RUT301 Firmware Downloads: Difference between revisions
Gytispieze (talk | contribs) m (Gytispieze moved page Draft:RUT360 Firmware Downloads to Draft:RUT301 Firmware Downloads without leaving a redirect) |
Gytispieze (talk | contribs) No edit summary |
||
(25 intermediate revisions by 2 users not shown) | |||
Line 6: | Line 6: | ||
==Changelog== | ==Changelog== | ||
<!--NEW_FW--> | |||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.11/RUT301/RUT301_R_00.07.11_WEBUI.bin RUT301_R_00.07.11]</span></b> | 2024.11.25=== | |||
* <b>New</b> | |||
** <b>Network</b> | |||
*** Firewall: added "IPsec software flow offload" feature | |||
** <b>Services</b> | |||
*** Data to Server: added LUA format support | |||
*** DLMS: added option to configure which COSEM class attributes to read from the meter | |||
*** Impulse Counter: added feature | |||
*** Wireguard: added QR code configuration generator | |||
** <b>System</b> | |||
*** Administration: added capability of displaying a configurable banner before login | |||
*** Password Policy: added ability to modify the password policy | |||
*** System Users: added sensitive option toggle for user groups | |||
* <b>Improvements</b> | |||
** <b>Network</b> | |||
*** Firewall: added TCPMSS action to traffic rules | |||
*** Topology: added sorting functionality for "IP address" and "MAC address" table columns | |||
** <b>Services</b> | |||
*** Data to Server: added scheduler support | |||
*** DLMS: added default values for table name columns | |||
*** IPsec: updated 'Custom option' field validation | |||
*** IPsec: migrated to swanctl | |||
*** Modbus Client: added phone group selection | |||
*** Modbus Client: added email alarm action | |||
*** OPC UA Client: changed validation, allowing to add certificates when channel encryption is not used | |||
*** OpenVPN: improved WebUI page for creating and modifying instances | |||
*** OpenVPN: added custom configuration file parsing | |||
*** OpenVPN: added option to configure virtual addressing topology and support for TLS clients | |||
*** OpenVPN: added 'adaptive' selection for the LZO parameter | |||
*** OpenVPN: added support for multiple remote network values | |||
*** OpenVPN: improved the selection of allowed data ciphers in the WebUI | |||
*** OpenVPN: improved private key decryption | |||
*** OpenVPN: removed dependency on the protocol value for configuring tunnel IPv6 addresses | |||
*** OpenVPN: added the possibility to use multiple remote host/IP address values | |||
*** OpenVPN: added support for exporting configuration | |||
*** Mosquitto: updated version to 2.0.20 | |||
** <b>System</b> | |||
*** Access Control: added ability to bind HTTP and HTTPS to specific IPs and ports | |||
*** Events Log: improved event log messages format | |||
*** Logging: added a log ID to each log entry for easier tracking and identification | |||
*** Setup Wizard: added SIM card and modem statuses in Mobile page | |||
*** WebUI: updated design of tables | |||
*** Kernel: updated version to 5.15.167 | |||
*** libffi: updated version to 3.4.6 | |||
*** readline: updated version to 8.2 | |||
* <b>Fix</b> | |||
** <b>Network</b> | |||
*** Network: fixed duplicate of "pps" APN for "Zain KW" operator in APN database | |||
*** Network: fixed MTU get from API | |||
*** Static Routes: fixed IPv6 route target validation to accept IPv6 subnet | |||
** <b>Services</b> | |||
*** Bluetooth: fixed service crash when trying to unpair devices | |||
*** DLMS: fixed name validation when adding physical devices | |||
*** IPsec: fixed incorrect status display when multiple instances are configured | |||
*** IPsec: fixed flushing of connection tracking table when compatibility mode is used | |||
*** L2TP: fixed disappearing default route when using mobile interface as the default WAN | |||
*** Modbus Client: fixed rpc crash when calling serial.test method | |||
*** Modbus Server: fixed firewall rule creation | |||
*** Python3: fixed out-of-tree package compilation issue with the SDK | |||
*** Zerotier: fixed saving configuration when LAN interface has no associated physical interface | |||
** <b>System</b> | |||
*** Access Control: fixed unauthorized errors on interface endpoints | |||
*** Access Control: fixed IP Block configuration when upgrading from previous firmware versions | |||
*** Package Manager: fixed VXLAN package not having link to configuration page | |||
*** Package Manager: fixed restoring packages after firmware upgrade | |||
*** Troubleshoot: fixed scenarios where TCPdump field was not displayed | |||
*** WebUI: fixed issue when sometimes hidden sections with created instances were not displayed | |||
* <b>CVE Patches</b> | |||
** CVE-2021-38291 | |||
** CVE-2024-6232 | |||
** CVE-2024-44070 | |||
---- | |||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.10.2/RUT301/RUT301_R_00.07.10.2_WEBUI.bin RUT301_R_00.07.10.2]</span></b> | 2024.11.04=== | |||
* <b>Fix</b> | |||
** <b>Network</b> | |||
*** Firewall: fixed bug in NAT rule migration script that would overwrite Port Forwarding rule options | |||
---- | |||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.10/RUT301/RUT301_R_00.07.10_WEBUI.bin RUT301_R_00.07.10]</span></b> | 2024.10.10=== | |||
* <b>New</b> | |||
** <b>Services</b> | |||
*** AWS IoT Core: added service | |||
*** BACnet: added ability to configure several BIP interfaces, to set network numbers and preconfigure BDT entries for BBMD | |||
*** Console: added service status information display | |||
*** DLMS: added service status information display | |||
*** DNP3 Client: added service status information display | |||
*** DNP3 Outstation: added service status information display | |||
*** Modbus Client: added service status information display | |||
*** Modbus Server: added service status information display | |||
*** Modbus TCP over Serial Gateway: added service status information display | |||
*** MQTT Modbus Gateway: added service status information display | |||
*** NTRIP: added service status information display | |||
*** OPC UA Client: added service status information display | |||
*** OPC UA Server: added variable "rut_wan_type" which shows if WAN is on a wired or a mobile network | |||
*** OPC UA Server: added service status information display | |||
*** RMS: added SOCKS5 proxy support | |||
** <b>System</b> | |||
*** Certificates: added SCEP certificate generation method | |||
* <b>Improvements</b> | |||
** <b>Network</b> | |||
*** Curl: added unix socket support | |||
*** Firewall: added most options to basic mode for all firewall pages | |||
*** Firewall: added all firewall pages to basic mode | |||
*** Interfaces: increased interface metric maximum value from 10000 to 4294967295 | |||
*** Multi WAN: added rules table to basic mode | |||
*** Network: improved performance under stateless single-directional traffic (RFC2544) | |||
*** Static Routes: added page to basic mode | |||
*** VRRP: added page to basic mode | |||
** <b>Services</b> | |||
*** DLMS: added meter COSEM object scanning | |||
*** DNP3 Client: made menu names more consistent | |||
*** IPsec: improved 'Remote endpoint' validation to allow '%any', '%any4', '%any6' values and netmask | |||
*** IPsec: added ability to use certificates from Certificate Manager | |||
*** L2TPv3: added Tunnel ID and Session ID validation to avoid creating multiple tunnels with the same parameters | |||
*** Modbus Client: updated Modbus Client menu position | |||
*** Modbus Server: updated Modbus Server menu position | |||
*** Python3: changed python3-light package libraries | |||
*** Tinc: added options to set the tunnel's IP address | |||
*** Tinc: added a port option to listen for incoming connections and the ability to specify a port for outgoing connections | |||
*** Wireguard: added tunnel source mode selection | |||
*** Kernel: updated version to 5.15.165 | |||
*** Python3: updated version to 3.11.7 | |||
*** Strongswan: updated version to 5.9.14 | |||
** <b>System</b> | |||
*** Access Control: refactored 'General', 'Security' and 'PAM' Web pages | |||
*** Auto Reboot: added support for multiple hosts/URLs in Ping/Wget Reboot | |||
*** Backup: encrypting backup does not require 7zip package anymore | |||
*** Certificates: split "Let's Encrypt" certificates into multiple files | |||
*** Troubleshoot: added dynamic routes debugging information | |||
*** WebUI: added ability to open new page in new tab without entering user credentials | |||
*** WebUI: improved SDK example application | |||
*** Glib2: updated version to 2.80.5 | |||
*** Ncurses: updated version to 6.5 | |||
* <b>Fix</b> | |||
** <b>Network</b> | |||
*** Firewall: fixed automatic priority option change | |||
** <b>Services</b> | |||
*** BACnet: fixed communication issues between the ports | |||
*** BACnet: added all available default baud rates | |||
*** BGP: fixed AS field to allow duplicate values | |||
*** BGP: fixed Access list filters not applying fully | |||
*** DLMS: added all available default baud rates | |||
*** DMVPN: fixed DMVPN GRE instance disappearing when creating new IPsec instance | |||
*** DNP3 Client: removed unnecessary max length display for test response field | |||
*** DNP3 Client: renamed TCP Station to TCP Client in the API documentation | |||
*** DNP3 Client: added all available default baud rates | |||
*** DNP3 Outstation: added all available default baud rates | |||
*** GRE: fixed interface not showing up in OSPF and RIP selections if it is off | |||
*** IPsec: fixed IP rule not appearing after network restart | |||
*** IPsec: fixed duplicate port values in IPsec firewall rules | |||
*** Ledman: fixed issue when power LED turns off when rebooting device | |||
*** Modbus Client: added all available default baud rates | |||
*** Modbus Client: added missing API docs for Modbus test request | |||
*** Modbus Server: added all available default baud rates | |||
*** Modbus Server: fixed firewall rule staying enabled when app is disabled | |||
*** Modbus Server: fixed firewall rule creation | |||
*** NTRIP: added all available default baud rates | |||
*** OpenVPN: fixed the configuration after disabling the use of external services | |||
*** Over IP: added all available default baud rates | |||
*** SNMP: fixed Hotspot OIDs' hssID and hssUsername display | |||
*** Tinc: fixed adding routes to remote subnets | |||
*** Tinc: fixed configuration generation issues when creating multiple network and host instances | |||
*** Tinc: fixed issues with route creation when using IPv6 addresses in tunnel configuration | |||
*** Tinc: fixed validation for uploading key files | |||
** <b>System</b> | |||
*** Backup: fixed uploading backup with memory expansion enabled | |||
*** CLI: fixed some private IPs being incorrectly determined as public | |||
*** JSON-RPC: fixed login "Access Denied" error | |||
*** Memory Expansion: fixed input element alignment issues | |||
*** WebUI: added API required values validation when enabling BACnet, DLMS, DNP3, Modbus, MQTT, NTRIP services | |||
*** WebUI: fixed 'Memory' status card progress bars visuals | |||
*** WebUI: fixed search bar suggestions after removing packages | |||
*** WebUI: fixed showing data in modals for users with only read permissions | |||
*** WebUI: fixed custom SDK pages not loading correctly | |||
* <b>CVE Patches</b> | |||
** CVE-2021-3520 | |||
** CVE-2021-44540 | |||
** CVE-2021-44541 | |||
** CVE-2024-4032 | |||
** CVE-2024-6119 | |||
** CVE-2024-6232 | |||
** CVE-2024-6923 | |||
** CVE-2024-7264 | |||
---- | |||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.9.4/RUT301/RUT301_R_00.07.09.4_WEBUI.bin RUT301_R_00.07.09.4]</span></b> | 2024.10.02=== | |||
* <b>Improvements</b> | |||
** <b>Services</b> | |||
*** NTP Client: changed default NTP servers | |||
* <b>Fix</b> | |||
** <b>Services</b> | |||
*** NTP Client: fixed NTP server usage to work with next in line server if current server does not respond | |||
---- | |||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.9.3/RUT301/RUT301_R_00.07.09.3_WEBUI.bin RUT301_R_00.07.09.3]</span></b> | 2024.09.27=== | |||
* <b>Fix</b> | |||
** <b>Network</b> | |||
*** Multi WAN: fixed ipsets not getting deleted correctly when Multi WAN gets restarted | |||
---- | |||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.9.1/RUT301/RUT301_R_00.07.09.1_WEBUI.bin RUT301_R_00.07.09.1]</span></b> | 2024.09.13=== | |||
* <b>Improvements</b> | |||
** <b>Services</b> | |||
*** Python3: updated version to 3.11.7 | |||
---- | |||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.9/RUT301/RUT301_R_00.07.09_WEBUI.bin RUT301_R_00.07.09]</span></b> | 2024.09.03=== | |||
* <b>New</b> | |||
** <b>Network</b> | |||
*** Firewall: added ability to configure NAT rule action | |||
*** Firewall: added additional TTL target for firewall rules | |||
*** Realtime Traffic: added historical traffic charts | |||
** <b>Services</b> | |||
*** Events Reporting: added new firmware version notification event | |||
*** SNMP: added Multiwan data module | |||
** <b>System</b> | |||
*** WebUI: added notifications menu | |||
* <b>Improvements</b> | |||
** <b>Network</b> | |||
*** Realtime Traffic: improved chart styles | |||
** <b>Services</b> | |||
*** Data to Server: added warning messages about insecure certificates for http_certfile and mqtt_certfile options in API and WebUI | |||
*** DLMS: added SHA256 authentication | |||
*** DLMS: improved COSEM group enable validation | |||
*** GRE: reduced GRE keepalive packet buffer size | |||
*** IPsec: added support for route based tunnel | |||
*** L2TP: added field for custom options | |||
*** SMPP: added timeout option | |||
*** Web Filter: added hostname count message after successful file upload | |||
** <b>System</b> | |||
*** Access Control: improved system user's access control rules logic | |||
*** Access Control: added option to disable password auth for the root user | |||
*** Administration: improved write/read access control options display to match meniu path style | |||
*** Backup: improved backup page by splitting it into backup and reset settings page | |||
*** Update Firmware: changed firmware update log to include firmware version | |||
*** WebUI: updated firmware and backup verification pages design | |||
*** WebUI: improved global alerts display | |||
*** WebUI: added confirmation prompt for disabling service in side widget | |||
*** Kernel: updated version to 5.15.162 | |||
* <b>Fix</b> | |||
** <b>Network</b> | |||
*** Devices: fixed configured VLAN 0 device cannot be selected in interface physical settings configuration | |||
*** Network: fixed Ethernet switch port state change tracking logic | |||
** <b>Services</b> | |||
*** Azure IoT Hub: fixed the Azure IoT Hub deprecated endpoint to create Data to Server sections | |||
*** Azure IoT Hub: fixed the Azure IoT Hub deprecated endpoint so that it does not create sections in GET request | |||
*** Azure IoT Hub: fixed the deletion of Data to Server sections when an Azure IoT Hub section is deleted through the deprecated endpoint | |||
*** DLMS: fixed OBIS code validation | |||
*** Input/Output: added I/O juggler reload when I/O pin direction is changed | |||
*** OPC UA Client: fixed TCL file upload | |||
*** OPC UA Server: fixed TCL file upload | |||
*** OPC UA Server: fixed configuration migration | |||
*** OpenVPN: fixed default firewall zone for tap interfaces | |||
*** SNMP: fixed TELTONIKA-MIB wireless module crash | |||
*** SNMP: fixed mobile network state display | |||
*** SNMP: fixed default hssDwLimit, hssUpLimit, hssDwBandwidth and hssUpBandwidth values | |||
** <b>System</b> | |||
*** API Core: fixed file deletion | |||
*** Boot: fixed Teltonika logo in httpd recovery page when using Firefox | |||
*** Package Restore: fixed automatic package re-installation after firmware upgrade | |||
*** Troubleshoot: fixed troubleshoot not including all the log files when log to flash is enabled | |||
*** User Settings: fixed page to show groups and users if the user has been granted access | |||
*** WebUI: fixed overview page to display active wireless (WLAN) clients | |||
* <b>CVE Patches</b> | |||
** CVE-2021-32292 | |||
** CVE-2022-40617 | |||
** CVE-2023-49441 | |||
** CVE-2024-0397 | |||
** CVE-2024-3596 | |||
** CVE-2024-5535 | |||
** CVE-2024-8088 | |||
** CVE-2024-26669 | |||
** CVE-2024-26739 | |||
** CVE-2024-26740 | |||
** CVE-2024-36901 | |||
---- | |||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.8.2/RUT301/RUT301_R_00.07.08.2_WEBUI.bin RUT301_R_00.07.08.2]</span></b> | 2024.08.12=== | |||
* <b>Fix</b> | |||
** <b>System</b> | |||
*** Update Firmware: fixed inconsistent firmware download from FOTA | |||
---- | |||
===<b>RUT301_R_00.07.08.1</b> | 2024.08.06=== | |||
<b>Note:</b> This firmware version was removed due to an issue with FOTA firmware download. | |||
* <b>Improvements</b> | |||
** <b>Services</b> | |||
*** Zerotier: updated version to 1.14.0 | |||
* <b>Fix</b> | |||
** <b>Network</b> | |||
*** Network: fixed default route not being added for PPPoE connections | |||
** <b>Services</b> | |||
*** Modbus TCP over Serial Gateway: fixed serial connection not working after reboot | |||
*** OPC UA Client: fixed connections not being closed after using testing functionality | |||
** <b>System</b> | |||
*** WebUI: fixed SDK WebUI package compilation | |||
---- | |||
===<b>RUT301_R_00.07.08</b> | 2024.07.18=== | |||
<b>Note:</b> This firmware version was removed due to an issue with FOTA firmware download. | |||
* <b>New</b> | |||
** <b>Network</b> | |||
*** DNS: added inherited server status to configuration page | |||
*** HTTPS DNS Proxy: added new HTTPS DNS Proxy package to package manager | |||
** <b>Services</b> | |||
*** Data to Server: added 'Lua script' data input | |||
*** Input/Output: added ability to configure gpio debounce timer and changed default gpio debounce timer value from 200 ms to 10 ms | |||
*** IPsec: added initial XFRM support | |||
*** MQTT Modbus Gateway: added JSON message type format | |||
*** OpenVPN: added DCO support | |||
** <b>System</b> | |||
*** API Core: added option to configure api session timeout | |||
*** Certificates: added "Let's encrypt" certificate generation | |||
*** PAM: added RADIUS external user support | |||
*** UI Core: added data analytics support | |||
*** Update Firmware: added warning message about device being temporarily unreachable on firmware update | |||
* <b>Improvements</b> | |||
** <b>Network</b> | |||
*** DNS: separated field "DNS forwardings" into two: one for simple server forwarding other for domain-specific | |||
*** DNS: moved "DNS Forwardings", "Listen interfaces", "Exclude interfaces", "Local service only", options to advanced tab | |||
*** Firewall: improved protocol field in all firewall pages by making that "All" value would be mutually exclusive with any other value | |||
*** Multi WAN: improved interface status representation when using load balancing | |||
*** Network: added more options for "IPv6 assignment length" field | |||
*** VLAN: added ability to configure VLAN 0 | |||
** <b>Services</b> | |||
*** Azure IoT Hub: added DPS symmetric key attestation support | |||
*** Azure IoT Hub: added Direct Method support | |||
*** Azure IoT Hub: added Plug and Play integration | |||
*** Azure IoT Hub: added link to "Data to Server" page | |||
*** Data to Server: added support for multiple filters | |||
*** Data to Server: improved HTTP output hostname definition with automatic protocol specification in URL | |||
*** Data to Server: improved MQTT input connection handling | |||
*** DNP3 Client: added option to enable/disable service | |||
*** Dynamic DNS: added Lookup hostnames support | |||
*** GRE: increased Inbound and Outbound key limit to 4294967295 | |||
*** Input/Output: added custom name support in I/O status page | |||
*** IPsec: added certificate warning message | |||
*** Modbus Server: added mobile last month and last week usage registers | |||
*** Mosquitto: added large package size check for MQTT clients | |||
*** MQTT Modbus Gateway: improved mosquitto reconnect time and service will try to recover few times before exiting | |||
*** MQTT Publisher: improved MQTT connection handling | |||
*** OPC UA Client: added security modes | |||
*** OPC UA Server: added security modes | |||
*** OPC UA Server: added service status display | |||
*** OpenVPN: added support for decrypting private key when uploading a configuration file | |||
*** OpenVPN: improved instance status state | |||
*** OpenVPN: added options to specify an IP address pool for dynamic assignment to clients | |||
*** Over IP: added label to show how many servers a client is connected to | |||
*** Over IP: connect on data feature will not disconnect immediately after data transfer but wait for inactivity timeout | |||
*** Over IP: increased TLS handshake timeout to 10 seconds | |||
*** SMPP: added brute-force prevention | |||
*** SMPP: added TLS/SSL support | |||
*** SNMP: changed interface module OID structure | |||
*** SNMP: improved User-based Security Model (USM) brute force attack prevention measures | |||
*** Stunnel: improved global instance settings dependencies | |||
*** emailrelay: updated version to 2.4.1 | |||
*** OpenVPN: updated version to 2.6.9 | |||
*** stunnel: updated version to 5.72 | |||
** <b>System</b> | |||
*** Access Control: added certificate key length warnings | |||
*** Access Control: adjusted access control when all pages are blocked | |||
*** Access Control: added certificate file download for CLI to work on all browsers | |||
*** API Core: implemented functionality to include warning messages for vulnerable certificates | |||
*** Package Manager: added multi package actions | |||
*** Package Manager: added status filter | |||
*** Package Manager: moved package upload action to main page | |||
*** Package Manager: added links to installed packages pages | |||
*** Package Manager: refactored "Packages" page | |||
*** Package Manager: updated opkg repository link to use https | |||
*** RutOS: improved GPL example page to align with new software architecture | |||
*** Troubleshoot: added support for multiple syslog servers | |||
*** UI Core: added additional message with IP address to loading screen for scenarios when redirect to different IP address happens | |||
*** UI Core: added toast message hiding when text is too long | |||
*** Update Firmware: added 'Firmware version' data in screen after firmware upload | |||
*** WebUI: added functionality to cancel loading screen if it takes 30 or more seconds | |||
*** WebUI: removed all ubus method calls from webui | |||
*** WebUI: improved language caching | |||
*** WebUI: added password generator for first login modal | |||
*** WebUI: added sticky position to side menu | |||
*** WebUI: added default password hint to login error message | |||
*** WebUI: added warning messages for low-security certificates | |||
*** Kernel: updated version to 5.15.159 | |||
*** libexpat: updated version to 2.6.2 | |||
*** SSL/TLS: updated version to 3.0.14 | |||
*** vue: updated version to 3.4 | |||
* <b>Fix</b> | |||
** <b>Network</b> | |||
*** Devices: fixed missing API devices status endpoint permission | |||
*** DHCP: fixed "DHCP option" allow empty input value | |||
*** DHCP: fixed IPv4 leases being not correctly shown when NTP synchronizes time | |||
*** DHCP: fixed DHCP error that occurred after changing the subnet of the LAN IP address in the setup wizard | |||
*** Dynamic routes: fixed duplicated external routes cards | |||
*** Firewall: fixed firewall zone validation when adding interfaces | |||
*** Network: fixed overriding MAC address for interfaces that are bridged | |||
** <b>Services</b> | |||
*** BACnet: fixed incorrect BACnet IP port used for sending responses | |||
*** BGP: fixed route map sequence going out of range | |||
*** BGP: fixed listen range field allowing multiple entries | |||
*** DLMS: fixed DLMS test response format | |||
*** DLMS: fixed COSEM group validation | |||
*** DLMS: fixed API POST error for /dlms/devices/config endpoint | |||
*** DLMS: fixed serial connection not working after reboot | |||
*** DNP3 Client: fixed to allow reading objects past 255 index | |||
*** DNP3 Client: fixed incorrect hints | |||
*** DNP3 Outstation: fixed serial outstation starting issues | |||
*** I/O Juggler: fixed improper dout action config handling | |||
*** I/O Juggler: updated profile change action | |||
*** Input/Output: allow unselecting all Post/Get access methods | |||
*** IPsec: fixed connectivity issues when using WAN failover | |||
*** IPsec: fixed the instance status when the local firewall option is disabled | |||
*** Modbus Client: fixed test request option validation | |||
*** Modbus Client: fixed alarm output action display values | |||
*** Modbus Client: fixed incorrect period hint | |||
*** Modbus Server: fixed APN register not clearing APN | |||
*** Modbus Server: fixed 148 and 164 modbus registers | |||
*** Modbus Server: fixed incorrect hints | |||
*** NTRIP: fixed NTRIP NMEA generation timestamp and coordinates errors | |||
*** NTRIP: fixed configuration reading with several instances added | |||
*** OPC UA Server: fixed not starting while modem is down | |||
*** OpenVPN: fixed displaying imported files from device | |||
*** OpenVPN: fixed the private key decryption for cases when a password is used | |||
*** OpenVPN: fixed data cipher migration | |||
*** Over IP: fixed connect on data initiating TCP connection after few data transfers | |||
*** Overview: fixed issue when devices without WiFi send additional request without data | |||
*** SMPP: fixed username bypass problem | |||
*** SMPP: fixed password validation | |||
*** SNMP: fixed GSM mSignal OID value type | |||
*** SNMP: fixed GSM module memory leaks | |||
*** SSTP: fixed functionality when the default route option is not enabled | |||
*** Web Filter: fixed whitelist not working for some hosts when using IPv6 | |||
** <b>System</b> | |||
*** Administration: fixed repeated validation on cleared inputs and added validation when new password matches the old one | |||
*** API Core: fixed API method validation during upload action | |||
*** API Core: fixed error messages for POST method | |||
*** API Core: fixed option list validation | |||
*** Boot: fixed factory settings restore (firstboot) not deleting hidden files | |||
*** Events Log: fixed refresh button in event log table | |||
*** IP Block: fixed adding MAC addresses back to whitelist when unblocking all of them | |||
*** Memory Expansion: fixed enable validation | |||
*** Recipients: made phone number field required | |||
*** Setup Wizard: fixed lan ip step not changing ip address | |||
*** Troubleshoot: fixed system log and kernel log buttons to be enabled with read only rights | |||
*** Update Firmware: fixed misleading "Firmware version" status of "N/A" to "FOTA service is disabled" when FOTA is disabled | |||
*** Update Firmware: fixed issue when infinite spinner appears after updating device firmware from server without having internet connection | |||
* <b>CVE Patches</b> | |||
** Patched CVE-2023-52425 | |||
** Patched CVE-2023-52530 | |||
** Patched CVE-2024-25629 | |||
** Patched CVE-2024-28757 | |||
---- | |||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.7.3/RUT301/RUT301_R_00.07.07.3_WEBUI.bin RUT301_R_00.07.07.3]</span></b> | 2024.06.25=== | |||
* <b>Fix</b> | |||
** <b>Network</b> | |||
*** WebUI: fixed port advertisement change | |||
** <b>System</b> | |||
*** FOTA: fixed config when upgrading from older firmware with keep settings | |||
* <b>CVE Patches</b> | |||
** CVE-2024-31950 | |||
** CVE-2024-31951 | |||
---- | |||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.7.2/RUT301/RUT301_R_00.07.07.2_WEBUI.bin RUT301_R_00.07.07.2]</span></b> | 2024.06.12=== | |||
* <b>Improvements</b> | |||
** <b>Network</b> | |||
*** Zerotier: added backup WAN interface blacklisting if WAN failover is enabled | |||
** <b>Services</b> | |||
*** SNMP: added bruteforce attack prevention when using SNMP v3 user | |||
*** L2TP: improved reconnect attempt logic | |||
** <b>System</b> | |||
*** SSH: removed weak SSH algorithms | |||
*** Telnet: moved to Package Manager | |||
* <b>Fix</b> | |||
** <b>Network</b> | |||
*** BGP: fixed instance migration issues | |||
** <b>Services</b> | |||
*** DMVPN: fixed duplicate NHRP map entries creation | |||
*** OpenVPN: added fixes for the insecure tls-cert-profile option usage | |||
** <b>System</b> | |||
*** IP Block: fixed blocking of UDP traffic | |||
*** Uboot: fixed firmware recovery update via uboot on Windows | |||
* <b>CVE Patches</b> | |||
** CVE-2024-31948 | |||
---- | |||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.7.1/RUT301/RUT301_R_00.07.07.1_WEBUI.bin RUT301_R_00.07.07.1]</span></b> | 2024.05.03=== | |||
* <b>New</b> | |||
** <b>Network</b> | |||
*** WebUI: added internet status tracking configuration and overview widget | |||
*** LAN: added a new IPv6 LAN status page | |||
*** Static Leases: added a new IPv6 Static Leases page | |||
*** WebUI: added custom domain name resolve option in “DNS” configuration page | |||
*** Failover: added additional connection flush options | |||
*** VRF: added initial Virtual Routing and Forwarding support | |||
** <b>Services</b> | |||
*** Post/Get: added I/O invert support | |||
*** DLMS Client: added persistent TCP connections | |||
*** Events Reporting: added unexpected shutdown event | |||
*** Modbus Client: added 64bit data types | |||
*** IPerf3: added iPerf3 to Package Manager | |||
*** DNP3 Outstation: added I/O objects | |||
*** Hotspot: added domain and subdomain options for external landing page | |||
** <b>System</b> | |||
*** WebUI: added the ability to generate random passwords for password input fields | |||
*** WebUI: added reset to “Factory defaults” option | |||
*** System: changed firmware certificate verification tool | |||
*** IP Block: added time-based login attempt blocking | |||
*** WebUI: added firmware update notification support | |||
*** PAM: added the ability to set port for TACACS+ | |||
*** Logging: added multiple remote syslog servers support | |||
* <b>Improvements</b> | |||
** <b>Network</b> | |||
*** Static Leases: added possibility to use MAC with wildcard | |||
*** Topology: changed network devices scanning application | |||
*** WebUI: improved design of Status - LAN page | |||
*** DHCP: simplified DHCP configurations in other pages and moved full DHCP configuration to a separate page | |||
*** DHCP: removed default disabled server configuration for WAN interface | |||
*** WebUI: simplified data entry of DNS forwardings by separating hostname and IP address fields | |||
*** BGP: added Virtual Routing and Forwarding (VRF) support | |||
*** BGP: added multiple BGP instance support | |||
*** WebUI: adjusted responsive design breakpoints | |||
*** Dnsmasq: updated dnsmasq to version 2.89 | |||
** <b>Services</b> | |||
*** Wireguard: added option to bind tunnel to a specific interface | |||
*** OPC UA Client: added limits (10 servers, 20 groups, 50 nodes per server, 50 values per group) | |||
*** DLMS Client: increased maximum count of connection sections to 30 | |||
*** DLMS Client: added short name referencing | |||
*** SNMP: set strict default community access when IPv6 address is used | |||
*** SNMP: improved sysName OID to set device's hostname | |||
*** Mosquitto: updated package version to 2.0.17 | |||
*** Hotspot: moved MAC blocking option from Access Control to Hotspot page | |||
*** WebUI: added MAC authentication support when using RADIUS authentication mode | |||
*** WebUI: moved licenses to footer | |||
*** OpenVPN: added the bridge option for selecting the network device to be bridged with | |||
*** OpenVPN: added possibility to create more than one TAP client | |||
*** SSTP: updated package version to 1.0.19 | |||
** <b>System</b> | |||
*** WebUI: added more strict password requirements for restoring backup | |||
*** SMTP: added option to either not verify SMTP server or upload SMTP server's CA file to verify authenticity | |||
*** WebUI: Added the ability to choose the ROOT CA when using certificates from the device | |||
*** WebUI: unified time format to ISO8601 across the entire WebUI | |||
*** WebUI: added ability to choose imported certificate and key as 'Server certificate' and 'Server key' in 'Access Control' | |||
*** WebUI: added 'Hosts' and 'IP Addresses' options for 'Simple' certificate generation and certificate signing | |||
*** WebUI: changed firmware update option to server as a default option | |||
*** WebUI: improved first login password change logic | |||
*** Certificates: updated Root CA certificates | |||
*** GPL: added offline package preparation command for GPL builds | |||
*** Speedtest: added multiple connections support to improve accuracy | |||
*** Kernel: updated to version 5.15.149 | |||
*** Libcap: updated package version to 2.69 | |||
* <b>Fix</b> | |||
** <b>Network</b> | |||
*** Topology: fixed showing interfaces with assigned VLAN | |||
*** WebUI: fixed static routing creation for GRE instance | |||
*** Network: fixed DHCPv4 relay mode enabling | |||
*** Failover: fixed Failover missing active rules when using multiple source and destination IP addresses | |||
*** WebUI: fixed network and failover interface metric sorting synchronization issue | |||
*** WebUI: fixed failover rule policy save issue with newly added WAN interface | |||
*** Interfaces: fixed failover value for new WAN being taken from WAN that was just deleted | |||
** <b>Services</b> | |||
*** Modbus Client: allow using negative floating point values in requests | |||
*** Azure IoT Hub: fixed Data to Server minor WebUI dependency bugs | |||
*** Data to Server: fixed DLMS data formating | |||
*** Data to Server: fixed Network link state data display | |||
*** DLMS Client: fixed segfault while reading profile generic COSEM object | |||
*** DLMS Client: fixed profile generic entries reading | |||
*** DLMS Client: fixed application memory allocation issues | |||
*** SSTP: fixed route adding when default route is enabled | |||
*** SNMP: fixed VLAN OID naming | |||
*** OpenVPN: added fixes for instance status tracking functionality | |||
*** OpenVPN: resolved uptime counting issues | |||
*** PPTP: fixed PPTP instance deletion problem | |||
*** Azure IoT Hub: fixed 'contentType' telemetry message parameter | |||
*** Hotspot: fixed password validation for locally created users and signed-up users | |||
*** Hotspot: fixed session invalidation after deleting registered user | |||
*** Hotspot: fixed firewall rule creation | |||
*** PPTP: fixed problem related with routes when failover is enabled | |||
*** WebUI: fixed data loading error in Input/Output > Post/Get page | |||
*** UPnP: updated package version to 2.3.4 | |||
** <b>System</b> | |||
*** Package Manager: fixed spinner message when restarting network after package upload or download | |||
*** Package Manager: fixed supported devices check when installing a package from server | |||
*** WebUI: fixed language install from uploaded package after upgrade with keep settings | |||
*** WebUI: fixed an issue when a user was not logged out after changing profiles | |||
*** Telnet: fixed segmentation fault during concurrent connections | |||
*** CLI: fixed enter key issue on mobile chromium based browsers | |||
*** System Users: fixed SSH session close after deleting user or disabling SSH access | |||
*** Profiles: fixed profile migration with installed packages | |||
*** WebUI: fixed Hotspot log page table search functionality | |||
*** Speedtest: fix missing download speed on some servers | |||
*** PAM: updated libpam to version 1.6.0 | |||
* <b>CVE Patches</b> | |||
** CVE-2022-4603 | |||
** CVE-2022-23308 | |||
** CVE 2022-45061 | |||
** CVE-2023-0466 | |||
** CVE-2023-6129 | |||
** CVE-2023-7042 | |||
** CVE 2023-24329 | |||
** CVE 2023-27043 | |||
** CVE-2023-42366 | |||
** CVE-2023-46218 | |||
** CVE-2023-46219 | |||
** CVE-2023-46752 | |||
** CVE-2023-46753 | |||
** CVE-2023-48795 | |||
** CVE-2024-2397 | |||
** CVE-2024-25062 | |||
** CVE-2024-27913 | |||
** CVE-2024-22365 | |||
---- | |||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.10/RUT301/RUT301_R_00.07.06.10_WEBUI.bin RUT301_R_00.07.06.10]</span></b> | 2024.04.04=== | |||
* <b>Fix</b> | |||
** <b>System</b> | |||
*** Ledman: fixed memory leak | |||
---- | |||
===<b>RUT301_R_00.07.06.8</b> | 2024.03.25=== | |||
<b>Note:</b> Firmware <b>R_00.07.06.8</b> was removed due to an issue with inefficient memory allocation for LED control. | |||
* <b>Improvements</b> | |||
** <b>Services</b> | |||
*** IPSec: disabled libgmp in favor of openssl | |||
*** IPSec: updated Strongswan to 5.9.6 | |||
* <b>Fix</b> | |||
** <b>Services</b> | |||
*** IPSec: increased charon load timeout | |||
*** IPSec: fixed loading of large private keys | |||
---- | |||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.6/RUT301/RUT301_R_00.07.06.6_WEBUI.bin RUT301_R_00.07.06.6]</span></b> | 2024.03.04=== | |||
* <b>New</b> | |||
** <b>Services</b> | |||
*** Added domain and subdomain options for external landing page in Hotspot | |||
* <b>Improvements</b> | |||
** <b>System</b> | |||
*** Minified *.svg WebUI files to save space on the device | |||
*** Removed unused easy-rsa package to increase free space | |||
* <b>Fix</b> | |||
** <b>Services</b> | |||
*** Fixed OverIP serial utility issue where after some time server mode can't accept incoming connections anymore | |||
---- | ---- | ||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.5/RUT301/RUT301_R_00.07.06.5_WEBUI.bin RUT301_R_00.07.06.5]</span></b> | 2024.02.21=== | ===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.5/RUT301/RUT301_R_00.07.06.5_WEBUI.bin RUT301_R_00.07.06.5]</span></b> | 2024.02.21=== | ||
* Initial FW release for the RUT301 device | * Initial FW release for the RUT301 device |
Latest revision as of 16:17, 25 November 2024
Main Page > RUT Routers > RUT301 > RUT301 Firmware DownloadsThis page contains firmware files for RUT301 devices. Look to the table below or the changelog to find download links.
To upgrade firmware using WebUI, follow the instructions in RUT301 Firmware.
RUT301
File | Type | Release date | Size | MD5 | Changelog |
---|---|---|---|---|---|
RUT301_R_00.07.11_WEBUI.bin | Latest FW | 2024.11.25 | 10.75 MB | 034f10f8fe94f5a01799891b6864a1b5 | Link |
RUT301_R_00.07.09.4_WEBUI.bin | Mass production FW | 2024.10.02 | 10.56 MB | 09e89472f3d0b20890b42e515b0e182d | Link |
RUT301_R_GPL_00.07.11.tar.gz | SDK | 2024.11.25 | 18.96 MB | 98b9be52a66f15c36560476b3713e8ba |
Note: packages for Package Manager are independent from firmware and can be downloaded in the Package Downloads page.
FW checksums
Checksums for firmware files can be found here.
Changelog
RUT301_R_00.07.11 | 2024.11.25
- New
- Network
- Firewall: added "IPsec software flow offload" feature
- Services
- Data to Server: added LUA format support
- DLMS: added option to configure which COSEM class attributes to read from the meter
- Impulse Counter: added feature
- Wireguard: added QR code configuration generator
- System
- Administration: added capability of displaying a configurable banner before login
- Password Policy: added ability to modify the password policy
- System Users: added sensitive option toggle for user groups
- Network
- Improvements
- Network
- Firewall: added TCPMSS action to traffic rules
- Topology: added sorting functionality for "IP address" and "MAC address" table columns
- Services
- Data to Server: added scheduler support
- DLMS: added default values for table name columns
- IPsec: updated 'Custom option' field validation
- IPsec: migrated to swanctl
- Modbus Client: added phone group selection
- Modbus Client: added email alarm action
- OPC UA Client: changed validation, allowing to add certificates when channel encryption is not used
- OpenVPN: improved WebUI page for creating and modifying instances
- OpenVPN: added custom configuration file parsing
- OpenVPN: added option to configure virtual addressing topology and support for TLS clients
- OpenVPN: added 'adaptive' selection for the LZO parameter
- OpenVPN: added support for multiple remote network values
- OpenVPN: improved the selection of allowed data ciphers in the WebUI
- OpenVPN: improved private key decryption
- OpenVPN: removed dependency on the protocol value for configuring tunnel IPv6 addresses
- OpenVPN: added the possibility to use multiple remote host/IP address values
- OpenVPN: added support for exporting configuration
- Mosquitto: updated version to 2.0.20
- System
- Access Control: added ability to bind HTTP and HTTPS to specific IPs and ports
- Events Log: improved event log messages format
- Logging: added a log ID to each log entry for easier tracking and identification
- Setup Wizard: added SIM card and modem statuses in Mobile page
- WebUI: updated design of tables
- Kernel: updated version to 5.15.167
- libffi: updated version to 3.4.6
- readline: updated version to 8.2
- Network
- Fix
- Network
- Network: fixed duplicate of "pps" APN for "Zain KW" operator in APN database
- Network: fixed MTU get from API
- Static Routes: fixed IPv6 route target validation to accept IPv6 subnet
- Services
- Bluetooth: fixed service crash when trying to unpair devices
- DLMS: fixed name validation when adding physical devices
- IPsec: fixed incorrect status display when multiple instances are configured
- IPsec: fixed flushing of connection tracking table when compatibility mode is used
- L2TP: fixed disappearing default route when using mobile interface as the default WAN
- Modbus Client: fixed rpc crash when calling serial.test method
- Modbus Server: fixed firewall rule creation
- Python3: fixed out-of-tree package compilation issue with the SDK
- Zerotier: fixed saving configuration when LAN interface has no associated physical interface
- System
- Access Control: fixed unauthorized errors on interface endpoints
- Access Control: fixed IP Block configuration when upgrading from previous firmware versions
- Package Manager: fixed VXLAN package not having link to configuration page
- Package Manager: fixed restoring packages after firmware upgrade
- Troubleshoot: fixed scenarios where TCPdump field was not displayed
- WebUI: fixed issue when sometimes hidden sections with created instances were not displayed
- Network
- CVE Patches
- CVE-2021-38291
- CVE-2024-6232
- CVE-2024-44070
RUT301_R_00.07.10.2 | 2024.11.04
- Fix
- Network
- Firewall: fixed bug in NAT rule migration script that would overwrite Port Forwarding rule options
- Network
RUT301_R_00.07.10 | 2024.10.10
- New
- Services
- AWS IoT Core: added service
- BACnet: added ability to configure several BIP interfaces, to set network numbers and preconfigure BDT entries for BBMD
- Console: added service status information display
- DLMS: added service status information display
- DNP3 Client: added service status information display
- DNP3 Outstation: added service status information display
- Modbus Client: added service status information display
- Modbus Server: added service status information display
- Modbus TCP over Serial Gateway: added service status information display
- MQTT Modbus Gateway: added service status information display
- NTRIP: added service status information display
- OPC UA Client: added service status information display
- OPC UA Server: added variable "rut_wan_type" which shows if WAN is on a wired or a mobile network
- OPC UA Server: added service status information display
- RMS: added SOCKS5 proxy support
- System
- Certificates: added SCEP certificate generation method
- Services
- Improvements
- Network
- Curl: added unix socket support
- Firewall: added most options to basic mode for all firewall pages
- Firewall: added all firewall pages to basic mode
- Interfaces: increased interface metric maximum value from 10000 to 4294967295
- Multi WAN: added rules table to basic mode
- Network: improved performance under stateless single-directional traffic (RFC2544)
- Static Routes: added page to basic mode
- VRRP: added page to basic mode
- Services
- DLMS: added meter COSEM object scanning
- DNP3 Client: made menu names more consistent
- IPsec: improved 'Remote endpoint' validation to allow '%any', '%any4', '%any6' values and netmask
- IPsec: added ability to use certificates from Certificate Manager
- L2TPv3: added Tunnel ID and Session ID validation to avoid creating multiple tunnels with the same parameters
- Modbus Client: updated Modbus Client menu position
- Modbus Server: updated Modbus Server menu position
- Python3: changed python3-light package libraries
- Tinc: added options to set the tunnel's IP address
- Tinc: added a port option to listen for incoming connections and the ability to specify a port for outgoing connections
- Wireguard: added tunnel source mode selection
- Kernel: updated version to 5.15.165
- Python3: updated version to 3.11.7
- Strongswan: updated version to 5.9.14
- System
- Access Control: refactored 'General', 'Security' and 'PAM' Web pages
- Auto Reboot: added support for multiple hosts/URLs in Ping/Wget Reboot
- Backup: encrypting backup does not require 7zip package anymore
- Certificates: split "Let's Encrypt" certificates into multiple files
- Troubleshoot: added dynamic routes debugging information
- WebUI: added ability to open new page in new tab without entering user credentials
- WebUI: improved SDK example application
- Glib2: updated version to 2.80.5
- Ncurses: updated version to 6.5
- Network
- Fix
- Network
- Firewall: fixed automatic priority option change
- Services
- BACnet: fixed communication issues between the ports
- BACnet: added all available default baud rates
- BGP: fixed AS field to allow duplicate values
- BGP: fixed Access list filters not applying fully
- DLMS: added all available default baud rates
- DMVPN: fixed DMVPN GRE instance disappearing when creating new IPsec instance
- DNP3 Client: removed unnecessary max length display for test response field
- DNP3 Client: renamed TCP Station to TCP Client in the API documentation
- DNP3 Client: added all available default baud rates
- DNP3 Outstation: added all available default baud rates
- GRE: fixed interface not showing up in OSPF and RIP selections if it is off
- IPsec: fixed IP rule not appearing after network restart
- IPsec: fixed duplicate port values in IPsec firewall rules
- Ledman: fixed issue when power LED turns off when rebooting device
- Modbus Client: added all available default baud rates
- Modbus Client: added missing API docs for Modbus test request
- Modbus Server: added all available default baud rates
- Modbus Server: fixed firewall rule staying enabled when app is disabled
- Modbus Server: fixed firewall rule creation
- NTRIP: added all available default baud rates
- OpenVPN: fixed the configuration after disabling the use of external services
- Over IP: added all available default baud rates
- SNMP: fixed Hotspot OIDs' hssID and hssUsername display
- Tinc: fixed adding routes to remote subnets
- Tinc: fixed configuration generation issues when creating multiple network and host instances
- Tinc: fixed issues with route creation when using IPv6 addresses in tunnel configuration
- Tinc: fixed validation for uploading key files
- System
- Backup: fixed uploading backup with memory expansion enabled
- CLI: fixed some private IPs being incorrectly determined as public
- JSON-RPC: fixed login "Access Denied" error
- Memory Expansion: fixed input element alignment issues
- WebUI: added API required values validation when enabling BACnet, DLMS, DNP3, Modbus, MQTT, NTRIP services
- WebUI: fixed 'Memory' status card progress bars visuals
- WebUI: fixed search bar suggestions after removing packages
- WebUI: fixed showing data in modals for users with only read permissions
- WebUI: fixed custom SDK pages not loading correctly
- Network
- CVE Patches
- CVE-2021-3520
- CVE-2021-44540
- CVE-2021-44541
- CVE-2024-4032
- CVE-2024-6119
- CVE-2024-6232
- CVE-2024-6923
- CVE-2024-7264
RUT301_R_00.07.09.4 | 2024.10.02
- Improvements
- Services
- NTP Client: changed default NTP servers
- Services
- Fix
- Services
- NTP Client: fixed NTP server usage to work with next in line server if current server does not respond
- Services
RUT301_R_00.07.09.3 | 2024.09.27
- Fix
- Network
- Multi WAN: fixed ipsets not getting deleted correctly when Multi WAN gets restarted
- Network
RUT301_R_00.07.09.1 | 2024.09.13
- Improvements
- Services
- Python3: updated version to 3.11.7
- Services
RUT301_R_00.07.09 | 2024.09.03
- New
- Network
- Firewall: added ability to configure NAT rule action
- Firewall: added additional TTL target for firewall rules
- Realtime Traffic: added historical traffic charts
- Services
- Events Reporting: added new firmware version notification event
- SNMP: added Multiwan data module
- System
- WebUI: added notifications menu
- Network
- Improvements
- Network
- Realtime Traffic: improved chart styles
- Services
- Data to Server: added warning messages about insecure certificates for http_certfile and mqtt_certfile options in API and WebUI
- DLMS: added SHA256 authentication
- DLMS: improved COSEM group enable validation
- GRE: reduced GRE keepalive packet buffer size
- IPsec: added support for route based tunnel
- L2TP: added field for custom options
- SMPP: added timeout option
- Web Filter: added hostname count message after successful file upload
- System
- Access Control: improved system user's access control rules logic
- Access Control: added option to disable password auth for the root user
- Administration: improved write/read access control options display to match meniu path style
- Backup: improved backup page by splitting it into backup and reset settings page
- Update Firmware: changed firmware update log to include firmware version
- WebUI: updated firmware and backup verification pages design
- WebUI: improved global alerts display
- WebUI: added confirmation prompt for disabling service in side widget
- Kernel: updated version to 5.15.162
- Network
- Fix
- Network
- Devices: fixed configured VLAN 0 device cannot be selected in interface physical settings configuration
- Network: fixed Ethernet switch port state change tracking logic
- Services
- Azure IoT Hub: fixed the Azure IoT Hub deprecated endpoint to create Data to Server sections
- Azure IoT Hub: fixed the Azure IoT Hub deprecated endpoint so that it does not create sections in GET request
- Azure IoT Hub: fixed the deletion of Data to Server sections when an Azure IoT Hub section is deleted through the deprecated endpoint
- DLMS: fixed OBIS code validation
- Input/Output: added I/O juggler reload when I/O pin direction is changed
- OPC UA Client: fixed TCL file upload
- OPC UA Server: fixed TCL file upload
- OPC UA Server: fixed configuration migration
- OpenVPN: fixed default firewall zone for tap interfaces
- SNMP: fixed TELTONIKA-MIB wireless module crash
- SNMP: fixed mobile network state display
- SNMP: fixed default hssDwLimit, hssUpLimit, hssDwBandwidth and hssUpBandwidth values
- System
- API Core: fixed file deletion
- Boot: fixed Teltonika logo in httpd recovery page when using Firefox
- Package Restore: fixed automatic package re-installation after firmware upgrade
- Troubleshoot: fixed troubleshoot not including all the log files when log to flash is enabled
- User Settings: fixed page to show groups and users if the user has been granted access
- WebUI: fixed overview page to display active wireless (WLAN) clients
- Network
- CVE Patches
- CVE-2021-32292
- CVE-2022-40617
- CVE-2023-49441
- CVE-2024-0397
- CVE-2024-3596
- CVE-2024-5535
- CVE-2024-8088
- CVE-2024-26669
- CVE-2024-26739
- CVE-2024-26740
- CVE-2024-36901
RUT301_R_00.07.08.2 | 2024.08.12
- Fix
- System
- Update Firmware: fixed inconsistent firmware download from FOTA
- System
RUT301_R_00.07.08.1 | 2024.08.06
Note: This firmware version was removed due to an issue with FOTA firmware download.
- Improvements
- Services
- Zerotier: updated version to 1.14.0
- Services
- Fix
- Network
- Network: fixed default route not being added for PPPoE connections
- Services
- Modbus TCP over Serial Gateway: fixed serial connection not working after reboot
- OPC UA Client: fixed connections not being closed after using testing functionality
- System
- WebUI: fixed SDK WebUI package compilation
- Network
RUT301_R_00.07.08 | 2024.07.18
Note: This firmware version was removed due to an issue with FOTA firmware download.
- New
- Network
- DNS: added inherited server status to configuration page
- HTTPS DNS Proxy: added new HTTPS DNS Proxy package to package manager
- Services
- Data to Server: added 'Lua script' data input
- Input/Output: added ability to configure gpio debounce timer and changed default gpio debounce timer value from 200 ms to 10 ms
- IPsec: added initial XFRM support
- MQTT Modbus Gateway: added JSON message type format
- OpenVPN: added DCO support
- System
- API Core: added option to configure api session timeout
- Certificates: added "Let's encrypt" certificate generation
- PAM: added RADIUS external user support
- UI Core: added data analytics support
- Update Firmware: added warning message about device being temporarily unreachable on firmware update
- Network
- Improvements
- Network
- DNS: separated field "DNS forwardings" into two: one for simple server forwarding other for domain-specific
- DNS: moved "DNS Forwardings", "Listen interfaces", "Exclude interfaces", "Local service only", options to advanced tab
- Firewall: improved protocol field in all firewall pages by making that "All" value would be mutually exclusive with any other value
- Multi WAN: improved interface status representation when using load balancing
- Network: added more options for "IPv6 assignment length" field
- VLAN: added ability to configure VLAN 0
- Services
- Azure IoT Hub: added DPS symmetric key attestation support
- Azure IoT Hub: added Direct Method support
- Azure IoT Hub: added Plug and Play integration
- Azure IoT Hub: added link to "Data to Server" page
- Data to Server: added support for multiple filters
- Data to Server: improved HTTP output hostname definition with automatic protocol specification in URL
- Data to Server: improved MQTT input connection handling
- DNP3 Client: added option to enable/disable service
- Dynamic DNS: added Lookup hostnames support
- GRE: increased Inbound and Outbound key limit to 4294967295
- Input/Output: added custom name support in I/O status page
- IPsec: added certificate warning message
- Modbus Server: added mobile last month and last week usage registers
- Mosquitto: added large package size check for MQTT clients
- MQTT Modbus Gateway: improved mosquitto reconnect time and service will try to recover few times before exiting
- MQTT Publisher: improved MQTT connection handling
- OPC UA Client: added security modes
- OPC UA Server: added security modes
- OPC UA Server: added service status display
- OpenVPN: added support for decrypting private key when uploading a configuration file
- OpenVPN: improved instance status state
- OpenVPN: added options to specify an IP address pool for dynamic assignment to clients
- Over IP: added label to show how many servers a client is connected to
- Over IP: connect on data feature will not disconnect immediately after data transfer but wait for inactivity timeout
- Over IP: increased TLS handshake timeout to 10 seconds
- SMPP: added brute-force prevention
- SMPP: added TLS/SSL support
- SNMP: changed interface module OID structure
- SNMP: improved User-based Security Model (USM) brute force attack prevention measures
- Stunnel: improved global instance settings dependencies
- emailrelay: updated version to 2.4.1
- OpenVPN: updated version to 2.6.9
- stunnel: updated version to 5.72
- System
- Access Control: added certificate key length warnings
- Access Control: adjusted access control when all pages are blocked
- Access Control: added certificate file download for CLI to work on all browsers
- API Core: implemented functionality to include warning messages for vulnerable certificates
- Package Manager: added multi package actions
- Package Manager: added status filter
- Package Manager: moved package upload action to main page
- Package Manager: added links to installed packages pages
- Package Manager: refactored "Packages" page
- Package Manager: updated opkg repository link to use https
- RutOS: improved GPL example page to align with new software architecture
- Troubleshoot: added support for multiple syslog servers
- UI Core: added additional message with IP address to loading screen for scenarios when redirect to different IP address happens
- UI Core: added toast message hiding when text is too long
- Update Firmware: added 'Firmware version' data in screen after firmware upload
- WebUI: added functionality to cancel loading screen if it takes 30 or more seconds
- WebUI: removed all ubus method calls from webui
- WebUI: improved language caching
- WebUI: added password generator for first login modal
- WebUI: added sticky position to side menu
- WebUI: added default password hint to login error message
- WebUI: added warning messages for low-security certificates
- Kernel: updated version to 5.15.159
- libexpat: updated version to 2.6.2
- SSL/TLS: updated version to 3.0.14
- vue: updated version to 3.4
- Network
- Fix
- Network
- Devices: fixed missing API devices status endpoint permission
- DHCP: fixed "DHCP option" allow empty input value
- DHCP: fixed IPv4 leases being not correctly shown when NTP synchronizes time
- DHCP: fixed DHCP error that occurred after changing the subnet of the LAN IP address in the setup wizard
- Dynamic routes: fixed duplicated external routes cards
- Firewall: fixed firewall zone validation when adding interfaces
- Network: fixed overriding MAC address for interfaces that are bridged
- Services
- BACnet: fixed incorrect BACnet IP port used for sending responses
- BGP: fixed route map sequence going out of range
- BGP: fixed listen range field allowing multiple entries
- DLMS: fixed DLMS test response format
- DLMS: fixed COSEM group validation
- DLMS: fixed API POST error for /dlms/devices/config endpoint
- DLMS: fixed serial connection not working after reboot
- DNP3 Client: fixed to allow reading objects past 255 index
- DNP3 Client: fixed incorrect hints
- DNP3 Outstation: fixed serial outstation starting issues
- I/O Juggler: fixed improper dout action config handling
- I/O Juggler: updated profile change action
- Input/Output: allow unselecting all Post/Get access methods
- IPsec: fixed connectivity issues when using WAN failover
- IPsec: fixed the instance status when the local firewall option is disabled
- Modbus Client: fixed test request option validation
- Modbus Client: fixed alarm output action display values
- Modbus Client: fixed incorrect period hint
- Modbus Server: fixed APN register not clearing APN
- Modbus Server: fixed 148 and 164 modbus registers
- Modbus Server: fixed incorrect hints
- NTRIP: fixed NTRIP NMEA generation timestamp and coordinates errors
- NTRIP: fixed configuration reading with several instances added
- OPC UA Server: fixed not starting while modem is down
- OpenVPN: fixed displaying imported files from device
- OpenVPN: fixed the private key decryption for cases when a password is used
- OpenVPN: fixed data cipher migration
- Over IP: fixed connect on data initiating TCP connection after few data transfers
- Overview: fixed issue when devices without WiFi send additional request without data
- SMPP: fixed username bypass problem
- SMPP: fixed password validation
- SNMP: fixed GSM mSignal OID value type
- SNMP: fixed GSM module memory leaks
- SSTP: fixed functionality when the default route option is not enabled
- Web Filter: fixed whitelist not working for some hosts when using IPv6
- System
- Administration: fixed repeated validation on cleared inputs and added validation when new password matches the old one
- API Core: fixed API method validation during upload action
- API Core: fixed error messages for POST method
- API Core: fixed option list validation
- Boot: fixed factory settings restore (firstboot) not deleting hidden files
- Events Log: fixed refresh button in event log table
- IP Block: fixed adding MAC addresses back to whitelist when unblocking all of them
- Memory Expansion: fixed enable validation
- Recipients: made phone number field required
- Setup Wizard: fixed lan ip step not changing ip address
- Troubleshoot: fixed system log and kernel log buttons to be enabled with read only rights
- Update Firmware: fixed misleading "Firmware version" status of "N/A" to "FOTA service is disabled" when FOTA is disabled
- Update Firmware: fixed issue when infinite spinner appears after updating device firmware from server without having internet connection
- Network
- CVE Patches
- Patched CVE-2023-52425
- Patched CVE-2023-52530
- Patched CVE-2024-25629
- Patched CVE-2024-28757
RUT301_R_00.07.07.3 | 2024.06.25
- Fix
- Network
- WebUI: fixed port advertisement change
- System
- FOTA: fixed config when upgrading from older firmware with keep settings
- Network
- CVE Patches
- CVE-2024-31950
- CVE-2024-31951
RUT301_R_00.07.07.2 | 2024.06.12
- Improvements
- Network
- Zerotier: added backup WAN interface blacklisting if WAN failover is enabled
- Services
- SNMP: added bruteforce attack prevention when using SNMP v3 user
- L2TP: improved reconnect attempt logic
- System
- SSH: removed weak SSH algorithms
- Telnet: moved to Package Manager
- Network
- Fix
- Network
- BGP: fixed instance migration issues
- Services
- DMVPN: fixed duplicate NHRP map entries creation
- OpenVPN: added fixes for the insecure tls-cert-profile option usage
- System
- IP Block: fixed blocking of UDP traffic
- Uboot: fixed firmware recovery update via uboot on Windows
- Network
- CVE Patches
- CVE-2024-31948
RUT301_R_00.07.07.1 | 2024.05.03
- New
- Network
- WebUI: added internet status tracking configuration and overview widget
- LAN: added a new IPv6 LAN status page
- Static Leases: added a new IPv6 Static Leases page
- WebUI: added custom domain name resolve option in “DNS” configuration page
- Failover: added additional connection flush options
- VRF: added initial Virtual Routing and Forwarding support
- Services
- Post/Get: added I/O invert support
- DLMS Client: added persistent TCP connections
- Events Reporting: added unexpected shutdown event
- Modbus Client: added 64bit data types
- IPerf3: added iPerf3 to Package Manager
- DNP3 Outstation: added I/O objects
- Hotspot: added domain and subdomain options for external landing page
- System
- WebUI: added the ability to generate random passwords for password input fields
- WebUI: added reset to “Factory defaults” option
- System: changed firmware certificate verification tool
- IP Block: added time-based login attempt blocking
- WebUI: added firmware update notification support
- PAM: added the ability to set port for TACACS+
- Logging: added multiple remote syslog servers support
- Network
- Improvements
- Network
- Static Leases: added possibility to use MAC with wildcard
- Topology: changed network devices scanning application
- WebUI: improved design of Status - LAN page
- DHCP: simplified DHCP configurations in other pages and moved full DHCP configuration to a separate page
- DHCP: removed default disabled server configuration for WAN interface
- WebUI: simplified data entry of DNS forwardings by separating hostname and IP address fields
- BGP: added Virtual Routing and Forwarding (VRF) support
- BGP: added multiple BGP instance support
- WebUI: adjusted responsive design breakpoints
- Dnsmasq: updated dnsmasq to version 2.89
- Services
- Wireguard: added option to bind tunnel to a specific interface
- OPC UA Client: added limits (10 servers, 20 groups, 50 nodes per server, 50 values per group)
- DLMS Client: increased maximum count of connection sections to 30
- DLMS Client: added short name referencing
- SNMP: set strict default community access when IPv6 address is used
- SNMP: improved sysName OID to set device's hostname
- Mosquitto: updated package version to 2.0.17
- Hotspot: moved MAC blocking option from Access Control to Hotspot page
- WebUI: added MAC authentication support when using RADIUS authentication mode
- WebUI: moved licenses to footer
- OpenVPN: added the bridge option for selecting the network device to be bridged with
- OpenVPN: added possibility to create more than one TAP client
- SSTP: updated package version to 1.0.19
- System
- WebUI: added more strict password requirements for restoring backup
- SMTP: added option to either not verify SMTP server or upload SMTP server's CA file to verify authenticity
- WebUI: Added the ability to choose the ROOT CA when using certificates from the device
- WebUI: unified time format to ISO8601 across the entire WebUI
- WebUI: added ability to choose imported certificate and key as 'Server certificate' and 'Server key' in 'Access Control'
- WebUI: added 'Hosts' and 'IP Addresses' options for 'Simple' certificate generation and certificate signing
- WebUI: changed firmware update option to server as a default option
- WebUI: improved first login password change logic
- Certificates: updated Root CA certificates
- GPL: added offline package preparation command for GPL builds
- Speedtest: added multiple connections support to improve accuracy
- Kernel: updated to version 5.15.149
- Libcap: updated package version to 2.69
- Network
- Fix
- Network
- Topology: fixed showing interfaces with assigned VLAN
- WebUI: fixed static routing creation for GRE instance
- Network: fixed DHCPv4 relay mode enabling
- Failover: fixed Failover missing active rules when using multiple source and destination IP addresses
- WebUI: fixed network and failover interface metric sorting synchronization issue
- WebUI: fixed failover rule policy save issue with newly added WAN interface
- Interfaces: fixed failover value for new WAN being taken from WAN that was just deleted
- Services
- Modbus Client: allow using negative floating point values in requests
- Azure IoT Hub: fixed Data to Server minor WebUI dependency bugs
- Data to Server: fixed DLMS data formating
- Data to Server: fixed Network link state data display
- DLMS Client: fixed segfault while reading profile generic COSEM object
- DLMS Client: fixed profile generic entries reading
- DLMS Client: fixed application memory allocation issues
- SSTP: fixed route adding when default route is enabled
- SNMP: fixed VLAN OID naming
- OpenVPN: added fixes for instance status tracking functionality
- OpenVPN: resolved uptime counting issues
- PPTP: fixed PPTP instance deletion problem
- Azure IoT Hub: fixed 'contentType' telemetry message parameter
- Hotspot: fixed password validation for locally created users and signed-up users
- Hotspot: fixed session invalidation after deleting registered user
- Hotspot: fixed firewall rule creation
- PPTP: fixed problem related with routes when failover is enabled
- WebUI: fixed data loading error in Input/Output > Post/Get page
- UPnP: updated package version to 2.3.4
- System
- Package Manager: fixed spinner message when restarting network after package upload or download
- Package Manager: fixed supported devices check when installing a package from server
- WebUI: fixed language install from uploaded package after upgrade with keep settings
- WebUI: fixed an issue when a user was not logged out after changing profiles
- Telnet: fixed segmentation fault during concurrent connections
- CLI: fixed enter key issue on mobile chromium based browsers
- System Users: fixed SSH session close after deleting user or disabling SSH access
- Profiles: fixed profile migration with installed packages
- WebUI: fixed Hotspot log page table search functionality
- Speedtest: fix missing download speed on some servers
- PAM: updated libpam to version 1.6.0
- Network
- CVE Patches
- CVE-2022-4603
- CVE-2022-23308
- CVE 2022-45061
- CVE-2023-0466
- CVE-2023-6129
- CVE-2023-7042
- CVE 2023-24329
- CVE 2023-27043
- CVE-2023-42366
- CVE-2023-46218
- CVE-2023-46219
- CVE-2023-46752
- CVE-2023-46753
- CVE-2023-48795
- CVE-2024-2397
- CVE-2024-25062
- CVE-2024-27913
- CVE-2024-22365
RUT301_R_00.07.06.10 | 2024.04.04
- Fix
- System
- Ledman: fixed memory leak
- System
RUT301_R_00.07.06.8 | 2024.03.25
Note: Firmware R_00.07.06.8 was removed due to an issue with inefficient memory allocation for LED control.
- Improvements
- Services
- IPSec: disabled libgmp in favor of openssl
- IPSec: updated Strongswan to 5.9.6
- Services
- Fix
- Services
- IPSec: increased charon load timeout
- IPSec: fixed loading of large private keys
- Services
RUT301_R_00.07.06.6 | 2024.03.04
- New
- Services
- Added domain and subdomain options for external landing page in Hotspot
- Services
- Improvements
- System
- Minified *.svg WebUI files to save space on the device
- Removed unused easy-rsa package to increase free space
- System
- Fix
- Services
- Fixed OverIP serial utility issue where after some time server mode can't accept incoming connections anymore
- Services
RUT301_R_00.07.06.5 | 2024.02.21
- Initial FW release for the RUT301 device