KeeneticOS 4.3
KeeneticOS release notes for Keenetic Starter (KN-1121) in the Development Channel
KeeneticOS releases in this channel show what we're working on right now. We update roughly weekly. N.B.: While releases in this channel do undergo testing, they are still sometimes bugs present, as we want you, our community, to share in what's new as soon as possible. Your input is really valued.
Keenetic Starter (KN-1121) is currently in the Standard Updates support period and receives regular software updates, including security enhancements, new features, operating system updates, and bug fixes.
KeeneticOS 4.3 Alpha 5
09/11/2024
New
The option to select the OS update channel for Wi-Fi System Extenders is now available in the Wi-Fi System Controller Web interface. [NWI-3823] [Forum topic]
Fixed
The following fixes have been applied to the Web interface.
Fixed problem where System Dashboard cards were not editable on mobile screens. [NWI-3865] [Forum topic]
Optimized the internal logic of the System log popup window. [NWI-3813] [Forum topic]
Fixed tooltip display for Static IP fields. [NWI-3818] [Forum topic]
Fixed the view mode selector behaviour on the Applications page. [NWI-3827] [Forum topic]
Fixed JS errors on the General System Settings page. [NWI-3840] [Forum topic]
Fixed the display of long names on the Traffic monitor page. [NWI-3860] [Forum topic]
Fixed the display of data units. [NWI-3893] [Forum topic]
KeeneticOS 4.3 Alpha 4
02/11/2024
New
The new
accept-routes
option allows the OpenConnect VPN client to obtain route and IPv6 address configuration from the remote OpenConnect VPN server. [NDM-3539] [Forum topic]interface {name} openconnect accept-routes
— enable obtaining IP routes for OpenConnect interface{name}
The new OpenConnect VPN server option enables static route forwarding to be sent to the connected VPN clients. [NDM-3540] [Forum topic]
oc-server route {address} {mask}
— set a static route with{address} {mask}
for OpenConnect VPN server
The new OpenConnect VPN client option allows turning off the DTLS (Datagram Transport Layer Security) feature via the command line interface. [NDM-3541] [Forum topic]
interface {name} openconnect no dtls
— disable DTLS for OpenConnect interface{name}
Fixed
Fixed a KeenDNS issue with Internet access to web applications with the No access (
security-level private
) setting enabled. [NDM-3479]Fixed an issue with the OpenConnect VPN client reconnecting when the remote OpenConnect VPN server is restarted. [NDM-3532] [Forum topic]
KeeneticOS 4.3 Alpha 3.1
29/10/2024
Fixed
Fixed an issue with the IntelliQoS service that could cause a system restart. [SYS-1226] [Forum topic]
KeeneticOS 4.3 Alpha 3
26/10/2024
Fixed
The following fixes have been applied to the Web interface.
Fixed the Wi-Fi Channel number configuration and notifications when using Wireless ISP (WISP). [NWI-3698] [Forum topic]
Fixed the highlighting in the Ports and VLANs Settings section when editing settings. [NWI-3789] [Forum topic]
Fixed removal of the DNS server for the WireGuard VPN connection. [NWI-3800] [Forum topic]
Fixed incorrect display of 802.1x Authentication settings without component installed. [NWI-3822] [Forum topic]
Fixed the display of search results. [NWI-3830] [Forum topic]
Fixed saving of Server address field with "camouflage" suffix in SSTP VPN client settings. [NDM-3521]
Resolved a software packet engine (
ppe software
) incompatibility with incoming traffic having TTL 1. [NDM-3490]An issue that caused the
https-dns-proxy: curl needed more event than max connections
error message to appear in the System log has been fixed. [NDM-3523]Fixed an issue with quick access to the Extender's web interface from the Mesh Wi-Fi System page. [NDM-3522] [Forum topic]
KeeneticOS 4.3 Alpha 2
19/10/2024
New
Added an option to support the Fortinet protocol in the OpenConnect VPN client, which is selectable via the command line interface (CLI). [NDM-3520] [Forum topic]
interface {name} openconnect protocol fortinet
— enable Fortinet support for OpenConnect interface{name}
The DDNS service now re-attempts to update the Domain name resolution 30 seconds after a failed attempt. [NDM-3513] [Forum topic]
Improved
The improvement has been applied to the Web interface.
Improved the Active Connections table. [NWI-3703] [Forum topic]
Enabled LLDP multicast in addition to broadcast announcements to improve compatibility with managed Ethernet switches. [SYS-1214]
Fixed
The following fixes have been applied to the Web interface.
Fixed tooltips for Wi-Fi toggles on Extenders in the Mesh Wi-Fi system. [NWI-3763] [Forum topic]
Fixed the scrollbar colour for the Dark theme. [NWI-3764] [Forum topic]
Fixed the scrolling on mobile devices. [NWI-3768] [Forum topic]
Fixed Applications availability conditions. [NWI-3770] [Forum topic]
Fixed JS errors when a segment's configuration page is open. [NWI-3779] [Forum topic]
Fixed the DHCP Address pool size calculation. [NWI-3720] [Forum topic]
Fixed removing the DNS (
ip name-server
) record with the default port. [NDM-3493] [Forum topic]Fixed listing of Ethernet connections. [NDM-3504] [Forum topic]
Fixed an issue that caused the
Bridge: wrong port index
error message to appear in the System log when displaying the Client lists page. [NDM-3514] [Forum topic]
KeeneticOS 4.3 Alpha 1
11/10/2024
New
The new option for interface-specific DHCP relay agents is now accessible from the command line interface (CLI). [NDM-3401]
interface {name} ip dhcp relay enable
— enable DHCP relay on an interface.interface {name} ip dhcp relay upstream server {address}
— specify an upstream DHCP server.interface {name} ip dhcp relay upstream interface {interface}
— bind DHCP upstream to a specific interface (optional).
Implemented a new
connect
method of the KeenDNS proxy service for web applications, allowing remote access to the OpenVPN server using a KeenDNS name. [NDM-3497]ip http proxy {name} upstream (http | https | connect) {upstream} [port]
— setconnect
method for KeenDNS proxy{name}
The new IPv4 and IPv6 static route settings for binding to specified connection policies have been implemented. [NDM-3435]
ip policy {name} ip route ( {network} {mask} | {host} ) ( {gateway} [interface] | {interface}) [auto] [metric] [reject]
ip policy {name} ipv6 route {prefix} ( {interface} [gateway] | {gateway} ) [auto] [metric] [reject]
Enhanced security: Implementation of DDoS protection against connection table overflow. [NDM-3362]
ip conntrack max-entries {max-entries}
— set conntrack table size.ip conntrack lockout disable
— disable conntrack table protection (enabled by default).ip conntrack lockout threshold public {public}
— set maximum number of connections from public interfaces (percentage of the conntrack table size, from 50 to 99, default value: 80).ip conntrack lockout duration {duration}
— set lockout duration in seconds (from 60 to 3600, default value: 600).ip conntrack sweep threshold {threshold}
— set threshold to start cleaning up waiting sessions (percentage of the conntrack table size, from 50 to 99, default value: 70).show ip conntrack lockout
— view lockout status.
The new options have been implemented in the Web interface.
The new IPv6 settings option is now available for the VPN Connections section of the Other Connections page. [NWI-3428]
Added a Retry timeout field for On-demand mode in the Wireless ISP settings. [NWI-3570]
Improved
Added the ability to preempt VPN sessions when the multiple sign-in option is disabled. [NDM-3450] [Forum topic]
crypto map {name} l2tp-server session-preempt
— enablesession-preempt
option for crypto map{name}
.
The VPN Server apps in KeeneticOS no longer drop active connections when account settings are changed. [NDM-234]
Fixed
Fixed an issue with KeenDNS accessing web applications over the IKEv2 connection to the IKEv2/IPsec VPN server. [NDM-3439]
Fixed an issue that reset the Wi-Fi session uptime when the Wi-Fi client roams between extenders in the Wi-Fi system. [NDM-3498] [Forum topic]
The following fixes have been applied to the Web interface.
Changed colours on the Traffic monitor charts for better visibility and contrast. [NWI-3699] [Forum topic]
The placement of the Bandwidth control header on the Connection Policies page has been corrected. [NWI-3781] [Forum topic]