!) lte - added initial fastpath support (except SXT LTE and Sierra modems);
!) lte - added initial support for passthrough mode for lte modems that supports fastpath;
!) wireless - added Nv2 AP synchronization feature "nv2-modes" and "nv2-sync-secret" option;
bonding - fixed 802.3ad mode on RB1100AHx4; btest - fixed crash when packet size has been changed during test; capsman - added "current-registered-clients" and "current-authorized-clients" count for CAP interfaces; capsman - fixed EAP identity reporting in "registration-table"; capsman - set minimal "caps-man-names" and "caps-man-certificate-common-names" length to 1 char; certificate - added "crl-use" setting to disable CRL use (CLI only); certificate - update and reload old certificate with new one if SKID matches; chr - fixed MAC address assignment when hot plugging NIC on XenServer; chr - maximal system disk size now limited to 16GB; conntrack - fixed IPv6 connection tracking enable/disable; console - fixed different command auto complete on <tab>; crs212 - fixed Optech sfp-10G-tx module compatibility with SFP ports; defconf - added IPv6 default firewall configuration (IPv6 package must be enabled on reset); defconf - improved IPv4 default firewall configuration; defconf - renamed 192.168.88.1 address static DNS entry from "router" to "router.lan"; dhcp - added "debug" logs on MAC address change; dhcpv4-client - added "gateway-address" script parameter; dhcpv4-server - fixed lease renew for DHCP clients that sends renewal with "ciaddr = 0.0.0.0"; dhcpv4-server - fixed server state on interface change in Winbox and Webfig; discovery - fixed timeouts for LLDP neighbours; dns - remove all dynamic cache RRs of same type when adding static entry; dude - fixed server crash; email - added support for multiple attachments; ethernet - fixed occasional broken interface order after reset/first boot; ethernet - fixed rare linking problem with forced 10Mbps full-duplex mode; export - added "terse" option; export - added default "init-delay" setting for "/routerboard settings" menu; export - added router model and serial number to configuration export; export - fixed "/interface list" verbose export; export - fixed "/ipv6 route" compact export; export - fixed MPLS "dynamic-label-range" export; export - fixed SNMP "src-address" for compact export; fastpath - improved performance when packets for slowpath are received; fastpath - improved process of removing dynamic interfaces; fasttrack - fixed fasttrack over interfaces with dynamic MAC address; fetch - added "src-address" parameter for HTTP and HTTPS; filesystem - improved error correcting process on tilera and RB1100AHx4 storage; firewall - added "none-dynamic" and "none-static" options for "address-list-timeout" parameter; firewall - fixed bridge "action=log" rules; firewall - fixed cosmetic "inactive" flag when item was disabled; firewall - fixed crash on fasttrack dummy rule manual change attempt; firewall - removed unique address list name limit; hAP ac lite - removed nonexistent "wlan-led"; hotspot - added "address-list" support in "walled-garden" IP section; hotspot - require "dns-name" to contain "." symbol under Hotspot Server Profile configuration; ike1 - added log error message if netmask was not provided by "mode-config" server; ike1 - added support for "framed-pool" RADIUS attribute; ike1 - create tunnel policy when no split net provided; ike1 - fixed minor memory leak on peer configuration change; ike1 - kill phase1 instead of rekey if "mode-config" is used; ike1 - removed SAs on DPD; ike1 - send phase1 delete; ike1 - wait for cfg set reply before ph2 creation with xAuth; ike2 - added RADIUS attributes "Framed-Pool", "Framed-Ip-Address", "Framed-Ip-Netmask"; ike2 - added pfkey kernel return checks; ike2 - added support for "Mikrotik_Address_List" RADIUS attribute; ike2 - added support for "mode-config" static address; ike2 - by default use "/24" netmask for peer IP address in split net; ike2 - fixed duplicate policy checking with "0.0.0.0/0" policies; ike2 - prefer traffic selector with "mode-config" address; ipsec - added "firewall=add-notrack" peer option (CLI only); ipsec - added information in console XML for "mode-config" menu; ipsec - added support for "key-id" peer identification type; ipsec - allow to specify chain in "firewall" peer option; ipsec - do not deduct "dst-address" from "sa-dst-address" for "/0" policies; ipsec - enabled modp2048 DH group by default; ipsec - fixed connections cleanup on policy or proposal modification; ipsec - optimized logging under IPSec topic; ipsec - removed policy priority; l2tp - fixed handling of pre-authenticated L2TP sessions with CHAP authentication; l2tp-server - added "one-session-per-host" option; log - added "poe-out" topic; log - improved "l2tp" logs; log - optimized "wireless,info" topic logs; log - work on false CPU/RAM overclocked alarms; lte - added "accounting" logs for LTE connections; lte - added additional driver support for DWR-910; lte - added info command support for the Jaton LTE modem; lte - added initial support for "NTT DoCoMo" modem; lte - added support for Huawei E3531-6; lte - added support for ZTE TE W120; lte - fixed info command when it is executed at the same time as modem restarts/disconnects; lte - improved SMS delivery report; lte - improved reliability on SXT LTE; metarouter - fixed display of bogus error message on startup; mmips - added support for NVME disks; ovpn - added support for "push-continuation"; ovpn - added support for topology subnet for IP mode; ovpn - fixed duplicate default gateway presence when receiving extra routes; ovpn - improved performance when receiving too many options; packages - increased automatic download retry interval to 5 minutes if there is no free disk space; ping - fixed ping getting stuck (after several thousands of ping attempts); ppp - added initial support for ZTE K4203-Z and ME3630-E; ppp - added output values for "info" command for finding the GSM base station's location ("LAC" and "IMSI"); ppp - fixed "user-command" output; ppp - fixed non-standart PAP or CHAP packet handling; ppp - improved MLPPP packet forwarding performance; ppp - use interface name instead of IP as default route gateway; proxy - fixed potential crash; proxy - fixed rare program crash after closing client connection; quickset - added "Band" setting to "CPE" and "PTP CPE" modes; quickset - added special firewall exception rules for IPSec; quickset - fixed incorrect VPN address value on arm and tilera; quickset - simplified LTE status monitoring; quickset - use active user name and permissions when applying changes; rb1100ahx4 - fixed startup problems (requires additional reboot after upgrade); rb3011 - fixed packet passthrough on switch2 while booting; rb750gr3 - fixed USB power; routerboard - added "caps-mode" option for "reset-configuration"; routerboard - added "caps-mode-script" for default-configuration print; routing - allow to disable "all" interface entry in BFD; safe-mode - fixed session handling when Safe Mode is used on multiple sessions at the same time; sfp - fixed invalid temperature reporting when ambient temperature is less than 0; sms - decode reports in readable format; sniffer - do not skip L2 packets when "all" interface mode was used; snmp - added "ifindex" on interface traps; snmp - added CAPsMAN interface statistics; snmp - added ability to set "src-address"; snmp - fixed "/system resource cpu print oid" menu; snmp - fixed crash on interface table get; snmp - fixed wireless interface walk table id ordering; socks - fixed crash while processing many simultaneous sessions; ssl - added Wildcard support for "left-most" DNS label (will allow to use signed Wildcard certificate on VPN servers); supout - fixed IPv6 firewall section; switch - fixed "loop-protect" on CRS SFP/SFP+ ports; switch - fixed multicast forwarding on CRS326; tile - fixed copying large amount of text over serial console; tr069-client - fixed lost HTTP header on authorization; trafficgen - added "lost-ratio" to statistics; ups - show correct "line-voltage" value for usbhid UPS devices; userman - added "/tool user-manager user clear-profiles" command; userman - do not send disconnect request for user when "simultaneous session limit reached"; userman - lookup language files also in "/flash" directory; vlan - do not delete existing VLAN interface on "failure: already have such vlan"; webfig - fixed wireless "scan-list" parameter not being saved after applying changes; winbox - added "eap-identity" to CAPsMAN registration table; winbox - added "no-dad" setting to IPv6 addresses; winbox - added "reselect-channel" to CAPsMAN interfaces; winbox - added "session-uptime" to LTE interface; winbox - added TR069 support; winbox - do not autoscale graphs outside known maximums; winbox - fixed wireless interface "amsdu-threshold" max limit; winbox - hide LCD menu on CRS112-8G-4S; winbox - make IPSec policies table an order list; winbox - moved LTE info fields to status tab; winbox - show "/interface wireless cap print" warnings; winbox - show "/system health" only on boards that have health monitoring; winbox - show "D" flag under "/interface mesh port" menu; wireless - NAK any methods except MS-CHAPv2 as inner method in PEAP; wireless - added option to change "nv2-downlink-ratio" for nv2 protocol; wireless - added option to set "fixed-downlink" mode for nv2 protocol; wireless - allow VirutalAP on Level0 (24h demo) license; wireless - always use "multicast-helper" when DHCP is being used; wireless - do not skip >2462 channels if interface is WDS slave; wireless - fixed 802.11u wireless request processing; wireless - fixed EAP PEAP success processing; wireless - fixed compatibility with "AR5212" wireless chips; wireless - fixed rare crash on cap disable; wireless - fixed registration table "signal-strength" reporting for chains when using nv2;
Osobne se zas na nejakou dobu prepinam do konzervativnich rezimu 