KeeneticOS 4.3
KeeneticOS release notes for Keenetic Starter (KN-1121) in the Development Channel
KeeneticOS releases in this channel show what we're working on right now. We update roughly weekly. N.B.: While releases in this channel do undergo testing, they are still sometimes bugs present, as we want you, our community, to share in what's new as soon as possible. Your input is really valued.
Keenetic Starter (KN-1121) is currently in the Standard Updates support period and receives regular software updates, including security enhancements, new features, operating system updates, and bug fixes.
KeeneticOS 4.3 Alpha 2
19/10/2024
New
Added an option to support the Fortinet protocol in the OpenConnect VPN client, which is selectable via the command line interface (CLI). [NDM-3520] [Forum topic]
interface {name} openconnect protocol fortinet
— enable Fortinet support for OpenConnect interface{name}
The DDNS service now re-attempts to update the Domain name resolution 30 seconds after a failed attempt. [NDM-3513] [Forum topic]
Improved
The improvement has been applied to the Web interface.
Improved the Active Connections table. [NWI-3703] [Forum topic]
Enabled LLDP multicast in addition to broadcast announcements to improve compatibility with managed Ethernet switches. [SYS-1214]
Fixed
The following fixes have been applied to the Web interface.
Fixed tooltips for Wi-Fi toggles on Extenders in the Mesh Wi-Fi system. [NWI-3763] [Forum topic]
Fixed the scrollbar colour for the Dark theme. [NWI-3764] [Forum topic]
Fixed the scrolling on mobile devices. [NWI-3768] [Forum topic]
Fixed Applications availability conditions. [NWI-3770] [Forum topic]
Fixed JS errors when a segment's configuration page is open. [NWI-3779] [Forum topic]
Fixed the DHCP Address pool size calculation. [NWI-3720] [Forum topic]
Fixed removing the DNS (
ip name-server
) record with the default port. [NDM-3493] [Forum topic]Fixed listing of Ethernet connections. [NDM-3504] [Forum topic]
Fixed an issue that caused the
Bridge: wrong port index
error message to appear in the System log when displaying the Client lists page. [NDM-3514] [Forum topic]
KeeneticOS 4.3 Alpha 1
11/10/2024
New
The new option for interface-specific DHCP relay agents is now accessible from the command line interface (CLI). [NDM-3401]
interface {name} ip dhcp relay enable
— enable DHCP relay on an interface.interface {name} ip dhcp relay upstream server {address}
— specify an upstream DHCP server.interface {name} ip dhcp relay upstream interface {interface}
— bind DHCP upstream to a specific interface (optional).
Implemented a new
connect
method of the KeenDNS proxy service for web applications, allowing remote access to the OpenVPN server using a KeenDNS name. [NDM-3497]ip http proxy {name} upstream (http | https | connect) {upstream} [port]
— setconnect
method for KeenDNS proxy{name}
The new IPv4 and IPv6 static route settings for binding to specified connection policies have been implemented. [NDM-3435]
ip policy {name} ip route ( {network} {mask} | {host} ) ( {gateway} [interface] | {interface}) [auto] [metric] [reject]
ip policy {name} ipv6 route {prefix} ( {interface} [gateway] | {gateway} ) [auto] [metric] [reject]
Enhanced security: Implementation of DDoS protection against connection table overflow. [NDM-3362]
ip conntrack max-entries {max-entries}
— set conntrack table size.ip conntrack lockout disable
— disable conntrack table protection (enabled by default).ip conntrack lockout threshold public {public}
— set maximum number of connections from public interfaces (percentage of the conntrack table size, from 50 to 99, default value: 80).ip conntrack lockout duration {duration}
— set lockout duration in seconds (from 60 to 3600, default value: 600).ip conntrack sweep threshold {threshold}
— set threshold to start cleaning up waiting sessions (percentage of the conntrack table size, from 50 to 99, default value: 70).show ip conntrack lockout
— view lockout status.
The new options have been implemented in the Web interface.
The new IPv6 settings option is now available for the VPN Connections section of the Other Connections page. [NWI-3428]
Added a Retry timeout field for On-demand mode in the Wireless ISP settings. [NWI-3570]
Improved
Added the ability to preempt VPN sessions when the multiple sign-in option is disabled. [NDM-3450] [Forum topic]
crypto map {name} l2tp-server session-preempt
— enablesession-preempt
option for crypto map{name}
.
The VPN Server apps in KeeneticOS no longer drop active connections when account settings are changed. [NDM-234]
Fixed
Fixed an issue with KeenDNS accessing web applications over the IKEv2 connection to the IKEv2/IPsec VPN server. [NDM-3439]
Fixed an issue that reset the Wi-Fi session uptime when the Wi-Fi client roams between extenders in the Wi-Fi system. [NDM-3498] [Forum topic]
The following fixes have been applied to the Web interface.
Changed colours on the Traffic monitor charts for better visibility and contrast. [NWI-3699] [Forum topic]
The placement of the Bandwidth control header on the Connection Policies page has been corrected. [NWI-3781] [Forum topic]