|
本帖最后由 514422325 于 2017-5-8 12:06 编辑
Beta 5 Code:e35915f webui: Fix syntax error on OpenVPN Client page; better report issues on ovpn file import
2f48b2c webui: make cipher and digest checks non case-sensitive on OpenVPN client, to handle ovpn import with casing different from our list of supported algorithms
62c2493 openvpn: implement importing of reneg-sec parameter from ovpn file
cfc4d9a openvpn: fix syntax error in updown.sh related to the check for Internet redirection mode

Asuswrt-Merlin Changelog
========================
380.66 beta (xx-xxx-2017)
- NEW: Merged with GPL 380_7378
Notable changes:
* Port forwards can select a specific source IP
* Improved security against ssh break-in attempts
Known issues:
* Some wifi clients such as wireless printers
have connectivity issues. Try disabling
Airtime Fairness as a potential workaround.
- NEW: Option to disable Wanduck's constant DNS probing
for WAN state (Tools -> Other Settings)
- NEW: Allow disabling use of DH, by entering
"none" in the DH field for OpenVPN server config.
- NEW: Added new Internet redirection mode to OpenVPN clients
called "Policy Rule (Strict)". The difference from the
existing "Policy Rule" mode is that in strict mode,
only rules that specifically target the tunnel's
interface will be used. This ensures that you don't
leak traffic through global or other tunnel routes,
however it also means any static route you might have
defined at the WAN level will not be copied either.
In general, it's recommended to use this new strict
mode.
- CHANGED: Ovpn importer now recognizes the "port" and
"reneg-sec" parameters.
- CHANGED: Ovpn importer now support a third argument for
the "remote" parameter, allowing to define the
protocol.
- CHANGED: Updated Tor to 0.2.9.10
- CHANGED: Updated nano to 2.8.1
- CHANGED: SSL certificate generated for httpds will now
contain SANs for hostname, router.asus.com, IP
and DDNS hostname.
- CHANGED: Make minidlna always use the same uuid, based on
the LAN MAC (original patch by john9527)
- REMOVED: The Virtual Server page no longer allows users to
edit existing port forwards (our existing code is
incompatible with Asus's newer webui code and will
need to be re-implemented.)
- FIXED: WOL page fails to load if adding a client with a
quote in its name.
- FIXED: Couldn't add a DHCP reservation client if its name
contained a quote.
- FIXED: New outbound connections weren't logged if firewall
logging was enabled.
- FIXED: OpenVPN server didn't always work properly in udp mode
when in a dual stack IPv4/IPv6 environment (backport
from GPL 382_9736)
- FIXED: When disabling NCP support in OpenVPN, the router
could still be trying to use it if the remote end
had it enabled.
- FIXED: Potential CVE-2016-10229 security issue in kernel
(unsure whether our kernel was vulnerable or not)
- FIXED: ovpn file import would fail to import auth hash or
cipher if they weren't uppercase.

更新机型: RT-AC5300
RT-AC3200
RT-AC3100
RT-AC88U
RT-AC87U/RT-AC87R
RT-AC68U/RT-AC1900/RT-AC66U B1/RT-AC68R
RT-AC66U
RT-AC56U
RT-N66U

链接: http://pan.baidu.com/s/1jHKx6vW
|
|