Asuswrt-Merlin Changelog
========================
388.2_2 (7-May-2023)
- UPDATED: Merged GPL 388_22668 for the XT12 (only)
- UPDATED: OpenVPN to 2.6.3.
- FIXED: QoS Status page wouldn't display Upload stats
if the WAN interface was set to a secondary
2.5G/10G port instead of the default WAN port.
- FIXED: dnsmasq may crash if no DNS server is configured
(fix backported from dnsmasq upstream)
- FIXED: Missing GPY211 driver for the XT12 and for certain
hardware revisions of other HND 5.04 models.
388.2 (12-Apr-2023)
- NOTE: This release is currently not available
for the XT12 due to issues with that model's GPL.
- NEW: Added support for the RT-AX88U Pro.
- NEW: Merged with GPL 388_22525.
- NEW: Added Site Survey page under Network Tools tab. This is
the same network scan that is available for pre-HND
models, with Wifi 6E support added.
- UPDATED: dnsmasq to 2.89.
- UPDATED: openvpn to 2.6.2. If your client fails to connect
then your custom settings must contain settings no
longer supported by OpenVPN 2.6. Review the System
Log, then remove unsupported settings that are
reported in your log.
- UPDATED: nettle to 3.8.1.
- UPDATED: inadyn to 2.10.0.
- UPDATED: dropbear to 2022.83.
- UPDATED: miniupnpd to 2.3.3.
- UPDATED: openssl to 1.1.1t.
- UPDATED: curl to 8.0.1.
- CHANGED: moved WiFi Radar to the Network Tools tab.
- CHANGED: Disabled auto logout on System Log and Wireless Log
pages.
- CHANGED: Reduced EDNS packet size from 1280 to 1232 bytes in
dnsmasq, to better work with some upstream servers
not fully supporting EDNS0.
- CHANGED: Allow empty fields on WireGuard Client page if the
client is disabled. This allow users to manually
clear settings when they are no longer using a client.
- FIXED: NTP redirection wouldn't work properly with Guest
Network, removed redirection for these.
- FIXED: Added missing Tools icon on ROG UI (icon contributed
by Cody).
- FIXED: DDNS was being refreshed every time IPv6 bound6() event
occured even if IPv6 DDNS update was disabled.
- FIXED: Wireless Log wouldn't properly show IPv6 address
for clients with multiple addresses.
- FIXED: ICMPv6 pings would be dropped when DoS protection
was enabled (regression in 388.1).
388.1 (3-Dec-2022)
- NOTE: This release is only available for AX models.
AC models will remain on the 386_xx release branch.
- NEW: Add RT-AX86U_PRO support.
- NEW: Merged with GPL 388_20566 (RT-AX88U and GT-AX11000)
- NEW: Merged with GPL 388_21224 (all other AX models)
- NEW: Experimental ROG UI version for GT models, as a separate
firmware image within the distribution archive, with
"_rog" in the filename.
- NEW: (Asus 388) WireGuard client and server. The server uses
the new 388 VPN server webui. Implemented a webui for
clients, based on the early development UI from Asus.
WG client routing is handled by VPN Director - you must
configure redirection rules through it, same as on stock
firmware which requires configuring rules through
VPN Fusion.
DNS handling will be identical to OpenVPN's Exclusive DNS
mode, forcing clients to use the DNS provided by it
(if any is provided).
Note that enabling WireGuard will disable hardware
NAT acceleration due to compatibility reasons.
- NEW: httpd support for EC certificates (Ivan Kruglov)
- UPDATED: getdns/stubby to 1.7.2/0.4.2.
- UPDATED: zlib to 1.2.12 + backports.
- UPDATED: openssl to 1.1.1s.
- CHANGED: Rebranded DNSFilter as DNS Director. This will prevent
confusion with the company sharing the same name, and
also better describes what the feature does.
- CHANGED: Setting an OpenVPN client to redirect all traffic while
in "Exclusive" DNS mode will now force redirect ALL
DNS traffic just like in VPN Director mode.
While this will allow redirecting clients with
hardcoded DNS servers, it also means that your whole
LAN will lose the ability of doing local name
resolution. It might be best to use VPN Director
in that case to control which client should
be involved in the DNS redirection, or use
DNS Director instead of Exclusive DNS mode.
- CHANGED: (Asus 388) nvram storage increased to 192 KB on newer
HND 5.04 devices like the GT-AXE16000.
- CHANGED: Reworked VPN Status page to only show currently
active services.
- CHANGED: Reworked VPN Director page design, added buttons to
access a client's settings page, and allow leaving
both source and destination IPs empty (for "all").
- CHANGED: Optimized VPN Director WAN and DNS rule creation, so
they no longer get re-created multiple times when
editing VPNDirector rules.
- CHANGED: Switched generated self-signed certificate to an
EC certificate.
- CHANGED: Disabled DSS key support in Dropbear SSH.
- FIXED: Wrong temperatures used by the temperature graphs
(386.8 regression)
- FIXED: CVE-2022-37434 in zlib.
- FIXED: GT-AXE16000 random reboots when using an OpenVPN
client with VPN Director and Adaptive QoS.
- FIXED: Clients connected to Guest Network 1 aren't
redirected if NTP interception is enabled.
- FIXED: Name was truncated to 31 chars when enabling OpenVPN client's
Server Certificate Name Validation.
- REMOVED: Interface selector on Speedtest page (no longer
working, possibly due to an ookla client update)
- REMOVED: NAT Type setting on HND 5.04 devices (fullcone is
not supported by kernel 4.19, so it wasn't working)