MikroTik RouterOS 6.37.x (Long-term)
Подробное описание изменений в MikroTik RouterOS 6.37.x (Long-term). Официальный список исправленных ошибок, добавленного функционала и прочих доработок. Дата выхода первого набора изменений – 13 января 2017, дата выхода последнего набора изменений – 9 марта 2017.
Полезные материалы по MikroTik
Углубленный курс "Администрирование сетевых устройств MikroTik" Онлайн-курс по MikroTik с дипломом государственного образца РФ. Много лабораторных работ с проверкой официальным тренером MikroTik. С нуля и до уровня MTCNA.
На Telegram-канале Mikrotik сэнсей можно получить доступ к закрытой информации от официального тренера MikroTik. Подписывайтесь
MikroTik RouterOS 6.37.5
Дата выхода: 9 марта 2017
Важные изменения:
- www - fixed http server vulnerability.
Изменения:
- chr - fixed problem when transmit speed was reduced by interface queues;
- dhcp - do not listen on IPv4/IPv6 client to IPv6 MLD packets;
- dude - (changes discussed here: https://wiki.mikrotik.com/wiki/Manual:The_Dude_v6/dude_v6.xx_changelog);
- export - do not show "read-only" IRQ entries;
- filesystem - implemented procedures to verify and restore internal file structure integrity upon upgrading;
- firewall - do not allow to set "time" parameter to 0s for "limit" option;
- firewall - fixed import of exported configuration that had updated "limit" setting;
- graphing - fixed graphing crash when high amount of traffic is processed;
- hotspot - fixed rare kernel crash on multicore systems;
- hotspot - fixed redirect to URL where escape characters are used (requires newly generated HTML files);
- hotspot - show Host table commentaries also in Active tab and vice versa;
- interface - do not treat multiple zeros as single zero on name comparison;
- irq - properly detect all IRQ entries;
- l2tp-client - fixed IPSec policy generation after reboot;
- lcd - show fan2 speed only if it is available;
- leds - fixed defaults for RBSXT5HacD2nr2;
- mmips - improved general stability;
- rb3011 - fixed noise from buzzer after silent boot;
- switch - fixed crash when trying to configure second master port on the same chipset (RB3011, RB2011, CCR1009-8G-1S+);
- userman - allow access to User Manager users page only through "/user" URL;
- userman - show warning when no users are selected for CSV file generation;
- winbox - added "add-relay-info" and "relay-info-remote-id" to DHCP relay;
- winbox - added H flag to "/ip arp" ;
- winbox - added missing "use-fan2" and "active-fan2" to "/system health";
- winbox - allow shorten bytes to k,M,G in bridge firewall just like in “/ip firewall”;
- winbox - do not hide "power-cycle-after" option;
- winbox - do not hide 00:00:00:00:00:00 MAC address in unpublished ARPs;
- winbox - fixed matching "connection-state=untracked" connections;
- winbox - fixed typo in “/system resources pci” list;
- winbox - hide advertise tab in Hotspot user profile configuration if "transparent-proxy" is not enabled;
- winbox - make "power-cycle-after" show correct value;
- winbox - make "power-cycle-interval" not to depend on "power-cycle-ping-enabled" in PoE settings;
- winbox - properly show BGP communities in routing filters table filter;
- wireless - fixed scan tool stuck in background;
- wireless - improved compatibility with Intel 2200BG wireless card;
- wireless - update Thailand country frequency settings.
MikroTik RouterOS 6.37.4
Дата выхода: 13 января 2017
Изменения:
- bonding - fixed "tx-drop" on VLAN over bonding on x86;
- certificates - added year cap (invalid-after date will not exceed year 2039);
- certificates - fixed crash when crl is removed while it is being fetched;
- certificates - fixed fail on import from CAPs when both key and name already exist;
- crs - added comment ability in more switch menus;
- dhcpv6-client - fixed DHCPv6 rebind on startup;
- dhcpv6-server - fixed server removal crash if static binding was present;
- dns - fixed typo in regexp error message;
- dude - (changes here: http://wiki.mikrotik.com/wiki/Manual:The_Dude_v6/dude_v6.xx_changelog);
- export - updated default values to clean up export compact;
- fan - improved RPM monitor on CCR1009;
- firewall - do not defragment packets which are marked with "notrack" in raw firewall;
- firewall - fixed "time" option by recognizing weekday properly (introduced in v6.37.2);
- firewall - fixed dynamic raw rule behaviour;
- firewall - fixed rule activation if "time" option is used and no other active rules are present;
- firewall - nat action "netmap" now requires to-addresses to be specified;
- health - report fan speed for RB800 and RB1100 when 3-pin fan is being used;
- hotspot - fixed nat rule port setting in "hs-unauth-to" chain by changing it from "dst-port" to "src-port" on Walled Garden ip "return" rules;
- ipsec - fixed kernel failure on tile with sha256 when hardware encryption is not being used;
- ipv6 - added warning about having interface MTU less than minimal IPv6 packet fragment (1280);
- ipv6 - moved empty IPv6 pool error message to error topic;
- led - fixed dark mode for cAP 2nD (http://wiki.mikrotik.com/wiki/Manual:System/LEDS#Leds_Setting);
- license - fixed demo license expiration after installation on x86;
- log - improved firewall log messages when NAT has changed only connection ports;
- lte - increased delay when setting sms send mode;
- metarouter - fixed startup process (introduced in 6.37.2);
- ppp - fixed packet size calculation when MRRU is set (was 2 bytes bigger than MTU allows);
- ppp - significantly improved shutdown speed on servers with many active tunnels;
- ppp - significantly improved tunnel termination process on servers with many active tunnels;
- profile - added "bfd" and "remote-access" processes;
- profile - added ability to monitor cpu usage per core;
- profile - make profile work on mmips devices;
- profile - properly classify "wireless" processes;
- proxy - fixed "max-cache-object-size" export;
- proxy - speed-up almost empty disk cache clean-up;
- queue - fixed "time" option by recognizing weekday properly (introduced in v6.37.2);
- quickset - various small changes;
- rb750Gr3 - fixed ipsec with 3des+md5 to work on this board;
- rb751u - fixed ethernet LEDs;
- snmp - always report bonding speed as speed from first bonding slave;
- snmp - fixed rare crash when incorrectly formatted packet was received;
- ssh - fixed high memory consumption when transferring file over ssh tunnel;
- switch - fix BPDU dynamic Host table entry on Atheros Gigabit switch chips;
- time - updated time zones;
- traceroute - fixed memory leak;
- trafficgen - fixed compact export when "header-stack" includes tcp;
- vlan - allow to add multiple VLANs which name starts with same number and has same length;
- vrrp - do not show unrelated log warning messages about version mismatch;
- watchdog - do not send supout file if "auto-send-supout" is disabled;
- webfig - added extra protection against XSS exploits;
- webfig - show properly interface last-link-up/down times;
- webfig - show properly large BGP AS numbers;
- winbox - added "Complete" flag to arp table;
- winbox - added "make-static" to IPv6 DHCP server bindings;
- winbox - added "prefix-pool" to DHCPv6 server binding;
- winbox - added upstream flag to IGMP proxy interfaces;
- winbox - allow to enable/disable traffic flow targets;
- winbox - allow to specify "connection-bytes" & "connection-rate" for any protocol in “/ip firewall” rules;
- winbox - allow to specify "sip-timeout" under ip firewall service-ports;
- winbox - do not allow to set "loop-protect-send-interval" to 0s;
- winbox - do not create empty rates.vht-basic/supported-mcs if not specified in CAPsMAN;
- winbox - fixed crash when legacy Winbox version was used;
- winbox - fixed default values for interface "loop-protect-disable-time" and "loop-protect-send-interval";
- winbox - fixed missing "IPv6/Settings" menu;
- winbox - fixed typo in "propagate-ttl" setting;
- winbox - properly show VHT basic and supported rates in CAPsMAN;
- winbox - show all related HT tab settings in 2GHz-g/n mode;
- winbox - show dynamic IPv6 pools properly;
- winbox - show errors on IPv6 addresses;
- winbox - show proper ipv6 connection timeout;
- winbox - specify metric for “/ip dns cache-used” setting;
- wireless - fixed full "spectral-history" header print on AP modes;
- wireless - fixed upgrade from older wireless packages when AP interface had empty SSID;
- wireless - show comment on "security-profile" if it is set.
Полезные материалы по MikroTik
Углубленный курс "Администрирование сетевых устройств MikroTik" Онлайн-курс по MikroTik с дипломом государственного образца РФ. Много лабораторных работ с проверкой официальным тренером MikroTik. С нуля и до уровня MTCNA.
На Telegram-канале Mikrotik сэнсей можно получить доступ к закрытой информации от официального тренера MikroTik. Подписывайтесь