en-usMikroTik Downloadhttps://www.mikrotik.comCopyright 2018, Mikrotikls LtdMikroTik Rss60Feed for newest RouterOS updates.RouterOS 6.43rc3 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.43rc3 changelog:

*) bridge - fixed hardware offloading for MMIPS and PPC devices;
*) bridge - fixed LLDP packet receiving;
*) certificate - add "expires-after" parameter (CLI only);
*) chr - added checksum offload support for Hyper-V installations;
*) chr - added large send offload support for Hyper-V installations;
*) chr - added multiqueue support on Xen installations;
*) chr - added support for multiqueue feature on "virtio-net";
*) chr - added virtual Receive Side Scaling support for Hyper-V installations;
*) chr - do not show IRQ entries from removed devices;
*) chr - fixed NIC hotplug for "virtio-net";
*) chr - improved boot time for Hyper-V installations;
*) crs317 - fixed link flapping when inserted S+RJ10 module without any cable;
*) crs3xx - fixed failing connections through bonding in bridge;
*) ike2 - use "policy-template-group" parameter when picking proposal as initiator;
*) ipsec - added "responder" parameter for "mode-config" to allow multiple initiator configurations (CLI only);
*) ipsec - added "src-address-list" parameter for "mode-config" that generates dynamic "src-nat" rule (CLI only);
*) ipsec - added warning messages for incorrect peer configuration;
*) ipsec - do not allow removal of "proposal" and "mode-config" entries that are in use;
*) ipsec - separate phase1 proposal configuration from peer menu (CLI only);
*) led - added "dark-mode" functionality for hAP ac and hAP ac^2 devices;
*) led - improved w60g alignment trigger;
*) log - show interface name on OSPF "different MTU" info log messages;
*) lte - added extended LTE signal info for SIM7600 modules;
*) lte - allow to send "at-chat" command over disabled LTE interface;
*) lte - allow to use multiple PLS modems at the same time;
*) lte - expose GPS channel for PLS modems;
*) lte - fixed SIM7600 registration info;
*) routerboard - allow to fill up to half of the RAM memory with files on devices with FLASH storage;
*) routerboard - fixed "mode-button" support on hAP lite r2 devices;
*) w60g - allow to manually set "tx-sector" value;
*) w60g - fixed incorrect RSSI readings;
*) w60g - show phy rate on "/interface w60g monitor" (CLI only);
*) winbox - added bridge Fast Forward statistics counters;
*) winbox - allow to specify "any" as wireless "access-list" interface;
*) winbox - fixed "/ip dhcp-server network set dns-none" parameter;
*) winbox - fixed bridge port MAC learning parameter values;
*) winbox - show "Switch" menu on cAP ac devices;
*) winbox - show correct "Switch" menus on CRS328-24P-4S+;
*) wireless - enable all chains by default on devices without external antennas after configuration reset;
*) wireless - improved compatibility with BCM chipset devices;

Download the new 'RouterOS 6.43rc3' version here: https://www.mikrotik.com/download

]]>
Release candidateFri, 20 Apr 2018 13:54:26 +03006bb9bcdafd3a06a64382a4d93b46e48d
RouterOS 6.42 [Current]https://www.mikrotik.com/download/changelogs/current

6.42 changelog:

*) bridge - added host aging timer for CRS3xx and Atheros hw-bridges;
*) bridge - added per-port forwarding options for broadcasts, unknown-multicasts and unknown-unicasts;
*) bridge - added per-port learning options;
*) bridge - added support for static hosts;
*) bridge - fixed "master-port" configuration conversion from pre-v6.41 RouterOS versions;
*) bridge - fixed bridge port interface parameter under "/interface bridge host print detail";
*) bridge - fixed false MAC address learning on hAP ac^2 and cAP ac devices;
*) bridge - fixed incorrect "fast-forward" enabling when ports were switched;
*) bridge - fixed MAC learning for VRRP interfaces on bridge;
*) bridge - fixed reliability on software bridges when used on devices without switch chip;
*) bridge - hide options for disabled bridge features in CLI;
*) bridge - show "hw" flags only on Ethernet interfaces and interface lists;
*) capsman - added "allow-signal-out-of-range" option for Access List entries;
*) capsman - added support for "interface-list" in Access List and Datapath entries;
*) capsman - improved CAPsMAN responsiveness with large amount of CAP interfaces;
*) capsman - log "signal-strength" when successfully connected to AP;
*) certificate - added PKCS#10 version check;
*) certificate - dropped DES support and added AES instead for SCEP;
*) certificate - dropped MD5 support and require SHA1 as minimum for SCEP;
*) certificate - fixed incorrect SCEP URL after an upgrade;
*) chr - added "open-vm-tools" on VMware installations;
*) chr - added "qemu-guest-agent" and "virtio-scsi" driver on KVM installations;
*) chr - added "xe-daemon" on Xen installations;
*) chr - added support for Amazon Elastic Network Adapter (ENA) driver;
*) chr - added support for booting from NVMe disks;
*) chr - added support for Hyper-V ballooning, guest quiescing, host-guest file transfer, integration services and static IP injection;
*) chr - added support for NIC hot-plug on VMware and Xen installations;
*) chr - fixed additional disk detaching on Xen installations;
*) chr - fixed interface matching by name on VMware installations;
*) chr - fixed interface naming order when adding more than 4 interfaces on VMware installations;
*) chr - fixed suspend on Xen installations;
*) chr - make additional disks visible under "/disk" on Xen installations;
*) chr - make Virtio disks visible under "/disk" on KVM installations;
*) chr - run startup scripts on the first boot on AWS and Google Cloud installations;
*) console - fixed "idpr-cmtp" protocol by changing its value from 39 to 38;
*) console - improved console stability after it has not been used for a long time;
*) crs1xx/2xx - added BPDU value for "ingress-vlan-translation" menu "protocol" option;
*) crs212 - fixed Ethernet boot when connected to boot server through CRS326 device;
*) crs326 - fixed known multicast flooding to the CPU;
*) crs3xx - added switch port "storm-rate" limiting options;
*) crs3xx - added “hw-offload” support for 802.3ad and “balance-xor” bonding;
*) detnet - fixed "detect-internet" feature unavailability if router had too long identity (introduced in v6.41);
*) dhcp - improved DHCP service reliability when it is configured on bridge interface;
*) dhcp - reduced resource usage of DHCP services;
*) dhcpv4-server - added "dns-none" option to "/ip dhcp-server network dns";
*) dhcpv6 - make sure that time is set before restoring bindings;
*) dhcpv6-client - added info exchange support;
*) dhcpv6-client - added possibility to specify options;
*) dhcpv6-client - added support for options 15 and 16;
*) dhcpv6-client - implement confirm after reboot;
*) dhcpv6-server - added DHCPv4 style user options;
*) dns - do not generate "Undo" messages on changes to dynamic servers;
*) email - set maximum number of sessions to 100;
*) fetch - added "http-content-type" option to allow setting MIME type of the data in free text form;
*) fetch - added "output" option for all modes in order to return result to file, variable or ignore it;
*) fetch - increased maximum number of sessions to 100;
*) filesystem - implemented additional system storage maintenance checks on ARM CPU based devices;
*) flashfig - properly apply configuration provided by Flashfig;
*) gps - improved NMEA sentence handling;
*) health - added log warning when switching between redundant power supplies;
*) health - fixed empty measurements on CRS328-24P-4S+RM;
*) hotspot - improved HTTPS matching in Walled Garden rules;
*) ike1 - display error message when peer requests "mode-config" when it is not configured;
*) ike1 - do not accept "mode-config" reply more than once;
*) ike1 - fixed wildcard policy lookup on responder;
*) ike2 - fixed framed IP address received from RADIUS server;
*) interface - improved interface configuration responsiveness;
*) ippool - added ability to specify comment;
*) ippool6 - added pool name to "no more addresses left" error message;
*) ipsec - fixed AES-CTR and AES-GCM support on RB1200;
*) ipsec - improved single tunnel hardware acceleration performance on MMIPS devices;
*) ipsec - properly detect interface for "mode-config" client IP address assignment;
*) ipv6 - fixed IPv6 behaviour when bridge port leaves bridge;
*) ipv6 - update IPv6 DNS from RA only when it is changed;
*) kidcontrol - initial work on "/ip kid-control" feature;
*) led - added "Dark Mode" support for wAP 60G;
*) led - added w60g alignment trigger;
*) led - fixed unused "link-act-led" LED trigger on RBLHG 2nD, RBLHG 2nD-XL and RBSXTsq 2nD;
*) led - removed unused "link-act-led" trigger for devices which does not use it;
*) lte - added initial support for Quectel LTE EP06-E;
*) lte - added initial support for SIM7600 LTE modem interface;
*) lte - added support for the user and password authentication for wAP-LTE-kit-US (R11e-LTE-US);
*) lte - do not add DHCP client on LTE modems that doesn't use DHCP;
*) lte - fixed DHCP client adding for MF823 modem;
*) lte - fixed LTE band setting for SXT LTE;
*) mac-ping - fixed duplicate responses;
*) modem - added initial support for AC340U;
*) netinstall - fixed MMIPS RouterOS package description;
*) netinstall - sign Netinstall executable with an Extended Validation Code Signing Certificate;
*) netwatch - limit to read, write, test and reboot policies for Netwatch script execution;
*) poe - do not show "poe-out-current" on devices which can not determine it;
*) poe - hide PoE related properties on interfaces that does not provide power output;
*) ppp - added initial support for NETGEAR AC340U and ZyXEL WAH1604;
*) ppp - allow to override remote user PPP profile via "Mikrotik-Group";
*) quickset - fixed NAT if PPPoE client is used for Internet access;
*) quickset - properly detect IP address when one of the bridge modes is used;
*) quickset - properly detect LTE interface on startup;
*) quickset - show "G" flag for guest users;
*) quickset - use "/24" subnet for local network by default;
*) r11e-lte - improved LTE connection initialization process;
*) rb1100ahx4 - improved reliability on hardware encryption;
*) routerboard - added RouterBOOT "auto-upgrade" after RouterOS upgrade (extra reboot required);
*) routerboard - properly detect hAP ac^2 RAM size;
*) sniffer - fixed "/tool sniffer packet" results listed in incorrect order;
*) snmp - added "/caps-man interface print oid";
*) snmp - added "/interface w60g print oid";
*) snmp - added "board-name" OID;
*) snmp - improved request processing performance for wireless and CAP interfaces;
*) ssh - fixed SSH service becoming unavailable;
*) ssh - generate SSH keys only on the first connect attempt instead of the first boot;
*) ssh - improved key import error messages;
*) ssh - remove imported public SSH keys when their owner user is removed;
*) switch - hide "ingress-rate" and "egress-rate" for non-CRS3xx switches;
*) tile - added "aes-ctr" hardware acceleration support;
*) tr069-client - added "DownloadDiagnostics" and "UploadDiagnostics";
*) tr069-client - correctly return “TransferComplete” after vendor configuration file transfer;
*) tr069-client - fixed "/tool fetch" commands executed with ".alter" script;
*) tr069-client - fixed HTTPS authentication process;
*) traffic-flow - fixed IPv6 destination address value when IPFIX protocol is used;
*) upgrade - improved RouterOS upgrade process and restrict upgrade from RouterOS older than v5.16;
*) ups - improved communication between router and UPS;
*) ups - improved disconnect message handling between RouterOS and UPS;
*) userman - added support for ARM and MMIPS platform;
*) w60g - added "tx-power" setting (CLI only);
*) w60g - added RSSI information (CLI only);
*) w60g - added TX sector alignment information (CLI only);
*) watchdog - retry to send "autosupout.rif" file to an e-mail if initial delivery failed up to 3 times within 20 second interval;
*) winbox - added "antenna" setting under GPS settings for MIPS platform devices;
*) winbox - added "crl-store" setting to certificate settings;
*) winbox - added "insert-queue-before" to DHCP server;
*) winbox - added "use-dn" setting in OSPF instance General menu;
*) winbox - added 160 MHz "channel-width" to wireless settings;
*) winbox - added DHCPv6 client info request type and updated statuses;
*) winbox - added missing protocol numbers to IPv4 and IPv6 firewall;
*) winbox - added possibility to delete SMS from inbox;
*) winbox - allow to comment new object without committing it;
*) winbox - allow to open bridge host entry;
*) winbox - fixed name for "out-bridge-list" parameter under bridge firewall rules;
*) winbox - fixed typo from "UPtime" to "Uptime";
*) winbox - fixed Winbox closing when viewing graph which does not contain any data;
*) winbox - improved stability when using trackpad scrolling in large lists;
*) winbox - made UDP local and remote TX size parameters optional in Bandwidth Test tool;
*) winbox - moved "ageing-time" setting from STP to General tab;
*) winbox - moved OSPF instance "routing-table" setting in OSPF instance General menu;
*) winbox - removed “VLAN” section from “Switch” menu for CRS3xx devices;
*) winbox - show Bridge Port PVID column by default;
*) winbox - show CQI in LTE info;
*) winbox - show dual SIM options only for RouterBOARDS which does have two SIM slots;
*) winbox - show only master CAP interfaces under CAPsMAN wireless scan tool;
*) winbox - use proper graph name for HDD graphs;
*) wireless - added "realm-raw" setting for "/interface wireless interworking-profiles" (CLI only);
*) wireless - added initial support for "nstreme-plus";
*) wireless - added support for "band=5ghz-n/ac";
*) wireless - added support for "interface-list" for Access List entries;
*) wireless - added support for legacy AR9485 chipset;
*) wireless - enable all chains by default on devices without external antennas after configuration reset;
*) wireless - fixed "wds-slave" channel selection when single frequency is specified;
*) wireless - fixed incompatibility with macOS clients;
*) wireless - fixed long "scan-list" entries not working for ARM based wireless interfaces;
*) wireless - fixed nv2 protocol on ARM platform SXTsq devices;
*) wireless - fixed RB911-5HnD low transmit power issue;
*) wireless - fixed RTS/CTS option for the ARM based wireless devices;
*) wireless - fixed wsAP wrong 5 GHz interface MAC address;
*) wireless - improved compatibility with specific wireless AC standard clients;
*) wireless - improved Nv2 PtMP performance;
*) wireless - improved packet processing on ARM platform devices;
*) wireless - improved wireless performance on hAP ac^2 devices while USB is being used;
*) wireless - improved wireless scan functionality;

Download the new 'RouterOS 6.42' version here: https://www.mikrotik.com/download

]]>
CurrentFri, 20 Apr 2018 13:39:28 +030052b82730e1b220dfdd3d1e9e30af5388
RouterOS 6.40.7 [Bugfix only]https://www.mikrotik.com/download/changelogs/bugfix

6.40.7 changelog:

*) console - do not allow variables that start with digit to be referenced without "$" sign;
*) led - fixed unused "link-act-led" LED trigger on RBLHG 2nD, RBLHG 2nD-XL and RBSXTsq 2nD;
*) netinstall - sign Netinstall executable with an Extended Validation Code Signing Certificate;
*) romon - make "secret" field sensitive in console;
*) tr069-client - fixed TR069 service becoming unavailable when related service package is not installed;
*) winbox - fixed "/tool e-mail send" attachment behavior;
*) winbox - fixed maximal ID for Traffic Generator stream;
*) winbox - made UDP local and remote TX size parameter optional in Bandwidth Test tool;
*) winbox - removed "Enable" and "Disable" buttons from IPsec "mode-config" list;
*) winbox - show "D" flag under "/ip dhcp-client" menu;
*) winbox - use proper graph name for HDD graphs;
*) wireless - enable all chains by default on devices without external antennas after configuration reset;

Download the new 'RouterOS 6.40.7' version here: https://www.mikrotik.com/download

]]>
Bugfix onlyFri, 20 Apr 2018 13:13:14 +0300b7cb20a306c43c171054fe65cacfee45
RouterOS 6.41.4 [Current]https://www.mikrotik.com/download/changelogs/current

6.41.4 changelog:

*) led - fixed unused "link-act-led" LED trigger on RBLHG 2nD, RBLHG 2nD-XL and RBSXTsq 2nD;
*) led - removed unused "link-act-led" trigger for devices which does not use it;
*) netinstall - sign Netinstall executable with an Extended Validation Code Signing Certificate;
*) poe - do not show "poe-out-current" on devices which can not determine it;
*) poe - hide PoE related properties on interfaces which does not provide power output;
*) winbox - made UDP local and remote TX size parameters optional in Bandwidth Test tool;
*) winbox - show dual SIM options only for RouterBOARDs which does have two SIM slots;
*) winbox - use proper graph name for HDD graphs;
*) wireless - enable all chains by default on devices without external antennas after configuration reset;

Download the new 'RouterOS 6.41.4' version here: https://www.mikrotik.com/download

]]>
CurrentMon, 09 Apr 2018 12:54:03 +0300c1d03e656c334cb9e07d142b680b345d
RouterOS 6.42rc56 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.42rc56 changelog:

*) crs3xx - added initial “hw-offload” support for 802.3ad and “balance-xor” bonding;
*) dhcpv4-server - added "dns-none" option to "/ip dhcp-server network dns";
*) dns - do not generate "Undo" messages on changes to dynamic servers;
*) ike2 - fixed framed IP address received from RADIUS server;
*) ippool6 - added pool name to "no more addresses left" error message;
*) ipv6 - fixed IPv6 behavior when slave leaves bridge;
*) ipv6 - update IPv6 DNS from RA only when it is changed;
*) led - added "Dark Mode" support for wAP 60G;
*) led - added w60g alignment trigger;
*) rb1100ahx4 - improved reliability on hardware encryption;
*) w60g - added "tx-power" setting (CLI only);
*) w60g - added RSSI information (CLI only);
*) w60g - added TX sector alignment information (CLI only);
*) winbox - fixed Neighbor Discovery and MAC Winbox (introduced in v6.42rc);
*) wireless - fixed RB911-5HnD low transmit power issue;
*) wireless - fixed wsAP wrong 5 GHz interface MAC address;

Other changes since 6.41.3:

!) tile - improved overall system performance and stability ("/system routerboard upgrade" required);
!) w60g - increased supported distance for wAP 60G to 200+ meters;
*) bridge - added host aging timer for crs3xx and Atheros hw-bridges;
*) bridge - added per-port forwarding options for broadcasts, unknown-multicasts and unknown-unicasts (CLI only);
*) bridge - added per-port learning options (CLI only);
*) bridge - added support for static hosts;
*) bridge - fixed "master-port" configuration conversion from pre-v6.41 RouterOS versions (introduced in 6.42rc);
*) bridge - fixed bridge port interface parameter under "/interface bridge host print detail";
*) bridge - fixed false MAC address learning on hAP ac2 and cAP ac devices;
*) bridge - fixed incorrect "fast-forward" enabling when ports were switched;
*) bridge - fixed MAC learning for VRRP interfaces on bridge;
*) bridge - fixed reliability on software bridges when used on devices without switch chip;
*) bridge - hide options for disabled bridge features in CLI;
*) bridge - show "hw" flags only on Ethernet interfaces and interface lists;
*) capsman - added "allow-signal-out-of-range" option for Access List entries;
*) capsman - added support for "interface-list" in Access List and Datapath entries;
*) capsman - improved CAPsMAN responsiveness on systems with large amount of CAP interfaces;
*) capsman - log "signal-strength" when successfully connected to AP;
*) certificate - added PKCS#10 version check;
*) certificate - dropped DES support and added AES instead for SCEP;
*) certificate - dropped MD5 support and require SHA1 as minimum for SCEP;
*) certificate - fixed incorrect SCEP URL after an upgrade;
*) chr - added "open-vm-tools" on VMware installations;
*) chr - added "qemu-guest-agent" and "virtio-scsi" driver on KVM installations;
*) chr - added "xe-daemon" on Xen installations;
*) chr - added support for "multi-queue" feature for "virtio-net" driver;
*) chr - added support for Amazon Elastic Network Adapter (ENA) driver;
*) chr - added support for booting from NVMe disks;
*) chr - added support for Hyper-V ballooning, guest quiescing, host-guest file transfer, integration services and static IP injection;
*) chr - added support for NIC hot-plug on VMware and Xen installations;
*) chr - fixed additional disk detaching on Xen installations;
*) chr - fixed interface matching by name on VMware installations;
*) chr - fixed interface naming order when adding more than 4 interfaces on VMware installations;
*) chr - fixed suspend on Xen installations;
*) chr - make additional disks visible under "/disk" on Xen installations;
*) chr - make virtio disks visible under "/disk" on KVM installations;
*) chr - run startup scripts also on the first boot on AWS and Google Cloud installations;
*) console - fixed "idpr-cmtp" protocol by changing its value from 39 to 38;
*) console - improved console stability after it has not been used for a long time;
*) crs1xx/2xx - added BPDU value for "ingress-vlan-translation" menu "protocol" option;
*) crs212 - fixed Ethernet boot through CRS326 devices;
*) crs326 - fixed known multicast flooding to the CPU;
*) crs3xx - added switch port "storm-rate" limiting options;
*) detnet - fixed "detect-internet" feature unavailability if router had too long identity (introduced in v6.41);
*) dhcp - improved DHCP service reliability when it is configured on bridge interface;
*) dhcp - reduced resource usage of DHCP services;
*) dhcpv6 - make sure that time is set before restoring bindings;
*) dhcpv6-client - added info exchange support;
*) dhcpv6-client - added possibility to specify options;
*) dhcpv6-client - added support for options 15 and 16;
*) dhcpv6-client - implement confirm after reboot;
*) dhcpv6-server - added DHCPv4 style user options;
*) email - set maximum number of sessions to 100;
*) fetch - added "http-content-type" option to allow setting MIME type of the data in free text form;
*) fetch - added "output" option for all modes in order to return result to file, variable or ignore it;
*) fetch - increased maximum number of sessions to 100;
*) filesystem - implemented additional system storage maintenance checks on ARM CPU based devices;
*) flashfig - properly apply configuration provided by Flashfig;
*) gps - improved NMEA sentence handling;
*) health - fixed empty measurements on CRS328-24P-4S+RM;
*) health - log warning when switching between redundant power supplies;
*) hotspot - improved HTTPS matching in Walled Garden rules;
*) ike1 - display error message when peer requests "mode-config" when it is not configured;
*) ike1 - do not accept "mode-config" reply more than once;
*) ike1 - fixed wildcard policy lookup on responder;
*) interface - improved interface configuration responsiveness;
*) ippool - added ability to specify comment;
*) ipsec - fixed AES-CTR and AES-GCM support on RB1200;
*) ipsec - improved single tunnel hardware acceleration performance on MMIPS platform devices;
*) ipsec - properly detect interface for "mode-config" client IP address assignment;
*) kidcontrol - initial work on "/ip kid-control" feature;
*) led - fixed unused "link-act-led" LED trigger on RBLHG 2nD, RBLHG 2nD-XL and RBSXTsq 2nD;
*) led - removed unused "link-act-led" trigger for devices which does not use it;
*) lte - added initial support for Quectel LTE EP06-E;
*) lte - added initial support for SIM7600 LTE modem interface;
*) lte - added support for the user and password authentication for wAP-LTE-kit-US (R11e-LTE-US);
*) lte - do not add DHCP client on LTE modems that doesn't use DHCP;
*) lte - fixed DHCP client adding for MF823 modem;
*) lte - fixed LTE band setting for SXT LTE;
*) mac-ping - fixed duplicate responses;
*) modem - added initial support for AC340U;
*) netinstall - sign Netinstall executable with an Extended Validation Code Signing Certificate;
*) netwatch - limit to read, write, test and reboot policies for Netwatch script execution;
*) poe - hide PoE related properties on interfaces which does not provide power output;
*) poe - do not show "poe-out-current" on devices which can not determine it;
*) ppp - added initial support for NETGEAR AC340U and ZyXEL WAH1604;
*) ppp - allow to override remote user PPP profile via "Mikrotik-Group";
*) quickset - by default use "/24" subnet for local network;
*) quickset - fixed NAT if PPPoE client is used for Internet access;
*) quickset - properly detect IP address when one of the bridge modes is used;
*) quickset - properly detect LTE interface on startup;
*) quickset - show "G" flag for guest users;
*) r11e-lte - improved LTE connection initialization process;
*) routerboard - added RouterBOOT "auto-upgrade" after RouterOS upgrade (extra reboot required);
*) routerboard - properly detect hAP ac^2 RAM size;
*) routerboot - fixed RouterBOOT upgrade process (introduced in v6.42rc);
*) sniffer - fixed situation when "/tool sniffer packet" returned packets in incorrect order;
*) snmp - added "/caps-man interface print oid";
*) snmp - added "/interface w60g print oid";
*) snmp - added "board-name" OID;
*) snmp - improved request processing performance for wireless and CAP interfaces;
*) ssh - fixed SSH service becoming unavailable;
*) ssh - generate SSH keys only on the first connect attempt instead of the first boot;
*) ssh - improved key import error messages;
*) ssh - remove imported public SSH keys when their owner user is removed;
*) switch - hide "ingress-rate" and "egress-rate" for non-crs3xx switches;
*) tile - added "aes-ctr" hardware acceleration support;
*) tr069-client - added "DownloadDiagnostics" and "UploadDiagnostics";
*) tr069-client - correctly return “TransferComplete” after vendor configuration file transfer;
*) tr069-client - fixed "/tool fetch" commands executed with ".alter" script;
*) tr069-client - fixed HTTPS authentication process;
*) traffic-flow - fixed IPv6 destination address value when IPFIX protocol is used;
*) upgrade - improved RouterOS upgrade process and restrict upgrade from RouterOS older than v5.16;
*) ups - improved communication between router and UPS;
*) ups - improved disconnect message handling between RouterOS and UPS;
*) userman - added support for ARM and MMIPS platform;
*) watchdog - retry to send "autosupout.rif" file to an e-mail if initial delivery failed up to 3 times within 20 second interval;
*) winbox - added "antenna" setting under GPS settings for MIPS platform devices;
*) winbox - added "crl-store" setting to certficate settings;
*) winbox - added "insert-queue-before" to DHCP server;
*) winbox - added "use-dn" setting in OSPF instance General menu;
*) winbox - added 160 MHz "channel-width" to wireless settings;
*) winbox - added broadcast and flood settings to bridge ports;
*) winbox - added DHCPv6 client info request type and updated statuses;
*) winbox - added missing protocol numbers to IPv4 and IPv6 firewall;
*) winbox - added possibility to delete SMS from inbox;
*) winbox - allow to comment new object without committing it;
*) winbox - allow to open bridge host entry;
*) winbox - fixed name for "out-bridge-list" parameter under bridge firewall rules;
*) winbox - fixed typo from "UPtime" to "Uptime";
*) winbox - fixed Winbox closing when viewing graph which does not contain any data;
*) winbox - improved stability when using trackpad scrolling in large lists;
*) winbox - made UDP local and remote TX size parameters optional in Bandwidth Test tool;
*) winbox - moved "ageing-time" setting from STP to General tab;
*) winbox - moved OSPF instance "routing-table" setting in OSPF instance General menu;
*) winbox - removed “VLAN” section from “Switch” menu for CRS3xx devices;
*) winbox - show Bridge Port PVID column by default;
*) winbox - show CQI in LTE info;
*) winbox - show dual SIM options only for RouterBOARDS which does have two SIM slots;
*) winbox - show only master CAP interfaces under CAPsMAN wireless scan tool;
*) winbox - use proper graph name for HDD graphs;
*) wireless - added "realm-raw" setting for "/interface wireless interworking-profiles" (CLI only);
*) wireless - added initial support for "nstreme-plus";
*) wireless - added support for "band=5ghz-n/ac";
*) wireless - added support for "interface-list" for Access List entries;
*) wireless - added support for legacy AR9485 chipset;
*) wireless - enable all chains by default on devices without external antennas after configuration reset;
*) wireless - fixed "wds-slave" channel selection when single frequency is specified;
*) wireless - fixed incompatibility with macOS clients;
*) wireless - fixed long "scan-list" entries not working for ARM based wireless interfaces;
*) wireless - fixed nv2 protocol on ARM platform SXTsq devices;
*) wireless - fixed RTS/CTS option for the ARM based wireless devices;
*) wireless - improved compatibility with specific wireless AC standard clients;
*) wireless - improved Nv2 PtMP performance;
*) wireless - improved packet processing on ARM platform devices;
*) wireless - improved wireless scan functionality;
*) wireless - improved wireless stability on hAP ac2 devices while USB is being used;

Download the new 'RouterOS 6.42rc56' version here: https://www.mikrotik.com/download

]]>
Release candidateMon, 09 Apr 2018 12:37:20 +030016b8936acf9d5c56c92a1dbe52a46b6f
RouterOS 6.42rc52 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.42rc52 changelog:

*) bridge - fixed "master-port" configuration conversion from pre-v6.41 RouterOS versions (introduced in 6.42rc);
*) certificate - fixed incorrect SCEP URL after an upgrade;
*) chr - added support for "multi-queue" feature for "virtio-net" driver;
*) chr - added support for Amazon Elastic Network Adapter (ENA) driver;
*) chr - added support for booting from NVMe disks;
*) chr - fixed interface matching by name on VMware installations;
*) chr - run startup scripts also on the first boot on AWS and Google Cloud installations;
*) crs3xx - added initial “hw-offload” support for 802.3ad and “balance-xor” bonding;
*) led - fixed unused "link-act-led" LED trigger on RBLHG 2nD, RBLHG 2nD-XL and RBSXTsq 2nD;
*) lte - added initial support for Quectel LTE EP06-E;
*) lte - fixed LTE band setting for SXT LTE;
*) routerboard - properly detect hAP ac^2 RAM size;
*) ssh - fixed SSH service becoming unavailable;
*) traffic-flow - fixed IPv6 destination address value when IPFIX protocol is used;
*) watchdog - retry to send "autosupout.rif" file to an e-mail if initial delivery failed up to 3 times within 20 second interval;

Other changes since 6.41.3:

!) tile - improved overall system performance and stability ("/system routerboard upgrade" required);
!) w60g - increased supported distance for wAP 60G to 200+ meters;
*) bridge - added host aging timer for crs3xx and Atheros hw-bridges;
*) bridge - added per-port forwarding options for broadcasts, unknown-multicasts and unknown-unicasts (CLI only);
*) bridge - added per-port learning options (CLI only);
*) bridge - added support for static hosts;
*) bridge - fixed bridge port interface parameter under "/interface bridge host print detail";
*) bridge - fixed false MAC address learning on hAP ac2 and cAP ac devices;
*) bridge - fixed incorrect "fast-forward" enabling when ports were switched;
*) bridge - fixed MAC learning for VRRP interfaces on bridge;
*) bridge - fixed reliability on software bridges when used on devices without switch chip;
*) bridge - hide options for disabled bridge features in CLI;
*) bridge - show "hw" flags only on Ethernet interfaces and interface lists;
*) capsman - added "allow-signal-out-of-range" option for Access List entries;
*) capsman - added support for "interface-list" in Access List and Datapath entries;
*) capsman - improved CAPsMAN responsiveness on systems with large amount of CAP interfaces;
*) capsman - log "signal-strength" when successfully connected to AP;
*) certificate - added PKCS#10 version check;
*) certificate - dropped DES support and added AES instead for SCEP;
*) certificate - dropped MD5 support and require SHA1 as minimum for SCEP;
*) chr - added "open-vm-tools" on VMware installations;
*) chr - added "qemu-guest-agent" and "virtio-scsi" driver on KVM installations;
*) chr - added "xe-daemon" on Xen installations;
*) chr - added support for Hyper-V ballooning, guest quiescing, host-guest file transfer, integration services and static IP injection;
*) chr - added support for NIC hot-plug on VMware and Xen installations;
*) chr - fixed additional disk detaching on Xen installations;
*) chr - fixed interface naming order when adding more than 4 interfaces on VMware installations;
*) chr - fixed suspend on Xen installations;
*) chr - make additional disks visible under "/disk" on Xen installations;
*) chr - make virtio disks visible under "/disk" on KVM installations;
*) console - fixed "idpr-cmtp" protocol by changing its value from 39 to 38;
*) console - improved console stability after it has not been used for a long time;
*) crs1xx/2xx - added BPDU value for "ingress-vlan-translation" menu "protocol" option;
*) crs212 - fixed Ethernet boot through CRS326 devices;
*) crs326 - fixed known multicast flooding to the CPU;
*) crs3xx - added switch port "storm-rate" limiting options;
*) detnet - fixed "detect-internet" feature unavailability if router had too long identity (introduced in v6.41);
*) dhcp - improved DHCP service reliability when it is configured on bridge interface;
*) dhcp - reduced resource usage of DHCP services;
*) dhcpv4-server - added "dns-none" option to "/ip dhcp-server network dns";
*) dhcpv6 - make sure that time is set before restoring bindings;
*) dhcpv6-client - added info exchange support;
*) dhcpv6-client - added possibility to specify options;
*) dhcpv6-client - added support for options 15 and 16;
*) dhcpv6-client - implement confirm after reboot;
*) dhcpv6-server - added DHCPv4 style user options;
*) email - set maximum number of sessions to 100;
*) fetch - added "http-content-type" option to allow setting MIME type of the data in free text form;
*) fetch - added "output" option for all modes in order to return result to file, variable or ignore it;
*) fetch - increased maximum number of sessions to 100;
*) filesystem - implemented additional system storage maintenance checks on ARM CPU based devices;
*) flashfig - properly apply configuration provided by Flashfig;
*) gps - improved NMEA sentence handling;
*) health - fixed empty measurements on CRS328-24P-4S+RM;
*) health - log warning when switching between redundant power supplies;
*) hotspot - improved HTTPS matching in Walled Garden rules;
*) ike1 - display error message when peer requests "mode-config" when it is not configured;
*) ike1 - do not accept "mode-config" reply more than once;
*) ike1 - fixed wildcard policy lookup on responder;
*) interface - improved interface configuration responsiveness;
*) ippool - added ability to specify comment;
*) ipsec - fixed AES-CTR and AES-GCM support on RB1200;
*) ipsec - improved single tunnel hardware acceleration performance on MMIPS platform devices;
*) ipsec - properly detect interface for "mode-config" client IP address assignment;
*) kidcontrol - initial work on "/ip kid-control" feature;
*) led - removed unused "link-act-led" trigger for devices which does not use it;
*) lte - added initial support for SIM7600 LTE modem interface;
*) lte - added support for the user and password authentication for wAP-LTE-kit-US (R11e-LTE-US);
*) lte - do not add DHCP client on LTE modems that doesn't use DHCP;
*) lte - fixed DHCP client adding for MF823 modem;
*) mac-ping - fixed duplicate responses;
*) modem - added initial support for AC340U;
*) netinstall - sign Netinstall executable with an Extended Validation Code Signing Certificate;
*) netwatch - limit to read, write, test and reboot policies for Netwatch script execution;
*) poe - hide PoE related properties on interfaces which does not provide power output;
*) poe-out - do not show "poe-out-current" on devices which can not determine it;
*) ppp - added initial support for NETGEAR AC340U and ZyXEL WAH1604;
*) ppp - allow to override remote user PPP profile via "Mikrotik-Group";
*) quickset - by default use "/24" subnet for local network;
*) quickset - fixed NAT if PPPoE client is used for Internet access;
*) quickset - properly detect IP address when one of the bridge modes is used;
*) quickset - properly detect LTE interface on startup;
*) quickset - show "G" flag for guest users;
*) r11e-lte - improved LTE connection initialization process;
*) routerboard - added RouterBOOT "auto-upgrade" after RouterOS upgrade (extra reboot required);
*) routerboot - fixed RouterBOOT upgrade process (introduced in v6.42rc);
*) sniffer - fixed situation when "/tool sniffer packet" returned packets in incorrect order;
*) snmp - added "/caps-man interface print oid";
*) snmp - added "/interface w60g print oid";
*) snmp - added "board-name" OID;
*) snmp - improved request processing performance for wireless and CAP interfaces;
*) ssh - generate SSH keys only on the first connect attempt instead of the first boot;
*) ssh - improved key import error messages;
*) ssh - remove imported public SSH keys when their owner user is removed;
*) switch - hide "ingress-rate" and "egress-rate" for non-crs3xx switches;
*) tile - added "aes-ctr" hardware acceleration support;
*) tr069-client - added "DownloadDiagnostics" and "UploadDiagnostics";
*) tr069-client - correctly return “TransferComplete” after vendor configuration file transfer;
*) tr069-client - fixed "/tool fetch" commands executed with ".alter" script;
*) tr069-client - fixed HTTPS authentication process;
*) upgrade - improved RouterOS upgrade process and restrict upgrade from RouterOS older than v5.16;
*) ups - improved communication between router and UPS;
*) ups - improved disconnect message handling between RouterOS and UPS;
*) userman - added support for ARM and MMIPS platform;
*) winbox - added "antenna" setting under GPS settings for MIPS platform devices;
*) winbox - added "crl-store" setting to certficate settings;
*) winbox - added "insert-queue-before" to DHCP server;
*) winbox - added "use-dn" setting in OSPF instance General menu;
*) winbox - added 160 MHz "channel-width" to wireless settings;
*) winbox - added broadcast and flood settings to bridge ports;
*) winbox - added DHCPv6 client info request type and updated statuses;
*) winbox - added missing protocol numbers to IPv4 and IPv6 firewall;
*) winbox - added possibility to delete SMS from inbox;
*) winbox - allow to comment new object without committing it;
*) winbox - allow to open bridge host entry;
*) winbox - fixed name for "out-bridge-list" parameter under bridge firewall rules;
*) winbox - fixed typo from "UPtime" to "Uptime";
*) winbox - fixed Winbox closing when viewing graph which does not contain any data;
*) winbox - improved stability when using trackpad scrolling in large lists;
*) winbox - made UDP local and remote TX size parameter optional in Bandwidth Test tool;
*) winbox - moved "ageing-time" setting from STP to General tab;
*) winbox - moved OSPF instance "routing-table" setting in OSPF instance General menu;
*) winbox - removed “VLAN” section from “Switch” menu for CRS3xx devices;
*) winbox - show Bridge Port PVID column by default;
*) winbox - show CQI in LTE info;
*) winbox - show only master CAP interfaces under CAPsMAN wireless scan tool;
*) winbox - use proper graph name for HDD graphs;
*) wireless - added "realm-raw" setting for "/interface wireless interworking-profiles" (CLI only);
*) wireless - added initial support for "nstreme-plus";
*) wireless - added support for "band=5ghz-n/ac";
*) wireless - added support for "interface-list" for Access List entries;
*) wireless - added support for legacy AR9485 chipset;
*) wireless - enable all chains by default on devices without external antennas after configuration reset;
*) wireless - fixed "wds-slave" channel selection when single frequency is specified;
*) wireless - fixed incompatibility with macOS clients;
*) wireless - fixed long "scan-list" entries not working for ARM based wireless interfaces;
*) wireless - fixed nv2 protocol on ARM platform SXTsq devices;
*) wireless - fixed RTS/CTS option for the ARM based wireless devices;
*) wireless - improved compatibility with specific wireless AC standard clients;
*) wireless - improved Nv2 PtMP performance;
*) wireless - improved packet processing on ARM platform devices;
*) wireless - improved wireless scan functionality;
*) wireless - improved wireless stability on hAP ac2 devices while USB is being used;

Download the new 'RouterOS 6.42rc52' version here: https://www.mikrotik.com/download

]]>
Release candidateTue, 27 Mar 2018 10:29:49 +03000670ae74fe4ec4feede74bb193f7bb24
RouterOS 6.42rc49 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.42rc49 changelog:

*) w60g/Wireless-Wire - increased supported distance for wAP 60G to 200+ meters;

Other changes since 6.41.3:

!) tile - improved overall system performance and stability ("/system routerboard upgrade" required);
*) bridge - added host aging timer for crs3xx and Atheros hw-bridges;
*) bridge - added per-port forwarding options for broadcasts, unknown-multicasts and unknown-unicasts (CLI only);
*) bridge - added per-port learning options (CLI only);
*) bridge - added support for static hosts;
*) bridge - fixed bridge port interface parameter under "/interface bridge host print detail";
*) bridge - fixed false MAC address learning on hAP ac2 and cAP ac devices;
*) bridge - fixed incorrect "fast-forward" enabling when ports were switched;
*) bridge - fixed MAC learning for VRRP interfaces on bridge;
*) bridge - fixed reliability on software bridges when used on devices without switch chip;
*) bridge - hide options for disabled bridge features in CLI;
*) bridge - show "hw" flags only on Ethernet interfaces and interface lists;
*) capsman - added "allow-signal-out-of-range" option for Access List entries;
*) capsman - added support for "interface-list" in Access List and Datapath entries;
*) capsman - improved CAPsMAN responsiveness on systems with large amount of CAP interfaces;
*) capsman - log "signal-strength" when successfully connected to AP;
*) certificate - added PKCS#10 version check;
*) certificate - dropped DES support and added AES instead for SCEP;
*) certificate - dropped MD5 support and require SHA1 as minimum for SCEP;
*) chr - added "open-vm-tools" on VMware installations;
*) chr - added "qemu-guest-agent" and "virtio-scsi" driver on KVM installations;
*) chr - added "xe-daemon" on Xen installations;
*) chr - added support for Hyper-V ballooning, guest quiescing, host-guest file transfer, integration services and static IP injection;
*) chr - added support for NIC hot-plug on VMware and Xen installations;
*) chr - fixed additional disk detaching on Xen installations;
*) chr - fixed interface naming order when adding more than 4 interfaces on VMware installations;
*) chr - fixed suspend on Xen installations;
*) chr - make additional disks visible under "/disk" on Xen installations;
*) chr - make virtio disks visible under "/disk" on KVM installations;
*) console - fixed "idpr-cmtp" protocol by changing its value from 39 to 38;
*) console - improved console stability after it has not been used for a long time;
*) crs1xx/2xx - added BPDU value for "ingress-vlan-translation" menu "protocol" option;
*) crs212 - fixed Ethernet boot through CRS326 devices;
*) crs326 - fixed known multicast flooding to the CPU;
*) crs3xx - added initial “hw-offload” support for 802.3ad and “balance-xor” bonding;
*) crs3xx - added switch port "storm-rate" limiting options;
*) detnet - fixed "detect-internet" feature unavailability if router had too long identity (introduced in v6.41);
*) dhcp - improved DHCP service reliability when it is configured on bridge interface;
*) dhcp - reduced resource usage of DHCP services;
*) dhcpv4-server - added "dns-none" option to "/ip dhcp-server network dns";
*) dhcpv6 - make sure that time is set before restoring bindings;
*) dhcpv6-client - added info exchange support;
*) dhcpv6-client - added possibility to specify options;
*) dhcpv6-client - added support for options 15 and 16;
*) dhcpv6-client - implement confirm after reboot;
*) dhcpv6-server - added DHCPv4 style user options;
*) email - set maximum number of sessions to 100;
*) fetch - added "http-content-type" option to allow setting MIME type of the data in free text form;
*) fetch - added "output" option for all modes in order to return result to file, variable or ignore it;
*) fetch - increased maximum number of sessions to 100;
*) filesystem - implemented additional system storage maintenance checks on ARM CPU based devices;
*) flashfig - properly apply configuration provided by Flashfig;
*) gps - improved NMEA sentence handling;
*) health - fixed empty measurements on CRS328-24P-4S+RM;
*) health - log warning when switching between redundant power supplies;
*) hotspot - improved HTTPS matching in Walled Garden rules;
*) ike1 - display error message when peer requests "mode-config" when it is not configured;
*) ike1 - do not accept "mode-config" reply more than once;
*) ike1 - fixed wildcard policy lookup on responder;
*) interface - improved interface configuration responsiveness;
*) ippool - added ability to specify comment;
*) ipsec - fixed AES-CTR and AES-GCM support on RB1200;
*) ipsec - improved single tunnel hardware acceleration performance on MMIPS platform devices;
*) ipsec - properly detect interface for "mode-config" client IP address assignment;
*) kidcontrol - initial work on "/ip kid-control" feature;
*) led - removed unused "link-act-led" trigger for devices which does not use it;
*) lte - added initial support for SIM7600 LTE modem interface;
*) lte - added support for the user and password authentication for wAP-LTE-kit-US (R11e-LTE-US);
*) lte - do not add DHCP client on LTE modems that doesn't use DHCP;
*) lte - fixed DHCP client adding for MF823 modem;
*) mac-ping - fixed duplicate responses;
*) modem - added initial support for AC340U;
*) netinstall - sign Netinstall executable with an Extended Validation Code Signing Certificate;
*) netwatch - limit to read, write, test and reboot policies for Netwatch script execution;
*) poe - hide PoE related properties on interfaces which does not provide power output;
*) poe-out - do not show "poe-out-current" on devices which can not determine it;
*) ppp - added initial support for NETGEAR AC340U and ZyXEL WAH1604;
*) ppp - allow to override remote user PPP profile via "Mikrotik-Group";
*) quickset - by default use "/24" subnet for local network;
*) quickset - fixed NAT if PPPoE client is used for Internet access;
*) quickset - properly detect IP address when one of the bridge modes is used;
*) quickset - properly detect LTE interface on startup;
*) quickset - show "G" flag for guest users;
*) r11e-lte - improved LTE connection initialization process;
*) routerboard - added RouterBOOT "auto-upgrade" after RouterOS upgrade (extra reboot required);
*) routerboot - fixed RouterBOOT upgrade process (introduced in v6.42rc);
*) sniffer - fixed situation when "/tool sniffer packet" returned packets in incorrect order;
*) snmp - added "/caps-man interface print oid";
*) snmp - added "/interface w60g print oid";
*) snmp - added "board-name" OID;
*) snmp - improved request processing performance for wireless and CAP interfaces;
*) ssh - generate SSH keys only on the first connect attempt instead of the first boot;
*) ssh - improved key import error messages;
*) ssh - remove imported public SSH keys when their owner user is removed;
*) switch - hide "ingress-rate" and "egress-rate" for non-crs3xx switches;
*) tile - added "aes-ctr" hardware acceleration support;
*) tr069-client - added "DownloadDiagnostics" and "UploadDiagnostics";
*) tr069-client - correctly return “TransferComplete” after vendor configuration file transfer;
*) tr069-client - fixed "/tool fetch" commands executed with ".alter" script;
*) tr069-client - fixed HTTPS authentication process;
*) upgrade - improved RouterOS upgrade process and restrict upgrade from RouterOS older than v5.16;
*) ups - improved communication between router and UPS;
*) ups - improved disconnect message handling between RouterOS and UPS;
*) userman - added support for ARM and MMIPS platform;
*) winbox - added "antenna" setting under GPS settings for MIPS platform devices;
*) winbox - added "crl-store" setting to certficate settings;
*) winbox - added "insert-queue-before" to DHCP server;
*) winbox - added "use-dn" setting in OSPF instance General menu;
*) winbox - added 160 MHz "channel-width" to wireless settings;
*) winbox - added broadcast and flood settings to bridge ports;
*) winbox - added DHCPv6 client info request type and updated statuses;
*) winbox - added missing protocol numbers to IPv4 and IPv6 firewall;
*) winbox - added possibility to delete SMS from inbox;
*) winbox - allow to comment new object without committing it;
*) winbox - allow to open bridge host entry;
*) winbox - fixed name for "out-bridge-list" parameter under bridge firewall rules;
*) winbox - fixed typo from "UPtime" to "Uptime";
*) winbox - fixed Winbox closing when viewing graph which does not contain any data;
*) winbox - improved stability when using trackpad scrolling in large lists;
*) winbox - made UDP local and remote TX size parameter optional in Bandwidth Test tool;
*) winbox - moved "ageing-time" setting from STP to General tab;
*) winbox - moved OSPF instance "routing-table" setting in OSPF instance General menu;
*) winbox - removed “VLAN” section from “Switch” menu for CRS3xx devices;
*) winbox - show Bridge Port PVID column by default;
*) winbox - show CQI in LTE info;
*) winbox - show only master CAP interfaces under CAPsMAN wireless scan tool;
*) winbox - use proper graph name for HDD graphs;
*) wireless - added "realm-raw" setting for "/interface wireless interworking-profiles" (CLI only);
*) wireless - added initial support for "nstreme-plus";
*) wireless - added support for "band=5ghz-n/ac";
*) wireless - added support for "interface-list" for Access List entries;
*) wireless - added support for legacy AR9485 chipset;
*) wireless - enable all chains by default on devices without external antennas after configuration reset;
*) wireless - fixed "wds-slave" channel selection when single frequency is specified;
*) wireless - fixed incompatibility with macOS clients;
*) wireless - fixed long "scan-list" entries not working for ARM based wireless interfaces;
*) wireless - fixed nv2 protocol on ARM platform SXTsq devices;
*) wireless - fixed RTS/CTS option for the ARM based wireless devices;
*) wireless - improved compatibility with specific wireless AC standard clients;
*) wireless - improved Nv2 PtMP performance;
*) wireless - improved packet processing on ARM platform devices;
*) wireless - improved wireless scan functionality;
*) wireless - improved wireless stability on hAP ac2 devices while USB is being used;

Download the new 'RouterOS 6.42rc49' version here: https://www.mikrotik.com/download

]]>
Release candidateWed, 21 Mar 2018 15:21:37 +0200b424344d73c2e0471f76064bd7c6e3e7
RouterOS 6.42rc48 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.42rc48 changelog:

*) health - fixed empty measurements on CRS328-24P-4S+RM;
*) led - removed unused "link-act-led" trigger for devices which does not use it;
*) ups - improved communication between router and UPS;
*) wireless - improved Nv2 PtMP performance;

Other changes since 6.41.3:

!) tile - improved overall system performance and stability ("/system routerboard upgrade" required);
*) bridge - added host aging timer for crs3xx and Atheros hw-bridges;
*) bridge - added per-port forwarding options for broadcasts, unknown-multicasts and unknown-unicasts (CLI only);
*) bridge - added per-port learning options (CLI only);
*) bridge - added support for static hosts;
*) bridge - fixed bridge port interface parameter under "/interface bridge host print detail";
*) bridge - fixed false MAC address learning on hAP ac2 and cAP ac devices;
*) bridge - fixed incorrect "fast-forward" enabling when ports were switched;
*) bridge - fixed MAC learning for VRRP interfaces on bridge;
*) bridge - fixed reliability on software bridges when used on devices without switch chip;
*) bridge - hide options for disabled bridge features in CLI;
*) bridge - show "hw" flags only on Ethernet interfaces and interface lists;
*) capsman - added "allow-signal-out-of-range" option for Access List entries;
*) capsman - added support for "interface-list" in Access List and Datapath entries;
*) capsman - improved CAPsMAN responsiveness on systems with large amount of CAP interfaces;
*) capsman - log "signal-strength" when successfully connected to AP;
*) certificate - added PKCS#10 version check;
*) certificate - dropped DES support and added AES instead for SCEP;
*) certificate - dropped MD5 support and require SHA1 as minimum for SCEP;
*) chr - added "open-vm-tools" on VMware installations;
*) chr - added "qemu-guest-agent" and "virtio-scsi" driver on KVM installations;
*) chr - added "xe-daemon" on Xen installations;
*) chr - added support for Hyper-V ballooning, guest quiescing, host-guest file transfer, integration services and static IP injection;
*) chr - added support for NIC hot-plug on VMware and Xen installations;
*) chr - fixed additional disk detaching on Xen installations;
*) chr - fixed interface naming order when adding more than 4 interfaces on VMware installations;
*) chr - fixed suspend on Xen installations;
*) chr - make additional disks visible under "/disk" on Xen installations;
*) chr - make virtio disks visible under "/disk" on KVM installations;
*) console - fixed "idpr-cmtp" protocol by changing its value from 39 to 38;
*) console - improved console stability after it has not been used for a long time;
*) crs1xx/2xx - added BPDU value for "ingress-vlan-translation" menu "protocol" option;
*) crs212 - fixed Ethernet boot through CRS326 devices;
*) crs326 - fixed known multicast flooding to the CPU;
*) crs3xx - added initial “hw-offload” support for 802.3ad and “balance-xor” bonding;
*) crs3xx - added switch port "storm-rate" limiting options;
*) detnet - fixed "detect-internet" feature unavailability if router had too long identity (introduced in v6.41);
*) dhcp - improved DHCP service reliability when it is configured on bridge interface;
*) dhcp - reduced resource usage of DHCP services;
*) dhcpv4-server - added "dns-none" option to "/ip dhcp-server network dns";
*) dhcpv6 - make sure that time is set before restoring bindings;
*) dhcpv6-client - added info exchange support;
*) dhcpv6-client - added possibility to specify options;
*) dhcpv6-client - added support for options 15 and 16;
*) dhcpv6-client - implement confirm after reboot;
*) dhcpv6-server - added DHCPv4 style user options;
*) email - set maximum number of sessions to 100;
*) fetch - added "http-content-type" option to allow setting MIME type of the data in free text form;
*) fetch - added "output" option for all modes in order to return result to file, variable or ignore it;
*) fetch - increased maximum number of sessions to 100;
*) filesystem - implemented additional system storage maintenance checks on ARM CPU based devices;
*) flashfig - properly apply configuration provided by Flashfig;
*) gps - improved NMEA sentence handling;
*) health - log warning when switching between redundant power supplies;
*) hotspot - improved HTTPS matching in Walled Garden rules;
*) ike1 - display error message when peer requests "mode-config" when it is not configured;
*) ike1 - do not accept "mode-config" reply more than once;
*) ike1 - fixed wildcard policy lookup on responder;
*) interface - improved interface configuration responsiveness;
*) ippool - added ability to specify comment;
*) ipsec - fixed AES-CTR and AES-GCM support on RB1200;
*) ipsec - improved single tunnel hardware acceleration performance on MMIPS platform devices;
*) ipsec - properly detect interface for "mode-config" client IP address assignment;
*) kidcontrol - initial work on "/ip kid-control" feature;
*) lte - added initial support for SIM7600 LTE modem interface;
*) lte - added support for the user and password authentication for wAP-LTE-kit-US (R11e-LTE-US);
*) lte - do not add DHCP client on LTE modems that doesn't use DHCP;
*) lte - fixed DHCP client adding for MF823 modem;
*) mac-ping - fixed duplicate responses;
*) modem - added initial support for AC340U;
*) netinstall - sign Netinstall executable with an Extended Validation Code Signing Certificate;
*) netwatch - limit to read, write, test and reboot policies for Netwatch script execution;
*) poe - hide PoE related properties on interfaces which does not provide power output;
*) poe-out - do not show "poe-out-current" on devices which can not determine it;
*) ppp - added initial support for NETGEAR AC340U and ZyXEL WAH1604;
*) ppp - allow to override remote user PPP profile via "Mikrotik-Group";
*) quickset - by default use "/24" subnet for local network;
*) quickset - fixed NAT if PPPoE client is used for Internet access;
*) quickset - properly detect IP address when one of the bridge modes is used;
*) quickset - properly detect LTE interface on startup;
*) quickset - show "G" flag for guest users;
*) r11e-lte - improved LTE connection initialization process;
*) routerboard - added RouterBOOT "auto-upgrade" after RouterOS upgrade (extra reboot required);
*) routerboot - fixed RouterBOOT upgrade process (introduced in v6.42rc);
*) sniffer - fixed situation when "/tool sniffer packet" returned packets in incorrect order;
*) snmp - added "/caps-man interface print oid";
*) snmp - added "/interface w60g print oid";
*) snmp - added "board-name" OID;
*) snmp - improved request processing performance for wireless and CAP interfaces;
*) ssh - generate SSH keys only on the first connect attempt instead of the first boot;
*) ssh - improved key import error messages;
*) ssh - remove imported public SSH keys when their owner user is removed;
*) switch - hide "ingress-rate" and "egress-rate" for non-crs3xx switches;
*) tile - added "aes-ctr" hardware acceleration support;
*) tr069-client - added "DownloadDiagnostics" and "UploadDiagnostics";
*) tr069-client - correctly return “TransferComplete” after vendor configuration file transfer;
*) tr069-client - fixed "/tool fetch" commands executed with ".alter" script;
*) tr069-client - fixed HTTPS authentication process;
*) upgrade - improved RouterOS upgrade process and restrict upgrade from RouterOS older than v5.16;
*) ups - improved disconnect message handling between RouterOS and UPS;
*) userman - added support for ARM and MMIPS platform;
*) winbox - added "antenna" setting under GPS settings for MIPS platform devices;
*) winbox - added "crl-store" setting to certficate settings;
*) winbox - added "insert-queue-before" to DHCP server;
*) winbox - added "use-dn" setting in OSPF instance General menu;
*) winbox - added 160 MHz "channel-width" to wireless settings;
*) winbox - added broadcast and flood settings to bridge ports;
*) winbox - added DHCPv6 client info request type and updated statuses;
*) winbox - added missing protocol numbers to IPv4 and IPv6 firewall;
*) winbox - added possibility to delete SMS from inbox;
*) winbox - allow to comment new object without committing it;
*) winbox - allow to open bridge host entry;
*) winbox - fixed name for "out-bridge-list" parameter under bridge firewall rules;
*) winbox - fixed typo from "UPtime" to "Uptime";
*) winbox - fixed Winbox closing when viewing graph which does not contain any data;
*) winbox - improved stability when using trackpad scrolling in large lists;
*) winbox - made UDP local and remote TX size parameter optional in Bandwidth Test tool;
*) winbox - moved "ageing-time" setting from STP to General tab;
*) winbox - moved OSPF instance "routing-table" setting in OSPF instance General menu;
*) winbox - removed “VLAN” section from “Switch” menu for CRS3xx devices;
*) winbox - show Bridge Port PVID column by default;
*) winbox - show CQI in LTE info;
*) winbox - show only master CAP interfaces under CAPsMAN wireless scan tool;
*) winbox - use proper graph name for HDD graphs;
*) wireless - added "realm-raw" setting for "/interface wireless interworking-profiles" (CLI only);
*) wireless - added initial support for "nstreme-plus";
*) wireless - added support for "band=5ghz-n/ac";
*) wireless - added support for "interface-list" for Access List entries;
*) wireless - added support for legacy AR9485 chipset;
*) wireless - enable all chains by default on devices without external antennas after configuration reset;
*) wireless - fixed "wds-slave" channel selection when single frequency is specified;
*) wireless - fixed incompatibility with macOS clients;
*) wireless - fixed long "scan-list" entries not working for ARM based wireless interfaces;
*) wireless - fixed nv2 protocol on ARM platform SXTsq devices;
*) wireless - fixed RTS/CTS option for the ARM based wireless devices;
*) wireless - improved compatibility with specific wireless AC standard clients;
*) wireless - improved packet processing on ARM platform devices;
*) wireless - improved wireless scan functionality;
*) wireless - improved wireless stability on hAP ac2 devices while USB is being used;

Download the new 'RouterOS 6.42rc48' version here: https://www.mikrotik.com/download

]]>
Release candidateWed, 21 Mar 2018 14:42:14 +0200d3d7164b4b6d6fd78237639fcba1f92c
RouterOS 6.42rc46 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.42rc46 changelog:

*) dhcp - improved DHCP service reliability when it is configured on bridge interface;
*) dhcp - reduced resource usage of DHCP services;
*) netinstall - sign Netinstall executable with an Extended Validation Code Signing Certificate;
*) quickset - by default use "/24" subnet for local network;
*) quickset - properly detect IP address when one of the bridge modes is used;
*) routerboot - fixed RouterBOOT upgrade process (introduced in v6.42rc);
*) winbox - added "use-dn" setting in OSPF instance General menu;
*) winbox - moved OSPF instance "routing-table" setting in OSPF instance General menu;
*) winbox - use proper graph name for HDD graphs;
*) wireless - improved Nv2 PtMP performance;

Other changes since 6.41.3:

!) tile - improved overall system performance and stability ("/system routerboard upgrade" required);
*) bridge - added host aging timer for crs3xx and Atheros hw-bridges;
*) bridge - added per-port forwarding options for broadcasts, unknown-multicasts and unknown-unicasts (CLI only);
*) bridge - added per-port learning options (CLI only);
*) bridge - added support for static hosts;
*) bridge - fixed bridge port interface parameter under "/interface bridge host print detail";
*) bridge - fixed false MAC address learning on hAP ac2 and cAP ac devices;
*) bridge - fixed incorrect "fast-forward" enabling when ports were switched;
*) bridge - fixed MAC learning for VRRP interfaces on bridge;
*) bridge - fixed reliability on software bridges when used on devices without switch chip;
*) bridge - hide options for disabled bridge features in CLI;
*) bridge - show "hw" flags only on Ethernet interfaces and interface lists;
*) capsman - added "allow-signal-out-of-range" option for Access List entries;
*) capsman - added support for "interface-list" in Access List and Datapath entries;
*) capsman - improved CAPsMAN responsiveness on systems with large amount of CAP interfaces;
*) capsman - log "signal-strength" when successfully connected to AP;
*) certificate - added PKCS#10 version check;
*) certificate - dropped DES support and added AES instead for SCEP;
*) certificate - dropped MD5 support and require SHA1 as minimum for SCEP;
*) chr - added "open-vm-tools" on VMware installations;
*) chr - added "qemu-guest-agent" and "virtio-scsi" driver on KVM installations;
*) chr - added "xe-daemon" on Xen installations;
*) chr - added support for Hyper-V ballooning, guest quiescing, host-guest file transfer, integration services and static IP injection;
*) chr - added support for NIC hot-plug on VMware and Xen installations;
*) chr - fixed additional disk detaching on Xen installations;
*) chr - fixed interface naming order when adding more than 4 interfaces on VMware installations;
*) chr - fixed suspend on Xen installations;
*) chr - make additional disks visible under "/disk" on Xen installations;
*) chr - make virtio disks visible under "/disk" on KVM installations;
*) console - fixed "idpr-cmtp" protocol by changing its value from 39 to 38;
*) console - improved console stability after it has not been used for a long time;
*) crs1xx/2xx - added BPDU value for "ingress-vlan-translation" menu "protocol" option;
*) crs212 - fixed Ethernet boot through CRS326 devices;
*) crs326 - fixed known multicast flooding to the CPU;
*) crs3xx - added initial “hw-offload” support for 802.3ad and “balance-xor” bonding;
*) crs3xx - added switch port "storm-rate" limiting options;
*) detnet - fixed "detect-internet" feature unavailability if router had too long identity (introduced in v6.41);
*) dhcpv4-server - added "dns-none" option to "/ip dhcp-server network dns";
*) dhcpv6 - make sure that time is set before restoring bindings;
*) dhcpv6-client - added info exchange support;
*) dhcpv6-client - added possibility to specify options;
*) dhcpv6-client - added support for options 15 and 16;
*) dhcpv6-client - implement confirm after reboot;
*) dhcpv6-server - added DHCPv4 style user options;
*) email - set maximum number of sessions to 100;
*) fetch - added "http-content-type" option to allow setting MIME type of the data in free text form;
*) fetch - added "output" option for all modes in order to return result to file, variable or ignore it;
*) fetch - increased maximum number of sessions to 100;
*) filesystem - implemented additional system storage maintenance checks on ARM CPU based devices;
*) flashfig - properly apply configuration provided by Flashfig;
*) gps - improved NMEA sentence handling;
*) health - log warning when switching between redundant power supplies;
*) hotspot - improved HTTPS matching in Walled Garden rules;
*) ike1 - display error message when peer requests "mode-config" when it is not configured;
*) ike1 - do not accept "mode-config" reply more than once;
*) ike1 - fixed wildcard policy lookup on responder;
*) interface - improved interface configuration responsiveness;
*) ippool - added ability to specify comment;
*) ipsec - fixed AES-CTR and AES-GCM support on RB1200;
*) ipsec - improved single tunnel hardware acceleration performance on MMIPS platform devices;
*) ipsec - properly detect interface for "mode-config" client IP address assignment;
*) kidcontrol - initial work on "/ip kid-control" feature;
*) lte - added initial support for SIM7600 LTE modem interface;
*) lte - added support for the user and password authentication for wAP-LTE-kit-US (R11e-LTE-US);
*) lte - do not add DHCP client on LTE modems that doesn't use DHCP;
*) lte - fixed DHCP client adding for MF823 modem;
*) mac-ping - fixed duplicate responses;
*) modem - added initial support for AC340U;
*) netwatch - limit to read, write, test and reboot policies for Netwatch script execution;
*) poe - hide PoE related properties on interfaces which does not provide power output;
*) poe-out - do not show "poe-out-current" on devices which can not determine it;
*) ppp - added initial support for NETGEAR AC340U and ZyXEL WAH1604;
*) ppp - allow to override remote user PPP profile via "Mikrotik-Group";
*) quickset - fixed NAT if PPPoE client is used for Internet access;
*) quickset - properly detect LTE interface on startup;
*) quickset - show "G" flag for guest users;
*) r11e-lte - improved LTE connection initialization process;
*) routerboard - added RouterBOOT "auto-upgrade" after RouterOS upgrade (extra reboot required);
*) sniffer - fixed situation when "/tool sniffer packet" returned packets in incorrect order;
*) snmp - added "/caps-man interface print oid";
*) snmp - added "/interface w60g print oid";
*) snmp - added "board-name" OID;
*) snmp - improved request processing performance for wireless and CAP interfaces;
*) ssh - generate SSH keys only on the first connect attempt instead of the first boot;
*) ssh - improved key import error messages;
*) ssh - remove imported public SSH keys when their owner user is removed;
*) switch - hide "ingress-rate" and "egress-rate" for non-crs3xx switches;
*) tile - added "aes-ctr" hardware acceleration support;
*) tr069-client - added "DownloadDiagnostics" and "UploadDiagnostics";
*) tr069-client - correctly return “TransferComplete” after vendor configuration file transfer;
*) tr069-client - fixed "/tool fetch" commands executed with ".alter" script;
*) tr069-client - fixed HTTPS authentication process;
*) upgrade - improved RouterOS upgrade process and restrict upgrade from RouterOS older than v5.16;
*) ups - improved disconnect message handling between RouterOS and UPS;
*) userman - added support for ARM and MMIPS platform;
*) winbox - added "antenna" setting under GPS settings for MIPS platform devices;
*) winbox - added "crl-store" setting to certficate settings;
*) winbox - added "insert-queue-before" to DHCP server;
*) winbox - added 160 MHz "channel-width" to wireless settings;
*) winbox - added broadcast and flood settings to bridge ports;
*) winbox - added DHCPv6 client info request type and updated statuses;
*) winbox - added missing protocol numbers to IPv4 and IPv6 firewall;
*) winbox - added possibility to delete SMS from inbox;
*) winbox - allow to comment new object without committing it;
*) winbox - allow to open bridge host entry;
*) winbox - fixed name for "out-bridge-list" parameter under bridge firewall rules;
*) winbox - fixed typo from "UPtime" to "Uptime";
*) winbox - fixed Winbox closing when viewing graph which does not contain any data;
*) winbox - improved stability when using trackpad scrolling in large lists;
*) winbox - made UDP local and remote TX size parameter optional in Bandwidth Test tool;
*) winbox - moved "ageing-time" setting from STP to General tab;
*) winbox - removed “VLAN” section from “Switch” menu for CRS3xx devices;
*) winbox - show Bridge Port PVID column by default;
*) winbox - show CQI in LTE info;
*) winbox - show only master CAP interfaces under CAPsMAN wireless scan tool;
*) wireless - added "realm-raw" setting for "/interface wireless interworking-profiles" (CLI only);
*) wireless - added initial support for "nstreme-plus";
*) wireless - added support for "band=5ghz-n/ac";
*) wireless - added support for "interface-list" for Access List entries;
*) wireless - added support for legacy AR9485 chipset;
*) wireless - enable all chains by default on devices without external antennas after configuration reset;
*) wireless - fixed "wds-slave" channel selection when single frequency is specified;
*) wireless - fixed incompatibility with macOS clients;
*) wireless - fixed long "scan-list" entries not working for ARM based wireless interfaces;
*) wireless - fixed nv2 protocol on ARM platform SXTsq devices;
*) wireless - fixed RTS/CTS option for the ARM based wireless devices;
*) wireless - improved compatibility with specific wireless AC standard clients;
*) wireless - improved packet processing on ARM platform devices;
*) wireless - improved wireless scan functionality;
*) wireless - improved wireless stability on hAP ac2 devices while USB is being used;

Download the new 'RouterOS 6.42rc46' version here: https://www.mikrotik.com/download

]]>
Release candidateTue, 20 Mar 2018 10:20:21 +0200cfb98666530b97cd3c2ac8559ecbfb9e
RouterOS 6.42rc43 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.42rc43 changelog:

*) crs326 - fixed known multicast flooding to the CPU;
*) dhcp - improved DHCP service reliability when it is configured on bridge interface;
*) ssh - generate SSH keys only on the first connect attempt instead of the first boot;
*) ups - improved disconnect message handling between RouterOS and UPS;
*) wireless - enable all chains by default on devices without external antennas after configuration reset;

Other changes since 6.41.3:

*) bridge - added host aging timer for crs3xx and Atheros hw-bridges;
*) bridge - added per-port forwarding options for broadcasts, unknown-multicasts and unknown-unicasts (CLI only);
*) bridge - added per-port learning options (CLI only);
*) bridge - added support for static hosts;
*) bridge - fixed bridge port interface parameter under "/interface bridge host print detail";
*) bridge - fixed false MAC address learning on hAP ac2 and cAP ac devices;
*) bridge - fixed incorrect "fast-forward" enabling when ports were switched;
*) bridge - fixed MAC learning for VRRP interfaces on bridge;
*) bridge - fixed reliability on software bridges when used on devices without switch chip;
*) bridge - hide options for disabled bridge features in CLI;
*) bridge - show "hw" flags only on Ethernet interfaces and interface lists;
*) capsman - added "allow-signal-out-of-range" option for Access List entries;
*) capsman - added support for "interface-list" in Access List and Datapath entries;
*) capsman - improved CAPsMAN responsiveness on systems with large amount of CAP interfaces;
*) capsman - log "signal-strength" when successfully connected to AP;
*) certificate - added PKCS#10 version check;
*) certificate - dropped DES support and added AES instead for SCEP;
*) certificate - dropped MD5 support and require SHA1 as minimum for SCEP;
*) chr - added "open-vm-tools" on VMware installations;
*) chr - added "qemu-guest-agent" and "virtio-scsi" driver on KVM installations;
*) chr - added "xe-daemon" on Xen installations;
*) chr - added support for Hyper-V ballooning, guest quiescing, host-guest file transfer, integration services and static IP injection;
*) chr - added support for NIC hot-plug on VMware and Xen installations;
*) chr - fixed additional disk detaching on Xen installations;
*) chr - fixed interface naming order when adding more than 4 interfaces on VMware installations;
*) chr - fixed suspend on Xen installations;
*) chr - make additional disks visible under "/disk" on Xen installations;
*) chr - make virtio disks visible under "/disk" on KVM installations;
*) console - fixed "idpr-cmtp" protocol by changing its value from 39 to 38;
*) console - improved console stability after it has not been used for a long time;
*) crs1xx/2xx - added BPDU value for "ingress-vlan-translation" menu "protocol" option;
*) crs212 - fixed Ethernet boot through CRS326 devices;
*) crs3xx - added initial “hw-offload” support for 802.3ad and “balance-xor” bonding;
*) crs3xx - added switch port "storm-rate" limiting options;
*) detnet - fixed "detect-internet" feature unavailability if router had too long identity (introduced in v6.41);
*) dhcpv4-server - added "dns-none" option to "/ip dhcp-server network dns";
*) dhcpv6 - make sure that time is set before restoring bindings;
*) dhcpv6-client - added info exchange support;
*) dhcpv6-client - added possibility to specify options;
*) dhcpv6-client - added support for options 15 and 16;
*) dhcpv6-client - implement confirm after reboot;
*) dhcpv6-server - added DHCPv4 style user options;
*) email - set maximum number of sessions to 100;
*) fetch - added "http-content-type" option to allow setting MIME type of the data in free text form;
*) fetch - added "output" option for all modes in order to return result to file, variable or ignore it;
*) fetch - increased maximum number of sessions to 100;
*) filesystem - implemented additional system storage maintenance checks on ARM CPU based devices;
*) flashfig - properly apply configuration provided by Flashfig;
*) gps - improved NMEA sentence handling;
*) health - log warning when switching between redundant power supplies;
*) hotspot - improved HTTPS matching in Walled Garden rules;
*) ike1 - display error message when peer requests "mode-config" when it is not configured;
*) ike1 - do not accept "mode-config" reply more than once;
*) ike1 - fixed wildcard policy lookup on responder;
*) interface - improved interface configuration responsiveness;
*) ippool - added ability to specify comment;
*) ipsec - fixed AES-CTR and AES-GCM support on RB1200;
*) ipsec - improved single tunnel hardware acceleration performance on MMIPS platform devices;
*) ipsec - properly detect interface for "mode-config" client IP address assignment;
*) kidcontrol - initial work on "/ip kid-control" feature;
*) lte - added initial support for SIM7600 LTE modem interface;
*) lte - added support for the user and password authentication for wAP-LTE-kit-US (R11e-LTE-US);
*) lte - do not add DHCP client on LTE modems that doesn't use DHCP;
*) lte - fixed DHCP client adding for MF823 modem;
*) mac-ping - fixed duplicate responses;
*) modem - added initial support for AC340U;
*) netwatch - limit to read, write, test and reboot policies for Netwatch script execution;
*) poe - hide PoE related properties on interfaces which does not provide power output;
*) poe-out - do not show "poe-out-current" on devices which can not determine it;
*) ppp - added initial support for NETGEAR AC340U and ZyXEL WAH1604;
*) ppp - allow to override remote user PPP profile via "Mikrotik-Group";
*) quickset - fixed NAT if PPPoE client is used for Internet access;
*) quickset - properly detect LTE interface on startup;
*) quickset - show "G" flag for guest users;
*) r11e-lte - improved LTE connection initialization process;
*) routerboard - added RouterBOOT "auto-upgrade" after RouterOS upgrade (extra reboot required);
*) sniffer - fixed situation when "/tool sniffer packet" returned packets in incorrect order;
*) snmp - added "/caps-man interface print oid";
*) snmp - added "/interface w60g print oid";
*) snmp - added "board-name" OID;
*) snmp - improved request processing performance for wireless and CAP interfaces;
*) ssh - improved key import error messages;
*) ssh - remove imported public SSH keys when their owner user is removed;
*) switch - hide "ingress-rate" and "egress-rate" for non-crs3xx switches;
*) tile - added "aes-ctr" hardware acceleration support;
*) tr069-client - added "DownloadDiagnostics" and "UploadDiagnostics";
*) tr069-client - correctly return “TransferComplete” after vendor configuration file transfer;
*) tr069-client - fixed "/tool fetch" commands executed with ".alter" script;
*) tr069-client - fixed HTTPS authentication process;
*) upgrade - improved RouterOS upgrade process and restrict upgrade from RouterOS older than v5.16;
*) userman - added support for ARM and MMIPS platform;
*) winbox - added "antenna" setting under GPS settings for MIPS platform devices;
*) winbox - added "crl-store" setting to certficate settings;
*) winbox - added "insert-queue-before" to DHCP server;
*) winbox - added 160 MHz "channel-width" to wireless settings;
*) winbox - added broadcast and flood settings to bridge ports;
*) winbox - added DHCPv6 client info request type and updated statuses;
*) winbox - added missing protocol numbers to IPv4 and IPv6 firewall;
*) winbox - added possibility to delete SMS from inbox;
*) winbox - allow to comment new object without committing it;
*) winbox - allow to open bridge host entry;
*) winbox - fixed name for "out-bridge-list" parameter under bridge firewall rules;
*) winbox - fixed typo from "UPtime" to "Uptime";
*) winbox - fixed Winbox closing when viewing graph which does not contain any data;
*) winbox - improved stability when using trackpad scrolling in large lists;
*) winbox - made UDP local and remote TX size parameter optional in Bandwidth Test tool;
*) winbox - moved "ageing-time" setting from STP to General tab;
*) winbox - removed “VLAN” section from “Switch” menu for CRS3xx devices;
*) winbox - show Bridge Port PVID column by default;
*) winbox - show CQI in LTE info;
*) winbox - show only master CAP interfaces under CAPsMAN wireless scan tool;
*) wireless - added "realm-raw" setting for "/interface wireless interworking-profiles" (CLI only);
*) wireless - added initial support for "nstreme-plus";
*) wireless - added support for "band=5ghz-n/ac";
*) wireless - added support for "interface-list" for Access List entries;
*) wireless - added support for legacy AR9485 chipset;
*) wireless - fixed "wds-slave" channel selection when single frequency is specified;
*) wireless - fixed incompatibility with macOS clients;
*) wireless - fixed long "scan-list" entries not working for ARM based wireless interfaces;
*) wireless - fixed nv2 protocol on ARM platform SXTsq devices;
*) wireless - fixed RTS/CTS option for the ARM based wireless devices;
*) wireless - improved compatibility with specific wireless AC standard clients;
*) wireless - improved packet processing on ARM platform devices;
*) wireless - improved wireless scan functionality;
*) wireless - improved wireless stability on hAP ac2 devices while USB is being used;

Download the new 'RouterOS 6.42rc43' version here: https://www.mikrotik.com/download

]]>
Release candidateThu, 15 Mar 2018 12:00:49 +0200570c0ac9d88ebcdb68fe51390b08ed42
RouterOS 6.42rc41 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.42rc41 changelog:

*) ipsec - improved single tunnel hardware acceleration performance on MMIPS platform devices;
*) snmp - added "board-name" OID;

Other changes since 6.41.3:

*) bridge - added host aging timer for crs3xx and Atheros hw-bridges;
*) bridge - added per-port forwarding options for broadcasts, unknown-multicasts and unknown-unicasts (CLI only);
*) bridge - added per-port learning options (CLI only);
*) bridge - added support for static hosts;
*) bridge - fixed bridge port interface parameter under "/interface bridge host print detail";
*) bridge - fixed false MAC address learning on hAP ac2 and cAP ac devices;
*) bridge - fixed incorrect "fast-forward" enabling when ports were switched;
*) bridge - fixed MAC learning for VRRP interfaces on bridge;
*) bridge - fixed reliability on software bridges when used on devices without switch chip;
*) bridge - hide options for disabled bridge features in CLI;
*) bridge - show "hw" flags only on Ethernet interfaces and interface lists;
*) capsman - added "allow-signal-out-of-range" option for Access List entries;
*) capsman - added support for "interface-list" in Access List and Datapath entries;
*) capsman - improved CAPsMAN responsiveness on systems with large amount of CAP interfaces;
*) capsman - log "signal-strength" when successfully connected to AP;
*) certificate - added PKCS#10 version check;
*) certificate - dropped DES support and added AES instead for SCEP;
*) certificate - dropped MD5 support and require SHA1 as minimum for SCEP;
*) chr - added "open-vm-tools" on VMware installations;
*) chr - added "qemu-guest-agent" and "virtio-scsi" driver on KVM installations;
*) chr - added "xe-daemon" on Xen installations;
*) chr - added support for Hyper-V ballooning, guest quiescing, host-guest file transfer, integration services and static IP injection;
*) chr - added support for NIC hot-plug on VMware and Xen installations;
*) chr - fixed additional disk detaching on Xen installations;
*) chr - fixed interface naming order when adding more than 4 interfaces on VMware installations;
*) chr - fixed suspend on Xen installations;
*) chr - make additional disks visible under "/disk" on Xen installations;
*) chr - make virtio disks visible under "/disk" on KVM installations;
*) console - fixed "idpr-cmtp" protocol by changing its value from 39 to 38;
*) console - improved console stability after it has not been used for a long time;
*) crs1xx/2xx - added BPDU value for "ingress-vlan-translation" menu "protocol" option;
*) crs212 - fixed Ethernet boot through CRS326 devices;
*) crs3xx - added initial “hw-offload” support for 802.3ad and “balance-xor” bonding;
*) crs3xx - added switch port "storm-rate" limiting options;
*) detnet - fixed "detect-internet" feature unavailability if router had too long identity (introduced in v6.41);
*) dhcp - improved DHCP service reliability when it is configured on bridge interface;
*) dhcpv4-server - added "dns-none" option to "/ip dhcp-server network dns";
*) dhcpv6 - make sure that time is set before restoring bindings;
*) dhcpv6-client - added info exchange support;
*) dhcpv6-client - added possibility to specify options;
*) dhcpv6-client - added support for options 15 and 16;
*) dhcpv6-client - implement confirm after reboot;
*) dhcpv6-server - added DHCPv4 style user options;
*) email - set maximum number of sessions to 100;
*) fetch - added "http-content-type" option to allow setting MIME type of the data in free text form;
*) fetch - added "output" option for all modes in order to return result to file, variable or ignore it;
*) fetch - increased maximum number of sessions to 100;
*) filesystem - implemented additional system storage maintenance checks on ARM CPU based devices;
*) flashfig - properly apply configuration provided by Flashfig;
*) gps - improved NMEA sentence handling;
*) health - log warning when switching between redundant power supplies;
*) hotspot - improved HTTPS matching in Walled Garden rules;
*) ike1 - display error message when peer requests "mode-config" when it is not configured;
*) ike1 - do not accept "mode-config" reply more than once;
*) ike1 - fixed wildcard policy lookup on responder;
*) interface - improved interface configuration responsiveness;
*) ippool - added ability to specify comment;
*) ipsec - fixed AES-CTR and AES-GCM support on RB1200;
*) ipsec - properly detect interface for "mode-config" client IP address assignment;
*) kidcontrol - initial work on "/ip kid-control" feature;
*) lte - added initial support for SIM7600 LTE modem interface;
*) lte - added support for the user and password authentication for wAP-LTE-kit-US (R11e-LTE-US);
*) lte - do not add DHCP client on LTE modems that doesn't use DHCP;
*) lte - fixed DHCP client adding for MF823 modem;
*) mac-ping - fixed duplicate responses;
*) modem - added initial support for AC340U;
*) netwatch - limit to read, write, test and reboot policies for Netwatch script execution;
*) poe - hide PoE related properties on interfaces which does not provide power output;
*) poe-out - do not show "poe-out-current" on devices which can not determine it;
*) ppp - added initial support for NETGEAR AC340U and ZyXEL WAH1604;
*) ppp - allow to override remote user PPP profile via "Mikrotik-Group";
*) quickset - fixed NAT if PPPoE client is used for Internet access;
*) quickset - properly detect LTE interface on startup;
*) quickset - show "G" flag for guest users;
*) r11e-lte - improved LTE connection initialization process;
*) routerboard - added RouterBOOT "auto-upgrade" after RouterOS upgrade (extra reboot required);
*) sniffer - fixed situation when "/tool sniffer packet" returned packets in incorrect order;
*) snmp - added "/caps-man interface print oid";
*) snmp - added "/interface w60g print oid";
*) snmp - improved request processing performance for wireless and CAP interfaces;
*) ssh - improved key import error messages;
*) ssh - remove imported public SSH keys when their owner user is removed;
*) switch - hide "ingress-rate" and "egress-rate" for non-crs3xx switches;
*) tile - added "aes-ctr" hardware acceleration support;
*) tr069-client - added "DownloadDiagnostics" and "UploadDiagnostics";
*) tr069-client - correctly return “TransferComplete” after vendor configuration file transfer;
*) tr069-client - fixed "/tool fetch" commands executed with ".alter" script;
*) tr069-client - fixed HTTPS authentication process;
*) upgrade - improved RouterOS upgrade process and restrict upgrade from RouterOS older than v5.16;
*) userman - added support for ARM and MMIPS platform;
*) winbox - made UDP local and remote TX size parameter optional in Bandwidth Test tool;
*) winbox - moved "ageing-time" setting from STP to General tab;
*) winbox - added "antenna" setting under GPS settings for MIPS platform devices;
*) winbox - added "crl-store" setting to certficate settings;
*) winbox - added "insert-queue-before" to DHCP server;
*) winbox - added 160 MHz "channel-width" to wireless settings;
*) winbox - added broadcast and flood settings to bridge ports;
*) winbox - added DHCPv6 client info request type and updated statuses;
*) winbox - added missing protocol numbers to IPv4 and IPv6 firewall;
*) winbox - added possibility to delete SMS from inbox;
*) winbox - allow to comment new object without committing it;
*) winbox - allow to open bridge host entry;
*) winbox - fixed name for "out-bridge-list" parameter under bridge firewall rules;
*) winbox - fixed typo from "UPtime" to "Uptime";
*) winbox - fixed Winbox closing when viewing graph which does not contain any data;
*) winbox - improved stability when using trackpad scrolling in large lists;
*) winbox - removed “VLAN” section from “Switch” menu for CRS3xx devices;
*) winbox - show Bridge Port PVID column by default;
*) winbox - show CQI in LTE info;
*) winbox - show only master CAP interfaces under CAPsMAN wireless scan tool;
*) wireless - added "realm-raw" setting for "/interface wireless interworking-profiles" (CLI only);
*) wireless - added initial support for "nstreme-plus";
*) wireless - added support for "band=5ghz-n/ac";
*) wireless - added support for "interface-list" for Access List entries;
*) wireless - added support for legacy AR9485 chipset;
*) wireless - fixed "wds-slave" channel selection when single frequency is specified;
*) wireless - fixed incompatibility with macOS clients;
*) wireless - fixed long "scan-list" entries not working for ARM based wireless interfaces;
*) wireless - fixed nv2 protocol on ARM platform SXTsq devices;
*) wireless - fixed RTS/CTS option for the ARM based wireless devices;
*) wireless - improved compatibility with specific wireless AC standard clients;
*) wireless - improved packet processing on ARM platform devices;
*) wireless - improved wireless scan functionality;
*) wireless - improved wireless stability on hAP ac2 devices while USB is being used;

Download the new 'RouterOS 6.42rc41' version here: https://www.mikrotik.com/download

]]>
Release candidateMon, 12 Mar 2018 10:45:31 +02002797d2d2d697e33703877872b21ba449
RouterOS 6.41.3 [Current]https://www.mikrotik.com/download/changelogs/current

6.41.3 changelog:

*) chr - automatically generate new system ID on first startup;
*) console - do not allow variables that start with digit to be referenced without "$" sign;
*) defconf - fixed DISC Lite5 LED default configuration;
*) export - fixed "/system routerboard mode-button" compact export;
*) filesystem - improved error correction process on RB1100AHx4 storage;
*) firewall - fixed "tls-host" firewall feature (introduced in v6.41);
*) gps - added GPS port support for Quectel EC25-E modem when used in LTE mode;
*) lte - fixed r11-LTE-US interface initialization process after reboot;
*) romon - make "secret" field sensitive in console;
*) snmp - fixed w60g SSID value;
*) tile - fixed bogus voltage readings;
*) tr069-client - fixed TR069 service becoming unavailable when related service package is not available;
*) usb - improved packet processing over USB modems;
*) winbox - fixed "/tool e-mail send" attachment behavior;
*) winbox - fixed maximal ID for Traffic Generator stream;
*) winbox - removed "Enable" and "Disable" buttons from IPsec "mode-config" list;
*) winbox - show "D" flag under "/ip dhcp-client" menu;
*) wireless - removed unused "/interface wireless registration-table monitor" command;

Download the new 'RouterOS 6.41.3' version here: https://www.mikrotik.com/download

]]>
CurrentMon, 12 Mar 2018 09:53:02 +020084d1d34397f9f355919b7928fc4c8891
RouterOS 6.42rc39 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.42rc39 changelog:

*) bridge - added per-port forwarding options for broadcasts, unknown-multicasts and unknown-unicasts;
*) bridge - added per-port learning options;
*) bridge - added support for static hosts;
*) bridge - fixed reliability on software bridges when used on devices without switch chip;
*) capsman - added "allow-signal-out-of-range" option for Access List entries;
*) capsman - added support for "interface-list" in Access List and Datapath entries;
*) console - fixed "idpr-cmtp" protocol by changing its value from 39 to 38;
*) crs3xx - added initial “hw-offload” support for 802.3ad and “balance-xor” bonding;
*) crs3xx - added switch port "storm-rate" limiting options;
*) dhcp - improved DHCP service reliability when it is configured on bridge interface;
*) email - set maximum number of sessions to 100;
*) fetch - increased maximum number of sessions to 100;
*) ike1 - fixed wildcard policy lookup on responder;
*) quickset - fixed NAT if PPPoE client is used for Internet access;
*) winbox - made UDP local and remote TX size parameter optional in Bandwidth Test tool;
*) winbox - moved "ageing-time" setting from STP to General tab;
*) winbox - added "antenna" setting under GPS settings for MIPS platform devices;
*) winbox - added 160 MHz "channel-width" to wireless settings;
*) winbox - added broadcast and flood settings to bridge ports;
*) winbox - added missing protocol numbers to IPv4 and IPv6 firewall;
*) winbox - removed “VLAN” section from “Switch” menu for CRS3xx devices;
*) winbox - fixed maximal ID for Traffic Generator stream;
*) winbox - fixed name for "out-bridge-list" parameter under bridge firewall rules;
*) winbox - removed Enable and Disable buttons from IPsec "mode-config" list;
*) winbox - show "D" flag under "/ip dhcp-client" menu;
*) winbox - show CQI in LTE info;
*) winbox - show only master CAP interfaces under CAPsMAN wireless scan tool;
*) wireless - added support for "band=5ghz-n/ac";
*) wireless - added support for "interface-list" for Access List entries;
*) wireless - added support for legacy AR9485 chipset;
*) wireless - improved wireless scan functionality;

Other changes since 6.41.2:

!) tile - improved overall system performance and stability ("/system routerboard upgrade" required);
*) bridge - added host aging timer for crs3xx and Atheros hw-bridges;
*) bridge - fixed bridge port interface parameter under "/interface bridge host print detail";
*) bridge - fixed false MAC address learning on hAP ac2 and cAP ac devices;
*) bridge - fixed incorrect "fast-forward" enabling when ports were switched;
*) bridge - fixed MAC learning for VRRP interfaces on bridge;
*) bridge - hide options for disabled bridge features in CLI;
*) bridge - show "hw" flags only on Ethernet interfaces and interface lists;
*) capsman - improved CAPsMAN responsiveness on systems with large amount of CAP interfaces;
*) capsman - log "signal-strength" when successfully connected to AP;
*) certificate - added PKCS#10 version check;
*) certificate - dropped DES support and added AES instead for SCEP;
*) certificate - dropped MD5 support and require SHA1 as minimum for SCEP;
*) chr - added "open-vm-tools" on VMware installations;
*) chr - added "qemu-guest-agent" and "virtio-scsi" driver on KVM installations;
*) chr - added "xe-daemon" on Xen installations;
*) chr - added support for Hyper-V ballooning, guest quiescing, host-guest file transfer, integration services and static IP injection;
*) chr - added support for NIC hot-plug on VMware and Xen installations;
*) chr - automatically generate new system ID on first startup;
*) chr - fixed additional disk detaching on Xen installations;
*) chr - fixed interface naming order when adding more than 4 interfaces on VMware installations;
*) chr - fixed suspend on Xen installations;
*) chr - make additional disks visible under "/disk" on Xen installations;
*) chr - make virtio disks visible under "/disk" on KVM installations;
*) console - do not allow variables that start with digit to be referenced without $ sign;
*) console - improved console stability after it has not been used for a long time;
*) crs1xx/2xx - added BPDU value for "ingress-vlan-translation" menu "protocol" option;
*) crs212 - fixed Ethernet boot through CRS326 devices;
*) defconf - fixed DISC Lite5 LED default configuration;
*) detnet - fixed "detect-internet" feature unavailability if router had too long identity (introduced in v6.41);
*) dhcpv4-server - added "dns-none" option to "/ip dhcp-server network dns";
*) dhcpv6 - make sure that time is set before restoring bindings;
*) dhcpv6-client - added info exchange support;
*) dhcpv6-client - added possibility to specify options;
*) dhcpv6-client - added support for options 15 and 16;
*) dhcpv6-client - implement confirm after reboot;
*) dhcpv6-server - added DHCPv4 style user options;
*) export - fixed "/system routerboard mode-button" compact export;
*) fetch - added "http-content-type" option to allow setting MIME type of the data in free text form;
*) fetch - added "output" option for all modes in order to return result to file, variable or ignore it;
*) filesystem - implemented additional system storage maintenance checks on ARM CPU based devices;
*) filesystem - improved error correcting process on RB1100AHx4 storage;
*) firewall - fixed "tls-host" firewall feature (introduced in v6.41);
*) flashfig - properly apply configuration provided by Flashfig;
*) gps - added GPS port support for Quectel EC25-E modem when used in LTE mode;
*) gps - improved NMEA sentence handling;
*) health - log warning when switching between redundant power supplies;
*) hotspot - improved HTTPS matching in Walled Garden rules;
*) ike1 - display error message when peer requests "mode-config" when it is not configured;
*) ike1 - do not accept "mode-config" reply more than once;
*) interface - improved interface configuration responsiveness;
*) ippool - added ability to specify comment;
*) ipsec - fixed AES-CTR and AES-GCM support on RB1200;
*) ipsec - properly detect interface for "mode-config" client IP address assignment;
*) kidcontrol - initial work on "/ip kid-control" feature;
*) lte - added initial support for SIM7600 LTE modem interface;
*) lte - added support for the user and password authentication for wAP-LTE-kit-US (R11e-LTE-US);
*) lte - do not add DHCP client on LTE modems that doesn't use DHCP;
*) lte - fixed DHCP client adding for MF823 modem;
*) lte - fixed rare situation when r11-LTE interface is missing after reboot;
*) mac-ping - fixed duplicate responses;
*) modem - added initial support for AC340U;
*) netwatch - limit to read, write, test and reboot policies for Netwatch script execution;
*) poe - hide PoE related properties on interfaces which does not provide power output;
*) poe-out - do not show "poe-out-current" on devices which can not determine it;
*) ppp - added initial support for NETGEAR AC340U and ZyXEL WAH1604;
*) ppp - allow to override remote user PPP profile via "Mikrotik-Group";
*) quickset - properly detect LTE interface on startup;
*) quickset - show "G" flag for guest users;
*) r11e-lte - improved LTE connection initialization process;
*) romon - make secret field sensitive in console;
*) routerboard - added RouterBOOT "auto-upgrade" after RouterOS upgrade (extra reboot required);
*) smb - improved NetBIOS name handling and stability;
*) sniffer - fixed situation when "/tool sniffer packet" returned packets in incorrect order;
*) snmp - added "/caps-man interface print oid";
*) snmp - added "/interface w60g print oid";
*) snmp - improved request processing performance for wireless and CAP interfaces;
*) ssh - improved key import error messages;
*) ssh - remove imported public SSH keys when their owner user is removed;
*) switch - hide "ingress-rate" and "egress-rate" for non-crs3xx switches;
*) tile - added "aes-ctr" hardware acceleration support;
*) tile - fixed occasional reporting of bogus voltage;
*) tr069-client - added "DownloadDiagnostics" and "UploadDiagnostics";
*) tr069-client - correctly return “TransferComplete” after vendor configuration file transfer;
*) tr069-client - fixed "/tool fetch" commands executed with ".alter" script;
*) tr069-client - fixed HTTPS authentication process;
*) tr069-client - fixed TR069 service becoming unavailable when related service package is not available;
*) upgrade - improved RouterOS upgrade process and restrict upgrade from RouterOS older than v5.16;
*) usb - improved packet processing over USB modems;
*) userman - added support for ARM and MMIPS platform;
*) winbox - added "crl-store" setting to certficate settings;
*) winbox - added "insert-queue-before" to DHCP server;
*) winbox - added DHCPv6 client info request type and updated statuses;
*) winbox - added possibility to delete SMS from inbox;
*) winbox - allow to comment new object without committing it;
*) winbox - allow to open bridge host entry;
*) winbox - fixed "/tool e-mail send" attachment behavior;
*) winbox - fixed typo from "UPtime" to "Uptime";
*) winbox - fixed Winbox closing when viewing graph which does not contain any data;
*) winbox - improved stability when using trackpad scrolling in large lists;
*) winbox - show Bridge Port PVID column by default;
*) wireless - added "realm-raw" setting for "/interface wireless interworking-profiles" (CLI only);
*) wireless - added initial support for "nstreme-plus";
*) wireless - added initial support for "nstreme-plus";
*) wireless - fixed "wds-slave" channel selection when single frequency is specified;
*) wireless - fixed incompatibility with macOS clients;
*) wireless - fixed long "scan-list" entries not working for ARM based wireless interfaces;
*) wireless - fixed nv2 protocol on ARM platform SXTsq devices;
*) wireless - fixed RTS/CTS option for the ARM based wireless devices;
*) wireless - improved compatibility with specific wireless AC standard clients;
*) wireless - improved packet processing on ARM platform devices;
*) wireless - improved wireless stability on hAP ac2 devices while USB is being used;

Download the new 'RouterOS 6.42rc39' version here: https://www.mikrotik.com/download

]]>
Release candidateWed, 07 Mar 2018 12:43:22 +020091992f38a38212e1de17eb9cd157e7fa
RouterOS 6.40.6 [Bugfix only]https://www.mikrotik.com/download/changelogs/bugfix

6.40.6 changelog:

*) btest - fixed TCP test accuracy when low TX/RX rates are used;
*) certificate - do not use UTF-8 for SCEP challenge password;
*) certificate - fixed PKCS#10 version;
*) chr - generate new system ID on first boot;
*) crs317 - fixed reliability on FAN controller;
*) defconf - fixed DISC Lite5 LED default configuration;
*) dhcpv4-server - fixed framed and classless route received from RADIUS server;
*) disk - fixed disk detach process;
*) dude - fixed e-mail notifications when default port is not used;
*) export - fixed "/system routerboard mode-button" compact export;
*) filesystem - implemented additional system integrity checks on reboots;
*) firewall - limited maximum "address-list-timeout" value to “35w3d13h13m56s”;
*) hotspot - fixed "dst-port" to require valid "protocol" in "walled-garden ip";
*) hotspot - fixed Walled Garden IP functionality when address-list is used;
*) ike1 - fixed crash on XAUTH if user does not exist;
*) ike1 - fixed memory corruption when IPv6 is used;
*) ike1 - improved stability on phase1 rekeying;
*) ike2 - added support for multiple split networks;
*) ike2 - delay rekeyed peer outbound SA installation;
*) ike2 - improve half-open connection handling;
*) ike2 - kill connection when peer changes address;
*) ike2 - use peer configuration address when available on empty TSi;
*) ipsec - fixed incorrect esp proposal key size usage;
*) ipsec - properly update IPsec secret for IPIP/EoIP/GRE dynamic peer;
*) l2tp - improved reliability on packet processing in FastPath;
*) netinstall - improved LTE package description;
*) netinstall - properly generate skins folder when branding package is installed;
*) ovpn - fixed resource leak on systems with high CPU usage;
*) ovpn-server - do not periodically change automatically generated server MAC address;
*) ppp - do not disconnect active PPP connection after "idle-timeout";
*) ppp - do not lose "/ppp profile" script configuration after other profile parameters are edited;
*) ppp - fixed "change-mss" functionality when MSS is not set on forwarded packets;
*) ppp - fixed L2TP and PPTP encryption negotiation process on configuration changes;
*) pppoe-client - properly re-establish MLPPP session when one of the lines stopped transmitting packets;
*) quickset - do not automatically change mode to CPE;
*) quickset - renamed router IP static DNS name to "router.lan";
*) route - fixed DHCP/PPP “add-default-route” “distance” minimal value to 1;
*) route - improved reliability on routing table update;
*) routerboard - properly report warnings under "/system routerboard" menu;
*) scheduler - properly display long scheduler configuration;
*) sfp - improved SFP module compatibility;
*) sms - fixed minor problem for SMS delivery;
*) snmp - added IPv6 addresses support on default "public" community;
*) snmp - fixed bulk requests when non-repeaters are used;
*) snmp - fixed consecutive OID bulk get from the same table;
*) traceroute - fixed "/tool traceroute" results print;
*) traffic-flow - do not count single extra packet per each flow;
*) webfig - added support for proper default policies when adding script or scheduler job;
*) webfig - fixed backup loading from Webfig on RouterBOARD running default configuration;
*) webfig - fixed bridge port sorting order by name;
*) webfig - fixed MAC address ordering;
*) webfig - fixed router getting reset to default configuration;
*) webfig - fixed column ordering;
*) winbox - allow to specify "to-ports" for "action=masquerade";
*) wireless - fixed wireless protocol mode restrictions if lockpack is installed and has limits for it;
*) wireless - removed unused monitor command from CLI;
*) wireless - updated "Australia", "Czech Republic", "UK 5.8 Fixed" and "United Kingdom" regulatory domain information;


Download the new 'RouterOS 6.40.6' version here: https://www.mikrotik.com/download

]]>
Bugfix onlyThu, 01 Mar 2018 14:39:04 +020009581ce8a9da0aca1f84c6cfd736c47a
RouterOS 6.42rc37 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.42rc37 changelog:

*) bridge - fixed bridge port interface parameter under "/interface bridge host print detail";
*) console - do not allow variables that start with digit to be referenced without $ sign;
*) romon - make secret field sensitive in console;
*) wireless - improved wireless scan functionality for devices with multiple wireless interfaces;

Other changes since 6.41.2:

!) tile - improved overall system performance and stability ("/system routerboard upgrade" required);
*) bridge - added host aging timer for crs3xx and Atheros hw-bridges;
*) bridge - added per-port forwarding options for broadcasts, unknown-multicasts and unknown-unicasts (CLI only);
*) bridge - added per-port learning options (CLI only);
*) bridge - added static host support (CLI only);
*) bridge - fixed false MAC address learning on hAP ac2 and cAP ac devices;
*) bridge - fixed incorrect "fast-forward" enabling when ports were switched;
*) bridge - fixed MAC learning for VRRP interfaces on bridge;
*) bridge - hide options for disabled bridge features in CLI;
*) bridge - show "hw" flags only on Ethernet interfaces and interface lists;
*) capsman - added "allow-signal-out-of-range" option for Access List entries (CLI only);
*) capsman - added support for "interface-list" in Access List and Datapath entries (CLI only);
*) capsman - improved CAPsMAN responsiveness on systems with large amount of CAP interfaces;
*) capsman - log "signal-strength" when successfully connected to AP;
*) certificate - added PKCS#10 version check;
*) certificate - dropped DES support and added AES instead for SCEP;
*) certificate - dropped MD5 support and require SHA1 as minimum for SCEP;
*) chr - added "open-vm-tools" on VMware installations;
*) chr - added "qemu-guest-agent" and "virtio-scsi" driver on KVM installations;
*) chr - added "xe-daemon" on Xen installations;
*) chr - added support for Hyper-V ballooning, guest quiescing, host-guest file transfer, integration services and static IP injection;
*) chr - added support for NIC hot-plug on VMware and Xen installations;
*) chr - automatically generate new system ID on first startup;
*) chr - fixed additional disk detaching on Xen installations;
*) chr - fixed interface naming order when adding more than 4 interfaces on VMware installations;
*) chr - fixed suspend on Xen installations;
*) chr - make additional disks visible under "/disk" on Xen installations;
*) chr - make virtio disks visible under "/disk" on KVM installations;
*) console - fixed "idpr-cmtp" protocol by changing its value from 39 to 38 (CLI only);
*) console - improved console stability after it has not been used for a long time;
*) crs1xx/2xx - added BPDU value for "ingress-vlan-translation" menu "protocol" option;
*) crs212 - fixed Ethernet boot through CRS326 devices;
*) crs3xx - added initial “hw-offload” support for 802.3ad and “balance-xor” bonding;
*) crs3xx - added switch port "storm-rate" limiting options;
*) defconf - fixed DISC Lite5 LED default configuration;
*) detnet - fixed "detect-internet" feature unavailability if router had too long identity (introduced in v6.41);
*) dhcp - improved DHCP service reliability when it is configured on bridge interface;
*) dhcpv4-server - added "dns-none" option to "/ip dhcp-server network dns";
*) dhcpv6 - make sure that time is set before restoring bindings;
*) dhcpv6-client - added info exchange support;
*) dhcpv6-client - added possibility to specify options;
*) dhcpv6-client - added support for options 15 and 16;
*) dhcpv6-client - implement confirm after reboot;
*) dhcpv6-server - added DHCPv4 style user options;
*) export - fixed "/system routerboard mode-button" compact export;
*) fetch - added "http-content-type" option to allow setting MIME type of the data in free text form;
*) fetch - added "output" option for all modes in order to return result to file, variable or ignore it;
*) filesystem - implemented additional system storage maintenance checks on ARM CPU based devices;
*) filesystem - improved error correcting process on RB1100AHx4 storage;
*) firewall - fixed "tls-host" firewall feature (introduced in v6.41);
*) flashfig - properly apply configuration provided by Flashfig;
*) gps - added GPS port support for Quectel EC25-E modem when used in LTE mode;
*) gps - improved NMEA sentence handling;
*) health - log warning when switching between redundant power supplies;
*) hotspot - improved HTTPS matching in Walled Garden rules;
*) ike1 - display error message when peer requests "mode-config" when it is not configured;
*) ike1 - do not accept "mode-config" reply more than once;
*) ike1 - fixed wildcard policy lookup on responder;
*) interface - improved interface configuration responsiveness;
*) ippool - added ability to specify comment;
*) ipsec - fixed AES-CTR and AES-GCM support on RB1200;
*) ipsec - properly detect interface for "mode-config" client IP address assignment;
*) kidcontrol - initial work on "/ip kid-control" feature;
*) lte - added initial support for SIM7600 LTE modem interface;
*) lte - added support for the user and password authentication for wAP-LTE-kit-US (R11e-LTE-US);
*) lte - do not add DHCP client on LTE modems that doesn't use DHCP;
*) lte - fixed DHCP client adding for MF823 modem;
*) lte - fixed rare situation when r11-LTE interface is missing after reboot;
*) mac-ping - fixed duplicate responses;
*) modem - added initial support for AC340U;
*) netwatch - limit to read, write, test and reboot policies for Netwatch script execution;
*) poe - hide PoE related properties on interfaces which does not provide power output;
*) poe-out - do not show "poe-out-current" on devices which can not determine it;
*) ppp - added initial support for NETGEAR AC340U and ZyXEL WAH1604;
*) ppp - allow to override remote user PPP profile via "Mikrotik-Group";
*) quickset - properly detect LTE interface on startup;
*) quickset - show "G" flag for guest users;
*) r11e-lte - improved LTE connection initialization process;
*) routerboard - added RouterBOOT "auto-upgrade" after RouterOS upgrade (extra reboot required);
*) smb - improved NetBIOS name handling and stability;
*) sniffer - fixed situation when "/tool sniffer packet" returned packets in incorrect order;
*) snmp - added "/caps-man interface print oid";
*) snmp - added "/interface w60g print oid";
*) snmp - improved request processing performance for wireless and CAP interfaces;
*) ssh - improved key import error messages;
*) ssh - remove imported public SSH keys when their owner user is removed;
*) switch - hide "ingress-rate" and "egress-rate" for non-crs3xx switches;
*) tile - added "aes-ctr" hardware acceleration support;
*) tile - fixed occasional reporting of bogus voltage;
*) tr069-client - added "DownloadDiagnostics" and "UploadDiagnostics";
*) tr069-client - correctly return “TransferComplete” after vendor configuration file transfer;
*) tr069-client - fixed "/tool fetch" commands executed with ".alter" script;
*) tr069-client - fixed HTTPS authentication process;
*) tr069-client - fixed TR069 service becoming unavailable when related service package is not available;
*) upgrade - improved RouterOS upgrade process and restrict upgrade from RouterOS older than v5.16;
*) usb - improved packet processing over USB modems;
*) userman - added support for ARM and MMIPS platform;
*) winbox - added "crl-store" setting to certficate settings;
*) winbox - added "insert-queue-before" to DHCP server;
*) winbox - added DHCPv6 client info request type and updated statuses;
*) winbox - added possibility to delete SMS from inbox;
*) winbox - allow to comment new object without committing it;
*) winbox - allow to open bridge host entry;
*) winbox - fixed "/tool e-mail send" attachment behavior;
*) winbox - fixed typo from "UPtime" to "Uptime";
*) winbox - fixed Winbox closing when viewing graph which does not contain any data;
*) winbox - improved stability when using trackpad scrolling in large lists;
*) winbox - show Bridge Port PVID column by default;
*) wireless - added "realm-raw" setting for "/interface wireless interworking-profiles" (CLI only);
*) wireless - added initial support for "nstreme-plus";
*) wireless - added initial support for "nstreme-plus";
*) wireless - added support for "band=5ghz-n/ac" (CLI only);
*) wireless - added support for "interface-list" in Access List entries (CLI only);
*) wireless - fixed "wds-slave" channel selection when single frequency is specified;
*) wireless - fixed incompatibility with macOS clients;
*) wireless - fixed long "scan-list" entries not working for ARM based wireless interfaces;
*) wireless - fixed nv2 protocol on ARM platform SXTsq devices;
*) wireless - fixed RTS/CTS option for the ARM based wireless devices;
*) wireless - improved compatibility with specific wireless AC standard clients;
*) wireless - improved packet processing on ARM platform devices;
*) wireless - improved wireless stability on hAP ac2 devices while USB is being used;

Download the new 'RouterOS 6.42rc37' version here: https://www.mikrotik.com/download

]]>
Release candidateThu, 01 Mar 2018 14:28:48 +0200e024717a5b73a23f9a6151a4d9c2f0d3
RouterOS 6.41.2 [Current]https://www.mikrotik.com/download/changelogs/current

6.41.2 changelog:

*) bridge - fixed ARP settings on bridge interfaces (introduced v6.41);
*) discovery - fixed discovery interface list change;
*) disk - fixed disk related processes becoming unresponsive after unplugging used disk;
*) filesystem - fixed situations when "/flash" directory lost files after upgrade;
*) ppp - do not lose "/ppp profile" script configuration after other profile parameters are edited;
*) routerboard - properly report warnings under "/system routerboard" menu;
*) snmp - added w60g support;
*) w60g - fixed "/interface w60g reset-configuration";
*) webfig - fixed backup loading from Webfig on RouterBOARD running default configuration;
*) winbox - changed default bridge port PVID value to 1;
*) wireless - fixed wireless protocol mode restrictions if lockpack is installed and has limits for it;

Download the new 'RouterOS 6.41.2' version here: https://www.mikrotik.com/download

]]>
CurrentTue, 27 Feb 2018 14:57:26 +0200c493155da25f1ab3e9d4c0428040e703
RouterOS 6.42rc35 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.42rc35 changelog:

*) bridge - added host aging timer for crs3xx and Atheros hw-bridges;
*) bridge - added per-port learning options (CLI only);
*) bridge - added static host support (CLI only);
*) bridge - added per-port forwarding options for broadcasts, unknown-multicasts and unknown-unicasts (CLI only);
*) bridge - fixed MAC learning for VRRP interfaces on bridge;
*) crs212 - fixed Ethernet boot through CRS326 devices;
*) crs3xx - added initial “hw-offload” support for 802.3ad and “balance-xor” bonding;
*) crs3xx - added switch port "storm-rate" limiting options;
*) dhcp - improved DHCP service reliability when it is configured on bridge interface;
*) fetch - added "http-content-type" option to allow setting MIME type of the data in free text form;
*) flashfig - properly apply configuration provided by Flashfig;
*) health - log warning when switching between redundant power supplies;
*) hotspot - improved HTTPS matching in Walled Garden rules;
*) ike1 - fixed wildcard policy lookup on responder;
*) ipsec - properly detect interface for "mode-config" client IP address assignment;
*) kidcontrol - initial work on "/ip kid-control" feature;
*) lte - added support for the user and password authentication for wAP-LTE-kit-US (R11e-LTE-US);
*) poe - hide PoE related properties on interfaces which does not provide power output;
*) ssh - remove imported public SSH keys when their owner user is removed;
*) wireless - fixed RTS/CTS option for the ARM based wireless devices;
*) tr069-client - fixed TR069 service becoming unavailable when related service package is not available;
*) tr069-client - fixed "/tool fetch" commands executed with ".alter" script;

Other changes since 6.41.2:

!) tile - improved overall system performance and stability ("/system routerboard upgrade" required);
*) bridge - fixed false MAC address learning on hAP ac2 and cAP ac devices;
*) bridge - fixed incorrect "fast-forward" enabling when ports were switched;
*) bridge - hide options for disabled bridge features in CLI;
*) bridge - show "hw" flags only on Ethernet interfaces and interface lists;
*) capsman - added "allow-signal-out-of-range" option for Access List entries (CLI only);
*) capsman - added support for "interface-list" in Access List and Datapath entries (CLI only);
*) capsman - improved CAPsMAN responsiveness on systems with large amount of CAP interfaces;
*) capsman - log "signal-strength" when successfully connected to AP;
*) certificate - added PKCS#10 version check;
*) certificate - dropped DES support and added AES instead for SCEP;
*) certificate - dropped MD5 support and require SHA1 as minimum for SCEP;
*) chr - added "open-vm-tools" on VMware installations;
*) chr - added "qemu-guest-agent" and "virtio-scsi" driver on KVM installations;
*) chr - added "xe-daemon" on Xen installations;
*) chr - added support for Hyper-V ballooning, guest quiescing, host-guest file transfer, integration services and static IP injection;
*) chr - added support for NIC hot-plug on VMware and Xen installations;
*) chr - automatically generate new system ID on first startup;
*) chr - fixed additional disk detaching on Xen installations;
*) chr - fixed interface naming order when adding more than 4 interfaces on VMware installations;
*) chr - fixed suspend on Xen installations;
*) chr - make additional disks visible under "/disk" on Xen installations;
*) chr - make virtio disks visible under "/disk" on KVM installations;
*) console - fixed "idpr-cmtp" protocol by changing its value from 39 to 38 (CLI only);
*) console - improved console stability after it has not been used for a long time;
*) crs1xx/2xx - added BPDU value for "ingress-vlan-translation" menu "protocol" option;
*) defconf - fixed DISC Lite5 LED default configuration;
*) detnet - fixed "detect-internet" feature unavailability if router had too long identity (introduced in v6.41);
*) dhcpv4-server - added "dns-none" option to "/ip dhcp-server network dns";
*) dhcpv6 - make sure that time is set before restoring bindings;
*) dhcpv6-client - added info exchange support;
*) dhcpv6-client - added possibility to specify options;
*) dhcpv6-client - added support for options 15 and 16;
*) dhcpv6-client - implement confirm after reboot;
*) dhcpv6-server - added DHCPv4 style user options;
*) export - fixed "/system routerboard mode-button" compact export;
*) fetch - added "output" option for all modes in order to return result to file, variable or ignore it;
*) filesystem - implemented additional system storage maintenance checks on ARM CPU based devices;
*) filesystem - improved error correcting process on RB1100AHx4 storage;
*) firewall - fixed "tls-host" firewall feature (introduced in v6.41);
*) gps - added GPS port support for Quectel EC25-E modem when used in LTE mode;
*) gps - improved NMEA sentence handling;
*) ike1 - display error message when peer requests "mode-config" when it is not configured;
*) ike1 - do not accept "mode-config" reply more than once;
*) interface - improved interface configuration responsiveness;
*) ippool - added ability to specify comment;
*) ipsec - fixed AES-CTR and AES-GCM support on RB1200;
*) lte - added initial support for SIM7600 LTE modem interface;
*) lte - do not add DHCP client on LTE modems that doesn't use DHCP;
*) lte - fixed DHCP client adding for MF823 modem;
*) lte - fixed rare situation when r11-LTE interface is missing after reboot;
*) mac-ping - fixed duplicate responses;
*) modem - added initial support for AC340U;
*) netwatch - limit to read, write, test and reboot policies for Netwatch script execution;
*) poe-out - do not show "poe-out-current" on devices which can not determine it;
*) ppp - added initial support for NETGEAR AC340U and ZyXEL WAH1604;
*) ppp - allow to override remote user PPP profile via "Mikrotik-Group";
*) quickset - properly detect LTE interface on startup;
*) quickset - show "G" flag for guest users;
*) r11e-lte - improved LTE connection initialization process;
*) routerboard - added RouterBOOT "auto-upgrade" after RouterOS upgrade (extra reboot required);
*) smb - improved NetBIOS name handling and stability;
*) sniffer - fixed situation when "/tool sniffer packet" returned packets in incorrect order;
*) snmp - added "/caps-man interface print oid";
*) snmp - added "/interface w60g print oid";
*) snmp - improved request processing performance for wireless and CAP interfaces;
*) ssh - improved key import error messages;
*) switch - hide "ingress-rate" and "egress-rate" for non-crs3xx switches;
*) tile - added "aes-ctr" hardware acceleration support;
*) tile - fixed occasional reporting of bogus voltage;
*) tr069-client - added "DownloadDiagnostics" and "UploadDiagnostics";
*) tr069-client - correctly return “TransferComplete” after vendor configuration file transfer;
*) tr069-client - fixed HTTPS authentication process;
*) upgrade - improved RouterOS upgrade process and restrict upgrade from RouterOS older than v5.16;
*) usb - improved packet processing over USB modems;
*) userman - added support for ARM and MMIPS platform;
*) winbox - added "crl-store" setting to certficate settings;
*) winbox - added "insert-queue-before" to DHCP server;
*) winbox - added DHCPv6 client info request type and updated statuses;
*) winbox - added possibility to delete SMS from inbox;
*) winbox - allow to comment new object without committing it;
*) winbox - allow to open bridge host entry;
*) winbox - fixed "/tool e-mail send" attachment behavior;
*) winbox - fixed typo from "UPtime" to "Uptime";
*) winbox - fixed Winbox closing when viewing graph which does not contain any data;
*) winbox - improved stability when using trackpad scrolling in large lists;
*) winbox - show Bridge Port PVID column by default;
*) wireless - added "realm-raw" setting for "/interface wireless interworking-profiles" (CLI only);
*) wireless - added initial support for "nstreme-plus";
*) wireless - added initial support for "nstreme-plus";
*) wireless - added support for "band=5ghz-n/ac" (CLI only);
*) wireless - added support for "interface-list" in Access List entries (CLI only);
*) wireless - fixed "wds-slave" channel selection when single frequency is specified;
*) wireless - fixed incompatibility with macOS clients;
*) wireless - fixed long "scan-list" entries not working for ARM based wireless interfaces;
*) wireless - fixed nv2 protocol on ARM platform SXTsq devices;
*) wireless - improved compatibility with specific wireless AC standard clients;
*) wireless - improved packet processing on ARM platform devices;
*) wireless - improved wireless scan functionality for devices with multiple wireless interfaces;
*) wireless - improved wireless stability on hAP ac2 devices while USB is being used;

Download the new 'RouterOS 6.42rc35' version here: https://www.mikrotik.com/download

]]>
Release candidateMon, 26 Feb 2018 14:50:46 +0200bd3d6847e69c572b8d0ac4f5bc28096a
RouterOS 6.40 [Current]https://www.mikrotik.com/download/changelogs/current

6.40 changelog:

*) bonding - fixed 802.3ad mode on RB1100AHx4;
*) btest - fixed crash when packet size has been changed during test;
*) capsman - added "current-registered-clients" and "current-authorized-clients" count for CAP interfaces;
*) capsman - fixed EAP identity reporting in "registration-table";
*) capsman - set minimal "caps-man-names" and "caps-man-certificate-common-names" length to 1 char;
*) certificate - added "crl-use" setting to disable CRL use (CLI only);
*) certificate - update and reload old certificate with new one if SKID matches;
*) chr - fixed MAC address assignment when hot plugging NIC on XenServer;
*) chr - maximal system disk size now limited to 16GB;
*) conntrack - fixed IPv6 connection tracking enable/disable;
*) console - fixed different command auto complete on ;
*) crs212 - fixed Optech sfp-10G-tx module compatibility with SFP ports;
*) defconf - added IPv6 default firewall configuration (IPv6 package must be enabled on reset);
*) defconf - improved IPv4 default firewall configuration;
*) defconf - renamed 192.168.88.1 address static DNS entry from "router" to "router.lan";
*) dhcp - added "debug" logs on MAC address change;
*) dhcpv4-client - added "gateway-address" script parameter;
*) dhcpv4-server - fixed lease renew for DHCP clients that sends renewal with "ciaddr = 0.0.0.0";
*) dhcpv4-server - fixed server state on interface change in Winbox and Webfig;
*) discovery - fixed timeouts for LLDP neighbours;
*) dns - remove all dynamic cache RRs of same type when adding static entry;
*) dude - fixed server crash;
*) email - added support for multiple attachments;
*) ethernet - fixed occasional broken interface order after reset/first boot;
*) ethernet - fixed rare linking problem with forced 10Mbps full-duplex mode;
*) export - added "terse" option;
*) export - added default "init-delay" setting for "/routerboard settings" menu;
*) export - added router model and serial number to configuration export;
*) export - fixed "/interface list" verbose export;
*) export - fixed "/ipv6 route" compact export;
*) export - fixed MPLS "dynamic-label-range" export;
*) export - fixed SNMP "src-address" for compact export;
*) fastpath - improved performance when packets for slowpath are received;
*) fastpath - improved process of removing dynamic interfaces;
*) fasttrack - fixed fasttrack over interfaces with dynamic MAC address;
*) fetch - added "src-address" parameter for HTTP and HTTPS;
*) filesystem - improved error correcting process on tilera and RB1100AHx4 storage;
*) firewall - added "none-dynamic" and "none-static" options for "address-list-timeout" parameter;
*) firewall - fixed bridge "action=log" rules;
*) firewall - fixed cosmetic "inactive" flag when item was disabled;
*) firewall - fixed crash on fasttrack dummy rule manual change attempt;
*) firewall - removed unique address list name limit;
*) hAP ac lite - removed nonexistent "wlan-led";
*) hotspot - added "address-list" support in "walled-garden" IP section;
*) hotspot - require "dns-name" to contain "." symbol under Hotspot Server Profile configuration;
*) ike1 - added log error message if netmask was not provided by "mode-config" server;
*) ike1 - added support for "framed-pool" RADIUS attribute;
*) ike1 - create tunnel policy when no split net provided;
*) ike1 - fixed minor memory leak on peer configuration change;
*) ike1 - kill phase1 instead of rekey if "mode-config" is used;
*) ike1 - removed SAs on DPD;
*) ike1 - send phase1 delete;
*) ike1 - wait for cfg set reply before ph2 creation with xAuth;
*) ike2 - added RADIUS attributes "Framed-Pool", "Framed-Ip-Address", "Framed-Ip-Netmask";
*) ike2 - added pfkey kernel return checks;
*) ike2 - added support for "Mikrotik_Address_List" RADIUS attribute;
*) ike2 - added support for "mode-config" static address;
*) ike2 - by default use "/24" netmask for peer IP address in split net;
*) ike2 - fixed duplicate policy checking with "0.0.0.0/0" policies;
*) ike2 - prefer traffic selector with "mode-config" address;
*) ipsec - added "firewall=add-notrack" peer option (CLI only);
*) ipsec - added information in console XML for "mode-config" menu;
*) ipsec - added support for "key-id" peer identification type;
*) ipsec - allow to specify chain in "firewall" peer option;
*) ipsec - do not deduct "dst-address" from "sa-dst-address" for "/0" policies;
*) ipsec - enabled modp2048 DH group by default;
*) ipsec - fixed connections cleanup on policy or proposal modification;
*) ipsec - optimized logging under IPSec topic;
*) ipsec - removed policy priority;
*) l2tp - fixed handling of pre-authenticated L2TP sessions with CHAP authentication;
*) l2tp-server - added "one-session-per-host" option;
*) log - added "poe-out" topic;
*) log - improved "l2tp" logs;
*) log - optimized "wireless,info" topic logs;
*) log - work on false CPU/RAM overclocked alarms;
*) lte - added "accounting" logs for LTE connections;
*) lte - added info command support for the Jaton LTE modem;
*) lte - added initial support for "NTT DoCoMo" modem;
*) lte - added support for Huawei E3531-6;
*) lte - added support for ZTE TE W120;
*) lte - fixed info command when it is executed at the same time as modem restarts/disconnects;
*) lte - improved SMS delivery report;
*) lte - improved reliability on SXT LTE;
*) metarouter - fixed display of bogus error message on startup;
*) mmips - added support for NVME disks;
*) ovpn - added support for "push-continuation";
*) ovpn - added support for topology subnet for IP mode;
*) ovpn - fixed duplicate default gateway presence when receiving extra routes;
*) ovpn - improved performance when receiving too many options;
*) packages - increased automatic download retry interval to 5 minutes if there is no free disk space;
*) ping - fixed ping getting stuck (after several thousands of ping attempts);
*) ppp - added initial support for ZTE K4203-Z and ME3630-E;
*) ppp - added output values for "info" command for finding the GSM base station's location ("LAC" and "IMSI");
*) ppp - fixed "user-command" output;
*) ppp - fixed non-standart PAP or CHAP packet handling;
*) ppp - improved MLPPP packet forwarding performance;
*) ppp - use interface name instead of IP as default route gateway;
*) proxy - fixed potential crash;
*) proxy - fixed rare program crash after closing client connection;
*) quickset - added "Band" setting to "CPE" and "PTP CPE" modes;
*) quickset - added special firewall exception rules for IPSec;
*) quickset - fixed incorrect VPN address value on arm and tilera;
*) quickset - simplified LTE status monitoring;
*) quickset - use active user name and permissions when applying changes;
*) rb1100ahx4 - fixed startup problems (requires additional reboot after upgrade);
*) rb3011 - fixed packet passthrough on switch2 while booting;
*) rb750gr3 - fixed USB power;
*) routerboard - added "caps-mode" option for "reset-configuration";
*) routerboard - added "caps-mode-script" for default-configuration print;
*) routing - allow to disable "all" interface entry in BFD;
*) safe-mode - fixed session handling when Safe Mode is used on multiple sessions at the same time;
*) sfp - fixed invalid temperature reporting when ambient temperature is less than 0;
*) sms - decode reports in readable format;
*) sniffer - do not skip L2 packets when "all" interface mode was used;
*) snmp - added "ifindex" on interface traps;
*) snmp - added CAPsMAN interface statistics;
*) snmp - added ability to set "src-address";
*) snmp - fixed "/system resource cpu print oid" menu;
*) snmp - fixed crash on interface table get;
*) snmp - fixed wireless interface walk table id ordering;
*) socks - fixed crash while processing many simultaneous sessions;
*) ssl - added Wildcard support for "left-most" DNS label (will allow to use signed Wildcard certificate on VPN servers);
*) supout - fixed IPv6 firewall section;
*) switch - fixed "loop-protect" on CRS SFP/SFP+ ports;
*) switch - fixed multicast forwarding on CRS326;
*) tile - fixed copying large amount of text over serial console;
*) tr069-client - fixed lost HTTP header on authorization;
*) trafficgen - added "lost-ratio" to statistics;
*) ups - show correct "line-voltage" value for usbhid UPS devices;
*) userman - added "/tool user-manager user clear-profiles" command;
*) userman - do not send disconnect request for user when "simultaneous session limit reached";
*) userman - lookup language files also in "/flash" directory;
*) vlan - do not delete existing VLAN interface on "failure: already have such vlan";
*) webfig - fixed wireless "scan-list" parameter not being saved after applying changes;
*) winbox - added "eap-identity" to CAPsMAN registration table;
*) winbox - added "no-dad" setting to IPv6 addresses;
*) winbox - added "reselect-channel" to CAPsMAN interfaces;
*) winbox - added "session-uptime" to LTE interface;
*) winbox - added TR069 support;
*) winbox - do not autoscale graphs outside known maximums;
*) winbox - fixed wireless interface "amsdu-threshold" max limit;
*) winbox - hide LCD menu on CRS112-8G-4S;
*) winbox - make IPSec policies table an order list;
*) winbox - moved LTE info fields to status tab;
*) winbox - show "/interface wireless cap print" warnings;
*) winbox - show "/system health" only on boards that have health monitoring;
*) winbox - show "D" flag under "/interface mesh port" menu;
*) wireless - NAK any methods except MS-CHAPv2 as inner method in PEAP;
*) wireless - added option to change "nv2-downlink-ratio" for nv2 protocol;
*) wireless - added option to set "fixed-downlink" mode for nv2 protocol;
*) wireless - allow VirutalAP on Level0 (24h demo) license;
*) wireless - always use "multicast-helper" when DHCP is being used;
*) wireless - do not skip >2462 channels if interface is WDS slave;
*) wireless - fixed 802.11u wireless request processing;
*) wireless - fixed EAP PEAP success processing;
*) wireless - fixed compatibility with "AR5212" wireless chips;
*) wireless - fixed rare crash on cap disable;
*) wireless - fixed registration table "signal-strength" reporting for chains when using nv2;

Download the new 'RouterOS 6.40' version here: https://www.mikrotik.com/download

]]>
CurrentWed, 26 Jul 2017 13:21:46 +030004a464337bff0df6405453084a719969
RouterOS 6.40rc41 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.40rc41 changelog:

*) bonding - fixed 802.3ad mode on RB1100AHx4;
*) export - fixed export to a file (introduced in v6.40rc39);
*) hotspot - added "address-list" support in "walled-garden" IP section;
*) hotspot - fixed firewall accept rules created by "/ip hotspot walled garden ip" (introduced in v6.40rc18);
*) ike1 - create tunnel policy when no split net provided;
*) ike1 - wait for cfg set reply before ph2 creation with xAuth;
*) ipsec - allow to specify chain in "firewall" peer option;
*) ppp - fixed non-standard PAP or CHAP packet handling;
*) pppoe-server - fixed situation when some of 100+ pppoe-servers can become invalid on reboot;
*) routerboard - added "caps-mode" option for "reset-configuration";
*) sfp - fixed invalid temperature reporting when ambient temperature is less than 0;
*) winbox - make IPSec policies table an order list;
*) winbox - show "/interface wireless cap print" warnings;

Other changes since 6.39.2:

*) btest - fixed crash when packet size has been changed during test;
*) capsman - added "current-registered-clients" and "current-authorized-clients" count for CAP interfaces;
*) capsman - fixed EAP identity reporting in "registration-table";
*) capsman - set minimal "caps-man-names" and "caps-man-certificate-common-names" length to 1 char;
*) certificate - added "crl-use" setting to disable CRL use (CLI only);
*) certificate - update and reload old certificate with new one if SKID matches;
*) chr - fixed MAC address assignment when hot plugging NIC on XenServer;
*) chr - maximal system disk size now limited to 16GB;
*) conntrack - fixed IPv6 connection tracking enable/disable;
*) console - fixed different command auto complete on ;
*) crs212 - fixed Optech sfp-10G-tx module compatibility with SFP ports;
*) defconf - added IPv6 default firewall configuration (IPv6 package must be enabled on reset);
*) defconf - improved IPv4 default firewall configuration;
*) defconf - renamed 192.168.88.1 address static DNS entry from "router" to "router.lan";
*) dhcp - added "debug" logs on MAC address change;
*) dhcpv4-client - added "gateway-address" script parameter;
*) dhcpv4-server - fixed lease renew for DHCP clients that sends renewal with "ciaddr = 0.0.0.0";
*) dhcpv4-server - fixed server state on interface change in Winbox and Webfig;
*) discovery - fixed timeouts for LLDP neighbours;
*) dns - remove all dynamic cache RRs of same type when adding static entry;
*) dude - fixed server crash;
*) email - added support for multiple attachments;
*) ethernet - fixed forced 10Mbps full-duplex linking on 100Mbps Ethernet ports;
*) ethernet - fixed occasional broken interface order after reset/first boot;
*) ethernet - fixed rare linking problem with forced 10Mbps full-duplex mode;
*) export - added "terse" option;
*) export - added default "init-delay" setting for "/routerboard settings" menu;
*) export - added router model and serial number to configuration export;
*) export - fixed "/interface list" verbose export;
*) export - fixed "/ipv6 route" compact export;
*) export - fixed MPLS "dynamic-label-range" export;
*) export - fixed SNMP "src-address" for compact export;
*) fastpath - improved performance when packets for slowpath are received;
*) fastpath - improved removing process of dynamic interface;
*) fasttrack - fixed fasttrack over interfaces with dynamic MAC address;
*) fetch - added "src-address" parameter for HTTP and HTTPS;
*) filesystem - improved error correcting process on tilera and RB1100Dx4 storage;
*) firewall - added "none-dynamic" and "none-static" options for "address-list-timeout" parameter;
*) firewall - fixed bridge "action=log" rules;
*) firewall - fixed cosmetic "inactive" flag when item was disabled;
*) firewall - fixed crash on fasttrack dummy rule manual change attempt;
*) firewall - removed unique address list name limit;
*) hAP ac lite - removed nonexistent "wlan-led";
*) hotspot - require "dns-name" to contain "." symbol under Hotspot Server Profile configuration;
*) ike1 - added log error message if netmask was not provided by "mode-config" server;
*) ike1 - added support for "framed-pool" RADIUS attribute;
*) ike1 - fixed minor memory leak on peer configuration change;
*) ike1 - kill phase1 instead of rekey if "mode-config" is used;
*) ike1 - removed SAs on DPD;
*) ike1 - send phase1 delete;
*) ike2 - added RADIUS attributes "Framed-Pool", "Framed-Ip-Address", "Framed-Ip-Netmask";
*) ike2 - added pfkey kernel return checks;
*) ike2 - added support for "Mikrotik_Address_List" RADIUS attribute;
*) ike2 - added support for "mode-config" static address;
*) ike2 - by default use "/24" netmask for peer IP address in split net;
*) ike2 - fixed duplicate policy checking with "0.0.0.0/0" policies;
*) ike2 - prefer traffic selector with "mode-config" address;
*) ipsec - added "firewall=add-notrack" peer option (CLI only);
*) ipsec - added information in console XML for "mode-config" menu;
*) ipsec - added support for "key-id" peer identification type;
*) ipsec - do not deduct "dst-address" from "sa-dst-address" for "/0" policies;
*) ipsec - enabled modp2048 DH group by default;
*) ipsec - fixed connections cleanup on policy or proposal modification;
*) ipsec - optimized logging under IPSec topic;
*) ipsec - removed policy priority;
*) l2tp - fixed handling of pre-authenticated L2TP sessions with CHAP authentication;
*) l2tp-server - added "one-session-per-host" option;
*) log - added "poe-out" topic;
*) log - improved "l2tp" logs;
*) log - optimized "wireless,info" topic logs;
*) log - work on false CPU/RAM overclocked alarms;
*) lte - added "accounting" logs for LTE connections;
*) lte - added additional driver support for DWR-910;
*) lte - added info command support for the Jaton LTE modem;
*) lte - added initial fastpath support (except SXT LTE and Sierra modems);
*) lte - added initial support for "NTT DoCoMo" modem;
*) lte - added support for Huawei E3531-6;
*) lte - improved SMS delivery report;
*) lte - improved reliability on SXT LTE;
*) metarouter - fixed display of bogus error message on startup;
*) mmips - added support for NVME disks;
*) modem - added support for ZTE TE W120;
*) modem - fixed info command when it is executed at the same time as modem restarts/disconnects;
*) ovpn - added support for "push-continuation";
*) ovpn - added support for topology subnet for IP mode;
*) ovpn - fixed duplicate default gateway presence when receiving extra routes;
*) ovpn - improved performance when receiving too many options;
*) packages - increased automatic download retry interval to 5 minutes if there is no free disk space;
*) ping - fixed ping getting stuck (after several thousands of ping attempts);
*) ppp - added initial support for ZTE K4203-Z;
*) ppp - added initial support for ZTE ME3630-E;
*) ppp - added output values for "info" command for finding the GSM base station's location ("LAC" and "IMSI");
*) ppp - fixed "user-command" output;
*) ppp - improved MLPPP packet forwarding performance;
*) ppp - use interface name instead of IP as default route gateway;
*) proxy - fixed potential crash;
*) proxy - fixed rare program crash after closing client connection;
*) quickset - added "Band" setting to "CPE" and "PTP CPE" modes;
*) quickset - added special firewall exception rules for IPSec;
*) quickset - fixed incorrect VPN address value on arm and tilera;
*) quickset - simplified LTE status monitoring;
*) quickset - use active user name and permissions when applying changes;
*) rb1100ahx4 - fixed startup problems (requires additional reboot after upgrade);
*) rb3011 - fixed packet passthrough on switch2 while booting;
*) rb750gr3 - fixed USB power;
*) routerboard - added "caps-mode-script" for default-configuration print;
*) routing - allow to disable "all" interface entry in BFD;
*) safe-mode - fixed session handling when Safe Mode is used on multiple sessions at the same time;
*) sms - decode reports in readable format;
*) sniffer - do not skip L2 packets when "all" interface mode was used;
*) snmp - added "ifindex" on interface traps;
*) snmp - added CAPsMAN interface statistics;
*) snmp - added ability to set "src-address";
*) snmp - fixed "/system resource cpu print oid" menu;
*) snmp - fixed crash on interface table get;
*) snmp - fixed wireless interface walk table id ordering;
*) socks - fixed crash while processing many simultaneous sessions;
*) ssl - added Wildcard support for "left-most" DNS label (will allow to use signed Wildcard certificate on VPN servers);
*) supout - fixed IPv6 firewall section;
*) switch - fixed "loop-protect" on CRS SFP/SFP+ ports;
*) tile - fixed copying large amount of text over serial console;
*) tr069-client - fixed lost HTTP header on authorization;
*) trafficgen - added "lost-ratio" to statistics;
*) ups - show correct "line-voltage" value for usbhid UPS devices;
*) userman - added "/tool user-manager user clear-profiles" command;
*) userman - do not send disconnect request for user when "simultaneous session limit reached";
*) userman - lookup language files also in "/flash" directory;
*) vlan - do not delete existing VLAN interface on "failure: already have such vlan";
*) webfig - fixed wireless "scan-list" parameter not being saved after applying changes;
*) winbox - added "eap-identity" to CAPsMAN registration table;
*) winbox - added "no-dad" setting to IPv6 addresses;
*) winbox - added "reselect-channel" to CAPsMAN interfaces;
*) winbox - added "session-uptime" to LTE interface;
*) winbox - added "src-address-list" & "dst-address-list" to HotSpot Walled Garden;
*) winbox - added TR069 support;
*) winbox - do not autoscale graphs outside known maximums;
*) winbox - fixed wireless interface "amsdu-threshold" max limit;
*) winbox - hide LCD menu on CRS112-8G-4S;
*) winbox - moved LTE info fields to status tab;
*) winbox - show "/system health" only on boards that have health monitoring;
*) winbox - show "D" flag under "/interface mesh port" menu;
*) wireless - NAK any methods except MS-CHAPv2 as inner method in PEAP;
*) wireless - added option to change "nv2-downlink-ratio" for nv2 protocol;
*) wireless - added option to set "fixed-downlink" mode for nv2 protocol;
*) wireless - allow VirutalAP on Level0 (24h demo) license;
*) wireless - always use "multicast-helper" when DHCP is being used;
*) wireless - do not skip >2462 channels if interface is WDS slave;
*) wireless - fixed 802.11u wireless request processing;
*) wireless - fixed EAP PEAP success processing;
*) wireless - fixed compatibility with "AR5212" wireless chips;
*) wireless - fixed rare crash on cap disable;
*) wireless - fixed registration table "signal-strength" reporting for chains when using nv2;

Download the new 'RouterOS 6.40rc41' version here: https://www.mikrotik.com/download

]]>
Release candidateMon, 17 Jul 2017 15:36:08 +03008aeb7bf6e15c437ba6da9788c4064430
RouterOS 6.40rc15 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.40rc15 changelog:

*) defconf - added accept ICMPv6 in forward and DHCP discover in RAW prerouting;
*) ike2 - added pfkey kernel return checks;
*) ipsec - added information in console XML for "mode-config" menu;
*) ipsec - fixed connections cleanup on policy or proposal modification;
*) ipsec - removed policy priority;
*) ppp - fixed MLPPP over multiple channels/interfaces (introduced in v6.39);

Other changes since 6.39.1:

*) 6to4 - fixed wrong IPv6 "link-local" address generation;
*) arp - fixed "make-static";
*) bonding - do not add bonding interface if "could not set MTU" error is received;
*) btest - fixed crash when packet size has been changed during test;
*) capsman - fixed EAP identity reporting in "registration-table";
*) capsman - set minimal "caps-man-names" and "caps-man-certificate-common-names" length to 1 char;
*) chr - maximal system disk size now limited to 16GB;
*) conntrack - load IPv6 connection tracking independently of IPv4;
*) console - fixed "No such file or directory" warnings on upgrade reboots;
*) defconf - added IPv6 firewall configuration (IPv6 package must be enabled on reset);
*) defconf - renamed 192.168.88.1 address static DNS entry from "router" to "router.lan";
*) defconf - replaced IPv4 firewall configuration with improved one;
*) dns - remove all dynamic cache RRs of same type when adding static entry;
*) ethernet - fixed forced 10Mbps full-duplex linking on 100Mbps Ethernet ports;
*) export - added "terse" option;
*) export - removed spare "caller-id-type" value from compact export;
*) fetch - added "src-address" parameter for HTTP and HTTPS;
*) fetch - fixed user and password argument parsing from URL for FTP;
*) firewall - "address-list" entry “creation-time” adjusted to timezone;
*) firewall - do not allow to set "rate" value to 0 for "limit" parameter;
*) firewall - fixed "address-list" entry changing from IP to DNS and vice versa;
*) firewall - fixed IPv6 all address list entries becoming "::/0" (introduced in 6.40rc1);
*) firewall - fixed cosmetic "inactive" flag when item was disabled;
*) gps - removed duplicate logs;
*) hotspot - require "dns-name" to contain "." symbol under Hotspot Server Profile configuration;
*) ike1 - fixed crash on xauth message;
*) ike1 - fixed minor memory leak on peer configuration change;
*) ike1 - removed xauth login length limitation;
*) ike2 - by default use "/24" netmask for peer IP address in split net;
*) ike2 - fixed rare kernel failure on address acquire;
*) ike2 - fixed situation when traffic selector prefix was parsed incorrectly;
*) ipsec - enabled modp2048 DH group by default;
*) ipsec - fixed generated policy priority;
*) ipsec - fixed peer "my-id" address reset;
*) ipsec - optimized logging under IPSec topic;
*) ipsec - renamed "remote-dynamic-address" to "dynamic-address";
*) ipv6 - fixed address becoming invalid when interface was removed from bridge/mesh;
*) led - fixed ethernet LEDs on CCR1009 and RB1100AHx2 (introduced in v6.40rc1);
*) led - fixed turning off LED when interface is lost;
*) log - added "poe-out" topic;
*) log - work on false CPU/RAM overclocked alarms;
*) lte - added additional driver support for DWR-910;
*) lte - added initial support for "NTT DoCoMo" modem;
*) lte - fixed configless modem running state (introduced in 6.40rc);
*) lte - improved info channel background polling;
*) lte - replaced "user-command" with "at-chat" command;
*) ppp - fixed "change-mss" functionality (introduced in 6.39);
*) ppp - send correct IP address in RADIUS "accounting-stop" messages (introduced in 6.39);
*) pppoe - fixed warning on PPPoE server, when changing interface to non-slave interface;
*) pppoe-client - removed false warning from client interface if it starts running on non-slave interface;
*) pppoe-server - fixed "one-session-per-host" issue where 2 simultaneous sessions were possible from the same host;
*) proxy - fixed potential crash;
*) queue - fixed queuing when at least one child queue has "default-small" and other/s is/are different (introduced in 6.35);
*) quickset - added "Band" setting to "CPE" and "PTP CPE" modes;
*) quickset - fixed LTE "signal-strength" graphs;
*) quickset - use active user name and permissions when applying changes;
*) routing - allow to disable "all" interface entry in BFD;
*) sniffer - fixed VLAN tags when sniffing all interfaces;
*) snmp - fixed crash on interface table get;
*) snmp - added "ifindex" on interface traps;
*) snmp - added ability to set "src-address";
*) snmp - fixed limited walk;
*) switch - fixed disabling of MAC learning on CRS1xx/CRS2xx;
*) tile - fixed EoIP keepalive when tunnel is made over VLAN interface;
*) tile - fixed rare encryption kernel failure when small packets are processed;
*) ups - show correct "line-voltage" value for usbhid UPS devices;
*) winbox - added "eap-identity" to CAPsMAN registration table;
*) winbox - added "no-dad" setting to IPv6 addresses;
*) winbox - added "reselect-channel" to CAPsMAN interfaces;
*) winbox - added TR069 support;
*) winbox - do not allow to open multiple same sub-menus at the same time;
*) winbox - fixed LTE info button;
*) winbox - fixed firewall port selection with Winbox v2;
*) winbox - removed spare values from "loop-protect" setting for EoIPv6 tunnels;
*) wireless - NAK any methods except MS-CHAPv2 as inner method in PEAP;
*) wireless - added option to change "nv2-downlink-ratio" for nv2 protocol;
*) wireless - added option to set "fixed-downlink" mode for nv2 protocol;
*) wireless - always use "multicast-helper" when DHCP is being used;
*) wireless - do not skip >2462 channels if interface is WDS slave;
*) wireless - fixed 802.11u wireless request processing;
*) wireless - fixed EAP PEAP success processing;
*) wireless - fixed compatibility with "AR5212" wireless chips;
*) wireless - reduced load on CPU for high speed wireless links;

Download the new 'RouterOS 6.40rc15' version here: https://www.mikrotik.com/download

]]>
Release candidateWed, 31 May 2017 11:11:18 +03003fd36f23dbe519ca1441175d16522262