Skip to content
Compare
Choose a tag to compare

Bugfixes:
[farms] improve performance saving and loading high number of elements
[farms] fix backend maintenance deletion
[farms] keep backend rules in maintenance mode
[farms] fix sigsegv when there is no backend
[farms] disable static sessions when backend is not available due to priority
[farms] avoid limit per client when configured connection limit per backend
[system] change the path for nft binary

Compare
Choose a tag to compare

New features:
[system] introduce full management command line interface, named zcli
[api] introduce zapi version 4.0.1 including the new features automation
[farms] introduce L4 DSR session persistence support
[farms] reload the runtime http farm configuration when a change is done in the webgui
[farms] button to copy farms

Improvements:
[system] add more information to supportsave about zproxy process
[farms] allow creating farms with the same networking settings
[farms] faster start of farmguardian
[system] add verbose messages in case supportsave has not been generated properly
[system] updated netcat package used for networking test purpose
[farms] if all ports are balanced then all protocols should be configured by default
[system] improve management of errors

Bugfixes:
[farms] HTTP profile was not stopped properly
[ssl] some SSL certificates were not moved to the certificate store
[system] do not start SNMP service if it is disabled
[stats] fix an error in HTTP backend stats
[farms] enable a minimum log level for HTTP farms
[system] fix an error dumping sessions information in supportsave
[ssl] load long certificate lists in less than 1 minute
[farms] solved routing rules for sd-wan (dslb)
[system] now SNMP is started after a reboot
[farms] solved connection issues with farmguardian and persistence
[farms] fixed persistence table management in l4xnat
[system] check the networking settings before applying the configuration to avoid error messages in logs
[webgui] optimize certificates table pagination load
[farms] fixed dashboard view for dslb farms
[webgui] allow using the colon in the password field

Compare
Choose a tag to compare

New features:
[proxy] add/delete response headers
[proxy] add multi-listener support
[proxy] add support to listener config reload
[proxy] added WAF support (libmodsecurity3, disabled by default)
[proxy] added automatic memory trimmer
[proxy] add backend server priority setting
[proxy] add -R option to reload listener configuration from file

Improvement:
[webgui] restart notice message after HTTPS changed parameters
[proxy] add missing extended HTTP verbs
[proxy] add centralized regex manager
[proxy] add listener CTL management support
[proxy] schedule redirect response if backend connection fails
[proxy] do not load balance if only 1 backend is present
[proxy] add better information in logs
[proxy] set static maximum SSL handshake retries
[proxy] added case insensitive comparator to Headers map

Bugfixes:
[farms] fix dh2048.pm path in HTTP template file
[farms] force protocol to ALL when all ports are selected in l4xnat farms
[farms] fix an error modifying https ciphers
[guardian] fix an error copying a farmguardian
[farms] fixed deleting backend ports
[webgui] the WebGUI actions are translated
[webgui] fix the behavior of javascript messages
[proxy] SSL connections management bugfixes and cleanups
[proxy] fixed redirect behavior
[proxy] fixed pinning behavior with SSL protocol
[proxy] fixed URL matcher
[proxy] assign new backend if a timeout is reached
[proxy] assign different backend if session information is not found
[proxy] fixed incomplete response parse continuation
[proxy] fixed Location and Content-Location wrong protocol if RewriteLocation=2
[proxy] fixed crash parsing an HTTPS listener
[proxy] fix session cookie header value parser
[proxy] invalidate sessions if the backend is down
[proxy] fix cookie session-id comparation
[proxy] fix crash on process exit
[proxy] reply err503 on abrupt connection close by the backend
[proxy] fix malformed log data

Compare
Choose a tag to compare

New features
[farms] Add persistence between clients and backends using hashes depending on “ip”, “port”, “mac”, “source ip and source port” or “source ip and destination port”
[farms] Add option to l4xnat to set the port
[farms] Add nat type based on stateless dnat
[gui] Add module to translate the webgui to a different language
[api] Retrieve the parameter list accepted by the API for a call when it is called without parameters (POST and PUT methods)

Improvements
[farms] Remove and modify backends using the nft mark
[farms] Apply deterministic order to farm listings (sorting alphabetically). Pull request from the github user brudo (William Bruce Dodson)
[farms] Do not control Access-Control-Allow_Origin header when the request is using the zapi key
[farms] Disable the HTTP parameter “ECDHCurve” by default
[farms] Add check to avoid port collision with l4xnat farms
[farms] Lock HTTP farm config file while a service it is being modified
[farms] Create a dummyTable to start the nf_conntrack module
[farmguardian] Add checks for “sip” and “redis”
[system] Restart web server when Zevenet is restarted
[system] Set the binaries path in the global.conf file
[system] Update system dependencies
[system] Expand error message
[system] Remove the zlb-stop and zlb-start files from the package and set them as templates
[system] Postinst refactoring
[system] Apply perltidy to code files
[system] Move logic from API to the library
[system] Remove completely iptables code and dependencies
[system] Export global.conf to bash scripts
[system] Set all log tags in lower case
[system] Check the uploaded backups before that stores it
[system] Change restart services for reloading them in cron tasks
[system] Move profiling logs to debug level 5
[system] Add more system information to supportsave
[api] Log the JSON input parameters
[api] Standardizer API calls for copying actions
[api] Improve the validation of the parameters
[api] Refactoring for farm module
[api] Returns an error if a sent parameter was not expected for the call
[api] Created a new call for getting system information
[cluster] Move the local configuration to a local directory
[networking] Add arp announce feature after any IP configuration
[networking] Masquerade traffic towards the backend with the parent interface of the vip

Bugfixes
[system] Fix an error of looping when a backup is applied
[system] Omitting commented routing tables in supportsave
[system] Fix typo in output message and logs
[system] nftables is not printed in supportsave
[system] Fix the regex for SNMP community and SNMP name parameters
[system] global.conf did not parse the variables with “update” tag
[farms] Error returning the ciphers parameter in HTTP farms
[farms] Error modifying the custom security ciphers parameter in HTTP farms
[farms] Missing farmguardian parameter in the HTTP farm
[farms] Solved a bug when parsing the file to add the backend in HTTP farm if the service has the same name as the farm
[farms] Fix helpers protocols for l4xnat farms
[farms] Force all protocol when setting all ports in l4xnat farms
[farms] Fix loading helpers for natting
[farms] Fix duplicated rules when the protocol is “all” in l4xnat.
[farms] Solved corruption of pound file when enabling TLS/SSL in HTTPS and it was already enabled
[farms] Fix the tag and mark generation per backend
[farms] Do not allow the ‘prio’ algorithm parameter for l4xnat
[farms] Avoid flushing the entire ruleset
[farms] l4xnat farm stats does not return any backend if the farm is down
[farms] returns the backend down if the status is config_error
[farms] Fix an error in l4xnat stats with “snat”
[farms] Assuring that nftlb is stopped when performing a stop
[farms] Avoid the use of Expect in the curl request that can produce recv blocking
[farms] Remove regexp for HTTP redirect in HTTP farms
[farmguardian] Zevenet service script was not calling to farmguardian start
[certificates] Error in the certificate parameter 'issuer'
[networking] Group the routing rules by type
[networking] Reload routing rules when a farm or interface is modified
[networking] Fix an error setting an interface that was in the down interface
[networking] Allow creating VLAN without gateway
[networking] Solved bug when deleting a VIP
[networking] Solved error unsetting a nic that was not applied in the system
[networking] Create the nic config file if it does not exist
[networking] Improved ipv4 regexp
[networking] Do not allow to modify the interface used for management services (HTTP and SSH)
[system] Applying backup returns success on failure
[api] Change error code 400 for 404 when the certificate is not found
[api] API returns an error when it receives an array or a hash in the JSON parameter and it is not expected

Compare
Choose a tag to compare

This release includes the following changes:

New features:
[networking] IPv6 support
[system] 64 bits support
[farms] new L4xNAT core based on nftables and nftlb
[farms] supported additional L4xNAT load balancing protocols: SIP,
FTP, TFTP, SCTP, AMANDA, H323, IRC, NETBIOS-NS, PPTP, SANE and SNMP.
[farms] add L4xNAT direct server return support
[gui] new WebGUI with Angular6 based in ngx-admin template
[api] new Zevenet API 4.0
[guardian] an easier configuration system for farm guardian.

Improvements:
[system] fix security issues Spectre and Meltdown
[system] kernel update (Debian Buster)
[system] improved support for hypervisors
[system] improved code refactoring

Compare
Choose a tag to compare

This release includes the following changes:
Improvements:
[ssl] update the HIGH cipher string

Bugfixes:
[farms] error modifying the SSL HTTPS certificate
[ssl] error uploading a SSL certificate
[ssl] set the custom cipher string properly

Compare
Choose a tag to compare

This release includes the following changes:

Improvements:
[farms] Locking system for http configuration files
[networking] Add a check to verify the virtual IP when starting a farm

Bugfixes:
[stats] L4xNAT statistics does not show backends list
[stats] HTTP does not show the virtual interfaces stats
[farms] Fix L4xNAT farms and datalink renaming
[farms] Allow character ‘_’ for HTTP service names
[networking] Run virtual interfaces in the start process
[certificates] Fix the load of certificate field ‘Issuer’
[supportsave] Don’t use arptables to resolve IPs
[farms] Remove critical status in HTTP farms when a redirect configured
[farms] Allow setting the backend parameter ‘port’ as blank
[farms] Modifying a L4xNAT farm returns error sometimes
[services] Error parsing the file ‘resolve.conf’
[farms] Use a more restrictive regular expression to get farm file name

Compare
Choose a tag to compare

This release includes the following changes:

New features:
[gui] A new web GUI frontend in Angular
[api] New API JSON+REST capabilities for processes automation
[networking] New networking section for a better management and configuration of interfaces
[farms] New LSLB module (Local Service Load Balancer) which manages both L4xNAT and HTTP/S profiles
[farms] Two different maintenance modes (cut and drain) for HTTP[S] and L4xNAT profiles
[farms] Improved HTTPS profile with new options to Enable / Disable SSL/TLS protocols
[farms] Max number of connections by backend server in L4xNAT profile
[farms] New DSLB module (Datalink Service Load Balancing) which manages uplinks and inbound LB
[farms] New farms status (UP, DOWN, Critical and Problem)
[farms] New backends Status (UP, DOWN, Maintenance and Undefined)

Improvements:
[sys] Faster response based on REST API
[gui] Improved look and UX
[sys] Enhanced logs management
[support] Support save options for better troubleshooting and support
[sys] Linux Kernel based in a common Debian Stretch
[sys] Easier upgrade by modules and transitions to Enterprise
[sys] Improved the backup and recovery procedure

This release includes bugfixes for udp connections on L4xNAT farms.

Compare
Choose a tag to compare

This release include the bugfix for password change.