 Oct 2018 12:47:49 +0300c4c10572e167eb9e7608c6b87ed99f7e
RouterOS 6.44beta9 [Testing]https://www.mikrotik.com/download/changelogs/testing

6.44beta9 changelog:

MAJOR CHANGES IN v6.44:
----------------------
!) upgrade - release channels renamed - "bugfix" to "long-term", "current" to "stable" and "release candidate" to "testing";
!) upgrade - "testing" release channel now can contain "beta" together with "release-candidate" versions;
----------------------

Changes in this release:

!) cloud - added command "/system backup cloud" for backup storing on cloud (CLI only);
*) bridge - improved packet handling when hardware offloading is being disabled;
*) cloud - ignore "force-update" command if DDNS is disabled;
*) crs3xx - fixed possible memory leak when disabling bridge interface;
*) defconf - properly clear global variables when generating default configuration after RouterOS upgrade;
*) discovery - properly use Sytem ID for "software-id" value on CHR;
*) e-mail - added info log message when e-mail is sent successfully;
*) lte - fixed LTE interface not working properly after reboot on RBSXTLTE3-7;
*) proxy - removed port list size limit;
*) romon - improved reliability when processing RoMON packets on CHR;
*) routerboard - show "boot-os" option only on devices that have such feature;
*) switch - fixed port mirroring on devices that do not support CPU Flow Control;
*) webfig - allow to change user name when creating a new system user;
*) webfig - fixed time interval settings not applied properly under "IP/Kid Control/Kids" menu;
*) winbox - added 4th chain selection for "HT TX chains" and "HT RX chains" under "CAPsMAN/CAP Interface/Wireless" tab;
*) winbox - added "allow-dual-stack-queue" setting to "IP/DHCP Server/Leases" menu;
*) winbox - added "allow-dual-stack-queue" setting to "IPv6/DHCPv6 Server/Bindings" menu;
*) winbox - added "radio-name" setting to "CAPsMAN/CAP Interface/General" tab;
*) winbox - added "secondary-channel" setting to "CAPsMAN/CAP Interface/Channel" tab;
*) winbox - fixed corrupt user database after specifying allowed address range (introduced in v6.43);
*) winbox - make bridge port "untrusted" by default when creating new port;
*) winbox - show "IP/Cloud" menu on CHR;
*) winbox - show "System/RouterBOARD/Mode Button" on devices that have such feature;

Other changes since v6.43:

*) chr - assign interface names based on underlying PCI device order on KVM;
*) crs317 - fixed packet forwarding on bonded interfaces without hardware offloading;
*) crs3xx - improved data transmission between 10G and 1G ports;
*) dhcpv4-server - fixed service becoming unresponsive after interface leaves and enters the same bridge;
*) dhcpv6-client - log only failed pool additions;
*) ethernet - fixed IPv6 packet forwarding on IPQ4018 devices;
*) hotspot - properly update dynamic "walled-garden" entries when changing "dst-host";
*) ike2 - added option to specify certificate chain;
*) ike2 - fixed local address lookup when initiating new connection;
*) ike2 - fixed rare authentication and encryption key mismatches after rekey with PFS enabled;
*) lte - fixed DHCP relay packet forwarding when in passthrough mode;
*) lte - fixed Jaton/SQN modems preventing router from booting properly;
*) rb3011 - added IPsec hardware acceleration support;
*) routerboard - fixed memory tester reporting false errors on IPQ4018 devices ("/system routerboard upgrade" required);
*) sniffer - made "connection", "host", "packet" and "protocol" sections read-only;
*) switch - fixed ACL rules on IPQ4018 devices;
*) upnp - improved UPnP service stability when handling HTTP requests;
*) w60g - added "frequency-list" setting;
*) w60g - fixed interface LED status update on connection;
*) winbox - allow setting "network-mode" to "auto" under LTE interface settings;
*) wireless - removed "czech republic 5.8" regulatory domain information as it overlaps with "ETSI 5.7-5.8";

Download the new 'RouterOS 6.44beta9' version here: https://www.mikrotik.com/download

]]>
TestingTue, 18 Sep 2018 10:03:36 +030037c36c5b88955185107c8e3bf0212b72
RouterOS 6.44beta6 [Testing]https://www.mikrotik.com/download/changelogs/testing

6.44beta6 changelog:

Changes in this release:

!) upgrade - release channels renamed - "bugfix" to "long-term", "current" to "stable" and "release candidate" to "testing";
!) upgrade - "testing" release channel now can contain "beta" together with "release-candidate" versions;
*) chr - assign interface names based on underlying PCI device order on KVM;
*) crs317 - fixed packet forwarding on bonded interfaces without hardware offloading;
*) crs3xx - improved data transmission between 10G and 1G ports;
*) dhcpv4-server - fixed service becoming unresponsive after interface leaves and enters the same bridge;
*) dhcpv6-client - log only failed pool additions;
*) ethernet - fixed IPv6 packet forwarding on IPQ4018 devices;
*) hotspot - properly update dynamic "walled-garden" entries when changing "dst-host";
*) ike2 - added option to specify certificate chain;
*) ike2 - fixed local address lookup when initiating new connection;
*) ike2 - fixed rare authentication and encryption key mismatches after rekey with PFS enabled;
*) lte - fixed DHCP relay packet forwarding when in passthrough mode;
*) lte - fixed Jaton/SQN modems preventing router from booting properly;
*) rb3011 - added IPsec hardware acceleration support;
*) routerboard - fixed memory tester reporting false errors on IPQ4018 devices ("/system routerboard upgrade" required);
*) sniffer - made "connection", "host", "packet" and "protocol" sections read-only;
*) switch - fixed ACL rules on IPQ4018 devices;
*) upnp - improved UPnP service stability when handling HTTP requests;
*) w60g - added "frequency-list" setting;
*) w60g - fixed interface LED status update on connection;
*) winbox - allow setting "network-mode" to "auto" under LTE interface settings;
*) wireless - removed "czech republic 5.8" regulatory domain information as it overlaps with "ETSI 5.7-5.8";

Download the new 'RouterOS 6.44beta6' version here: https://www.mikrotik.com/download

]]>
TestingTue, 11 Sep 2018 12:57:53 +0300383d9425b79c051c0ace57f09b505ca9
RouterOS 6.43rc66 [Testing]https://www.mikrotik.com/download/changelogs/testing

6.43rc66 changelog:

MAJOR CHANGES IN v6.43:
----------------------
!) api - changed authentication process (https://wiki.mikrotik.com/wiki/Manual:API#Initial_login);
!) backup - do not encrypt backup file unless password is provided;
!) btest - requires at least v6.43 Bandwidth Test client when connecting to v6.43 or later version server except when authentication is not required;
!) cloud - added IPv6 support;
!) cloud - added support for licensed CHR instances (including trial);
!) cloud - reworked "/ip cloud ddns-enabled" implementation (suggested to disable service and re-enable after installation process);
!) mac-telnet - require at least v6.43 MAC Telnet client when connecting to v6.43 or later version server;
!) radius - use MS-CHAPv2 for "login" service authentication;
!) romon - require at least v6.43 RoMON agent when connecting to v6.43 or later RoMON client device;
!) security - fixed vulnerabilities CVE-2018-1156, CVE-2018-1157, CVE-2018-1158, CVE-2018-1159;
!) webfig - improved authentication process;
!) winbox - improved authentication process excluding man-in-the-middle possibility;
!) winbox - minimal required version is v3.15;
----------------------

Changes in this release:

*) bridge - added support for BPDU Guard;
*) bridge - added support for DHCP Snooping;
*) bridge - ignore tagged BPDUs when bridge VLAN filtering is used;
*) certificate - fixed RA "server-url" setting;
*) console - added "dont-require-permissions" parameter for scripts;
*) dhcpv6-client - improved dynamic IPv6 pool addition process;
*) ipsec - added "responder" parameter for "mode-config" to allow multiple initiator configurations;
*) ipsec - fixed AES-192-CTR fallback to software AEAD on ARM devices with wireless and RB3011UiAS-RM;
*) ipsec - fixed "static-dns" value storing;
*) ipsec - improved invalid policy handling when a valid policy is uninstalled;
*) ipsec - separate phase1 proposal configuration from peer menu;
*) l2tp - allow setting "max-mtu" and "max-mru" bigger than 1500;
*) lte - fixed LTE registration in 2G/3G mode;
*) ppp - added support for Telit LM940 modem;
*) rb3011 - added IPsec hardware acceleration support;
*) snmp - fixed interface speed reporting for predefined rates;
*) supout - added "files" section to supout file;
*) switch - added CPU Flow Control settings for devices with a Atheros8227, QCA8337, Atheros8327, Atheros7240 or Atheros8316 switch chip;
*) tr069-client - allow editing of "provisioning-code" attribute;
*) userman - fixed "shared-secret" parameter requiring "sensitive" policy;
*) webfig - fixed www service becoming unresponsive;
*) winbox - added "tag-stacking" option to "Bridge/Ports";
*) winbox - fixed "bad-blocks" value presence under "System/Resources";
*) winbox - fixed "IP/IPsec/Peers" section sorting;
*) winbox - renamed "VLAN Protocol" to "EtherType" under bridge interface "VLAN" tab;
*) winbox - show "System/RouterBOARD/Mode Button" on devices that has such feature;
*) wireless - accept only valid path for sniffer output file parameter;
*) wireless - require "sniff" policy for wireless sniffer;

Other changes since v6.42.7:

*) bridge - added an option to manually specify ports that have a multicast router (CLI only);
*) bridge - added a warning when untrusted port receives a DHCP Server message when DCHP Snooping is enabled;
*) bridge - added more options to fine-tune IGMP Snooping enabled bridges (CLI only);
*) bridge - added support for DHCP Option 82 (CLI only);
*) bridge - added support for IGMP Snooping fast-leave feature (CLI only);
*) cloud - close local UDP port if no activity;
*) console - made "once" parameter mandatory when using "as-value" on "monitor" commands;
*) console - removed automatic swapping of "from=" and "to=" in "for" loops;
*) crs326/crs328 - fixed packet forwarding when port changes states with IGMP Snooping enabled;
*) crs3xx - added hardware support for DHCP Snooping and Option 82;
*) crs3xx - fixed packet forwarding when "frame-type" is changed (introduced in v6.43rc51);
*) crs3xx - fixed SwOS config import;
*) defconf - fixed default configuration for RBSXTsq5nD;
*) dhcpv6-client - fixed false invalid flag (introduced in v6.43rc56);
*) fetch - added "as-value" output format;
*) fetch - fixed address and DNS verification in certificates;
*) health - added missing parameters from export;
*) ipsec - added warning messages for incorrect peer configuration;
*) ipsec - improved stability when using IPsec with disabled route cache;
*) leds - fixed LED behaviour when bonding is configured on SFP+ interfaces;
*) lte - added "sector-id" to info command;
*) lte - fixed SIM7600 series module support with newer device IDs;
*) ppp - added support for Alfa Network U4G modem;
*) snmp - added EAP identity to CAPsMAN registration table;
*) supout - added monitored bridge VLAN table to supout file;
*) tr069-client - use SNI extension for HTTPS;
*) ups - improved UPS serial parsing stability;
*) w60g - added "beamforming-event" stats counter;
*) w60g - fixed random disconnects;
*) w60g - general stability and performance improvements;
*) wireless - accept only valid path for sniffer output file parameter;
*) wireless - added "czech republic 5.8" regulatory domain information;
*) wireless - added "etsi2" regulatory domain information;
*) wireless - added option to disable PMKID for WPA2;
*) wireless - updated "czech republic" regulatory domain information;
*) backup - added support for new backup file encryption (AES128-CTR) with signatures (SHA256);
*) backup - generate proper file name when devices identity is longer than 32 symbols;
*) bridge - add dynamic CAP interface to tagged ports if "vlan-mode=use-tag" is enabled;
*) bridge - added ingress filtering options to bridge interface;
*) bridge - added initial Q-in-Q support;
*) bridge - added per-port based "tag-stacking" feature;
*) bridge - fixed bridge hw-offloading on MMIPS devices (introduced in v6.43rc10);
*) bridge - fixed dynamic VLAN table entries when using ingress filtering;
*) bridge - fixed "ingress-filtering", "frame-types" and "tag-stacking" value storing;
*) bridge - forward LACPDUs when "protocol-mode=none";
*) bridge - improved packet handling;
*) bridge - improved packet processing when bridge port changes states;
*) bridge - improved performance when bridge VLAN filtering is used without hardware offloading;
*) bridge - renamed option "vlan-protocol" to "ether-type";
*) capsman - allow to change "radio-name" (CLI only);
*) capsman - increase timeout for the CAP to CAPsMAN communication;
*) certificate - added "expires-after" parameter;
*) certificate - do not allow to perform "undo" on certificate changes;
*) check-installation - improved system integrity checking;
*) chr - added checksum offload support for Hyper-V installations;
*) chr - added large send offload support for Hyper-V installations;
*) chr - added multiqueue support on Xen installations;
*) chr - added support for multiqueue feature on "virtio-net";
*) chr - added virtual Receive Side Scaling support for Hyper-V installations (might require more RAM assigned than in previous versions);
*) chr - by default enable link state tracking for virtual drivers with "/interface ethernet disable-running-check=no";
*) chr - do not show IRQ entries from removed devices;
*) chr - fixed interface name assign process when running CHR on Hyper-V;
*) chr - fixed interface name order when "virtio-net is not being used on KVM installations;
*) chr - fixed MTU changing process when running CHR on Hyper-V;
*) chr - fixed NIC hotplug for "virtio-net";
*) chr - improved balooning process;
*) chr - improved boot time for Hyper-V installations;
*) chr - provide part of network interface GUID at the beginning of "bindstr2" value when running CHR on Hyper-V;
*) chr - reduced RAM memory required per interface;
*) cloud - added simultaneous IPv4/IPv6 support;
*) console - do not show spare parameters on ping command;
*) crs317 - fixed Ethernet inteface stuck on 100 Mbps speed;
*) crs326/crs328 - fixed broken "new-dst-port" ACL rules (introduced in 6.43rc10);
*) crs328 - fixed transmit on sfp-sfpplus1 and sfp-sfpplus2 interfaces;
*) crs3xx - added initial Q-in-Q hardware offloading support (CLI only);
*) crs3xx - do not report SFP interface as running when interface on opposite side is disabled;
*) crs3xx - fixed ACL rate rules (introduced in v6.41rc27);
*) crs3xx - fixed flow control;
*) crs3xx - fixed packet forwarding on SFP+ interfaces (introduced in v6.43rc11);
*) crs3xx - fixed tagged packet forwarding in 802.1ad aware bridges (introduced in 6.43rc13);
*) defconf - fixed missing bridge ports after configuration reset;
*) dhcp - added dynamic IPv4/IPv6 "dual-stack" simple queue support, based on client's MAC address;
*) dhcp - reduced resource usage of DHCP services;
*) dhcpv4-client - fixed DHCP client that was stuck on invalid state;
*) dhcpv4-client - fixed double ACK packet handling;
*) dhcpv4-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv4-server - do not allow override lease "always-broadcast" value based on offer type;
*) dhcpv4-server - fixed DHCP server functionality (introduced in v6.43rc);
*) dhcpv4-server - improved performance when "rate-limit" and/or "address-list" setting is present;
*) dhcpv6-client - added missing "Server identifier" parameter in release message;
*) dhcpv6-client - fixed "add-default-route" parameter;
*) dhcpv6-client - fixed option handling;
*) dhcpv6-server - added additional RADIUS parameters for Prefix delegation, "rate-limit" and "life-time";
*) dhcpv6-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv6-server - added initial dynamic simple queue support;
*) dhcpv6-server - do not allow to run DHCPv6 server on slave interface;
*) dhcpv6-server - fixed dynamic simple queue creation for RADIUS bindings;
*) dude - fixed client auto upgrade (broken since 6.43rc17);
*) ethernet - do not show "combo-state" field if interface is not SFP or copper;
*) ethernet - fixed default ethernet advertise values after configuration reset (introduced in v6.43rc33)
*) ethernet - fixed possible link flaps after disabling/enabling the interface (introduced in v6.43rc51);
*) ethernet - improved stability when changing ethernet interface L2MTU on CRS328-24P-4S+ (introduced in v6.43rc11);
*) ethernet - properly handle Ethernet interface default configuration;
*) export - do not show w60g password on "hide-sensitive" type of export;
*) filesystem - fixed NAND memory going into read-only mode (requires "factory-firmware" >= 3.41.1 and "current-firmware" >= 6.43);
*) filesystem - improved software crash handling on devices with FLASH type memory;
*) health - fixed voltage measurements for RB493G devices;
*) health - improved speed of health measurement readings;
*) hotspot - allow to properly configure Hotspot directory on external disk for devices that have flash type storage;
*) hotspot - fixed customized HTML file usage (introduced in 6.43rc47);
*) hotspot - fixed RADIUS CoA & PoD by allowing to accept "NAS-Port-Id";
*) ike1 - added unsafe configuration warning for main mode with pre-shared-key authentication;
*) ike1 - purge both SAs when timer expires;
*) ike1 - zero out reserved bytes in NAT-OA payload;
*) ike2 - fixed initiator first policy selection;
*) ike2 - fixed rekeyed child deletion during another exchange;
*) ike2 - improved basic exchange logging readability;
*) ike2 - use "/32" netmask by default on initiator if not provided by responder;
*) interface - improved interface "last-link-down-time" and "last-link-up-time" values;
*) interface - improved reliability on dynamic interface handling;
*) ippool - improved used address error message;
*) ipsec - added "src-address-list" parameter for "mode-config" that generates dynamic "src-nat" rule (CLI only);
*) ipsec - do not allow removal of "proposal" and "mode-config" entries that are in use;
*) ipsec - fixed AES-CTR and AES-GCM key size proposing as initiator;
*) ipsec - improved reliability on generated policy addition when IKEv1 or IKEv2 used;
*) ipsec - install all DNS server addresses provided by "mode-config" server;
*) ipsec - separate phase1 proposal configuration from peer menu;
*) ipsec - use monotonic timer for SA lifetime check;
*) kidcontrol - allow to edit discovered devices;
*) led - improved w60g alignment trigger;
*) log - fixed false log warnings about system status after power on for CRS328-4C-20S-4S+;
*) log - show interface name on OSPF "different MTU" info log messages;
*) lte - added additional D-Link PIDs;
*) lte - added additional ID support for SIM7600 modem;
*) lte - added additional low endpoint SIM7600 PIDs;
*) lte - added eNB ID to info command;
*) lte - added extended LTE signal info for SIM7600 modules;
*) lte - added extended signal information for Quectel LTE EC25 and EP06 modem;
*) lte - added ICCID reading for info command R11e-LTE and R11e-LTE-US (CLI only);
*) lte - added "registration-status" parameter under "/interface lte info" command;
*) lte - added roaming status reading for info command (CLI only);
*) lte - added support for alternative SIM7600 PID;
*) lte - added support for Novatel USB730LN modem with new ID;
*) lte - added support for Quanta 1k6e modem;
*) lte - allow to execute concurrent internal AT commands;
*) lte - allow to use multiple PLS modems at the same time;
*) lte - do not allow to remove default APN profile;
*) lte - do not allow to send "at-chat" commands for configless modems;
*) lte - expose GPS channel for PLS modems;
*) lte - fixed SIM7600 registration info;
*) lte - ignore empty MAC addresses during Passthrough discovery phase;
*) lte - improved modem event processing;
*) lte - improved r11e-LTE and r11e-LTE-US dialling process;
*) lte - improved r11e-LTE configuration exchange process;
*) lte - improved reading of SMS message after entering running state;
*) lte - improved readings of info command results for the SXT LTE;
*) lte - improved stability of USB LTE interface detection process;
*) lte - properly detect interface state when running for IPv6 only connection for R11e-LTE modem;
*) lte - renamed LTE scan tool field "scan-code" to "mcc-mnc" (CLI only);
*) lte - show UICC in correct format for SXT LTE devices;
*) lte - use "/32" address for the Passthrough feature when R11e-LTE module is used;
*) lte - use alphanumeric operator format in info command;
*) multicast - allow to add more than one RP per IP address for PIM;
*) ntp - allow to specify link-local address for NTP server;
*) ospf - improved link-local LSA flooding;
*) package - renamed "current-version" to "installed-version" under "/system package install";
*) ppp - added support for additional ID for E3531 modem;
*) ppp - improved modem mode switching;
*) ppp - show comments from "/ppp secrets" menu within "/ppp active" menu when client is connected;
*) quickset - recognize 160 MHz channel as HomeAP mode;
*) rb1100ahx4 - added DES and 3DES hardware acceleration support;
*) romon - fixed RoMON services becoming unavailable after disabled once during active scanning process;
*) romon - properly classify RoMON sessions in log and active users list;
*) routerboard - allow to fill up to half of the RAM memory with files on devices with FLASH storage;
*) routerboard - fixed "protected-routerboot" feature (introduced in v6.42);
*) routerboard - fixed wrongly reported RAM size on ARM devices;
*) routerboot - removed RAM test from TILE devices (routerboot upgrade required);
*) sfp - fixed DDM data with SFP+ modules on CRS328-4C-20S-4S+ (introduced in v6.43rc10);
*) sfp - fixed default advertised link speeds;
*) smb - fixed valid request handling when additional options are used;
*) sms - converted "keep-max-sms" feature to "auto-erase";
*) sms - do not require "port" and "interface" parameters when sending SMS if already present in configuration;
*) sms - improved reliability on SMS reader;
*) snmp - added CAPsMAN "remote-cap" table;
*) snmp - added "phy-rate" reading for "station-bridge" mode;
*) snmp - added "temp-exception" trap;
*) snmp - fixed "remote-cap" peer MAC address format;
*) ssh - disconnect all active connections when device gets rebooted or turned off;
*) ssh - strengthen strong-crypto (add aes-128-ctr and disallow hmac sha1 and groups with sha1);
*) supout - added "w60g" section to supout file;
*) switch - added support for port isolation by switch chip;
*) switch - fixed possible switch chip hangs after initialization on MediaTek and Atheros8327 switch chips;
*) swos - implemented "/system swos" menu that allows to upgrade, reset, save or load configuration and change address for dual-boot CRS devices (CLI only);
*) tile - added DES and 3DES hardware acceleration support;
*) tile - fixed false HW offloading flag for MPLS;
*) tr069-client - fixed setting of "DeviceInfo.ProvisioningCode" parameter;
*) usb - fixed modem initialisation on LtAP mini;
*) usb - fixed power-reset for hAP ac^2 devices;
*) user - all passwords are now hashed and encrypted, plaintext passwords are kept for downgrade (will be removed in later upgrades);
*) vrrp - improved reliability on VRRP interface configured as a bridge port when "use-ip-firewall" is enabled;
*) watchdog - added "ping-timeout" setting;
*) webfig - properly display time interval within Kid Control menu;
*) webfig - properly show NTP clients "last-adjustment" value;
*) winbox - added bridge Fast Forward statistics counters;
*) winbox - added "poe-fault" LED trigger;
*) winbox - fixed arrow key handling within table filter fields;
*) winbox - fixed bridge port MAC learning parameter values;
*) winbox - fixed "write-sect-since-reboot" value presence under "System/Resources";
*) winbox - properly close session when uploading multiple files to the device at the same time;
*) winbox - removed duplicate "20/40/80MHz" value from "channel-width" setting options;
*) winbox - show HT MCS tab when "5ghz-n/ac" band is used;
*) winbox - show "Switch" menu on hAP ac^2 devices;
*) wireless - added option for RADIUS "called-station-id" format selection;
*) wireless - do not disconnect clients when WDS master connects with MAC address "00:00:00:00:00:00";
*) wireless - fixed "/interface wireless sniffer packet print follow" output;
*) wireless - fixed wireless interface lockup after period of inactivity;
*) wireless - improved Nv2 reliability on ARM devices;
*) wireless - improved Nv2 stability for 802.11n interfaces on RB953, hAP ac and wAP ac devices;
*) wireless - updated "germany 5.8 ap" and "germany 5.8 fixed p-p" regulatory domain information;
*) x86 - improved Ethernet driver for Davicom DM9x0x;

Download the new 'RouterOS 6.43rc66' version here: https://www.mikrotik.com/download

]]>
TestingThu, 30 Aug 2018 08:22:06 +03006cbccc356cf75ca232508cce4ae5ec6c
RouterOS 6.43rc64 [Testing]https://www.mikrotik.com/download/changelogs/testing

6.43rc64 changelog:

MAJOR CHANGES IN v6.43:
----------------------
!) api - changed authentication process (https://wiki.mikrotik.com/wiki/Manual:API#Initial_login);
!) backup - do not encrypt backup file unless password is provided;
!) btest - requires at least v6.43 Bandwidth Test client when connecting to v6.43 or later version server except when authentication is not required;
!) cloud - added IPv6 support;
!) cloud - added support for licensed CHR instances (including trial);
!) cloud - reworked "/ip cloud ddns-enabled" implementation (suggested to disable service and re-enable after installation process);
!) mac-telnet - require at least v6.43 MAC Telnet client when connecting to v6.43 or later version server;
!) radius - use MS-CHAPv2 for "login" service authentication;
!) romon - require at least v6.43 RoMON agent when connecting to v6.43 or later RoMON client device;
!) security - fixed vulnerabilities CVE-2018-1156, CVE-2018-1157, CVE-2018-1158, CVE-2018-1159;
!) webfig - improved authentication process;
!) winbox - improved authentication process excluding man-in-the-middle possibility;
!) winbox - minimal required version is v3.15;
----------------------

Changes in this release:

*) bridge - added an option to manually specify ports that have a multicast router (CLI only);
*) bridge - added a warning when untrusted port receives a DHCP Server message when DCHP Snooping is enabled;
*) bridge - added more options to fine-tune IGMP Snooping enabled bridges (CLI only);
*) bridge - added support for DHCP Option 82 (CLI only);
*) bridge - added support for DHCP Snooping (CLI only);
*) bridge - added support for IGMP Snooping fast-leave feature (CLI only);
*) cloud - close local UDP port if no activity;
*) console - made "once" parameter mandatory when using "as-value" on "monitor" commands;
*) console - removed automatic swapping of "from=" and "to=" in "for" loops;
*) crs326/crs328 - fixed packet forwarding when port changes states with IGMP Snooping enabled;
*) crs3xx - added hardware support for DHCP Snooping and Option 82;
*) crs3xx - fixed packet forwarding when "frame-type" is changed (introduced in v6.43rc51);
*) crs3xx - fixed SwOS config import;
*) defconf - fixed default configuration for RBSXTsq5nD;
*) dhcpv6-client - fixed false invalid flag (introduced in v6.43rc56);
*) fetch - added "as-value" output format;
*) fetch - fixed address and DNS verification in certificates;
*) health - added missing parameters from export;
*) ipsec - added warning messages for incorrect peer configuration;
*) ipsec - improved stability when using IPsec with disabled route cache;
*) leds - fixed LED behaviour when bonding is configured on SFP+ interfaces;
*) lte - added "sector-id" to info command;
*) lte - fixed SIM7600 series module support with newer device IDs;
*) ppp - added support for Alfa Network U4G modem;
*) rb3011 - added IPsec hardware acceleration support;
*) snmp - added EAP identity to CAPsMAN registration table;
*) supout - added monitored bridge VLAN table to supout file;
*) switch - added CPU Flow Control settings for devices with a Atheros8227, QCA8337, Atheros8327, Atheros7240 or Atheros8316 switch chips;
*) tr069-client - use SNI extension for HTTPS;
*) ups - improved UPS serial parsing stability;
*) w60g - added "beamforming-event" stats counter;
*) w60g - fixed random disconnects;
*) w60g - general stability and performance improvements;
*) wireless - accept only valid path for sniffer output file parameter;
*) wireless - added "czech republic 5.8" regulatory domain information;
*) wireless - added "etsi2" regulatory domain information;
*) wireless - added option to disable PMKID for WPA2;
*) wireless - updated "czech republic" regulatory domain information;

Other changes since v6.42.7:

*) backup - added support for new backup file encryption (AES128-CTR) with signatures (SHA256);
*) backup - generate proper file name when devices identity is longer than 32 symbols;
*) bridge - add dynamic CAP interface to tagged ports if "vlan-mode=use-tag" is enabled;
*) bridge - added ingress filtering options to bridge interface;
*) bridge - added initial Q-in-Q support;
*) bridge - added per-port based "tag-stacking" feature;
*) bridge - added support for BPDU Guard (CLI only);
*) bridge - fixed bridge hw-offloading on MMIPS devices (introduced in v6.43rc10);
*) bridge - fixed dynamic VLAN table entries when using ingress filtering;
*) bridge - fixed "ingress-filtering", "frame-types" and "tag-stacking" value storing;
*) bridge - forward LACPDUs when "protocol-mode=none";
*) bridge - improved packet handling;
*) bridge - improved packet processing when bridge port changes states;
*) bridge - improved performance when bridge VLAN filtering is used without hardware offloading;
*) bridge - renamed option "vlan-protocol" to "ether-type";
*) capsman - allow to change "radio-name" (CLI only);
*) capsman - increase timeout for the CAP to CAPsMAN communication;
*) certificate - added "expires-after" parameter;
*) certificate - do not allow to perform "undo" on certificate changes;
*) check-installation - improved system integrity checking;
*) chr - added checksum offload support for Hyper-V installations;
*) chr - added large send offload support for Hyper-V installations;
*) chr - added multiqueue support on Xen installations;
*) chr - added support for multiqueue feature on "virtio-net";
*) chr - added virtual Receive Side Scaling support for Hyper-V installations (might require more RAM assigned than in previous versions);
*) chr - by default enable link state tracking for virtual drivers with "/interface ethernet disable-running-check=no";
*) chr - do not show IRQ entries from removed devices;
*) chr - fixed interface name assign process when running CHR on Hyper-V;
*) chr - fixed interface name order when "virtio-net is not being used on KVM installations;
*) chr - fixed MTU changing process when running CHR on Hyper-V;
*) chr - fixed NIC hotplug for "virtio-net";
*) chr - improved balooning process;
*) chr - improved boot time for Hyper-V installations;
*) chr - provide part of network interface GUID at the beginning of "bindstr2" value when running CHR on Hyper-V;
*) chr - reduced RAM memory required per interface;
*) cloud - added simultaneous IPv4/IPv6 support;
*) console - added "dont-require-permissions" parameter for scripts;
*) console - do not show spare parameters on ping command;
*) crs317 - fixed Ethernet inteface stuck on 100 Mbps speed;
*) crs326/crs328 - fixed broken "new-dst-port" ACL rules (introduced in 6.43rc10);
*) crs328 - fixed transmit on sfp-sfpplus1 and sfp-sfpplus2 interfaces;
*) crs3xx - added initial Q-in-Q hardware offloading support (CLI only);
*) crs3xx - do not report SFP interface as running when interface on opposite side is disabled;
*) crs3xx - fixed ACL rate rules (introduced in v6.41rc27);
*) crs3xx - fixed flow control;
*) crs3xx - fixed packet forwarding on SFP+ interfaces (introduced in v6.43rc11);
*) crs3xx - fixed tagged packet forwarding in 802.1ad aware bridges (introduced in 6.43rc13);
*) defconf - fixed missing bridge ports after configuration reset;
*) dhcp - added dynamic IPv4/IPv6 "dual-stack" simple queue support, based on client's MAC address;
*) dhcp - reduced resource usage of DHCP services;
*) dhcpv4-client - fixed DHCP client that was stuck on invalid state;
*) dhcpv4-client - fixed double ACK packet handling;
*) dhcpv4-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv4-server - do not allow override lease "always-broadcast" value based on offer type;
*) dhcpv4-server - fixed DHCP server functionality (introduced in v6.43rc);
*) dhcpv4-server - improved performance when "rate-limit" and/or "address-list" setting is present;
*) dhcpv6-client - added missing "Server identifier" parameter in release message;
*) dhcpv6-client - fixed "add-default-route" parameter;
*) dhcpv6-client - fixed option handling;
*) dhcpv6-server - added additional RADIUS parameters for Prefix delegation, "rate-limit" and "life-time";
*) dhcpv6-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv6-server - added initial dynamic simple queue support;
*) dhcpv6-server - do not allow to run DHCPv6 server on slave interface;
*) dhcpv6-server - fixed dynamic simple queue creation for RADIUS bindings;
*) dude - fixed client auto upgrade (broken since 6.43rc17);
*) ethernet - do not show "combo-state" field if interface is not SFP or copper;
*) ethernet - fixed default ethernet advertise values after configuration reset (introduced in v6.43rc33)
*) ethernet - fixed possible link flaps after disabling/enabling the interface (introduced in v6.43rc51);
*) ethernet - improved stability when changing ethernet interface L2MTU on CRS328-24P-4S+ (introduced in v6.43rc11);
*) ethernet - properly handle Ethernet interface default configuration;
*) export - do not show w60g password on "hide-sensitive" type of export;
*) filesystem - fixed NAND memory going into read-only mode (requires "factory-firmware" >= 3.41.1 and "current-firmware" >= 6.43);
*) filesystem - improved software crash handling on devices with FLASH type memory;
*) health - fixed voltage measurements for RB493G devices;
*) health - improved speed of health measurement readings;
*) hotspot - allow to properly configure Hotspot directory on external disk for devices that have flash type storage;
*) hotspot - fixed customized HTML file usage (introduced in 6.43rc47);
*) hotspot - fixed RADIUS CoA & PoD by allowing to accept "NAS-Port-Id";
*) ike1 - added unsafe configuration warning for main mode with pre-shared-key authentication;
*) ike1 - purge both SAs when timer expires;
*) ike1 - zero out reserved bytes in NAT-OA payload;
*) ike2 - fixed initiator first policy selection;
*) ike2 - fixed rekeyed child deletion during another exchange;
*) ike2 - improved basic exchange logging readability;
*) ike2 - use "/32" netmask by default on initiator if not provided by responder;
*) interface - improved interface "last-link-down-time" and "last-link-up-time" values;
*) interface - improved reliability on dynamic interface handling;
*) ippool - improved used address error message;
*) ipsec - added "responder" parameter for "mode-config" to allow multiple initiator configurations;
*) ipsec - added "src-address-list" parameter for "mode-config" that generates dynamic "src-nat" rule (CLI only);
*) ipsec - do not allow removal of "proposal" and "mode-config" entries that are in use;
*) ipsec - fixed AES-CTR and AES-GCM key size proposing as initiator;
*) ipsec - fixed "static-dns" value storing (CLI only);
*) ipsec - improved reliability on generated policy addition when IKEv1 or IKEv2 used;
*) ipsec - install all DNS server addresses provided by "mode-config" server;
*) ipsec - separate phase1 proposal configuration from peer menu;
*) ipsec - use monotonic timer for SA lifetime check;
*) kidcontrol - allow to edit discovered devices;
*) led - improved w60g alignment trigger;
*) log - fixed false log warnings about system status after power on for CRS328-4C-20S-4S+;
*) log - show interface name on OSPF "different MTU" info log messages;
*) lte - added additional D-Link PIDs;
*) lte - added additional ID support for SIM7600 modem;
*) lte - added additional low endpoint SIM7600 PIDs;
*) lte - added eNB ID to info command;
*) lte - added extended LTE signal info for SIM7600 modules;
*) lte - added extended signal information for Quectel LTE EC25 and EP06 modem;
*) lte - added ICCID reading for info command R11e-LTE and R11e-LTE-US (CLI only);
*) lte - added "registration-status" parameter under "/interface lte info" command;
*) lte - added roaming status reading for info command (CLI only);
*) lte - added support for alternative SIM7600 PID;
*) lte - added support for Novatel USB730LN modem with new ID;
*) lte - added support for Quanta 1k6e modem;
*) lte - allow to execute concurrent internal AT commands;
*) lte - allow to use multiple PLS modems at the same time;
*) lte - do not allow to remove default APN profile;
*) lte - do not allow to send "at-chat" commands for configless modems;
*) lte - expose GPS channel for PLS modems;
*) lte - fixed SIM7600 registration info;
*) lte - ignore empty MAC addresses during Passthrough discovery phase;
*) lte - improved modem event processing;
*) lte - improved r11e-LTE and r11e-LTE-US dialling process;
*) lte - improved r11e-LTE configuration exchange process;
*) lte - improved reading of SMS message after entering running state;
*) lte - improved readings of info command results for the SXT LTE;
*) lte - improved stability of USB LTE interface detection process;
*) lte - properly detect interface state when running for IPv6 only connection for R11e-LTE modem;
*) lte - renamed LTE scan tool field "scan-code" to "mcc-mnc" (CLI only);
*) lte - show UICC in correct format for SXT LTE devices;
*) lte - use "/32" address for the Passthrough feature when R11e-LTE module is used;
*) lte - use alphanumeric operator format in info command;
*) multicast - allow to add more than one RP per IP address for PIM;
*) ntp - allow to specify link-local address for NTP server;
*) ospf - improved link-local LSA flooding;
*) package - renamed "current-version" to "installed-version" under "/system package install";
*) ppp - added support for additional ID for E3531 modem;
*) ppp - improved modem mode switching;
*) ppp - show comments from "/ppp secrets" menu within "/ppp active" menu when client is connected;
*) quickset - recognize 160 MHz channel as HomeAP mode;
*) rb1100ahx4 - added DES and 3DES hardware acceleration support;
*) romon - fixed RoMON services becoming unavailable after disabled once during active scanning process;
*) romon - properly classify RoMON sessions in log and active users list;
*) routerboard - allow to fill up to half of the RAM memory with files on devices with FLASH storage;
*) routerboard - fixed "protected-routerboot" feature (introduced in v6.42);
*) routerboard - fixed wrongly reported RAM size on ARM devices;
*) routerboot - removed RAM test from TILE devices (routerboot upgrade required);
*) sfp - fixed DDM data with SFP+ modules on CRS328-4C-20S-4S+ (introduced in v6.43rc10);
*) sfp - fixed default advertised link speeds;
*) smb - fixed valid request handling when additional options are used;
*) sms - converted "keep-max-sms" feature to "auto-erase";
*) sms - do not require "port" and "interface" parameters when sending SMS if already present in configuration;
*) sms - improved reliability on SMS reader;
*) snmp - added CAPsMAN "remote-cap" table;
*) snmp - added "phy-rate" reading for "station-bridge" mode;
*) snmp - added "temp-exception" trap;
*) snmp - fixed "remote-cap" peer MAC address format;
*) ssh - disconnect all active connections when device gets rebooted or turned off;
*) ssh - strengthen strong-crypto (add aes-128-ctr and disallow hmac sha1 and groups with sha1);
*) supout - added "w60g" section to supout file;
*) switch - added support for port isolation by switch chip;
*) switch - fixed possible switch chip hangs after initialization on MediaTek and Atheros8327 switch chips;
*) swos - implemented "/system swos" menu that allows to upgrade, reset, save or load configuration and change address for dual-boot CRS devices (CLI only);
*) tile - added DES and 3DES hardware acceleration support;
*) tile - fixed false HW offloading flag for MPLS;
*) tr069-client - allow editing of "provisioning-code" attribute (CLI only);
*) tr069-client - fixed setting of "DeviceInfo.ProvisioningCode" parameter;
*) usb - fixed modem initialisation on LtAP mini;
*) usb - fixed power-reset for hAP ac^2 devices;
*) user - all passwords are now hashed and encrypted, plaintext passwords are kept for downgrade (will be removed in later upgrades);
*) vrrp - improved reliability on VRRP interface configured as a bridge port when "use-ip-firewall" is enabled;
*) watchdog - added "ping-timeout" setting;
*) webfig - properly display time interval within Kid Control menu;
*) webfig - properly show NTP clients "last-adjustment" value;
*) winbox - added bridge Fast Forward statistics counters;
*) winbox - added "poe-fault" LED trigger;
*) winbox - fixed arrow key handling within table filter fields;
*) winbox - fixed bridge port MAC learning parameter values;
*) winbox - fixed "write-sect-since-reboot" value presence under "System/Resources";
*) winbox - properly close session when uploading multiple files to the device at the same time;
*) winbox - removed duplicate "20/40/80MHz" value from "channel-width" setting options;
*) winbox - show HT MCS tab when "5ghz-n/ac" band is used;
*) winbox - show "Switch" menu on hAP ac^2 devices;
*) wireless - added option for RADIUS "called-station-id" format selection;
*) wireless - do not disconnect clients when WDS master connects with MAC address "00:00:00:00:00:00";
*) wireless - fixed "/interface wireless sniffer packet print follow" output;
*) wireless - fixed wireless interface lockup after period of inactivity;
*) wireless - improved Nv2 reliability on ARM devices;
*) wireless - improved Nv2 stability for 802.11n interfaces on RB953, hAP ac and wAP ac devices;
*) wireless - updated "germany 5.8 ap" and "germany 5.8 fixed p-p" regulatory domain information;
*) x86 - improved Ethernet driver for Davicom DM9x0x;

Download the new 'RouterOS 6.43rc64' version here: https://www.mikrotik.com/download

]]>
TestingFri, 24 Aug 2018 09:48:31 +0300cf2ff6ad944451804be759e538155d7b
RouterOS 6.43rc56 [Testing]https://www.mikrotik.com/download/changelogs/testing

6.43rc56 changelog:

MAJOR CHANGES IN v6.43:
----------------------
!) api - changed authentication process (https://wiki.mikrotik.com/wiki/Manual:API#Initial_login);
!) backup - do not encrypt backup file unless password is provided;
!) btest - requires at least v6.43 Bandwidth Test client when connecting to v6.43 or later version server except when authentication is not required;
!) cloud - added IPv6 support;
!) cloud - added support for licensed CHR instances (including trial);
!) cloud - reworked "/ip cloud ddns-enabled" implementation (suggested to disable service and re-enable after installation process);
!) mac-telnet - require at least v6.43 MAC Telnet client when connecting to v6.43 or later version server;
!) radius - use MS-CHAPv2 for "login" service authentication;
!) romon - require at least v6.43 RoMON agent when connecting to v6.43 or later RoMON client device;
!) webfig - improved authentication process;
!) winbox - improved authentication process excluding man-in-the-middle possibility;
!) winbox - minimal required version is v3.15;
----------------------

Changes in this release:

!) security - fixed vulnerabilities CVE-2018-1156, CVE-2018-1157, CVE-2018-1158, CVE-2018-1159;
*) bridge - added support for BPDU Guard (CLI only);
*) bridge - added support for DHCP Option 82 (disables hardware offloading, CLI only);
*) bridge - added support for DHCP Snooping (disables hardware offloading, CLI only);
*) bridge - forward LACPDUs when "protocol-mode=none";
*) bridge - improved packet handling;
*) cloud - added simultaneous IPv4/IPv6 support;
*) console - added "dont-require-permissions" parameter for scripts;
*) dhcpv4-relay - fixed false invalid flag presence;
*) dhcpv6-server - do not allow to run DHCPv6 server on slave interface;
*) dhcpv6-server - fixed dynamic simple queue creation for RADIUS bindings;
*) dhcpv6-server - properly update interface for dynamic DHCPv6 servers;
*) ethernet - fixed possible link flaps after disabling/enabling the interface (introduced in v6.43rc51);
*) ethernet - improved large packet handling on ARM devices with wireless;
*) ethernet - removed obsolete slave flag from "/interface vlan" menu;
*) hotspot - fixed customized HTML file usage (introduced in 6.43rc47);
*) ike1 - zero out reserved bytes in NAT-OA payload;
*) ike2 - fixed initiator first policy selection;
*) ippool - improved used address error message;
*) ipsec - added warning messages for incorrect peer configuration;
*) ipsec - separate phase1 proposal configuration from peer menu;
*) ppp - fixed interface enabling after a while if none of them where active;
*) ppp - improved modem mode switching;
*) snmp - added "temp-exception" trap;
*) switch - fixed possible switch chip hangs after initialization on MediaTek and Atheros8327 switch chips;
*) tile - fixed false HW offloading flag for MPLS;
*) tr069-client - allow editing of "provisioning-code" attribute (CLI only);
*) tr069-client - fixed unresponsive tr069 service when blackhole route is present;
*) upgrade - fixed RouterOS upgrade process from RouterOS v5;
*) ups - improved UPS serial parsing stability;
*) w60g - general stability and performance improvements;
*) w60g - stop doing distance measurements after first successful measurement;
*) winbox - added "default-route-distance" parameter for "IPv6/DHCP-client" menu;
*) winbox - fixed "sfp-connector-type" value presence under "Interface/Ethernet";
*) winbox - fixed warning presence for "IP/IPsec/Peers" menu;
*) winbox - fixed "write-sect-since-reboot" value presence under "System/Resources";
*) winbox - show "System/RouterBOARD/Mode Button" on devices that has such feature;
*) wireless - added option to disable PMKID for WPA2 (CLI only);
*) wireless - fixed memory leak when performing wireless scan on ARM;
*) wireless - updated "united-states" regulatory domain information;

Other changes since v6.42.6:

*) backup - added support for new backup file encryption (AES128-CTR) with signatures (SHA256);
*) backup - generate proper file name when devices identity is longer than 32 symbols;
*) bridge - add dynamic CAP interface to tagged ports if "vlan-mode=use-tag" is enabled;
*) bridge - added ingress filtering options to bridge interface;
*) bridge - added initial Q-in-Q support;
*) bridge - added per-port based "tag-stacking" feature;
*) bridge - fixed bridge hw-offloading on MMIPS devices (introduced in v6.43rc10);
*) bridge - fixed dynamic VLAN table entries when using ingress filtering;
*) bridge - fixed "ingress-filtering", "frame-types" and "tag-stacking" value storing;
*) bridge - improved bridge port state changing process;
*) bridge - improved packet processing when bridge port changes states;
*) bridge - improved performance when bridge VLAN filtering is used without hardware offloading;
*) bridge - renamed option "vlan-protocol" to "ether-type";
*) capsman - allow to change "radio-name" (CLI only);
*) capsman - increase timeout for the CAP to CAPsMAN communication;
*) certificate - added "expires-after" parameter;
*) certificate - do not allow to perform "undo" on certificate changes;
*) check-installation - improved system integrity checking;
*) chr - added checksum offload support for Hyper-V installations;
*) chr - added large send offload support for Hyper-V installations;
*) chr - added multiqueue support on Xen installations;
*) chr - added support for multiqueue feature on "virtio-net";
*) chr - added virtual Receive Side Scaling support for Hyper-V installations (might require more RAM assigned than in previous versions);
*) chr - by default enable link state tracking for virtual drivers with "/interface ethernet disable-running-check=no";
*) chr - do not show IRQ entries from removed devices;
*) chr - fixed interface name assign process when running CHR on Hyper-V;
*) chr - fixed interface name order when "virtio-net is not being used on KVM installations;
*) chr - fixed MTU changing process when running CHR on Hyper-V;
*) chr - fixed NIC hotplug for "virtio-net";
*) chr - improved balooning process;
*) chr - improved boot time for Hyper-V installations;
*) chr - provide part of network interface GUID at the beginning of "bindstr2" value when running CHR on Hyper-V;
*) chr - reduced RAM memory required per interface;
*) console - do not show spare parameters on ping command;
*) crs317 - fixed Ethernet inteface stuck on 100 Mbps speed;
*) crs326/crs328 - fixed broken "new-dst-port" ACL rules (introduced in 6.43rc10);
*) crs326/crs328 - fixed untagged packet forwarding through tagged ports when pvid=1;
*) crs328 - fixed transmit on sfp-sfpplus1 and sfp-sfpplus2 interfaces;
*) crs3xx - added command that forces fan detection on fan-equipped devices;
*) crs3xx - added initial Q-in-Q hardware offloading support (CLI only);
*) crs3xx - do not report SFP interface as running when interface on opposite side is disabled;
*) crs3xx - fixed ACL rate rules (introduced in v6.41rc27);
*) crs3xx - fixed flow control;
*) crs3xx - fixed packet forwarding on SFP+ interfaces (introduced in v6.43rc11);
*) crs3xx - fixed port disable on CRS326 and CRS328 devices;
*) crs3xx - fixed tagged packet forwarding in 802.1ad aware bridges (introduced in 6.43rc13);
*) crs3xx - fixed VLAN filtering when there is no tagged interface specified;
*) defconf - fixed missing bridge ports after configuration reset;
*) dhcp - added dynamic IPv4/IPv6 "dual-stack" simple queue support, based on client's MAC address;
*) dhcp - reduced resource usage of DHCP services;
*) dhcpv4-client - fixed DHCP client that was stuck on invalid state;
*) dhcpv4-client - fixed double ACK packet handling;
*) dhcpv4-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv4-server - do not allow override lease "always-broadcast" value based on offer type;
*) dhcpv4-server - fixed DHCP server functionality (introduced in v6.43rc);
*) dhcpv4-server - improved performance when "rate-limit" and/or "address-list" setting is present;
*) dhcpv6-client - added missing "Server identifier" parameter in release message;
*) dhcpv6-client - allow to set "default-route-distance";
*) dhcpv6-client - fixed "add-default-route" parameter;
*) dhcpv6-client - fixed option handling;
*) dhcpv6 - improved reliability on IPv6 DHCP services;
*) dhcpv6-server - added additional RADIUS parameters for Prefix delegation, "rate-limit" and "life-time";
*) dhcpv6-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv6-server - added initial dynamic simple queue support;
*) dude - fixed client auto upgrade (broken since 6.43rc17);
*) ethernet - do not show "combo-state" field if interface is not SFP or copper;
*) ethernet - fixed default ethernet advertise values after configuration reset (introduced in v6.43rc33)
*) ethernet - improved stability when changing ethernet interface L2MTU on CRS328-24P-4S+ (introduced in v6.43rc11);
*) ethernet - properly handle Ethernet interface default configuration;
*) export - do not show w60g password on "hide-sensitive" type of export;
*) filesystem - fixed NAND memory going into read-only mode (requires "factory-firmware" >= 3.41.1 and "current-firmware" >= 6.43);
*) filesystem - improved software crash handling on devices with FLASH type memory;
*) health - fixed voltage measurements for RB493G devices;
*) health - improved speed of health measurement readings;
*) hotspot - allow to properly configure Hotspot directory on external disk for devices that have flash type storage;
*) hotspot - fixed RADIUS CoA & PoD by allowing to accept "NAS-Port-Id";
*) ike1 - added unsafe configuration warning for main mode with pre-shared-key authentication;
*) ike1 - purge both SAs when timer expires;
*) ike2 - fixed rekeyed child deletion during another exchange;
*) ike2 - improved basic exchange logging readability;
*) ike2 - use "/32" netmask by default on initiator if not provided by responder;
*) interface - improved interface "last-link-down-time" and "last-link-up-time" values;
*) interface - improved reliability on dynamic interface handling;
*) ipsec - added "responder" parameter for "mode-config" to allow multiple initiator configurations;
*) ipsec - added "src-address-list" parameter for "mode-config" that generates dynamic "src-nat" rule (CLI only);
*) ipsec - do not allow removal of "proposal" and "mode-config" entries that are in use;
*) ipsec - fixed AES-CTR and AES-GCM key size proposing as initiator;
*) ipsec - fixed "sa-src-address" deduction from "src-address" in tunnel mode;
*) ipsec - fixed "static-dns" value storing (CLI only);
*) ipsec - improved invalid policy handling when a valid policy is uninstalled;
*) ipsec - improved reliability on generated policy addition when IKEv1 or IKEv2 used;
*) ipsec - install all DNS server addresses provided by "mode-config" server;
*) ipsec - use monotonic timer for SA lifetime check;
*) kidcontrol - allow to edit discovered devices;
*) ldp - properly load LDP configuration;
*) led - fixed default LED configuration for RBLHGG-5acD-XL devices;
*) led - improved w60g alignment trigger;
*) log - fixed false log warnings about system status after power on for CRS328-4C-20S-4S+;
*) log - show interface name on OSPF "different MTU" info log messages;
*) lte - added additional D-Link PIDs;
*) lte - added additional ID support for SIM7600 modem;
*) lte - added additional low endpoint SIM7600 PIDs;
*) lte - added eNB ID to info command;
*) lte - added extended LTE signal info for SIM7600 modules;
*) lte - added extended signal information for Quectel LTE EC25 and EP06 modem;
*) lte - added ICCID reading for info command R11e-LTE and R11e-LTE-US (CLI only);
*) lte - added "registration-status" parameter under "/interface lte info" command;
*) lte - added roaming status reading for info command (CLI only);
*) lte - added signal readings under "/interface lte scan" for 3G and GSM modes;
*) lte - added support for alternative SIM7600 PID;
*) lte - added support for Novatel USB730LN modem with new ID;
*) lte - added support for Quanta 1k6e modem;
*) lte - allow to execute concurrent internal AT commands;
*) lte - allow to use multiple PLS modems at the same time;
*) lte - do not allow to remove default APN profile;
*) lte - do not allow to send "at-chat" commands for configless modems;
*) lte - expose GPS channel for PLS modems;
*) lte - fixed memory leak on USB disconnect;
*) lte - fixed SIM7600 registration info;
*) lte - fixed SMS send feature when not in LTE network;
*) lte - ignore empty MAC addresses during Passthrough discovery phase;
*) lte - improved modem event processing;
*) lte - improved r11e-LTE and r11e-LTE-US dialling process;
*) lte - improved r11e-LTE configuration exchange process;
*) lte - improved reading of SMS message after entering running state;
*) lte - improved readings of info command results for the SXT LTE;
*) lte - improved stability of USB LTE interface detection process;
*) lte - properly detect interface state when running for IPv6 only connection for R11e-LTE modem;
*) lte - renamed LTE scan tool field "scan-code" to "mcc-mnc" (CLI only);
*) lte - show UICC in correct format for SXT LTE devices;
*) lte - use "/32" address for the Passthrough feature when R11e-LTE module is used;
*) lte - use alphanumeric operator format in info command;
*) multicast - allow to add more than one RP per IP address for PIM;
*) ntp - allow to specify link-local address for NTP server;
*) ospf - improved link-local LSA flooding;
*) package - do not allow to install out of bundle package if it already exists within bundle;
*) package - renamed "current-version" to "installed-version" under "/system package install";
*) ppp - added support for additional ID for E3531 modem;
*) ppp - show comments from "/ppp secrets" menu within "/ppp active" menu when client is connected;
*) quickset - recognize 160 MHz channel as HomeAP mode;
*) rb1100ahx4 - added DES and 3DES hardware acceleration support;
*) romon - fixed RoMON services becoming unavailable after disabled once during active scanning process;
*) romon - properly classify RoMON sessions in log and active users list;
*) routerboard - allow to fill up to half of the RAM memory with files on devices with FLASH storage;
*) routerboard - fixed "protected-routerboot" feature (introduced in v6.42);
*) routerboard - fixed wrongly reported RAM size on ARM devices;
*) routerboot - removed RAM test from TILE devices (routerboot upgrade required);
*) sfp - fixed DDM data with SFP+ modules on CRS328-4C-20S-4S+ (introduced in v6.43rc10);
*) sfp - fixed default advertised link speeds;
*) sfp - hide "sfp-wavelength" parameter for RJ45 transceivers;
*) smb - fixed valid request handling when additional options are used;
*) sms - converted "keep-max-sms" feature to "auto-erase";
*) sms - do not require "port" and "interface" parameters when sending SMS if already present in configuration;
*) sms - improved reliability on SMS reader;
*) snmp - added CAPsMAN "remote-cap" table;
*) snmp - added "phy-rate" reading for "station-bridge" mode;
*) snmp - fixed "remote-cap" peer MAC address format;
*) ssh - disconnect all active connections when device gets rebooted or turned off;
*) ssh - strengthen strong-crypto (add aes-128-ctr and disallow hmac sha1 and groups with sha1);
*) supout - added "w60g" section to supout file;
*) switch - added support for port isolation by switch chip;
*) swos - implemented "/system swos" menu that allows to upgrade, reset, save or load configuration and change address for dual-boot CRS devices (CLI only);
*) tile - added DES and 3DES hardware acceleration support;
*) tr069-client - fixed setting of "DeviceInfo.ProvisioningCode" parameter;
*) usb - fixed modem initialisation on LtAP mini;
*) usb - fixed power-reset for hAP ac^2 devices;
*) user - all passwords are now hashed and encrypted, plaintext passwords are kept for downgrade (will be removed in later upgrades);
*) userman - fixed compatibility with PayPal TLS 1.2;
*) vrrp - fixed VRRP packet processing on VirtualBox and VMWare hypervisors;
*) vrrp - improved reliability on VRRP interface configured as a bridge port when "use-ip-firewall" is enabled;
*) w60g - added distance measurement feature;
*) w60g - fixed random disconnects;
*) w60g - improved MCS rate detection process;
*) w60g - improved MTU change handling;
*) w60g - properly close connection with station on disconnect;
*) watchdog - added "ping-timeout" setting;
*) webfig - properly display time interval within Kid Control menu;
*) webfig - properly show NTP clients "last-adjustment" value;
*) winbox - added bridge Fast Forward statistics counters;
*) winbox - added "poe-fault" LED trigger;
*) winbox - added "secondary-channel" setting to wireless interface if 80 MHz mode is selected;
*) winbox - fixed arrow key handling within table filter fields;
*) winbox - fixed bridge port MAC learning parameter values;
*) winbox - properly close session when uploading multiple files to the device at the same time;
*) winbox - properly display all flags for bridge host entries;
*) winbox - removed duplicate "20/40/80MHz" value from "channel-width" setting options;
*) winbox - show HT MCS tab when "5ghz-n/ac" band is used;
*) winbox - show "Switch" menu on hAP ac^2 devices;
*) wireless - added option for RADIUS "called-station-id" format selection;
*) wireless - do not disconnect clients when WDS master connects with MAC address "00:00:00:00:00:00";
*) wireless - fixed "/interface wireless sniffer packet print follow" output;
*) wireless - fixed packet processing after removing wireless interface from CAP settings;
*) wireless - fixed wireless interface lockup after period of inactivity;
*) wireless - improved Nv2 reliability on ARM devices;
*) wireless - improved Nv2 stability for 802.11n interfaces on RB953, hAP ac and wAP ac devices;
*) wireless - updated "germany 5.8 ap" and "germany 5.8 fixed p-p" regulatory domain information;
*) x86 - improved Ethernet driver for Davicom DM9x0x;

Download the new 'RouterOS 6.43rc56' version here: https://www.mikrotik.com/download

]]>
TestingTue, 14 Aug 2018 12:57:06 +0300ea7936130cfe2f2aa227709be2533656
RouterOS 6.43rc51 [Testing]https://www.mikrotik.com/download/changelogs/testing

6.43rc51 changelog:

MAJOR CHANGES IN v6.43:
----------------------
!) api - changed authentication process (https://wiki.mikrotik.com/wiki/Manual:API#Initial_login);
!) backup - do not encrypt backup file unless password is provided;
!) btest - requires at least v6.43 Bandwidth Test client when connecting to v6.43 or later version server except when authentication is not required;
!) cloud - added IPv6 support;
!) cloud - added support for licensed CHR instances (including trial);
!) cloud - reworked "/ip cloud ddns-enabled" implementation (suggested to disable service and re-enable after installation process);
!) mac-telnet - require at least v6.43 MAC Telnet client when connecting to v6.43 or later version server;
!) radius - use MS-CHAPv2 for "login" service authentication;
!) romon - require at least v6.43 RoMON agent when connecting to v6.43 or later RoMON client device;
!) webfig - improved authentication process;
!) winbox - improved authentication process excluding man-in-the-middle possibility;
!) winbox - minimal required version is v3.15;
----------------------

Changes in this release:

*) bridge - added per-port based "tag-stacking" feature;
*) bridge - fixed "ingress-filtering", "frame-types" and "tag-stacking" value storing;
*) bridge - improved bridge port state changing process;
*) bridge - improved packet processing when bridge port changes states;
*) bridge - renamed option "vlan-protocol" to "ether-type";
*) certificate - do not allow to perform "undo" on certificate changes;
*) crs3xx - added command that forces fan detection on fan-equipped devices;
*) crs3xx - fixed port disable on CRS326 and CRS328 devices;
*) dhcpv6-client - allow to set "default-route-distance";
*) dhcpv6-client - fixed "add-default-route" parameter;
*) dhcpv6-client - fixed option handling;
*) dhcpv6-server - added additional RADIUS parameters for Prefix delegation, "rate-limit" and "life-time";
*) ethernet - fixed default ethernet advertise values after configuration reset (introduced in v6.43rc33)
*) filesystem - fixed NAND memory going into read-only mode (requires "factory-firmware" >= 3.41.1 and "current-firmware" >= 6.43);
*) health - fixed voltage measurements for RB493G devices;
*) hotspot - allow to properly configure Hotspot directory on external disk for devices that have flash type storage;
*) hotspot - fixed RADIUS CoA & PoD by allowing to accept "NAS-Port-Id";
*) ike1 - added unsafe configuration warning for main mode with pre-shared-key authentication;
*) ike1 - zero out reserved bytes in NAT-OA payload;
*) ike2 - fixed rekeyed child deletion during another exchange;
*) ike2 - improved basic exchange logging readability;
*) ipsec - fixed "sa-src-address" deduction from "src-address" in tunnel mode;
*) ipsec - fixed "static-dns" value storing (CLI only);
*) ipsec - fixed AES-CTR and AES-GCM key size proposing as initiator;
*) ldp - properly load LDP configuration;
*) led - fixed default LED configuration for RBLHGG-5acD-XL devices;
*) lte - added "registration-status" parameter under "/interface lte info" command;
*) lte - added additional D-Link PIDs;
*) lte - added additional low endpoint SIM7600 PIDs;
*) lte - added signal readings under "/interface lte scan" for 3G and GSM modes;
*) lte - fixed memory leak on USB disconnect;
*) lte - fixed SMS send feature when not in LTE network;
*) lte - ignore empty MAC addresses during Passthrough discovery phase;
*) lte - properly detect interface state when running for IPv6 only connection for R11e-LTE modem;
*) multicast - allow to add more than one RP per IP address for PIM;
*) ospf - improved link-local LSA flooding;
*) rb1100ahx4 - added DES and 3DES hardware acceleration support;
*) routerboot - removed RAM test from TILE devices (routerboot upgrade required);
*) sfp - hide "sfp-wavelength" parameter for RJ45 transceivers;
*) snmp - added "phy-rate" reading for "station-bridge" mode;
*) snmp - fixed "remote-cap" peer MAC address format;
*) ssh - strengthen strong-crypto (add aes-128-ctr and disallow hmac sha1 and groups with sha1);
*) tile - added DES and 3DES hardware acceleration support;
*) w60g - added distance measurement feature;
*) w60g - fixed random disconnects;
*) w60g - improved MCS rate detection process;
*) w60g - improved MTU change handling;
*) w60g - properly close connection with station on disconnect;
*) wireless - fixed "/interface wireless sniffer packet print follow" output;
*) wireless - fixed packet processing after removing wireless interface from CAP settings;

Other changes since v6.42.6:

*) backup - added support for new backup file encryption (AES128-CTR) with signatures (SHA256);
*) backup - generate proper file name when devices identity is longer than 32 symbols;
*) bridge - add dynamic CAP interface to tagged ports if "vlan-mode=use-tag" is enabled;
*) bridge - added ingress filtering options to bridge interface;
*) bridge - added initial Q-in-Q support;
*) bridge - fixed bridge hw-offloading on MMIPS devices (introduced in v6.43rc10);
*) bridge - fixed dynamic VLAN table entries when using ingress filtering;
*) bridge - improved performance when bridge VLAN filtering is used without hardware offloading;
*) capsman - allow to change "radio-name" (CLI only);
*) capsman - increase timeout for the CAP to CAPsMAN communication;
*) certificate - added "expires-after" parameter;
*) check-installation - improved system integrity checking;
*) chr - added checksum offload support for Hyper-V installations;
*) chr - added large send offload support for Hyper-V installations;
*) chr - added multiqueue support on Xen installations;
*) chr - added support for multiqueue feature on "virtio-net";
*) chr - added virtual Receive Side Scaling support for Hyper-V installations (might require more RAM assigned than in previous versions);
*) chr - by default enable link state tracking for virtual drivers with "/interface ethernet disable-running-check=no";
*) chr - do not show IRQ entries from removed devices;
*) chr - fixed interface name assign process when running CHR on Hyper-V;
*) chr - fixed interface name order when "virtio-net is not being used on KVM installations;
*) chr - fixed MTU changing process when running CHR on Hyper-V;
*) chr - fixed NIC hotplug for "virtio-net";
*) chr - improved balooning process;
*) chr - improved boot time for Hyper-V installations;
*) chr - provide part of network interface GUID at the beginning of "bindstr2" value when running CHR on Hyper-V;
*) chr - reduced RAM memory required per interface;
*) console - do not show spare parameters on ping command;
*) crs317 - fixed Ethernet inteface stuck on 100 Mbps speed;
*) crs326/crs328 - fixed broken "new-dst-port" ACL rules (introduced in 6.43rc10);
*) crs326/crs328 - fixed untagged packet forwarding through tagged ports when pvid=1;
*) crs328 - fixed transmit on sfp-sfpplus1 and sfp-sfpplus2 interfaces;
*) crs3xx - added initial Q-in-Q hardware offloading support (CLI only);
*) crs3xx - do not report SFP interface as running when interface on opposite side is disabled;
*) crs3xx - fixed ACL rate rules (introduced in v6.41rc27);
*) crs3xx - fixed flow control;
*) crs3xx - fixed packet forwarding on SFP+ interfaces (introduced in v6.43rc11);
*) crs3xx - fixed tagged packet forwarding in 802.1ad aware bridges (introduced in 6.43rc13);
*) crs3xx - fixed VLAN filtering when there is no tagged interface specified;
*) defconf - fixed missing bridge ports after configuration reset;
*) dhcp - added dynamic IPv4/IPv6 "dual-stack" simple queue support, based on client's MAC address;
*) dhcp - reduced resource usage of DHCP services;
*) dhcpv4-client - fixed DHCP client that was stuck on invalid state;
*) dhcpv4-client - fixed double ACK packet handling;
*) dhcpv4-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv4-server - do not allow override lease "always-broadcast" value based on offer type;
*) dhcpv4-server - fixed DHCP server functionality (introduced in v6.43rc);
*) dhcpv4-server - improved performance when "rate-limit" and/or "address-list" setting is present;
*) dhcpv6 - improved reliability on IPv6 DHCP services;
*) dhcpv6-client - added missing "Server identifier" parameter in release message;
*) dhcpv6-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv6-server - added initial dynamic simple queue support;
*) dude - fixed client auto upgrade (broken since 6.43rc17);
*) ethernet - do not show "combo-state" field if interface is not SFP or copper;
*) ethernet - improved stability when changing ethernet interface L2MTU on CRS328-24P-4S+ (introduced in v6.43rc11);
*) ethernet - properly handle Ethernet interface default configuration;
*) export - do not show w60g password on "hide-sensitive" type of export;
*) filesystem - improved software crash handling on devices with FLASH type memory;
*) health - improved speed of health measurement readings;
*) ike1 - purge both SAs when timer expires;
*) ike2 - use "/32" netmask by default on initiator if not provided by responder;
*) interface - improved interface "last-link-down-time" and "last-link-up-time" values;
*) interface - improved reliability on dynamic interface handling;
*) ipsec - added "responder" parameter for "mode-config" to allow multiple initiator configurations;
*) ipsec - added "src-address-list" parameter for "mode-config" that generates dynamic "src-nat" rule (CLI only);
*) ipsec - added warning messages for incorrect peer configuration;
*) ipsec - do not allow removal of "proposal" and "mode-config" entries that are in use;
*) ipsec - improved invalid policy handling when a valid policy is uninstalled;
*) ipsec - improved reliability on generated policy addition when IKEv1 or IKEv2 used;
*) ipsec - install all DNS server addresses provided by "mode-config" server;
*) ipsec - separate phase1 proposal configuration from peer menu;
*) ipsec - use monotonic timer for SA lifetime check;
*) kidcontrol - allow to edit discovered devices;
*) led - improved w60g alignment trigger;
*) log - fixed false log warnings about system status after power on for CRS328-4C-20S-4S+;
*) log - show interface name on OSPF "different MTU" info log messages;
*) lte - added additional ID support for SIM7600 modem;
*) lte - added eNB ID to info command;
*) lte - added extended LTE signal info for SIM7600 modules;
*) lte - added extended signal information for Quectel LTE EC25 and EP06 modem;
*) lte - added ICCID reading for info command R11e-LTE and R11e-LTE-US (CLI only);
*) lte - added roaming status reading for info command (CLI only);
*) lte - added support for alternative SIM7600 PID;
*) lte - added support for Novatel USB730LN modem with new ID;
*) lte - added support for Quanta 1k6e modem;
*) lte - allow to execute concurrent internal AT commands;
*) lte - allow to use multiple PLS modems at the same time;
*) lte - do not allow to remove default APN profile;
*) lte - do not allow to send "at-chat" commands for configless modems;
*) lte - expose GPS channel for PLS modems;
*) lte - fixed SIM7600 registration info;
*) lte - improved modem event processing;
*) lte - improved r11e-LTE and r11e-LTE-US dialling process;
*) lte - improved r11e-LTE configuration exchange process;
*) lte - improved reading of SMS message after entering running state;
*) lte - improved readings of info command results for the SXT LTE;
*) lte - improved stability of USB LTE interface detection process;
*) lte - renamed LTE scan tool field "scan-code" to "mcc-mnc" (CLI only);
*) lte - show UICC in correct format for SXT LTE devices;
*) lte - use "/32" address for the Passthrough feature when R11e-LTE module is used;
*) lte - use alphanumeric operator format in info command;
*) ntp - allow to specify link-local address for NTP server;
*) package - do not allow to install out of bundle package if it already exists within bundle;
*) package - renamed "current-version" to "installed-version" under "/system package install";
*) ppp - added support for additional ID for E3531 modem;
*) ppp - show comments from "/ppp secrets" menu within "/ppp active" menu when client is connected;
*) quickset - recognize 160 MHz channel as HomeAP mode;
*) romon - fixed RoMON services becoming unavailable after disabled once during active scanning process;
*) romon - properly classify RoMON sessions in log and active users list;
*) routerboard - allow to fill up to half of the RAM memory with files on devices with FLASH storage;
*) routerboard - fixed "protected-routerboot" feature (introduced in v6.42);
*) routerboard - fixed wrongly reported RAM size on ARM devices;
*) sfp - fixed DDM data with SFP+ modules on CRS328-4C-20S-4S+ (introduced in v6.43rc10);
*) sfp - fixed default advertised link speeds;
*) smb - fixed valid request handling when additional options are used;
*) sms - converted "keep-max-sms" feature to "auto-erase";
*) sms - do not require "port" and "interface" parameters when sending SMS if already present in configuration;
*) sms - improved reliability on SMS reader;
*) snmp - added CAPsMAN "remote-cap" table;
*) ssh - disconnect all active connections when device gets rebooted or turned off;
*) supout - added "w60g" section to supout file;
*) switch - added support for port isolation by switch chip;
*) swos - implemented "/system swos" menu that allows to upgrade, reset, save or load configuration and change address for dual-boot CRS devices (CLI only);
*) tr069-client - fixed setting of "DeviceInfo.ProvisioningCode" parameter;
*) usb - fixed modem initialisation on LtAP mini;
*) usb - fixed power-reset for hAP ac^2 devices;
*) user - all passwords are now hashed and encrypted, plaintext passwords are kept for downgrade (will be removed in later upgrades);
*) userman - fixed compatibility with PayPal TLS 1.2;
*) vrrp - fixed VRRP packet processing on VirtualBox and VMWare hypervisors;
*) vrrp - improved reliability on VRRP interface configured as a bridge port when "use-ip-firewall" is enabled;
*) watchdog - added "ping-timeout" setting;
*) webfig - properly display time interval within Kid Control menu;
*) webfig - properly show NTP clients "last-adjustment" value;
*) winbox - added "poe-fault" LED trigger;
*) winbox - added "secondary-channel" setting to wireless interface if 80 MHz mode is selected;
*) winbox - added bridge Fast Forward statistics counters;
*) winbox - fixed arrow key handling within table filter fields;
*) winbox - fixed bridge port MAC learning parameter values;
*) winbox - properly close session when uploading multiple files to the device at the same time;
*) winbox - properly display all flags for bridge host entries;
*) winbox - removed duplicate "20/40/80MHz" value from "channel-width" setting options;
*) winbox - show "Switch" menu on hAP ac^2 devices;
*) winbox - show "System/RouterBOARD/Mode Button" on devices that has such feature;
*) winbox - show HT MCS tab when "5ghz-n/ac" band is used;
*) wireless - added option for RADIUS "called-station-id" format selection;
*) wireless - do not disconnect clients when WDS master connects with MAC address "00:00:00:00:00:00";
*) wireless - fixed wireless interface lockup after period of inactivity;
*) wireless - improved Nv2 reliability on ARM devices;
*) wireless - improved Nv2 stability for 802.11n interfaces on RB953, hAP ac and wAP ac devices;
*) wireless - updated "germany 5.8 ap" and "germany 5.8 fixed p-p" regulatory domain information;
*) x86 - improved Ethernet driver for Davicom DM9x0x;

Download the new 'RouterOS 6.43rc51' version here: https://www.mikrotik.com/download

]]>
TestingThu, 02 Aug 2018 11:42:30 +030055725473bec4940e52f0853f9fd5064c
RouterOS 6.43rc45 [Testing]https://www.mikrotik.com/download/changelogs/testing

6.43rc45 changelog:

MAJOR CHANGES IN v6.43:
----------------------
!) api - changed authentication process (https://wiki.mikrotik.com/wiki/Manual:API#Initial_login);
!) backup - do not encrypt backup file unless password is provided;
!) btest - requires at least v6.43 Bandwidth Test client when connecting to v6.43 or later version server except when authentication is not required;
!) cloud - added IPv6 support;
!) cloud - added support for licensed CHR instances (including trial);
!) cloud - reworked "/ip cloud ddns-enabled" implementation (suggested to disable service and re-enable after installation process);
!) mac-telnet - require at least v6.43 MAC Telnet client when connecting to v6.43 or later version server;
!) radius - use MS-CHAPv2 for "login" service authentication;
!) romon - require at least v6.43 RoMON agent when connecting to v6.43 or later RoMON client device;
!) webfig - improved authentication process;
!) winbox - improved authentication process excluding man-in-the-middle possibility;
!) winbox - minimal required version is v3.15;
----------------------

Changes in this release:

*) ethernet - improved stability when changing ethernet interface L2MTU on CRS328-24P-4S+ (introduced in v6.43rc11);
*) ipsec - improved invalid policy handling when a valid policy is uninstalled;
*) lte - added additional ID support for SIM7600 modem;
*) sfp - fixed default advertised link speeds;
*) vrrp - fixed VRRP packet processing on VirtualBox and VMWare hypervisors;
*) winbox - properly display all flags for bridge host entries;
*) winbox - show "System/RouterBOARD/Mode Button" on devices that has such feature;
*) wireless - improved Nv2 reliability on ARM devices;

Other changes since v6.42.6:

*) backup - added support for new backup file encryption (AES128-CTR) with signatures (SHA256);
*) backup - generate proper file name when devices identity is longer than 32 symbols;
*) bridge - add dynamic CAP interface to tagged ports if "vlan-mode=use-tag" is enabled;
*) bridge - added ingress filtering options to bridge interface;
*) bridge - added initial Q-in-Q support;
*) bridge - fixed bridge hw-offloading on MMIPS devices (introduced in v6.43rc10);
*) bridge - fixed dynamic VLAN table entries when using ingress filtering;
*) bridge - improved performance when bridge VLAN filtering is used without hardware offloading;
*) capsman - allow to change "radio-name" (CLI only);
*) capsman - increase timeout for the CAP to CAPsMAN communication;
*) certificate - added "expires-after" parameter;
*) check-installation - improved system integrity checking;
*) chr - added checksum offload support for Hyper-V installations;
*) chr - added large send offload support for Hyper-V installations;
*) chr - added multiqueue support on Xen installations;
*) chr - added support for multiqueue feature on "virtio-net";
*) chr - added virtual Receive Side Scaling support for Hyper-V installations (might require more RAM assigned than in previous versions);
*) chr - by default enable link state tracking for virtual drivers with "/interface ethernet disable-running-check=no";
*) chr - do not show IRQ entries from removed devices;
*) chr - fixed interface name assign process when running CHR on Hyper-V;
*) chr - fixed interface name order when "virtio-net is not being used on KVM installations;
*) chr - fixed MTU changing process when running CHR on Hyper-V;
*) chr - fixed NIC hotplug for "virtio-net";
*) chr - improved balooning process;
*) chr - improved boot time for Hyper-V installations;
*) chr - provide part of network interface GUID at the beginning of "bindstr2" value when running CHR on Hyper-V;
*) chr - reduced RAM memory required per interface;
*) console - do not show spare parameters on ping command;
*) crs317 - fixed Ethernet inteface stuck on 100 Mbps speed;
*) crs326/crs328 - fixed broken "new-dst-port" ACL rules (introduced in 6.43rc10);
*) crs326/crs328 - fixed untagged packet forwarding through tagged ports when pvid=1;
*) crs328 - fixed transmit on sfp-sfpplus1 and sfp-sfpplus2 interfaces;
*) crs3xx - added initial Q-in-Q hardware offloading support (CLI only);
*) crs3xx - do not report SFP interface as running when interface on opposite side is disabled;
*) crs3xx - fixed ACL rate rules (introduced in v6.41rc27);
*) crs3xx - fixed flow control;
*) crs3xx - fixed packet forwarding on SFP+ interfaces (introduced in v6.43rc11);
*) crs3xx - fixed tagged packet forwarding in 802.1ad aware bridges (introduced in 6.43rc13);
*) crs3xx - fixed VLAN filtering when there is no tagged interface specified;
*) defconf - fixed missing bridge ports after configuration reset;
*) dhcp - added dynamic IPv4/IPv6 "dual-stack" simple queue support, based on client's MAC address;
*) dhcp - reduced resource usage of DHCP services;
*) dhcpv4-client - fixed DHCP client that was stuck on invalid state;
*) dhcpv4-client - fixed double ACK packet handling;
*) dhcpv4-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv4-server - do not allow override lease "always-broadcast" value based on offer type;
*) dhcpv4-server - fixed DHCP server functionality (introduced in v6.43rc);
*) dhcpv4-server - improved performance when "rate-limit" and/or "address-list" setting is present;
*) dhcpv6-client - added missing "Server identifier" parameter in release message;
*) dhcpv6 - improved reliability on IPv6 DHCP services;
*) dhcpv6-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv6-server - added initial dynamic simple queue support;
*) dude - fixed client auto upgrade (broken since 6.43rc17);
*) ethernet - do not show "combo-state" field if interface is not SFP or copper;
*) ethernet - properly handle Ethernet interface default configuration;
*) export - do not show w60g password on "hide-sensitive" type of export;
*) filesystem - improved software crash handling on devices with FLASH type memory;
*) health - improved speed of health measurement readings;
*) ike1 - purge both SAs when timer expires;
*) ike2 - use "/32" netmask by default on initiator if not provided by responder;
*) interface - improved interface "last-link-down-time" and "last-link-up-time" values;
*) interface - improved reliability on dynamic interface handling;
*) ipsec - added "responder" parameter for "mode-config" to allow multiple initiator configurations;
*) ipsec - added "src-address-list" parameter for "mode-config" that generates dynamic "src-nat" rule (CLI only);
*) ipsec - added warning messages for incorrect peer configuration;
*) ipsec - do not allow removal of "proposal" and "mode-config" entries that are in use;
*) ipsec - improved reliability on generated policy addition when IKEv1 or IKEv2 used;
*) ipsec - install all DNS server addresses provided by "mode-config" server;
*) ipsec - separate phase1 proposal configuration from peer menu;
*) ipsec - use monotonic timer for SA lifetime check;
*) kidcontrol - allow to edit discovered devices;
*) led - improved w60g alignment trigger;
*) log - fixed false log warnings about system status after power on for CRS328-4C-20S-4S+;
*) log - show interface name on OSPF "different MTU" info log messages;
*) lte - added eNB ID to info command;
*) lte - added extended LTE signal info for SIM7600 modules;
*) lte - added extended signal information for Quectel LTE EC25 and EP06 modem;
*) lte - added ICCID reading for info command R11e-LTE and R11e-LTE-US (CLI only);
*) lte - added roaming status reading for info command (CLI only);
*) lte - added support for alternative SIM7600 PID;
*) lte - added support for Novatel USB730LN modem with new ID;
*) lte - added support for Quanta 1k6e modem;
*) lte - allow to execute concurrent internal AT commands;
*) lte - allow to use multiple PLS modems at the same time;
*) lte - do not allow to remove default APN profile;
*) lte - do not allow to send "at-chat" commands for configless modems;
*) lte - expose GPS channel for PLS modems;
*) lte - fixed SIM7600 registration info;
*) lte - improved modem event processing;
*) lte - improved r11e-LTE and r11e-LTE-US dialling process;
*) lte - improved r11e-LTE configuration exchange process;
*) lte - improved reading of SMS message after entering running state;
*) lte - improved readings of info command results for the SXT LTE;
*) lte - improved stability of USB LTE interface detection process;
*) lte - renamed LTE scan tool field "scan-code" to "mcc-mnc" (CLI only);
*) lte - show UICC in correct format for SXT LTE devices;
*) lte - use "/32" address for the Passthrough feature when R11e-LTE module is used;
*) lte - use alphanumeric operator format in info command;
*) ntp - allow to specify link-local address for NTP server;
*) package - do not allow to install out of bundle package if it already exists within bundle;
*) package - renamed "current-version" to "installed-version" under "/system package install";
*) ppp - added support for additional ID for E3531 modem;
*) ppp - show comments from "/ppp secrets" menu within "/ppp active" menu when client is connected;
*) quickset - recognize 160 MHz channel as HomeAP mode;
*) romon - fixed RoMON services becoming unavailable after disabled once during active scanning process;
*) romon - properly classify RoMON sessions in log and active users list;
*) routerboard - allow to fill up to half of the RAM memory with files on devices with FLASH storage;
*) routerboard - fixed "protected-routerboot" feature (introduced in v6.42);
*) routerboard - fixed wrongly reported RAM size on ARM devices;
*) sfp - fixed DDM data with SFP+ modules on CRS328-4C-20S-4S+ (introduced in v6.43rc10);
*) smb - fixed valid request handling when additional options are used;
*) sms - converted "keep-max-sms" feature to "auto-erase";
*) sms - do not require "port" and "interface" parameters when sending SMS if already present in configuration;
*) sms - improved reliability on SMS reader;
*) snmp - added CAPsMAN "remote-cap" table;
*) ssh - disconnect all active connections when device gets rebooted or turned off;
*) supout - added "w60g" section to supout file;
*) switch - added support for port isolation by switch chip;
*) swos - implemented "/system swos" menu that allows to upgrade, reset, save or load configuration and change address for dual-boot CRS devices (CLI only);
*) tr069-client - fixed setting of "DeviceInfo.ProvisioningCode" parameter;
*) usb - fixed modem initialisation on LtAP mini;
*) usb - fixed power-reset for hAP ac^2 devices;
*) user - all passwords are now hashed and encrypted, plaintext passwords are kept for downgrade (will be removed in later upgrades);
*) userman - fixed compatibility with PayPal TLS 1.2;
*) vrrp - improved reliability on VRRP interface configured as a bridge port when "use-ip-firewall" is enabled;
*) w60g - temporary disabled distance measurement feature;
*) watchdog - added "ping-timeout" setting;
*) webfig - properly display time interval within Kid Control menu;
*) webfig - properly show NTP clients "last-adjustment" value;
*) winbox - added bridge Fast Forward statistics counters;
*) winbox - added "poe-fault" LED trigger;
*) winbox - added "secondary-channel" setting to wireless interface if 80 MHz mode is selected;
*) winbox - fixed arrow key handling within table filter fields;
*) winbox - fixed bridge port MAC learning parameter values;
*) winbox - properly close session when uploading multiple files to the device at the same time;
*) winbox - removed duplicate "20/40/80MHz" value from "channel-width" setting options;
*) winbox - show HT MCS tab when "5ghz-n/ac" band is used;
*) winbox - show "Switch" menu on hAP ac^2 devices;
*) wireless - added option for RADIUS "called-station-id" format selection;
*) wireless - do not disconnect clients when WDS master connects with MAC address "00:00:00:00:00:00";
*) wireless - fixed wireless interface lockup after period of inactivity;
*) wireless - improved Nv2 stability for 802.11n interfaces on RB953, hAP ac and wAP ac devices;
*) wireless - updated "germany 5.8 ap" and "germany 5.8 fixed p-p" regulatory domain information;
*) x86 - improved Ethernet driver for Davicom DM9x0x;

Download the new 'RouterOS 6.43rc45' version here: https://www.mikrotik.com/download

]]>
TestingMon, 23 Jul 2018 08:56:39 +030035ed4eb9e169eeb54489dd1d16701f30