Software-update: RouterOS 7.8

MikroTik heeft versie 7.8 van RouterOS uitgebracht. RouterOS is een besturingssysteem dat zich richt op het uitvoeren van routertaken. Denk daarbij natuurlijk aan het routeren van netwerkverkeer, maar ook aan bandbreedtemanagement, een firewall, het aansturen van draadloze accesspoints, een hotspotgateway en een vpn-server. Het kan zowel op de hardware van MikroTik als op x86- of virtuele machines zijn werk doen. Voor het gebruik is een licentie nodig, die bij de aankoop van MikroTik-hardware is inbegrepen. De changelog voor deze uitgave kan hieronder worden gevonden.

storage - added new "rose-storage" package support for extended disk management and monitoring functionality (ARM, ARM64, Tile and x86) (CLI only)bgp - fixed setting of "default-prepend" parameterbridge - fixed adding disabled MSTIbridge - fixed DHCP packet flow when using DHCP snooping, HW offloading and "use-ip-firewall"bridge - fixed possible DHCP packet corruption when using DHCP snoopingbridge - fixed PVID warning typobridge - improved HW offloading logiccertificate - fixed export of a certificate when the last line of the certificate is exactly 64 bytes longcertificate - fixed PBES2 certificate importcertificate - improved certificate management, signing and storing processescertificate - improved multiple certificate import processconntrack - improved system stability when changing connection tracking stateconntrack - improved system stability when PPTP helper is usedconsole - added "as-string" parameter to the ":execute" commandcontainer - added authentication option for registry (CLI only)container - fixed ".type" file ownershipcontainer - fixed file ownership after system upgrade for containers running on internal diskcontainer - fixed multiple container automatic startup on bootdhcpv4-client - send DHCPv4 unicast requests to DHCPv4 relay, instead of server when it is being useddisk - limit maximum TMPFS sizedns - added configurable DoH concurrent query limitation parametersdns - do not cache results from ":resolve" command with specific serverdns - fixed CNAME reading from the cachedns - limited "DoH max concurrent queries reached" logging messages to once per minutedns - respond with "NOERROR" to DNS requests for static domain names when appropriate type record is not configured or found on upstream serverfirewall - fixed bridge priority targetfirewall - fixed DSCP priority target for IPv6 Manglefirewall - fixed netmap range maximum address calculation for IPv6 NATgraphing - fixed hiding of target queues when "allow-target" is disabledgraphing - fixed sorting of interface and queue graphsgraphing - properly handle disabled and static-binding interface graphsgraphing - removed "move" command for graphing ruleshealth - fixed "temperature" and "power-consumption" readings for RB1100AHx4hotspot - fixed setting of "address" parameter for IP bindinghotspot - restore cookie timeout on rebootike2 - added support for "address", "key-id" and "dn" for Remote ID matching (CLI only)ike2 - fixed active SA flush on responder after an unsuccessful peer connection attemptipsec - added support for "Framed-Route" RADIUS attribute supportipsec - do not match incoming IKE requests by unresolved DNS name peersipsec - fixed peer matcher for incoming connection with unresolved DNSipv6 - added "pref64" option configuration for RAipv6 - improved handling of "advertise" IPv6 address status changesipv6 - limited "hop-limit" parameter value range to 255ipv6 - made distributed DNS lifetime RFC8106 compliantl3hw - added destination MAC address check for offloaded FastTrack connectionsled - fixed signal reading for KNOT deviceleds - always require to set interface name when setting "modem-signal" indicationlte - added AT support for Telit LE910C4 in MBIM modelte - fixed APN setting usage on initial connection attempt for AT based Quectel and Neoway modemslte - fixed automatic antenna selection on Chateau LTE12/LTE18lte - fixed dialing for Fibocom L850-GL modulelte - fixed displaying of "subscriber-number"lte - fixed possible memory leak when using passthrough mode on Chateau 5Glte - improved AT port matching for SIMCom, Huawei, WeLink, Cinterion, BandLuxe and Sierra modemslte - improved modem detection speed in lower mini-PCIe slot on LtAPlte - improved stability for R11e-LTE6, skip connection reset on first EEMGINFO command timeoutlte - LtAP improved modem detection in lower mini-PCie slot ("/system routerboard upgrade" required)lte - parse USSD even if encoding is unsupportedmpls - fixed handling of more than 9 VRF'smpls - fixed LDP listen socket creation before IPv6 address is ready for usempls - improved stability when neighboring router rebootsospf - fixed "ospf-type" parameter for OSPFv3 routesospf - fixed simple auth for OSPFv3ovpn - added AES-GCM and multicore encryption supportovpn - improved server stabilityovpn - improved TLS-related error loggingpimsm - improved system stabilitypoe - added LLDP power management support for 802.3at PSEpoe - properly turn off power when link not detected on hAP ax2 and hAP ax3port - fixed modem channel number on KNOTpppoe - fixed PPPoE client scan showing only one serverresource - show filesystem related statistics on CCR2004route - fixed IPv6 default route presence when received from RAroute - fixed printing of routing table's "count-only" parameterroute - show hoplimit and MTU properties under the "/routing route" menu for SLAAC routesrouterboot - fixed format storage for RBM33G device ("/system routerboard upgrade" required)routerboot - fixed protected routerboot for RBM33G device ("/system routerboard upgrade" required)sfp - fixed false link detection with S+RJ10 on RB5009sfp - fixed reading of SFP EEPROM on single SFP port devicessfp - improved optical modules SFP compatibility on CCR2004-16G-2S+, CCR2004-1G-12S+2XS, CCR2116-12G-4S+ devicessms - improved reporting of SMS sending errorssms - log USSD response when USSD is sent over MBIMsniffer - added additional filtering parameterssnmp - do not show identity in LLDP when branding is used with hide SNMP datasnmp - fixed handling of disabled routessnmp - fixed reporting of total number of routes counterssh - hard-coded "localhost" address for forwarding requestsssh - improved system stability when processing none-crypto SSH connectionsstp - fixed TLS session establishment when "connect-to" is DNS nameswitch - fixed SFP rate select for CRS354 devicesswitch - improved 10G, 25G, 40G and 100G interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 switchesswitch - improved system stability for 98DXxxxx switch chipsswos - removed "/system swos" menu for CRS5xx series switchestorch - allow "without-paging" parameter for Torchtraffic-generator - increased maximum allowed stream countupgrade - show error message when license prohibits upgradeusb - changed USB auto detect behavior to default to the external USB, when no internal USB devices detectedvxlan - added "dont-fragment" setting that allows managing fragmentationvxlan - added "max-fdb-size" parametervxlan - added FastPath supportwebfig - allow setting numeric values in time interval fieldswebfig - fixed accessing of WebFig when "Interface" menu is disabled by skinwebfig - fixed editing of multi-field parameters with "not" checkboxwebfig - fixed handling of empty skin fileswebfig - improved navigation responsivenesswebfig - improved skin file parsingwebfig - improved terminal operationwebfig - properly escape all reserved URI characterswebfig - updated WebFig and graph web pages to HTML5wifiwave2 - added wireless sniffer tool to capture wireless transmissions (CLI only)wifiwave2 - adjust monitoring of station interfaces to report when an interface is authorized, not just connectedwifiwave2 - enabled additional channels in UNII-3 and UNII-4 bands for Europe and USA on hAP ax^2, hAP ax^3 and Chateau axwifiwave2 - fixed compatibility with third-party devices when using SAE hash-to-element authentication with DH groups 20 and 21wifiwave2 - fixed SAE authentication for interfaces in station mode when trying to connect to APs which require an anti-clogging token (introduced in RouterOS 7.4)wifiwave2 - implement 802.11w management protection SA Query procedureswifiwave2 - improve protections from denial-of-service attacks on WPA3winbox - added "Connect" button under "WifiWave2/Scan" menuwinbox - added "Disable/Enable" buttons under "WifiWave2" menuwinbox - added "Match Subdomain" parameter under "IP/DNS/Static" menuwinbox - added "Provision" button under "WifiWave2" menuwinbox - added "Start On Boot" checkbox under "Container" menuwinbox - added "Tx Rate" and "Rx Rate" columns under "WifiWave2/Registration" menuwinbox - added missing properties when setting "Use DoH Server"winbox - added missing WifiWave2 related parameters under "WifiWave2" menuwinbox - added support for manual RAM file system (TMPFS) creation under "System/Disk" menuwinbox - added Type "https-get" parameter under "Tools/Netwatch" menuwinbox - allow selecting bridge for static entries under "Bridge/MDB" menuwinbox - fixed displaying of "Default Prepend" value under "Routing/BGP/Sessions" menuwinbox - fixed displaying of "Tx/Rx CCQ" values under "Wireless/Registration" menuwinbox - fixed displaying of flags under "System/Console" menuwinbox - fixed displaying of multiple character flagswinbox - fixed usage of IPv6 family addresses under "IP/Web Proxy/Access" menuwinbox - hide "TTL" value for static DNS entries with FWD typewinbox - hide unnecessary properties for virtual interfaces under "WifiWave2" menuwinbox - improved mouseover hint for "local" policy under "System/Users/Groups" menuwinbox - rename "Multicast Router" monitoring property to "Is Multicast Router" under "Bridge" menuwinbox - show "Gateway" column by default under "IPv6/Routes" menux86 - added support for TP-Link TG-3468x86 - fixed Source: Tweakers.net