corniger

Release 5.1 Alpha 6 App: fixed SSL connections to the mobile application's backend (reported by @AJ_) [SYS-1680] IP: corrected the flushing of sessions that utilize the FQDN-based route [NDM-4336] IPsec: fixed the blocking of the inter-process communication socket [NDM-4332] MWS: fixed the extender's acquisition, system update, and access to its web UI from the controller [NDM-4339] Web: fixed the management port number setting [NWI-4747] Web: fixed the cog icon hover on the dashboard in dark theme (reported by @spatiumstas) [NWI-4712] Web: fixed the navigation to applications from the Dashboard (reported by @r3L4x) [NWI-4474] Web: fixed excessive polling of the Captive Portal service (reported by @spatiumstas) [NWI-4368] Wi-Fi: fixed the handler for turning wireless on and off on devices with a single hardware button [NDM-4326] WSD: modified the Hello message format to resolve the reboot issue for certain IP cameras (reported by @dimon27254) [NDM-4331]

Release 4.3.7 LTS* (preview): CIFS: fixed compatibility with macOS TimeMachine® [NDM-4112] Core: restricted access to sensitive data for users with 'readonly' privileges [NDM-4169] DNS: fixed possible system restart triggered by 'DNS FQDN event sink' threads [NDM-4162] HTTP: eliminated CVE-2026-1642 security vulnerability in the HTTP proxy service [NDM-4267] IP: fixed operation of static routes added after the default route [NDM-4209] IPsec: fixed convey of IKEv1/IPsec VPN and IKEv2/IPsec VPN servers custom routes to clients (reported by @lexm434) [NDM-3954] IPv6: fixed the IPv4 default route setup for DS-Lite over PPPoE connections [NDM-4109] Monitor: changed the packet dump file extension from .pcapng to .pcap [NDM-4091] MWS: fixed the wireless 2.4 GHz backhaul operation for MT7603 and MT7628-based devices [SYS-1513] SSDP: fixed possible system restart under certain conditions [NDM-4224] Web: fixed the mobile connection settings save after changing the TTL value [NWI-4322] Web: fixed the display of the drop-down list on the Internet Safety page (reported by @kroleg) [NWI-4306] Web: removed the option to delete main home network segment (reported by @dimon27254) [NWI-4340] Web: restored the 'lte-firmware' file missing in the list of system files under certain conditions [NWI-4367] Wi-Fi: fixed the ACL filtering for Wi-Fi 7 clients with MLO enabled [SYS-1507] Wi-Fi: fixed the iPhone® 17 connection issues with Wi-Fi 7 MLO and Fast Transition enabled [SYS-1497] Wi-Fi: eliminated security vulnerabilities [SYS-1542] CVE-2014-3570 CVE-2022-4304 Wi-Fi: fixed the KN-1812 enter continuous restart after adding a local network while the radio is turned off via hardware [SYS-1481] Wi-Fi: fixed the MWS zoning for Wi-Fi 7 clients that use MLO [SYS-1505] Wi-Fi: fixed possible system crash when using OWE authentication [SYS-1461] ZeroTier: fixed the system restart when using the fail-safe mode [NDM-4187] * publication scope: KN-1111, KN-1211, KN-1212, KN-1311, KN-1511, KN-1611, KN-1711, KN-2210, KN-3010

Release 5.1 Alpha 5 Core: fixed return to already installed version when system boots with 'system failed' errors after update (reported by @vasek00) [NDM-4311] DLNA: fixed the service startup operation [NDM-4315] Web: fixed the automatic update of the active connections display (reported by @mega1volt) [NWI-4713] Web: corrected the language set reset upon manual update [NWI-4703] Web: fixed the 'Log in' button on the user authentication page (reported by @Robespierre) [NWI-4718] Web: fixed the tooltip display at the right edge of the Wi-Fi Monitor graph for wider screens (reported by @keenet07) [NWI-4717] Web: corrected the free SMS memory display for certain modem models [NWI-4692] Web: improved the storage status display (reported by @spatiumstas) [NWI-4694] Web: fixed the IP protocol missing in the firewall rule editor (reported by @dimon27254) [NWI-4711] Wireguard: fixed the import of configurations containing ASC parameters (reported by @spatiumstas) [NDM-4313] WSD: confined Hello messages by the Bridge0 interface by default [NDM-4314]

Release 5.1 Alpha 4 Core: fixed the 'nand_do_write_ops: attempt to write non page aligned data' error preventing system update operation (reported by @Aleksey Mikhaylov) [NDM-4307]

Release 5.1 Alpha 3 DynDNS: fixed the 'URL must be filled for custom type' error preventing operation with custom servers (reported by @snark) [NDM-4292] Web: implemented turning off the modem power cycle for custom Internet availability checker modes [NWI-4629] Web: improved the port forwarding rule management buttons for the mobile view of the registered client settings (reported by @dimon27254) [NWI-4672] Web: corrected the sorting of clients by IP address in the client lists (reported by @dimon27254) [NWI-4677] Wireguard: added support for advanced ASC parameters via configuration file import or by using CLI (requested by @FLK) [NDM-4298] interface {name} wireguard asc {jc} {jmin} {jmax} {s1} {s2} {h1} {h2} {h3} {h4} [{s3} {s4} {i1} {i2} {i3} {i4} {i5}]   Known issues: System update operation on devices with NAND memory is partially blocked. Please visit Download Center for your model and use the Recovery Utility to restore, or upload an image from our KeeneticOS archive via tftp.

Release 5.0.7 (preview → stable): DynDNS: added the DuckDNS preset [NDM-4273] Hotspot: implemented commands to turn off the SSDP and WS-Discovery network host discovery methods [NDM-4283] interface {name} ssdp disable interface {name} wsd disable HTTP: enhanced the process for renewing the SSL certificate for the system domain name [NDM-4284] LTE: implemented a timeout mechanism to switch back to the primary SIM on the dual-SIM modem [NDM-4129] interface {name} suspend timeout {seconds} interface {name} suspend schedule {schedule} MWS: fixed the issue with the connection display for wired client devices [NDM-4282] Web: implemented turning off the modem power cycle for custom Internet availability checker modes [NWI-4629] Web: added support for IPv6 URIs when configuring DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH) secure DNS servers [NWI-4610] Web: improved toggle state indication [NWI-4661] Web: fixed the shortening of client names (reported by @dimon27254) [NWI-4668] Web: fixed the sorting mode icon display in content filter settings (reported by @dimon27254) [NWI-4671] Web: fixed the actuation of toggles for the mobile view (reported by @spatiumstas) [NWI-4632] Web: fixed the tooltip display in proxy connections list (reported by @spatiumstas) [NWI-4670] Web: improved the line wrapping for the mobile view of the system log (reported by @spatiumstas) [NWI-4680] Wi-Fi: resolved the issue of the channel width decreasing below 80 MHz when the Adjustment ZeroWait DFS is active [SYS-1544] Wi-Fi: eliminated security vulnerabilities [SYS-1542] CVE-2014-3570 CVE-2022-4304

Release 5.1 Alpha 2 Hotspot: implemented commands to turn off the SSDP and WS-Discovery network host discovery methods [NDM-4283] interface {name} ssdp disable interface {name} wsd disable HTTP: enhanced the process for renewing the SSL certificate for the system domain name [NDM-4284] LTE: implemented a timeout mechanism to switch back to the primary SIM on the dual-SIM modem [NDM-4129] interface {name} suspend timeout {seconds} interface {name} suspend schedule {schedule} MWS: fixed the issue with the connection display for wired client devices [NDM-4282] Storage: improved operation with USB drives that report abnormal 'discard' capabilities [NDM-4291] Web: implemented turning off the modem power cycle for custom Internet availability checker modes [NWI-4629] Web: fixed the sorting mode icon display in content filter settings (reported by @dimon27254) [NWI-4671] Web: fixed the tooltip display in proxy connections list (reported by @spatiumstas) [NWI-4670] Web: improved the line wrapping for the mobile view of the system log (reported by @spatiumstas) [NWI-4680] Wi-Fi: resolved an issue where the ZeroWait DFS adjustment prevents the use of selected Wi-Fi channel width [SYS-1544] Wi-Fi: eliminated security vulnerabilities [SYS-1542] CVE-2014-3570 CVE-2022-4304

Release 5.1 Alpha 1 Dns: implemented basic access authentication (RFC 7617) for DNS-over-HTTPS (DoH) server URIs [NDM-4168] DynDNS: added the DuckDNS preset [NDM-4273] IPv6: implemented IPv6 access lists [NDM-4130] ipv6 access-list {acl} ipv6 access-list {acl} (permit | deny) ((tcp | udp) ({source} | (host {source}) | any) [port (((lt | gt | eq) {source-port}) | (range {source-port} {source-end-port}))] ({destination} | (host {destination}) | any) [port (((lt | gt | eq) {destination-port}) | (range {destination-port} {destination-end-port}))]) | ((((ipv6 | esp | ahp | pcp | sctp)) | {protocol}) ({source} | (host {source}) | any) ({destination} | (host {destination}) | any)) | (icmp ({source} | (host {source}) | any) ({destination} | (host {destination}) | any) [(icmp-message | ({icmp-type} [{icmp-code}]))]) ipv6 access-list {acl} rule {index} (disable | (schedule {schedule}) | (order {new-index}) | (description {description})) ipv6 access-list {acl} auto-delete KeenDNS: fixed updating static DNS records after switching the service from cloud to direct mode [NDM-4255] Storage: implemented tools to check and format the file system [NDM-4239] media {name} partition {partition} check media {name} partition {partition} format {type} Web: added IPv6 rule configuration to firewall [NWI-4614] Web: dedicated a page for configuring storage devices and USB devices [NWI-4583] Web: added support for IPv6 URIs when configuring DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH) secure DNS servers [NWI-4610] Web: fixed editing of DNS-based routing rules (reported by @dchusovitin) [NWI-4622] Web: fixed the actuation of toggles for the mobile view (reported by @spatiumstas) [NWI-4632] Web: fixed the shortening of client names (reported by @dimon27254) [NWI-4668] Web: improved toggle state indication [NWI-4661] Web: implemented reordering of DNS-based routing rules [NWI-4659] Wi-Fi: fixed the cause of Wi-Fi clients dropping from 80 MHz channel width when the Adjustment ZeroWait DFS was triggered [SYS-1544] ZeroTier: implemented an option to connect to custom networks that use private root servers (moons) [NDM-4236] interface {name} zerotier orbit {world-id} {moon-id}

5.1 is an experimental branch, see also changelog 5.0. Supported models: Giga (KN-1010) Hero (KN-1011, KN-1012) Start/Starter (KN-1111, KN-1112, KN-1121) Air/Explorer (KN-1613, KN-1621) Extra/Carrier (KN-1711, KN-1713, KN-1714, KN-1721) Ultra/Titan (KN-1810, KN-1811, KN-1812) Viva/Skipper (KN-1910, KN-1912, KN-1913) Omni DSL (KN-2011, KN-2012) Extra DSL/Carrier DSL/Skipper/Speedster DSL (KN-2111, KN-2112, KN-2113) Runner 4G (KN-2210, KN-2211, KN-2212, KN-2213) Hero 4G (KN-2310, KN-2311) Hopper 4G+ (KN-2312) Hero DSL (KN-2410) Peak DSL (KN-2510) Giant (KN-2610) Peak (KN-2710) Orbiter Pro (KN-2810) Skipper 4G (KN-2910) Speedster 4G (KN-2911) Speedster (KN-3010, KN-3012, KN-3013) Buddy 4 (KN-3210, KN-3211) Buddy 5 (KN-3310, KN-3311) Buddy 5S (KN-3410) Buddy 6 (KN-3411) Voyager Pro (KN-3510) Hopper DSL (KN-3610, KN-3611) Sprinter (KN-3710, KN-3711) Sprinter SE (KN-3712) Hopper (KN-3810, KN-3811) Hopper SE (KN-3812) Challenger (KN-3910) Challenger SE (KN-3911) Racer (KN-4010) Buddy 6 SE (KN-4410) Explorer 4G (KN-4910) Orbiter 6 (KAP-630)

Release 5.0.6 (preview): Ethernet: restored the cable diagnostics functionality for 2.5 Gbit/s ports [SYS-1529] HTTP: eliminated CVE-2026-1642 security vulnerability in the HTTP proxy service [NDM-4267] KeenDNS: fixed the inaccessibility of domain name to clients on the home network after switching the service from cloud to direct mode [NDM-4255] LTE: fixed the mobile data packet loss when polling the SMS subsystem of the built-in modem [NDM-4244] LTE: fixed the improper dual-SIM slot switching operation with the ping-check enabled (reported by @Ста По) [NDM-4237] MWS: fixed the cause of the 'response is too big' error message logged by the Wi-Fi System controller [NDM-4250] MWS: improved the Wi-fi System extender discovery to employ both L2 (LLDP) and L3 (multicast WS-Discovery) protocols and support specific configurations of managed Ethernet switches [NDM-4220] Web: fixed the radio button operation for selecting the Wi-Fi bands in the client settings (reported by @dimon27254) [NWI-4630] Web: corrected the display of wired clients connecting through Wi-Fi System extenders (reported by @Gonzik) [NWI-4667] Web: fixed the Wi-Fi System transition log filtering by client names that contain spaces (reported by @dimon27254) [NWI-4616] Wi-Fi: fixed the cause of Wi-Fi clients dropping from 80 MHz channel width when the Adjustment ZeroWait DFS was triggered [SYS-1544] Wi-Fi: resolved rejection of Wi-Fi clients trying to associate with 'IE_SUPP_CHANNELS' request element exceeding 64 bytes [SYS-1539]