KeeneticOS 3.7
KeeneticOS 3.7.1
10/12/2021
Покращено
Enhanced Wi‑Fi Network protection: WPA2 Enterprise exchange with a RADIUS server now has Network name (SSID) in the
Called-Station-Id
message —'50-FF-20-AA-BB-CC:Keenetic-5555'
. [SYS-9]
Виправлено
Немає змін для параметрів продукту Keenetic City (KN-1511).
KeeneticOS 3.7.0
28/11/2021
Нове
Немає змін для параметрів продукту Keenetic City (KN-1511).
Покращено
Немає змін для параметрів продукту Keenetic City (KN-1511).
Виправлено
Fixed the inability to set up a static DNS server address with the custom port setting in the Web Interface, for example —
1.1.1.1:5353
. [NWI-766]Fixed the forced disconnect of live Wi‑Fi clients when removing them from the Whitelist of the Wireless ACL. [SYS-400]
Fixed the false advertisement of 802.11k capabilities in Wi‑Fi network beacons. [SYS-414]
The Device list no longer shows phantom devices when an ISP network shares the same VLAN IDs with network segments configured in the Keenetic device. [SYS-422]
KeeneticOS 3.7 Beta 8
21/11/2021
Покращено
Немає змін для параметрів продукту Keenetic City (KN-1511).
Виправлено
Wi‑Fi system dynamic Fast Transition (802.11r) key exchange now operates appropriately when an Extender has the IP address changed over time via DHCP. [SYS-354] [Forum topic]
KeeneticOS 3.7 Beta 7
17/11/2021
Виправлено
Fixed Wi‑Fi roaming zone configuration error:
unable to set global STA mask in non-MWS mode
. [NDM-1942]
KeeneticOS 3.7 Beta 6
13/11/2021
Покращено
Removed an error message that occurred if an IP address was configured instead of a URL (Uniform Resource Locator) for a DoH (DNS over HTTP) server:
Resolver prefix doesn't appear to contain a hostname
. [NDM-1938]Enabled centralized Wi‑Fi
country code
configuration from Wi‑Fi system Controller, and blocked this setting on Extenders. [NDM-1921, NWI-733]Closing of Traffic monitor additional tabs is now allowed in mobile browsers. [NWI-666] [Forum topic]
Added links to the Internet connections settings from the dashboard Internet tile, providing a fast way to edit connection(s). [NWI-682]
Виправлено
Fixed the mobile application request handler that caused the error message:
unable to find (empty) as "Network::Interface::Base"
. [NDM-1927] [Forum topic]Improved Wi‑Fi 802.11r FT (Fast Transition) interoperability under certain conditions. [SYS-49]
KeeneticOS 3.7 Beta 5
07/11/2021
Нове
Немає змін для параметрів продукту Keenetic City (KN-1511).
Покращено
The PSK (PreShared Key) length is extended to 96 characters for IPsec and L2TP/IPSec VPN servers. [NDM-1780]
Виправлено
Fixed the occasional false "4 GBytes" bursts of apparent traffic in the Traffic monitor. [SYS-396]
The Static IP address assigned to a registered device now works more reliably. [NDM-1893]
Disabled validation of the DoT (DNS over TLS) / DoH (DNS over HTTPS) certificates until the system time of the KeeneticOS is synchronized. [NDM-1910] [Forum topic]
The pop-up window closing icon is restored. [NWI-684] [Forum topic]
Fixed the incorrect connection type in the More information section for Registered devices currently offline. [NDW-664] [Forum topic]
The operation of the Wireguard VPN causes
no buffer space available
error message in the System log. [NDM-1913]
KeeneticOS 3.7 Beta 4
28/10/2021
Нове
Немає змін для параметрів продукту Keenetic City (KN-1511).
Покращено
Implemented brute-force protection for remote access to the device via the KeenDNS domain name in the Cloud access mode. [NDM-1804]
The KeeneticOS update process is optimized to run in the background to minimize system downtime. Keenetic has dual flash memory with active and backup KeeneticOS images to ensure fail-free automatic upgrades. When a new version of the operating system is released, the device will download, store and check the integrity of the software image in the backup partition first, without interrupting the main operation. Then the Keenetic device reboots, running the updated KeeneticOS version. Internet access will be briefly interrupted only during the device reboot. [NDM-1861]
The hostname value is added to the Syslog message's payload when sending records to a server to simplify log analysis from multiple Keenetic devices. [NDM-1872]
Виправлено
Restored the operation of simultaneous Wi‑Fi roaming zone and Wi‑Fi band restrictions applied to the device. The settings now propagate correctly to newly acquired Mesh Wi‑Fi System extenders as well. [NDM-1869, NDM-1875]
Fixed Network Time Protocol (NTP) server response validation under certain conditions. [NDM-1880]
Increased the server address length to 256 characters for PPTP and L2TP connections. [NDM-1907]
The Traffic monitor statistics now display correct information after changing settings on the WAN interface. [SYS-389]
KeeneticOS 3.7 Beta 3
27/09/2021
Нове
Added a user-defined caption to the Web Interface header and a browser tab providing improved navigation between multiple Keenetic devices. [NDM-1764, NWI-424, NWI-428, NWI-429, NWI-555, NWI-556, NWI-558]
Покращено
Improved security: After changing user credentials, KeeneticOS cleans up active management sessions via the Web Interface and the Keenetic mobile application. [NDM-1860]
Виправлено
Disabled requests from the Extenders to the Mesh Wi‑Fi Controller DNS proxy in additional segments. The Extenders now use Home segment only for system DNS requests. [NDM-976]
The availability checking for the SafeDNS® service now operates correctly when no additional DNS servers are configured. [NDM-1761]
The IKEv2 VPN tunnel now operates properly as a primary Internet connection along with the logic of automatic IKEv2 tunnel source selection. [NDM-1855]
KeeneticOS 3.7 Beta 2
02/09/2021
Покращено
When a wired Ethernet backhaul link is used to attach a Wi‑Fi System Extender to a Wi‑Fi System Controller, setting up custom Wi‑Fi channels on the Extender is now possible. Setting non-overlapping Wi‑Fi channels on different Wi‑Fi System nodes will maximize wireless clients' performance. If a wired Ethernet backhaul link disconnects, the Extender will automatically switch to a Mesh wireless backhaul link to resume operation. In this case, depending on the Mesh wireless backhaul interface, the corresponding Wi‑Fi channel on the Extender will follow the backhaul link. Once a wired Ethernet backhaul link is restored, the Extender will automatically use wired backhaul and preset Wi‑Fi channels. [NDM-1801]
Виправлено
The Wi‑Fi roaming setting synchronization between the Wi‑Fi System Controller and Extenders now operates properly. [NDM-1668]
KeeneticOS 3.7 Beta 1
12/08/2021
Maintenance release
Maintenance release for synchronization with the KeeneticOS Preview Channel.
Виправлено
Немає змін для параметрів продукту Keenetic City (KN-1511).
KeeneticOS 3.7 Beta 0.9
09/08/2021
Покращено
Немає змін для параметрів продукту Keenetic City (KN-1511).
Виправлено
Немає змін для параметрів продукту Keenetic City (KN-1511).
KeeneticOS 3.7 Beta 0.4
01/08/2021
Нове
Немає змін для параметрів продукту Keenetic City (KN-1511).
Покращено
Improved memory overflow protection for the Traffic classification engine, to fix the disappearance of Uncategorized traffic from the statistics. [NDM-1793]
Виправлено
Eliminated the root cause for the
unable to reset loop detector
errors in Extender logs. [NDM-1658]Fixed the reason for the
Rtx::Iapp: unsupported interface
errors in Extender logs. [NDM-1753]
KeeneticOS 3.7 Beta 0.2
17/07/2021
Нове
Покращено
The Active connections information sheet moves to a separate tab on the Diagnostics page, providing a list of sessions established via your Keenetic device. [NWI-414]
Виправлено
Fixed the reset to default MAC address on a wired connection with IPTV port option enabled. [NDM-1771] [Forum topic]
KeeneticOS 3.7 Beta 0.1
16/07/2021
Покращено
A Wi‑Fi System Extender will stop broadcasting Wi‑Fi networks if the backhaul connection to the Wi‑Fi System Controller is lost, to help Wi‑Fi clients re-connect to a working Wi‑Fi System node faster. [NDM-1707]
Added a Compressed RAM disk for system swap (zRAM) toggle to the System settings page. [NWI-405]
Примітка
zRAM — makes more efficient use of RAM, with limited processor overhead, by compressing random access memory blocks that are infrequently accessed or rarely modified.
Виправлено
Fixed the procedure for Extender acquisition to the Mesh Wi‑Fi System under certain conditions. [NDM-1775]
KeeneticOS 3.7 Beta 0
10/07/2021
Покращено
Improved DNAT session recognition by the Traffic classification engine system component. [SYS-319]
Implemented stopping of the Traffic classification engine service to free system memory before a KeeneticOS update. [NDM-1756]
The system Debug control relocates to a dedicated tab in the Diagnostics section. [NWI-401]
Виправлено
Немає змін для параметрів продукту Keenetic City (KN-1511).
KeeneticOS 3.7 Alpha 17
08/07/2021
Покращено
We deployed a new firmware signing certificate to the cloud infrastructure to strengthen the security of KeeneticOS updates. [SYS-314]
Виправлено
The uncategorized traffic is back to the Categories and Applications views of the Traffic monitor, with a hatch pattern for better visibility. [NWI-377] [Forum topic]
KeeneticOS 3.7 Alpha 16
03/07/2021
Нове
Немає змін для параметрів продукту Keenetic City (KN-1511).
Покращено
Improved the application identification and traffic accounting accuracy of the Traffic classification engine system component. [SYS-309]
Виправлено
Fixed the Wi‑Fi Extender IP address refresh for networks with multiple segments. [NDM-1752]
KeeneticOS 3.7 Alpha 15
26/06/2021
Нове
Немає змін для параметрів продукту Keenetic City (KN-1511).
Покращено
As of now, the Keenetic Traffic classification engine recognizes 1400+ of the most popular Internet applications. In addition, Uncategorized traffic is now visible in the Applications and Categories views of the Traffic Monitor. [NDM-1210]
Implemented automatic merging of the least important data to the Uncategorized group to optimize memory usage by the Traffic classification engine and enable protection against memory overflow. [NDM-1681]
Виправлено
Restored correct display of the Extender > Connection status for wired connections in the Mesh Wi‑Fi system page. [NDM-1717]
Removed the password prompt flick when navigating from the Mesh Wi‑Fi System page of a Controller to connected Extenders. [NDM-1724]
KeeneticOS 3.7 Alpha 14
19/06/2021
Нове
Немає змін для параметрів продукту Keenetic City (KN-1511).
KeeneticOS 3.7 Alpha 13
12/06/2021
Нове
Немає змін для параметрів продукту Keenetic City (KN-1511).
Покращено
Seamless navigation from Wi‑Fi System Controller to Extenders is available now. Click the Extender name on the Mesh Wi‑Fi System page to jump to the Web Interface of the Extender. Each Extender has a unique navigation web address under the
*.keenetic.io
domain. Security tokens and automatically installed Let's Encrypt SSL certificates ensure safe and secure operation. [NDM-1287, NWI-323]Added the Optimization mode selector to the IPsec VPN server application settings. It changes the set of supported encryption algorithms, as follows. [NDM-1259, NWI-327]
Default — enables all encryption algorithms except
DES
and3DES
;Legacy — enables both
DES
and3DES
for compatibility with legacy clients;Performance — enables modern encryption algorithm
CHACHA20-POLY1305
only, for faster and secure data exchange with supported peers.
Виправлено
Fixed system configuration synchronization between the Mesh Wi‑Fi System Controller and Extenders. [NDM-1668]
KeeneticOS 3.7 Alpha 12
05/06/2021
Нове
The Traffic classification engine (NTCE) now offers prioritization for a comprehensive set of application categories via the service classes. The new CLI commands are listed below. [NDM-1683]
ntce qos priority {category} {priority}
— assign certain priority for certain categoriesntce qos enable
— enable QoS processing for thentce
(network traffic classification engine)
Покращено
It is now possible to edit Speed limit settings for devices with internet access blocked according to schedule on the Device lists page. [NDW-2427]
Updated
Curl
daemon to7.77.0
version, which fixes the CVE-2021-22897, CVE-2021-22898, CVE-2021-22901 vulnerabilities.
Виправлено
Немає змін для параметрів продукту Keenetic City (KN-1511).
KeeneticOS 3.7 Alpha 11
29/05/2021
Нове
Немає змін для параметрів продукту Keenetic City (KN-1511).
Покращено
Added new IntelliQoS priority configuration page in the Web Interface. It ensures inbound, and outbound, bandwidth for prioritized applications and tasks via pre-defined, drag-and-drop category group presets. [NDW-2413]
Підказка
The Traffic classification engine system component is still in the experimental stage, and can only be enabled from the command line:
service ntce
. For Keenetic devices with up to 128MB of RAM memory, it is recommended to enable ZRAM support:system zram
. The actual assignment of priorities on the IntelliQoS page is still under development, and planned for implementation in the next developer release.Updated the Web Interface of the KeeneticOS to address the CVE-2021-23017 vulnerability.
Виправлено
Немає змін для параметрів продукту Keenetic City (KN-1511).
KeeneticOS 3.7 Alpha 10
22/05/2021
Нове
Немає змін для параметрів продукту Keenetic City (KN-1511).
Покращено
Patched a collection of security vulnerabilities called FragAttacks (Fragmentation and Aggregation Attacks). [SYS-276, SYS-277, SYS-278, SYS-280, SYS-282, SYS-283]
CVE-2020-24586 — fragment cache attack (not clearing fragments from memory when (re)connecting to a network).
CVE-2020-24587 — mixed key attack (reassembling fragments encrypted under different keys).
CVE-2020-24588 — aggregation attack (accepting non-SPP A-MSDU frames).
CVE-2020-26139 — forwarding EAPOL frames even though the sender is not yet authenticated (should only affect APs).
CVE-2020-26146 — reassembling encrypted fragments with non-consecutive packet numbers.
CVE-2020-26147 — reassembling mixed encrypted/plaintext fragments.
CVE-2020-26140 — accepting plaintext data frames in a protected network.
Виправлено
Немає змін для параметрів продукту Keenetic City (KN-1511).
KeeneticOS 3.7 Alpha 9
15/05/2021
Покращено
Немає змін для параметрів продукту Keenetic City (KN-1511).
Виправлено
The system restart in the Extender mode under certain conditions. [NDM-514]
Fixed memory consumption by the Traffic classification engine component. [NDM-1425]
The operation of DoT (DNS over TLS)/DoH (DNS over HTTPS) services resulting in the error message
https-dns-proxy: Error binding
. [NDM-541] [Forum topic]
KeeneticOS 3.7 Alpha 8
01/05/2021
Покращено
Added Password protected access to web applications running on your network via the KeenDNS service. [NDW-2202]
Redesigned the Access to web applications running on your network section of the Domain name > KeenDNS page for better visibility and easy management. [NDW-2203]
Added the Auto option for the KeenDNS operating in IPv4 mode, providing automatic detection of obtained IP address type and flexible operation if this IP changes from time to time or you have a secondary/backup Internet access connection. [NDW-2243]
Виправлено
Cleanup of obsolete TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) sessions of the Traffic classification engine system component, which caused excessive memory consumption. [NDMS-1496]
The detection of SIP (Session Initiation Protocol), RTP (Real-time Transport Protocol), and RTCP (RTP Control Protocol) protocols by the Traffic classification engine system component. [NDMS-1576]
Access to the Keenetic device by KeenDNS domain name from the local network now works correctly. [NDMS-1344]
The application category classification on the Traffic monitor page of the Web Interface. [NDW-2231]
KeeneticOS 3.7 Alpha 7
24/04/2021
Покращено
ICMP - Host unreachable
replaces theDROP
action for the internal firewall rule of KeeneticOS when the user's device is accessing a blocked DNS over HTTPS (DoH) / DNS over TLS (DoT) DNS server. This change helps to speed up fallback to allowed DoT/DoH DNS servers on the Keenetic device. [NDMS-1470]It is now possible to use
%
and^
characters in the Username field of a DDNS profile. [NDMS-1255]
KeeneticOS 3.7 Alpha 6
23/04/2021
Нове
The Traffic classification engine and IntelliQoS system component is replaced by the Traffic classification engine system component of the KeeneticOS. It implements the detection and classification of applications and protocols.
Categories and Applications diagrams appeared in the Host traffic monitor menu of the Web Interface. Also, a new item, Application Traffic Analyzer, appeared in the Status section. Currently, new sections become visible after the component is installed and the service is enabled via the
service ntce
CLI command. The component operates autonomously and does not depend on any external services. [NDMS-1476, NDW-2109]
Покращено
The KeenDNS settings now allow specifying an IP address and FQDN as the HTTP proxy destination address in the Access to web applications running on your network section of the Domain name page. [NDW-2201]
Виправлено
The sorting of the VPN connections in the Other connections section is now working correctly. [NDW-2169]
The security issue CVE-2020-15078 of the OpenVPN client and server system component.
KeeneticOS 3.7 Alpha 5
17/04/2021
Нове
Немає змін для параметрів продукту Keenetic City (KN-1511).
Покращено
Removed Wi‑Fi extenders from the list of devices that can be assigned a DNS filtering policy profile on the Internet safety page. [NDW-2108] [Forum topic]
Виправлено
Devices in Extender mode used to crash under certain circumstances. [NDMS-1546] [Forum topic]
KeeneticOS 3.7 Alpha 4
28/03/2021
Покращено
Updated to the latest OpenSSL library version 1.1.1k, which fixes the CVE-2021-3449, CVE-2021-3450 vulnerabilities.
Виправлено
Fixed the Cloud access mode of the KeenDNS service. [NDMS-1550] [Forum topic]
KeeneticOS 3.7 Alpha 3
26/03/2021
Покращено
Немає змін для параметрів продукту Keenetic City (KN-1511).
Виправлено
Немає змін для параметрів продукту Keenetic City (KN-1511).
KeeneticOS 3.7 Alpha 2
24/03/2021
Покращено
The firmware image build with the Keenetic SDK is now compatible with the Keenetic Recovery Utility for Windows OS. You can use this utility to upload a firmware image to your Keenetic device. [NDMS-1530]
Виправлено
Setting a Speed limit to a Registered device caused KeeneticOS to crash. [NDMS-1532] [Forum topic]
KeeneticOS 3.7 Alpha 1
20/03/2021
Нове
The KeeneticOS build system is now available on GitHub. You can use the Keenetic Software Development Kit (SDK) to build a customized Keenetic firmware image with your own services and scripts. [NDMS-1398]
Покращено
Implemented a new smart queue management algorithm — NDM Fast Queue (NFQ). NFQ is CAKE-based, and optimized for speeds above 24 Mbit/s. When you limit the Internet connection speed for a host or network segment at a rate above 24 Mbit/s, the NFQ algorithm performs shaping. For rates below 24 Mbit/s, the CAKE algorithm does the job. [NDMS-1247]
DHCP server options 121 and 249 now allow configuration of routes with destination
0.0.0.0/0
. [NDMS-1222] [Forum topic]The CLI command for adjusting the TTL value of incoming IP packets has a new syntax: [NDMS-1419]
interface ip adjust-ttl (set | inc | dec)
— old syntax, obsolete now;interface ip adjust-ttl recv {recv}
— new syntax.