RouterOS Release 6.39

La nueva versión del RouterOS 6.39 introduce varios cambios. Entre ellos, cambios importantes en el WebFig. En caso de haber configurado un router por WebFig y nunca haber accedido por línea de comandos o Winbox, al actualizarlo se perderá la configuración. Para evitarlo se debe ingresar con Winbox o SSH, telnet, etc. antes de actualizar.añade la opción de setear rangos horarios en las colas de velocidad.

 

Lista de cambios completa:

!) bridge – added “fast-forward” setting and counters (enabled by default only for new bridges) (CLI only);
!) bridge – added support for special and faster case of fastpath called “fast-forward” (available only on bridges with 2 interfaces);
!) bridge – reverted bridge BPDU processing back to pre-v6.38 behaviour; (v6.40 will have another separate VLAN-aware bridge implementation);
!) filesystem – fixed rare situation when filesystem failed to read all configuration on startup;
!) filesystem – fixed rare situation when filesystem went into read-only mode (some configuration might have gotten lost on reboot);
!) firewall – discontinued support for p2p matcher (old rules will become invalid);
!) kernel – fixed UDP checksum handling in rare oveflow situations;
!) l2tp – added fastpath support when MRRU is enabled;
!) ppp – completely rewritten internal fragmentation algorithm (when MRRU is used), optimized for multicore;
!) ppp – implemented internal algorithm for “change-mss”, no mangle rules necessary;
!) pppoe – added fastpath support when MRRU and MLPPP are enabled;
!) quickset – configuration changes are now applied only on “OK” and “Apply” (not on mode change);
!) tile – fixed IPSec hardware acceleration out-of-order packet problem, significantly improved performance;
!) winbox – minimal required version is v3.11;
*) address – fixed crash when address is assigned to another bridge port;
*) api – fixed double dynamic flags for “/ip firewall address-list print”;
*) capsman – added “extension-channel” XX and XXXX auto matching modes;
*) capsman – added “keepalive-frames” setting;
*) capsman – added “skip-dfs-channels” setting;
*) capsman – added CAP discovery interface list support;
*) capsman – added DFS support;
*) capsman – added EAP identity to registration table;
*) capsman – added ability to specify multiple channels in frequency field;
*) capsman – added save-channel option to speed up frequency selection on CAPsMAN restart;
*) capsman – added support for “background-scan” and channel “reselect-interval”;
*) capsman – added support for static virtual interfaces on CAP;
*) capsman – changed channel “width” name to “control-channel-width” and changed default values;
*) capsman – improved CAP status querying;
*) capsman – improved support for communicating frame priority between CAP and CAPsMAN;
*) certificate – SCEP client now supports FQDN URL and port;
*) certificate – allow CRL address to be specified as DNS name;
*) console – fixed “/ip neighbor discovery” export;
*) console – fixed DHCP/PPP add-default-route distance minimal value to 1;
*) console – fixed crash;
*) console – fixed incorrect “:put [/lcd get enabled]” value;
*) ddns – improved “dns-update” authentication validation;
*) defconf – fixed Groove 52 ac band settings;
*) defconf – fixed default configuration generation when wireless package is disabled;
*) dhcp-client – added “script” option which executes script on state changes;
*) dhcpv4 – fixed string option parser;
*) dhcpv4-server – added “lease-hostname” script parameter;
*) dhcpv4-server – by default make server “authoritative”;
*) dhcpv4-server – do some lease checks only on enabled object;
*) discovery – fixed LLDP discovery, IPv6 address was not parsed correctly;
*) dude – (changes discussed here: http://forum.mikrotik.com/viewtopic.php?f=21&t=116471);
*) email – check for errors during SMTP exchange process;
*) ethernet – added “voltage-too-low” status for single port power injector devices;
*) ethernet – fixed “loop-protect” on “master-port”;
*) ethernet – fixed rare switch chip hang (could cause port flapping);
*) ethernet – fixed unnecessary power cycle of powered device when changing any poe-out related setting on single port power injector devices;
*) ethernet – renamed “rx-lose” to “rx-loss” in ethernet statistics;
*) ethernet – reversed poe-priority on hEX PoE and OmniTIK 5 PoE to make “poe-priority” consistent to all other RouterOS priorities;
*) fastpath – fixed rare crash on devices with dynamic interfaces;
*) fetch – added “http-data” and “http-method” parameters to allow delete, get, post, put methods (content-type=application/x-www-form-urlencoded by default);
*) fetch – fixed authentication failure;
*) fetch – fixed download issue over HTTPS;
*) gps – added “fix-quality” and “horizontal-dilution” parameters;
*) graphing – fixed graph disappearance after power outage;
*) hotspot – added access to HTTP headers using $(http-header-name);
*) ike1 – fixed ph2 ID logging;
*) ike2 – allow multiple child SA traffic selectors on re-key;
*) ike2 – always replace empty TSi with configured address if it is available;
*) ike2 – check child state before allowing rekey;
*) ike2 – default to /32 peer address mask;
*) ike2 – fixed CTR mode;
*) ike2 – fixed EAP message length;
*) ike2 – fixed ISA handler object removal on SA delete;
*) ike2 – fixed RSA authentication without EAP;
*) ike2 – fixed ctr mode;
*) ike2 – fixed disabled DPD;
*) ike2 – fixed last EAP auth payload type;
*) ike2 – fixed ph2 state when sending notify;
*) ike2 – fixed policy release during SA negotion;
*) ike2 – fixed state when sending delete packet;
*) ike2 – improved logging;
*) ike2 – kill only child SAs which are not re-keyed by remote peer;
*) ike2 – log RADIUS timeout message under error topic;
*) ike2 – remove old SA after rekey;
*) ike2 – send EAP identity as user-name RADIUS attribute;
*) ike2 – update “calling_station_id” RADIUS attribute;
*) ike2 – update peer identity after successful EAP authentication;
*) ippool – return proper error message when trying to create duplicate name;
*) ipsec – added “last-seen” parameter to active connection list;
*) ipsec – allow mixing aead algorithms in proposal;
*) ipsec – better responder flag calculator for console;
*) ipsec – disallow AH+ESP combined policies ;
*) ipsec – do not loose “use-ipsec=yes” parameter after downgrade;
*) ipsec – enable aes-ni on i386 and x64 for cbc, ctr and gcm modes;
*) ipsec – fixed “/ip ipsec policy group export verbose”;
*) ipsec – fixed “mode-cfg” verbose export;
*) ipsec – fixed SA authentication flag;
*) ipsec – renamed “hw-authenc” flag to “hw-aead”;
*) ipsec – show hardware accelerated authenticated SAs;
*) ipsec – updated tilera classifier for UDP encapsulated ESP;
*) l2tp – added support for multiple L2TP tunnels (not to be confused with sessions) between same endpoints (required in some LNS configurations);
*) l2tp – fixed hidden attribute decryption in forwarded CHAP responses for LNS;
*) l2tp-server – added “caller-id-type” to forward calling station number to RADIUS on authentication;
*) l2tp-server – added “use-ipsec=required” option;
*) l2tp-server – fixed upgrade to keep “use-ipsec=yes” in L2TP server;
*) leds – added LTE modem access technology trigger;
*) leds – changed error message on unsupported board;
*) leds – do not update single LED state when it is not changed;
*) leds – show warning on print when “modem-signal-threshold” is not available;
*) log – added “gps” topic;
*) log – added “tr069” topic;
*) log – added missing “license limit exceeded” log entry;
*) log – added warning when Winbox/Dude sessions were denied;
*) log – do not show changes in packet if NAT has not been used;
*) log – make SNMP logs more compact;
*) lte – added “session-uptime” in info command;
*) lte – added LTE signal level reading for Cinterion modems;
*) lte – added error handling for remote AT execute;
*) lte – added initial support for DWR-910 modem;
*) lte – added initial support for Quectel ec25;
*) lte – added initialization for Cinterion;
*) lte – added log entry for SMS delivery report;
*) lte – added support for Vodafone R216 (Huawei);
*) lte – buffer AT events while info command is active;
*) lte – fixed “/interface lte info X once”;
*) lte – fixed IPv6 address prefix on interface
*) lte – fixed network mode selection for me909u, mu609;
*) lte – fixed older standard CEREG parsing;
*) lte – fixed support for Huawai R216;
*) lte – fixed user-command;
*) lte – reset interface stats on “link-down”;
*) netinstall – fixed typos;
*) ntp – restart NTP client when it is stuck in error state;
*) ppp – added “bridge-horizon” option under PPP/Profile;
*) ppp – added option to specify “interface-list” in PPP/Profile;
*) ppp – fixed rare kernel failure on PPP client connection;
*) ppp – fixed rare kernel failure when receiving IPv6 address on PPP interface;
*) ppp – include rates, limits and address-lists parameters in RADIUS accounting requests;
*) ppp-client – added support for Datacard 750UL, DWR-730 and K4607-Zr;
*) pppoe – added warning on PPPoE client/server, if it is configured on slave interface;
*) pppoe – set default keepalive 10s for newly created PPPoE clients;
*) quickset – added initial LTE AP mode support;
*) rb1100ahx2 – fixed random counter resets for ether12,13;
*) rb3011 – added partitioning support;
*) smb – fixed different memory leaks and crashes;
*) smb – fixed share path on devices with “/flash” directory;
*) smips – reduced RouterOS main package size;
*) snmp – “No Such Instance” error message is replaced with “No Such Object”;
*) snmp – added fan-speed OIDs in “/system health print oid”;
*) snmp – added optical table;
*) snmp – fixed rare crash;
*) snmp – improved getall filter;
*) snmp – improved response speed when multiple requests are received within short period of time;
*) snmp – increase “engineBoots” value on reboot;
*) snmp – optimized bridge table processing;
*) tile – added initial support for NVMe SSD disk drives;
*) tile – fixed IPSec crash (introduced in 6.39rc64);
*) tile – optimized hardware encryption;
*) tr069-client – added “Device.Hosts.Host.{i}.” support;
*) tr069-client – added “Device.WiFi.NeighboringWiFiDiagnostic.” support;
*) tr069-client – added “Ethernet.Interface.{i}.MACAddress” parameter;
*) tr069-client – added DHCP server support;
*) tr069-client – added Upload RPC “2 Vendor Log File” support;
*) tr069-client – added architecture name parameter (X_MIKROTIK_ArchName – vendor specific);
*) tr069-client – added basic stats parameters for some interface types;
*) tr069-client – added basic support for “/ip firewall filters”;
*) tr069-client – added connection request authentication;
*) tr069-client – added firewall NAT support using vendor Parameters;
*) tr069-client – added parameters for DNS client management support;
*) tr069-client – added ping diagnostics support;
*) tr069-client – added support for escaped entity references (& < > ‘ “);
*) tr069-client – added support for managing “/system/identity/” value;
*) tr069-client – added support for memory and CPU load parameters;
*) tr069-client – added support for uploading/downloading factory script;
*) tr069-client – added traceroute diagnostics support;
*) tr069-client – close connection if CPE considers XML as invalid;
*) tr069-client – fixed “AddObjectResponse” “InstanceNumber” value;
*) tr069-client – fixed “Device.ManagementServer.” value update;
*) tr069-client – fixed XML special character parsing;
*) tr069-client – fixed crash on =acs-url change special case;
*) tr069-client – fixed special escape characters on XML data send;
*) tr069-client – fixed write for “Device.ManagementServer.URL”;
*) tr069-client – general improvements on reducing storage space;
*) tr069-client – generate random connection request target path;
*) tr069-client – hide “Device.PPP.Interface.{i}.Password” value;
*) tr069-client – improved LTE monitoring process;
*) tr069-client – increased performance on GetParameterValues;
*) tr069-client – made any Download RPC overwrite configuration except “.alter”;
*) tr069-client – make more Parameters deny active notifications;
*) tr069-client – set CHR license ID as “.SerialNumber” value to avoid “no serial number” error in ACS;
*) traceroute – small fix;
*) tunnels – fixed reboot loop on configurations with IPIP and EoIP tunnels (introduced in 6.39rc68);
*) usb – added support for more CP210X devices;
*) userman – allow “name-for-user” to be empty and not unique;
*) userman – automatically select all newly created users to generate vouchers;
*) userman – fixed rare crash when User Manager requested file does not exist on router;
*) userman – fixed rare web interface crash while using Users section;
*) wAP ac – improved 2.4GHz wireless performance;
*) webfig – added menu bar to quickly select between Webfig, Quickset and Terminal;
*) webfig – allow shorten bytes to k,M,G in firewall “connection-bytes” and “connection-rates”;
*) webfig – allow to change global variable contents;
*) webfig – allow to enter frequency ranges in wireless scan list;
*) webfig – allow to select “default-encryption” profile on PPP tunnels;
*) webfig – correctly specify routing filter prefix;
*) webfig – do not allow to reorder items if table is sorted by some column;
*) webfig – fixed bridge property display;
*) webfig – fixed delays on key press in terminal;
*) webfig – fixed tab ordering on Google Chrome;
*) webfig – fixed “last-link-up” & “last-link-down” time information;
*) webfig – improved field layout;
*) webfig – make Terminal window work within Webfig window;
*) webfig – show all available options under “Advanced Mode” for wireless interfaces;
*) webfig – show proper error messages for optional erroneous text fields;
*) winbox – added “Flush” button under unicast-fdb menu;
*) winbox – added “group-key-update” to CAPsMAN security settings;
*) winbox – added “k” and “M” unit support to PPP secret limit-bytes parameters;
*) winbox – added “memory-scroll”, “filter-cpu”, “filter-ipv6-address”, “filter-operation-between-entries” parameters;
*) winbox – added “save-selected” setting under CAPsMAN channels;
*) winbox – added “static-virtual” to wireless CAP;
*) winbox – added GPS menu;
*) winbox – added protected routerboard parameters under routerboard settings menu;
*) winbox – allow shorten bytes to k,M,G in firewall “connection-bytes” and “connection-rates”;
*) winbox – allow to change user password to empty one;
*) winbox – allow to not specify certificate in IPSec peer settings;
*) winbox – allow to specify “route-distance” in “dhcp-client” if “special-classless” mode is selected;
*) winbox – allow to specify certificate type when exporting it;
*) winbox – allow to specify interfaces that CAPsMAN can use for management;
*) winbox – allow unhide SNMP passwords;
*) winbox – allowed to specify static-dns as list;
*) winbox – do not allow Packet Sniffer “memory-limit” and “file-limit” lower than 10KiB;
*) winbox – do not create time field when copying CAPsMAN access list entry;
*) winbox – do not show “dpd-max-failures” on IKEv2;
*) winbox – do not show empty LTE fields in Info menu;
*) winbox – do not start Traffic Generator automatically when opening “Quick Start”;
*) winbox – do not try to disable dynamic items from firewall tables;
*) winbox – fixed “Montly” typo to “Monthly” in Graphing menu;
*) winbox – fixed CAPsMAN channels frequency (allow to specify a list of them);
*) winbox – fixed IPSec “mode-config” DNS settings;
*) winbox – fixed issue when working IPSec policies were shown as invalid;
*) winbox – fixed misleading error when trying to export certificate;
*) winbox – fixed typo in BGP advertisements menu Aggragator->Aggregator;
*) winbox – hide “wps-mode” & “security-profile” in wireless nv2 mode;
*) winbox – hide health menu on RB450;
*) winbox – improved “/tool torch”;
*) winbox – increased maximal number of Winbox sessions 20->100;
*) winbox – properly name CAP Interface on new interface creation;
*) winbox – properly show “dhcp-server” warnings;
*) winbox – properly show IPSec “installed-sa” “enc-algorithm” when it is aes-gcm;
*) winbox – properly show wireless registration table stat counters;
*) winbox – removed “sfp-rate-select” setting from ethernet interface;
*) winbox – removed unnecessary “/system health” menu on “hAP ac lite”;
*) winbox – set default “dhcp-client” “default-route-distance” value to 1;
*) winbox – show “A” flag for IPSec policies;
*) winbox – show “H” flag for IPSec installed SAs;
*) winbox – show PoE-OUT current, voltage and power only on devices which can report these values;
*) wireless – added Egypt 5.8 country settings;
*) wireless – added PEAP authentication support for wireless station mode;
*) wireless – apply broadcast bit to DHCP requests when using “station-pseudobridge” mode;
*) wireless – do not allow equal MAC addresses between multiple Virtual APs when same “master-interface” is used;
*) wireless – fixed RBSXT5HacD2nr2 small channel support;
*) wireless – fixed crash while running “spectral-scan”;
*) wireless – fixed dynamic wireless interface removal from bridge ports when changing wireless mode;
*) wireless – fixed false positive DFS radar detection caused by iPhone 6s devices;
*) wireless – fixed issue when wireless interfaces might not show up in CAP mode;
*) wireless – fixed occasional crash on interface disabling;
*) wireless – fixed rare crash on nv2 configurations;
*) wireless – fixed rare wireless ac interface lockup;
*) x86 – added support for NVMe SSD disk drives;

Podés ver las descargas para las diferentes arquitecturas desde acá o ir a 

[admin@MikroTik] > system package update check-for-updates

y verificar las actualizaciones disponibles.

 

¿Querés saber cuál descargar? Obtené más información en el siguiente post!