Επιστροφή στο Forum : Περί ROS ο λόγος...
Βαλε την .4 μεχρι να το φτιαξουν τοτε.
Βαλε την .4 μεχρι να το φτιαξουν τοτε.
.7 ειναι αυτη που δεν εχει θεμα, αφου απο την .8 ρε συ πηγαμε στην .11 και κανει τα ιδια.
Θα το φτιαξουν ποτε ή θα μεινει ετσι επ απειρον?
καλημέρα, σε τι μηχανημα? στο 109 αναφερεσαι?
CRS109-RB951G-hAPac2-SXTG2
- - - Updated - - -
Ευτυχως που δε δηλωνω ποτε χωρα..........
Αυτο βεβαια ειναι για την .8, στην .11 το δοκιμασες?
Τι πρόβλημα υπάρχει δηλώνοντας country? Εγώ έχω ορίσει χώρα σε όλα τα mikrotik και δεν έχω θέμα.
Τι πρόβλημα υπάρχει δηλώνοντας country? Εγώ έχω ορίσει χώρα σε όλα τα mikrotik και δεν έχω θέμα.
Και εγω εχω ορισει σε ολα, ΜΟΝΟ στο 433ΑΗ υπαρχει προβλημα.
Εχουν προβλημα ΜΟΝΟ οσα εχουν παραπανω απο ενα wireless interface, στα 411 και 911 πχ κανενα προβλημα, ουτε με την .11, ουτε με την .8.
Το γιατι ειναι αγνωστο.
Εχω μεινει χωρις τηλεφωνο και ιντερνετ και πεδευομαι με κινητη τωρα και δεν το εχω ψαξει ακομα.
αν προλαβω θα ενημερωσω.
- - - Updated - - -
Στα 411 και 911 δεν εχω πλεον προσβαση για να δω επειδη εχει πεσει η adsl μου και επεσαν τα openvpn, αλλα στο 433ΑΗ ειχα ηδη superchannel οποτε εβαλα αντι Greece το no_country_set, πεταξα με FTP το .npk με την 6.43.11 και reboot και ολα καλα!!!
Δεν ειπα οτι εχεις προβλημα αν δηλωσεις χωρα. Αν δηλωσεις χωρα Ελλαδα ομως ξεχνας το ασυρματο πανω απο 20db, γιατι βαζει τα limitation της καθε χωρας.
Δεν ειπα οτι εχεις προβλημα αν δηλωσεις χωρα. Αν δηλωσεις χωρα Ελλαδα ομως ξεχνας το ασυρματο πανω απο 20db, γιατι βαζει τα limitation της καθε χωρας.
Τι είναι αυτό? μιλας για tx power? δεν βαζουμε τετοια πραγματα, αυτό το νουμερο είναι τεραστιο!
Μα ειχα Ελλαδα ετσι κι αλλιως, χτες τα αλλαξα για να μπορω να παω στην .11.
Μαλλον αναφεροσουν στον jkarabas, αλλα οκ δεν πειραζει.
- - - Updated - - -
Στα αλλα μηχανήματα δεν υπηρχε πρόβλημα ετσι κι αλλιως όμως. ΜΟΝΟ αν εχουν πολλαπλες καρτες wlan.
Τελικα και στο awmn forum κανεις δεν εχει απαντησει σχετικα με μηχανήματα με πολλαπλες καρτες, θα ηθελα να δω πχ ένα 435G αν θα ειχε πρόβλημα, καθως και αλλα μοντελα της σειρας 433.
Δεν ειπα οτι εχεις προβλημα αν δηλωσεις χωρα. Αν δηλωσεις χωρα Ελλαδα ομως ξεχνας το ασυρματο πανω απο 20db, γιατι βαζει τα limitation της καθε χωρας.
Αυτό το γνωρίζω για τα limitation. Όταν λες πάνω από 20db εννοείς το tx power?
What's new in 6.43.12 (2019-Feb-08 11:46):
*) winbox - improvements in connection handling to router with open winbox service;
- - - Updated - - -
Δεν αναβαθμιζω μονο γιαυτο...
Τι μαλακιες ειναι αυτες που βγαζουν ρε σεις, αντι να φτιαξουν τα links που εχει θεμα ο κοσμος.................
Ούτε εγώ αναβαθμίζω φυσικά. Έχουνε ξεφύγει εντελώς..
Τι μαλακιες ειναι αυτες που βγαζουν ρε σεις, αντι να φτιαξουν τα links που εχει θεμα ο κοσμος.................
με ποια links εχει θεμα ?
On February 21, Tenable published a new CVE, describing a vulnerability, which allows to proxy a TCP/UDP request through the routers Winbox port, if it's open to the internet. Tenable had previously contacted MikroTik about this issue, so a fix has already been released on February 11, 2019 in…
https://www.tenable.com/security/research/tra-2019-07
Solution
Long term release users should upgrade to 6.42.12 or newer. Stable release should upgrade to 6.43.12 or newer.
Αντε πάλι.... Οκ είμαστε με την stable 12 όπως βλέπω...
6.44 stable με 236 αλλαγες.......... περαστικα μας.
https://forum.mikrotik.com/viewtopic.php?f=21&t=145793
6.44 stable με 236 αλλαγες.......... περαστικα μας.
https://forum.mikrotik.com/viewtopic.php?f=21&t=145793
βλεπω να πεφτει κλαμα….
θα την βαλω για αρχη σε μηχανήματα που δεν με ενδιαφερουν τοσο δλδ του awmn στο εξοχικο που δεν εχω ετσι και αλλιως και θα δουμε μετα για τα υπολοιπα.
Όταν το κανω θα σας ενημερωσω για τυχον προβλήματα...
δλδ θα γινει σε 911, 411 και ένα gigabit 951.
Ευπρόσδεκτη αναβάθμιση και με fw upd.
Ελπίζω αυτή την φορά να έφτιαξαν το πρόβλημα με τα wireless channels σε πολλαπλά WiFi cards connections που στις δύο νομίζω τελευταίες εκδόσεις τα έκανε αρκταμα....αν προλάβω θα το δω σήμερα στο 433ah αν όλα πάνε καλά στα άλλα τρία και εννοείται πως θα ενημερώσω...
Και πάντα δεν ξεχνάμε firmware update!
Ετσι λενε.....
edited..
Οσοι εχετε προβλημα με 16ΜΒ HDD size μηχανακια και δε μπορειτε να αναβαθμισετε λογω χωρου, κατεβαστε το fix_space.npk
Καλησπέρα, να ενημερωσω οτι αναβαθμισα 411, 911, gigabit 951 και 433ΑΗ και ολα καλα! και ναι επιτελους εφτιαξαν το προβλημα τα wireless στα rbs με πολλες wlan! ΚΑΙΡΟΣ ΗΤΑΝ!!!!
- - - Updated - - -
Ενταξει και στο 109, και μενει το 951-ιντερνετ αλλα οταν παω εκει θα γινει αυτο για ευνοητους λογους...
και εγω σε 6 μηχανακια ολα καλα.............
καλημέρα!
εδώ αναφέρουν διαφορα πραγματάκια https://forum.mikrotik.com/viewtopic.php?f=21&t=145793&sid=f17e7c5a81f9022b473b18c6a40b3076&start=50 αλλα είναι αναλογα το μηχανημα και το setup, δεν είναι δλδ γενικα προβληματα.
Σε εμενα όλα καλα κατι που δεν το περιμενα με τοσες αλλαγες, αναμενω μονο το 951 που εχει το ιντερνετ το ΣΚ να το δω και αυτό.
Και οντως ευτυχως εφτιαξαν το θεμα με τις συχνότητες superchannel για τα Rbs με πολλες wlan cards.
Καλημέρα στη παρέα!!
Πραγματικά πάρα πολλές αλλαγές, πιστεύω προς το καλύτερο.
- - - Updated - - -
Έχει δοκιμάσει κανείς update απομακρυσμένα?
Εννοώ από εδώ που είμαι και έχω πρόσβαση στο winbox απομακρυσμένα, μπορώ να κάνω update ή καλύτερα τοπικά?
Καλημερα, έχω κάνει μερικές φορές αλλά μου έτυχε μια φορά να κολλήσει και από τότε το κάνω όταν πάω εκεί. Γιαυτό ανάφερα πριν το 951 με ίντερνετ στο εξοχικό, Δουλευω κάμερες και ειναι πολύ σημαντικό να μην μείνω εκτός. Όλα όσα ανήκουν στο awmn τα έκανα απομακρυσμενα γιατί έχει πέσει και είμαστε μερικοί μεταξύ μας και δεν με νοιάζει.
Μάλιστα τότε που κόλλησε χρειάστηκα netinstall!
What's new in 6.45beta11 (2019-Mar-08 13:24):
Changes in this release:
*) bridge - fixed log message when hardware offloading is being enabled;
*) dhcpv4-server - added "vendor-class-id" matcher (CLI only);
*) dhcpv6-server - added RADIUS accounting support;
*) e-mail - fixed missing "from" address for sent e-mails (introduced in v6.44);
*) gps - removed unnecessary leading "0" for dd format;
*) ipsec - allow identities with empty XAuth login and password if RADIUS is enabled (introduced in v6.44);
*) lte - fixed LTE interface band setting on RBSXTLTE3-7 (introduced in v6.44);
*) lte - improved "info" command query;
*) rb4011 - fixed SFP linking (introduced in v6.45beta6);
*) sms - allow specifying multiple "allowed-number" values;
*) snmp - properly return multicast and broadcast packet counters for IF-MIB OIDs;
*) wireless - fixed antenna gain setting on RBSXT5nDr2;
Καλησπέρα, καλη Σαρακοστη!
μηπως ηθελες να το βαλεις εδω που ηταν το σωστο? https://www.adslgr.com/forum/threads/1042376-Mikrotik-ROS-RC-version-%CF%83%CF%85%CE%B6%CE%B7%CF%84%CE%AE%CF%83%CE%B5%CE%B9%CF%82-bugs-%CE%BA%CF%84%CE%BB/page5
Release 6.44.1 2019-03-14
What's new in 6.44.1 (2019-Mar-13 08:38):
Changes in this release:
*) bridge - fixed possible memory leak when using "ingress-filtering=yes" on bridge interface;
*) certificate - force 3DES encryption for P12 certificate export;
*) dhcp - fixed dual stack queue addition;
*) dhcpv6-server - use MAC address for RADIUS user when "allow-dual-stack-queue=yes";
*) e-mail - fixed missing "from" address for sent e-mails (introduced in v6.44);
*) gps - increase precision for dd format;
*) gps - removed unnecessary leading "0" for dd format;
*) ipsec - allow identities with empty XAuth login and password if RADIUS is enabled (introduced in v6.44);
*) ipsec - fixed dynamic L2TP peer and identity configuration missing after reboot (introduced in v6.44);
*) ipsec - use "remote-id=ignore" for dynamic L2TP configuration (introduced in v6.44);
*) ipv6 - do not allow setting "preferred-lifetime" longer than "valid-lifetime";
*) lte - do not show "session-uptime" if session is not up;
*) lte - fixed LTE interface band setting on RBSXTLTE3-7 (introduced in v6.44);
*) rb4011 - fixed ether10 failing to auto negotiate link speed to 1Gbps;
*) winbox - added "use-local-address" parameter in "IP/Cloud" menu;
*) wireless - fixed antenna gain setting on RBSXT5nDr2;
καλησπέρα, αναβαθμιστηκαν ολα τα δικα μου ολα καλα! και εννοειτε και fw update!
What's new in 6.43.13 (2019-Mar-13 11:27):
[Long-term]
*) bridge - count routed FastPath packets between bridge ports under FastPath bridge statistics;
*) bridge - fixed BOOTP packet forwarding when DHCP Snooping is enabled;
*) bridge - fixed packet forwarding with enabled DHCP Snooping and Option 82;
*) bridge - fixed possible memory leak when using "ingress-filtering=yes" on bridge interface;
*) bridge - fixed system's identity change when DHCP Snooping is enabled (introduced in v6.43);
*) capsman - always accept connections from loopback address;
*) certificate - force 3DES encryption for P12 certificate export;
*) dhcp - fixed dual stack queue addition;
*) dhcpv6-server - allow to add DHCPv6 server with pool that does not exist;
*) dhcpv6-server - fixed missing gateway for binding's network if RADIUS authentication was used;
*) ethernet - added "tx-rx-1024-max" counter to Ethernet stats;
*) ethernet - fixed packet forwarding when SFP interface is disabled on hEX S;
*) fetch - improved file downloading to slow memory;
*) gps - increase precision for dd format;
*) gps - removed unnecessary leading "0" for dd format;
*) ipsec - fixed all policies not getting installed after startup (introduced in v6.43.8);
*) ipsec - fixed stability issues after changing peer configuration (introduced in v6.43);
*) ipv6 - do not allow setting "preferred-lifetime" longer than "valid-lifetime";
*) kidcontrol - added "tur-fri", "tur-mon", "tur-sat", "tur-sun", "tur-thu", "tur-tue", "tur-wed" parameters;
*) kidcontrol - fixed validation checks for time intervals;
*) led - fixed default LED configuration for RBSXTsq-60ad;
*) lldp - fixed missing capabilities fields on some devices;
*) lte - do not show "session-uptime" if session is not up;
*) lte - improved SIM7600 initialization after reset;
*) netinstall - do not show kernel failure critical messages in the log after fresh install;
*) ntp-client - fixed "dst-active" and "gmt-offset" being updated after synchronization with server;
*) ppp - fixed dynamic route creation towards VPN server when "add-default-route" is used;
*) rb4011 - fixed ether10 failing to auto negotiate link speed to 1Gbps;
*) smb - added commenting option for SMB users (CLI only);
*) smb - fixed macOS clients not showing share contents;
*) smb - fixed Windows 10 clients not able to establish connection to share;
*) ssh - close active SSH connections before IPsec connections on shutdown;
*) supout - fixed "poe-out" output not showing all interfaces;
*) supout - fixed Profile output on single core devices;
*) winbox - added "conflict-detection" parameter in "IP/DHCP Server" menu;
*) winbox - added "coordinate-format" parameter in LTE interface settings;
*) winbox - added "use-local-address" parameter in "IP/Cloud" menu;
*) winbox - allow specifying interface lists in "CAPsMAN/Access List" menu;
*) winbox - fixed "IPv6/Firewall" "Connection limit" parameter not allowing complete IPv6 prefix lengths;
*) winbox - fixed "LCD" menu not shown on RB2011UiAS-2HnD;
*) winbox - moved "Too Long" statistics counter to Ethernet "Rx Stats" tab;
*) winbox - show "System/RouterBOARD/Mode Button" on devices that have such feature;
*) wireless - fixed antenna gain setting on RBSXT5nDr2;
*) wireless - improved antenna gain setting for devices with built in antennas;
*) wireless - improved AR5212 response to incoming ACK frames;
*) wireless - improved connection stability for new model Apple devices;
6.44.2 changelog stable
Changes in this release:
*) ipv6 - adjust IPv6 route cache max size based on total RAM memory;
6.43.14 changelog long-term
*) ipv6 - adjust IPv6 route cache max size based on total RAM memory;
Άμεση επέμβαση..:)
Άρα γυρίζουμε στα παλιά.
- - - Updated - - -
Ενεργοποίησα μετά το update, το DHCP client v6 αλλά δεν βρίσκει ip. Στα addresses μου κοκκινίζει διότι στα pool δεν υπάρχει τίποτα.
- - - Updated - - -
Τελικά ήθελε reboot.
Καλησπέρα, το εκανα και εγω στο 109 για την ADSL και καλα που το ειπες, γιατι μου εκανε το ιδιο και θα εψαχνα τι φταιει, thanks! :oneup:
Καλησπέρα, το εκανα και εγω στο 109 για την ADSL και καλα που το ειπες, γιατι μου εκανε το ιδιο και θα εψαχνα τι φταιει, thanks! :oneup:
Με ψιλοπαίδεψε λίγο αλλά όλα καλά..:)
What's new in 6.44.3 (2019-Apr-23 12:37):
Changes in this release:
*) certificate - fixed SAN being duplicated on status change (introduced in v6.44);
*) conntrack - fixed "loose-tcp-tracking" parameter not taken in action (introduced in v6.44);
*) dhcpv4-server - fixed commenting option for alerts;
*) dhcpv6-server - fixed binding setting update from RADIUS;
*) ike1 - improved stability for transport mode policies on initiator side;
*) ipsec - fixed freshly created identity not taken in action (introduced in v6.44);
*) ipsec - fixed possible configuration corruption after import (introduced in v6.44);
*) ipv6 - adjusted IPv6 route cache max size;
*) ipv6 - improved IPv6 neighbor table updating process;
*) lte - reset LTE modem only when SIM slot is changed on dual SIM slot devices;
*) rb2011 - removed "sfp-led" from "System/LEDs" menu;
*) smb - fixed possible buffer overflow;
*) snmp - added "radio-name" (mtxrWlRtabRadioName) OID support;
*) ssh - added "both", "local" and "remote" options for "forwarding-enabled" parameter;
*) ssh - do not generate host key on configuration export;
*) ssh - fixed multiline non-interactive command execution;
*) switch - fixed possible crash when interface state changes and DHCP Snooping is enabled;
*) userman - updated authorize.net gateway DNS name;
*) wireless - added support for US FCC UNII-2 and Canada country profiles for LHG-5HPnD-US, RBLHG-5HPnD-XL-US and SXTsq5HPnD-US devices;
*) wireless - improved wireless country settings for EU countries;
kostas2911
27-04-19, 18:45
Επιτέλους. Καιρός ήταν...
What's new in 6.45beta37 (2019-Apr-25 12:20):
MAJOR CHANGES IN v6.45:
----------------------
!) dot1x - added support for IEEE 802.1X Port-Based Network Access Control (CLI only);
!) ike2 - added support for EAP authentication methods (eap-tls, eap-ttls, eap-peap) as initiator (CLI only);
----------------------
Επιτέλους. Καιρός ήταν...
What's new in 6.45beta37 (2019-Apr-25 12:20):
MAJOR CHANGES IN v6.45:
----------------------
!) dot1x - added support for IEEE 802.1X Port-Based Network Access Control (CLI only);
!) ike2 - added support for EAP authentication methods (eap-tls, eap-ttls, eap-peap) as initiator (CLI only);
----------------------
για τις beta εκδοσεις της ROS λεμε εδω περα https://www.adslgr.com/forum/threads/1042376-Mikrotik-ROS-RC-version-%CF%83%CF%85%CE%B6%CE%B7%CF%84%CE%AE%CF%83%CE%B5%CE%B9%CF%82-bugs-%CE%BA%CF%84%CE%BB/page5
What's new in 6.43.15 (2019-May-10 12:44) [long-term]:
Changes in this release:
*) dhcpv4-server - fixed commenting option for alerts;
*) dhcpv6-server - fixed binding setting update from RADIUS;
*) ike1 - improved stability for transport mode policies on initiator side;
*) ipv6 - adjusted IPv6 route cache max size;
*) ipv6 - adjust IPv6 route cache max size based on total RAM memory;
*) ipv6 - improved IPv6 neighbor table updating process;
*) lte - reset LTE modem only when SIM slot is changed on dual SIM slot devices;
*) lte - use default APN name "internet" when not provided;
*) rb2011 - removed "sfp-led" from "System/LEDs" menu;
*) rb4011 - fixed SFP+ interface full duplex and speed parameter behaviour;
*) rb4011 - improved SFP+ interface linking to 1Gbps;
*) smb - fixed possible buffer overflow;
*) snmp - added "radio-name" (mtxrWlRtabRadioName) OID support;
*) ssh - do not generate host key on configuration export;
*) switch - fixed possible crash when interface state changes and DHCP Snooping is enabled;
*) system - accept only valid path for "log-file" parameter in "port" menu;
*) userman - updated authorize.net gateway DNS name;
*) webfig - improved file handling;
*) winbox - improved file handling;
*) winbox - show "R" flag under "IPv6/DHCP Server/Bindings" tab;
*) wireless - added support for US FCC UNII-2 and Canada country profiles for LHG-5HPnD-US, RBLHG-5HPnD-XL-US and SXTsq5HPnD-US devices;
*) wireless - improved wireless country settings for EU countries, outdoor models will use outdoor frequency range by default;
*) wireless - improved system stability for all devices with 802.11ac wireless;
*) wireless - improved wireless country settings for EU countries;
v6.43.16 [long-term]
What's new in 6.43.16 (2019-May-14 11:40):
Changes in this release:
*) w60g - fixed memory leak (introduced in v6.43.15);
What's new in 6.45.1 (2019-Jun-27 10:23):
Important note!!!
Due to removal of compatibility with old version passwords in this version, downgrading to any version prior to v6.43 (v6.42.12 and older) will clear all user passwords and allow password-less authentication. Please secure your router after downgrading.
MAJOR CHANGES IN v6.45.1:
----------------------
!) dot1x - added support for IEEE 802.1X Port-Based Network Access Control;
!) ike2 - added support for EAP authentication methods (eap-tls, eap-ttls, eap-peap, eap-mschapv2) as initiator;
!) security - fixed vulnerabilities CVE-2018-1157, CVE-2018-1158;
!) security - fixed vulnerabilities CVE-2019-11477, CVE-2019-11478, CVE-2019-11479;
!) security - fixed vulnerability CVE-2019-13074;
!) user - removed insecure password storage;
----------------------
Changes in this release:
*) bridge - correctly display bridge FastPath status when vlan-filtering or dhcp-snooping is used;
*) bridge - correctly handle bridge host table;
*) bridge - fixed log message when hardware offloading is being enabled;
*) bridge - improved stability when receiving traffic over USB modem with bridge firewall enabled;
*) capsman - fixed CAP system upgrading process for MMIPS;
*) capsman - fixed interface-list usage in access list;
*) ccr - improved packet processing after overloading interface;
*) certificate - added "key-type" field;
*) certificate - added support for ECDSA certificates (prime256v1, secp384r1, secp521r1);
*) certificate - fixed self signed CA certificate handling by SCEP client;
*) certificate - made RAM the default CRL storage location;
*) certificate - removed DSA (D) flag;
*) certificate - removed "set-ca-passphrase" parameter;
*) chr - legacy adapters require "disable-running-check=yes" to be set;
*) cloud - added "replace" parameter for backup "upload-file" command;
*) conntrack - fixed GRE protocol packet connection-state matching (CVE-2014-8160);
*) conntrack - significant stability and performance improvements;
*) crs317 - fixed known multicast flooding to the CPU;
*) crs3xx - added ethernet tx-drop counter;
*) crs3xx - correctly display auto-negotiation information for SFP/SFP+ interfaces in 1Gbps rate;
*) crs3xx - fixed auto negotiation when 2-pair twisted cable is used (downshift feature);
*) crs3xx - fixed "tx-drop" counter;
*) crs3xx - improved switch-chip resource allocation on CRS326, CRS328, CRS305;
*) defconf - added "custom-script" field that prints custom configuration installed by Netinstall;
*) defconf - automatically set "installation" parameter for outdoor devices;
*) defconf - changed default configuration type to AP for cAP series devices;
*) defconf - fixed channel width selection for RU locked devices;
*) dhcp - create dual stack queue based on limitations specified on DHCPv4 server lease configuration;
*) dhcp - do not require lease and binding to have the same configuration for dual-stack queues;
*) dhcp - show warning in log if lease and binding dual-stack related parameters do not match and create separate queues;
*) dhcpv4-server - added "client-mac-limit" parameter;
*) dhcpv4-server - added IP conflict logging;
*) dhcpv4-server - added RADIUS accounting support with queue based statistics;
*) dhcpv4-server - added "vendor-class-id" matcher (CLI only);
*) dhcpv4-server - improved stability when performing "check-status" command;
*) dhcpv4-server - replaced "busy" lease status with "conflict" and "declined";
*) dhcpv6-client - added option to disable rapid-commit;
*) dhcpv6-client - fixed status update when leaving "bound" state;
*) dhcpv6-server - added additional RADIUS parameters for Prefix delegation, "rate-limit" and "life-time";
*) dhcpv6-server - added "address-list" support for bindings;
*) dhcpv6-server - added "insert-queue-before" and "parent-queue" parameters;
*) dhcpv6-server - added RADIUS accounting support with queue based statistics;
*) dhcpv6-server - added "route-distance" parameter;
*) dhcpv6-server - fixed dynamic IPv6 binding without proper reference to the server;
*) dhcpv6-server - override prefix pool and/or DNS server settings by values received from RADIUS;
*) discovery - correctly create neighbors from VLAN tagged discovery messages;
*) discovery - fixed CDP packets not including address on slave ports (introduced in v6.44);
*) discovery - improved neighbour's MAC address detection;
*) discovery - limit max neighbour count per interface based on total RAM memory;
*) discovery - show neighbors on actual mesh ports;
*) e-mail - include "message-id" identification field in e-mail header;
*) e-mail - properly release e-mail sending session if the server's domain name can not be resolved;
*) ethernet - added support for 25Gbps and 40Gbps rates;
*) ethernet - fixed running (R) flag not present on x86 interfaces and CHR legacy adapters;
*) ethernet - increased loop warning threshold to 5 packets per second;
*) fetch - added SFTP support;
*) fetch - improved user policy lookup;
*) firewall - fixed fragmented packet processing when only RAW firewall is configured;
*) firewall - process packets by firewall when accepted by RAW with disabled connection tracking;
*) gps - fixed missing minus close to zero coordinates in dd format;
*) gps - make sure "direction" parameter is upper case;
*) gps - strip unnecessary trailing characters from "longtitude" and "latitude" values;
*) gps - use "serial0" as default port on LtAP mini;
*) hotspot - added "interface-mac" variable to HTML pages;
*) hotspot - moved "title" HTML tag after "meta" tags;
*) ike1 - adjusted debug packet logging topics;
*) ike2 - added support for ECDSA certificate authentication (rfc4754);
*) ike2 - added support for IKE SA rekeying for initiator;
*) ike2 - do not send "User-Name" attribute to RADIUS server if not provided;
*) ike2 - improved certificate verification when multiple CA certificates received from responder;
*) ike2 - improved child SA rekeying process;
*) ike2 - improved XAuth identity conversion on upgrade;
*) ike2 - prefer SAN instead of DN from certificate for ID payload;
*) ippool - improved logging for IPv6 Pool when prefix is already in use;
*) ipsec - added dynamic comment field for "active-peers" menu inherited from identity;
*) ipsec - added "ph2-total" counter to "active-peers" menu;
*) ipsec - added support for RADIUS accounting for "eap-radius" and "pre-shared-key-xauth" authentication methods;
*) ipsec - added traffic statistics to "active-peers" menu;
*) ipsec - disallow setting "src-address" and "dst-address" for transport mode policies;
*) ipsec - do not allow adding identity to a dynamic peer;
*) ipsec - fixed policies becoming invalid after changing priority;
*) ipsec - general improvements in policy handling;
*) ipsec - properly drop already established tunnel when address change detected;
*) ipsec - renamed "remote-peers" to "active-peers";
*) ipsec - renamed "rsa-signature" authentication method to "digital-signature";
*) ipsec - replaced policy SA address parameters with peer setting;
*) ipsec - use tunnel name for dynamic IPsec peer name;
*) ipv6 - improved system stability when receiving bogus packets;
*) ltap - renamed SIM slots "up" and "down" to "2" and "3";
*) lte - added initial support for Vodafone R216-Z;
*) lte - added passthrough interface subnet selection;
*) lte - added support for manual operator selection;
*) lte - allow setting empty APN;
*) lte - allow to specify URL for firmware upgrade "firmware-file" parameter;
*) lte - do not show error message for info commands that are not supported;
*) lte - fixed session reactivation on R11e-LTE in UMTS mode;
*) lte - improved firmware upgrade process;
*) lte - improved "info" command query;
*) lte - improved R11e-4G modem operation;
*) lte - renamed firmware upgrade "path" command to "firmware-file" (CLI only);
*) lte - show alphanumeric value for operator info;
*) lte - show correct firmware revision after firmware upgrade;
*) lte - use default APN name "internet" when not provided;
*) lte - use secondary DNS for DNS server configuration;
*) m33g - added support for additional Serial Console port on GPIO headers;
*) ospf - added support for link scope opaque LSAs (Type 9) for OSPFv2;
*) ospf - fixed opaque LSA type checking in OSPFv2;
*) ospf - improved "unknown" LSA handling in OSPFv3;
*) ovpn - added "verify-server-certificate" parameter for OVPN client (CVE-2018-10066);
*) ppp - added initial support for Quectel BG96;
*) proxy - increased minimal free RAM that can not be used for proxy services;
*) rb3011 - improved system stability when receiving bogus packets;
*) rb4011 - fixed MAC address duplication between sfp-sfpplus1 and wlan1 interfaces (wlan1 configuration reset required);
*) rb921 - improved system stability ("/system routerboard upgrade" required);
*) routerboard - renamed 'sim' menu to 'modem';
*) sfp - fixed S-35LC20D transceiver DDMI readouts after reboot;
*) sms - added USSD message functionality under "/tool sms" (CLI only);
*) sms - allow specifying multiple "allowed-number" values;
*) sms - improved delivery report logging;
*) snmp - added "dot1dStpPortTable" OID;
*) snmp - added OID for neighbor "interface";
*) snmp - added "write-access" column to community print;
*) snmp - allow setting interface "adminStatus";
*) snmp - fixed "send-trap" not working when "trap-generators" does not contain "temp-exception";
*) snmp - fixed "send-trap" with multiple "trap-targets";
*) snmp - improved reliability on SNMP service packet validation;
*) snmp - properly return multicast and broadcast packet counters for IF-MIB OIDs;
*) ssh - accept remote forwarding requests with empty hostnames;
*) ssh - added new "ssh-exec" command for non-interactive command execution;
*) ssh - fixed non-interactive multiple command execution;
*) ssh - improved remote forwarding handling (introduced in v6.44.3);
*) ssh - improved session rekeying process on exchanged data size threshold;
*) ssh - keep host keys when resetting configuration with "keep-users=yes";
*) ssh - use correct user when "output-to-file" parameter is used;
*) sstp - improved stability when received traffic hits tarpit firewall;
*) supout - added IPv6 ND section to supout file;
*) supout - added "kid-control devices" section to supout file;
*) supout - added "pwr-line" section to supout file;
*) supout - changed IPv6 pool section to output detailed print;
*) switch - properly reapply settings after switch chip reset;
*) tftp - added "max-block-size" parameter under TFTP "settings" menu (CLI only);
*) tile - improved link fault detection on SFP+ ports;
*) tr069-client - added LTE CQI and IMSI parameter support;
*) tr069-client - fixed potential memory corruption;
*) tr069-client - improved error reporting with incorrect firware upgrade XML file;
*) traceroute - improved stability when sending large ping amounts;
*) traffic-generator - improved stability when stopping traffic generator;
*) tunnel - removed "local-address" requirement when "ipsec-secret" is used;
*) userman - added support for "Delegated-IPv6-Pool" and "DNS-Server-IPv6-Address" (CLI only);
*) w60g - do not show unused "dmg" parameter;
*) w60g - prefer AP with strongest signal when multiple APs with same SSID present;
*) w60g - show running frequency under "monitor" command;
*) winbox - added "System/SwOS" menu for all dual-boot devices;
*) winbox - do not allow setting "dns-lookup-interval" to "0";
*) winbox - show "LCD" menu only on boards that have LCD screen;
*) wireless - fixed frequency duplication in the frequency selection menu;
*) wireless - fixed incorrect IP header for RADIUS accounting packet;
*) wireless - improved 160MHz channel width stability on rb4011;
*) wireless - improved DFS radar detection when using non-ETSI regulated country;
*) wireless - improved installation mode selection for wireless outdoor equipment;
*) wireless - set default SSID and supplicant-identity the same as router's identity;
*) wireless - updated "china" regulatory domain information;
*) wireless - updated "new zealand" regulatory domain information;
*) www - improved client-initiated renegotiation within the SSL and TLS protocols (CVE-2011-1473);
What's new in 6.45 (2019-Jun-21 09:00):
(factory only release)
What's new in 6.44.4 (2019-May-09 12:14):
(factory only release)
ΠΡΟΣΟΧΗ!!!
Καλό είναι να βάλετε πρώτα την 6.44.4, μετά την 6.45 και μετά την 6.45.1
Επίσης... παραδόξως η 6.45.1 περιέχει ΚΑΙ αυτή fw.
What's new in 6.45.1 (2019-Jun-27 10:23):
What's new in 6.45 (2019-Jun-21 09:00):
What's new in 6.44.4 (2019-May-09 12:14):
ΠΡΟΣΟΧΗ!!!
Καλό είναι να βάλετε πρώτα την 6.44.4, μετά την 6.45 και μετά την 6.45.1
Επίσης... παραδόξως η 6.45.1 περιέχει ΚΑΙ αυτή fw.
Και αναρωτιόμουν γιατί άργησαν τόσο να βγάλουν νέα έκδοση... 9 CVEs διορθωμένα και δύο ενδιάμεσα factory only releases.
Την βηματική αναβάθμιση πού την είδες να προτείνεται; Κοιτούσα στο forum και δεν είδα κάτι.
καλησπερα, βλεπω νεο μενου στη νεα ROS STABLE ξερουμε τι ειναι???
Dot1X λέει!
καλα τωρα βγηκε αυτο? δεν θυμαμαι να το εχω ξαναδει, εδω περισσοτερα που βρηκα : https://wiki.mikrotik.com/wiki/Manual:Interface/Dot1x
- - - Updated - - -
!) dot1x - added support for IEEE 802.1X Port-Based Network Access Control;
ναι στη νεα stable ειναι νεο πραμα! πρωτο και καλυτερο στο changelog!
CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
Summary
Netflix has identified several TCP networking vulnerabilities in the Linux kernel that is used in RouterOS. The vulnerabilities can trigger denial of service if the RouterOS system is attacked from an insufficiently protected network interface (port). Firewall can protect against the issue.
MikroTik has already applied the necessary patches, and RouterOS versions containing them will be released in a few days time. We will update this article with dates and version numbers, as they become available.
Update: fix included in RouterOS 6.45.1, which is available on our webpage.
Δεν ηταν τπτ αυτα στην ουσια....... ηταν πατσαρισμενα απο παλια και κανανε μικροεπισκευες.
6.44.5 changelog:
MAJOR CHANGES IN v6.44.5:
----------------------
!) security - fixed vulnerabilities CVE-2018-1157, CVE-2018-1158;
!) security - fixed vulnerabilities CVE-2019-11477, CVE-2019-11478, CVE-2019-11479;
!) security - fixed vulnerability CVE-2019-13074;
----------------------
Changes in this release:
*) bridge - correctly handle bridge host table;
*) capsman - fixed CAP system upgrading process for MMIPS;
*) capsman - fixed interface-list usage in access list;
*) certificate - removed "set-ca-passphrase" parameter;
*) cloud - properly stop "time-zone-autodetect" after disable;
*) conntrack - fixed GRE protocol packet connection-state matching (CVE-2014-8160);
*) defconf - automatically set "installation" parameter for outdoor devices;
*) dhcpv6-client - fixed status update when leaving "bound" state;
*) dhcpv6-server - fixed dynamic IPv6 binding without proper reference to the server;
*) dhcpv6-server - override prefix pool and/or DNS server settings by values received from RADIUS;
*) discovery - fixed CDP packets not including address on slave ports (introduced in v6.44);
*) e-mail - properly release e-mail sending session if the server's domain name can not be resolved;
*) firewall - fixed fragmented packet processing when only RAW firewall is configured;
*) firewall - process packets by firewall when accepted by RAW with disabled connection tracking;
*) gps - strip unnecessary trailing characters from "longtitude" and "latitude" values;
*) hotspot - moved "title" HTML tag after "meta" tags;
*) ipv6 - improved system stability when receiving bogus packets;
*) ovpn - added "verify-server-certificate" parameter for OVPN client (CVE-2018-10066);
*) rb3011 - improved system stability when receiving bogus packets;
*) rb921 - improved system stability ("/system routerboard upgrade" required);
*) snmp - improved reliability on SNMP service packet validation;
*) ssh - fixed non-interactive multiple command execution;
*) supout - added IPv6 ND section to supout file;
*) supout - added "pwr-line" section to supout file;
*) supout - changed IPv6 pool section to output detailed print;
*) winbox - do not allow setting "dns-lookup-interval" to "0";
*) wireless - improved DFS radar detection when using non-ETSI regulated country;
*) wireless - improved installation mode selection for wireless outdoor equipment;
*) wireless - updated "china" regulatory domain information;
*) www - improved client-initiated renegotiation within the SSL and TLS protocols (CVE-2011-1473);
α της Long Term ειναι αυτα.... ειπα και εγω παλι νεα stable????
τελικα υπαρχει ενα προβλημα, στην συγκεκριμενη ROS την stable δεν παιζει το προγραμμα https://play.google.com/store/apps/details?id=com.birkot.mikrowinbox.pro ουτε η αγορασμενη εκδοση που εχω, ουτε η free, λει οτι ειναι λαθος το ονομα χρηστη ή ο κωδικος! φυσικα κατι τετοιο δεν συμβαινει αφου ολα τα αλλα δουλευουν. Εγραψα σχολια και στα 2 ουτε καν μου εχουν απαντησει...
ειναι τοσο καλο προγραμμα το εχω αγορασει κιολας αλλα οπως βλεπω δεν το ενημερωνουν.
- - - Updated - - -
To free τωρα ειδα οτι εχει ανανεωση Μαιο 2019 αλλα το δοκιμασα και κανει τα ιδια. Εξαλου η συγκεκριμενη εκδοση της ROS βγηκε πολυ ποιο μετα, χρειαζεται αναβαθμιση το προγραμμα κατι δεν του καθεται καλα.
τελικα υπαρχει ενα προβλημα, στην συγκεκριμενη ROS την stable δεν παιζει το προγραμμα https://play.google.com/store/apps/details?id=com.birkot.mikrowinbox.pro ουτε η αγορασμενη εκδοση που εχω, ουτε η free, λει οτι ειναι λαθος το ονομα χρηστη ή ο κωδικος! φυσικα κατι τετοιο δεν συμβαινει αφου ολα τα αλλα δουλευουν. Εγραψα σχολια και στα 2 ουτε καν μου εχουν απαντησει...
ειναι τοσο καλο προγραμμα το εχω αγορασει κιολας αλλα οπως βλεπω δεν το ενημερωνουν.
- - - Updated - - -
To free τωρα ειδα οτι εχει ανανεωση Μαιο 2019 αλλα το δοκιμασα και κανει τα ιδια. Εξαλου η συγκεκριμενη εκδοση της ROS βγηκε πολυ ποιο μετα, χρειαζεται αναβαθμιση το προγραμμα κατι δεν του καθεται καλα.
Καλημέρα έχεις δίκιο τώρα που το αναφέρεις το διαπίστωσα και εγώ ότι δεν δουλεύει.
Καλημέρα έχεις δίκιο τώρα που το αναφέρεις το διαπίστωσα και εγώ ότι δεν δουλεύει.
Καλημέρα, εμενα με πειραζει πολύ πρωτον γιατι το εχω αγορασει, δευτερον γιατι εχω βαλει ΟΛΑ τα προγράμματα που εχει για android και αυτό είναι το καλυτερο σε πολλα πραγματα, εχει κανα 2 ελλειψεις, αλλα για τα links για να τσεκαρεις σηματα με γραφήματα όταν εισαι απεξω είναι το καλυτερο των ολων.
Πολύ κριμα!
ελπιζω τουλάχιστον στην επομενη stable ROS να αλλαξει ότι φταιει και να παιξει γιατι αμα περιμενουμε τον προγραμματιστη να βγαλει εκδοση σωθήκαμε!
Περιμενε και θα βγαλουν το Update και για αυτο.
@ ADSLgr.com All rights reserved.