Discover SKUDONET's journey of innovation

Get to know the history and progress of SKUDONET in the load balancing industry since its foundation.

SKUDONET EE 6.3.11 (Enterprise Edition)


[gui] added DCHP status listing NIC, VLAN, and Bonding Interfaces. Now web GUI users can see which interface is configured in DHCP mode without accessing the configuration parameters.
[system] configure APT after a Certificate Activation. APT configuration is done even if the SKUDONET Appliance is not able to connect to the internet

[ipds] fixed creating Blacklists when the configuration directory does not exist.
[farm] fixed stop farms when updating. When SKUDONET Appliance is updated, the system doesn’t stop the farms unexpectedly.
[system] disabled reset sysctl in Kernel optimization. Now kernel parameters are not reset on the updated process

SKUDONET EE 6.3.10 (Enterprise Edition)


New Features:
[farm] added remove/add Headers in services. Additionally to the possibility of adding or removing HTTP request/response headers in the Global section, now the action also can be done in the service section, in that way each service can manage its headers without affecting to the other services.
[cluster] added pre/post hooks to cluster role MASTER and BACKUP. We have created 4 different hooks for 4 different cluster events, hook pre-master, cluster event executed just before the node takes the master role, hook post-master, and cluster event executed just after the node takes the master role. cluster pre-backup and post-backup, in the same way, hooks executed just before and after the node takes the backup role. The users can connect here its scripts to extend the tasks executed in each action.
[routing] edit only active table routes. Disabled the possibility of editing a routing table without any IP configured on it.
[ipds] IPDS schedule configuration is synched with the backup node. Once the download of the IPDS package is configured using the scheduler, the backup node receives the configuration as well automatically.

[cluster] fixed initialization cluster creation. Solves some minor issues detected in the cluster creation process.
[ipds] fixed stats with farm names including “-” character. Fixed the parser for the stats, it was broken if a hyphen is detected in the farm name.
[system] fixed the following vulnerability issues:
CVE-2023-39804, CVE-2023-41913, CVE-2024-3651

SKUDONET EE 6.3.9 (Enterprise Edition)


New Features:
[ipds] Added restore actions for Preloaded WAF Rulesets and Rules: Now OWASP rules can be edited and adapted by the customer, with this new version SKUDONET shows which rule has been modified by the user, view the differences with the original OWASP rule and revert changes if required
[system] System Logs can be filtered by Farms and IPDS: Now the SYSTEM > Logs view has been improved allowing filtering of the output information, in this new SKUDONET version the logs are shown like a tail

[ipds] updated the WAF Rule IDs: We have modified the SKUDONET ID waf description to be more understandable
[ssl] CSR Keys for SSL certificates can be downloaded: We have improved the LSLB > SSL view allowing the option of managing the CSR Certificate keys, download and use for the PEM SSL certificate generation
[gui] added a refresh option to IPDS daily Reports, now this view can be used like an informational panel
[gui] added corporate Font to the web GUI

[system] fixed message activating certificates: As soon as the system is activated the alert messages disappear.
[system] Fixed the following vulnerability issues:
CVE-2021-37600 and CVE-2024-28085

SKUDONET EE 6.3.8 (Enterprise Edition)


New features:
[gui] added IPDS information in Dashboard: Users can see information in real-time about attacks blocked by rules inside the IPDS module

[farms] logging the Backend MAC on DSR Nat type L4xNAT farms. The logs for this kind of farm have been extended, adding the destination MAC of the server to which the client is connected

[ipds] fixed encode/decode URLs with special characters. Some URLs were not properly shown in the IPDS Reporting section inside the MONITORING > Reports view

SKUDONET EE 6.3.7 (Enterprise Edition)


[farmguardian] added a new UDP check based on NC: Now further UDP services can be monitored natively like OpenVPN, SIP
[system] some improvements in code are done. The binary code loads faster and with less CPU usage, we have avoided many calls to the system

[routing] fixed apply custom routes on the main table starting the service. Custom routes now are applied properly
[farms] fixed Let’s Encrypt autorenewal restart process of a farm. Lestencryptz was stopping farms and not starting them again after a Letsencrypt Certificate renewal
[system] fixed the following vulnerability issues:

SKUDONET EE 6.3.6 (Enterprise Edition)


New Features:
[ipds] Added IPDS reports. A new reporting view is included where users can access real-time data or previous data of the intrusion prevention and detection module.

SKUDONET EE 6.3.5 (Enterprise Edition)


New Features:
[ipds] Added IPDS stats
[farm] Added FQDN Backend Address support for HTTP farms

[gui] Added login logo to Theme settings
[gui] Changed default colors with the new SKUDONET brand

[gui] Fixed resize images in Theme settings Menu
[system] Fixed the following vulnerability issues:
CVE-2023-7090, CVE-2023-28486 and CVE-2023-28487

SKUDONET EE 6.3.4 (Enterprise Edition)


New Features:
[gui] added Theme customization

[ipds] improvement phase resolution on WAF OWASP Rulesets

SKUDONET 6.3.3 (Enterprise Edition)


[ipds] Added accuracy to IPDS Stats Graphs

[ipds] Fixed RBL daemon logging
[gui] Fixed showing Graphs issue

SKUDONET 6.3.2 (Enterprise Edition)


New Features:
[farms] Added new 100-Continue modes: Silent Pass, Not allow in HTTP Farms
[farms] Added Disable TLS v1.3 option in HTTP Farms
[ipds] Added IPDS Statistics Graphs

[ipds] Improvement IPDS Stats Collector process
[ipds] Added Audit option in WAF Rules

[ipds] Fixed restore modified preloaded WAF Rules
[farms] Fixed manage Expectation: 100-Continue Header
[system] Fixed the following vulnerability issues:
CVE-2023-45803, CVE-2023-43803, CVE-2023-45145, CVE-2023-36054, CVE-2023-34969, CVE-2018-25091, CVE-2023-44487, CVE-2020-11080, CVE-2023-38546, CVE-2023-28321, CVE-2023-43804, CVE-2019-11236, CVE-2020-26137, CVE-2019-11324, CVE-2023-4693 and CVE-2023-4692

SKUDONET 6.3.1 (Enterprise Edition)


[ipds] add a check source in Blacklists
[ssl] add retries in Let’s Encrypt restart farms actions

[ssl] fixed creating sequential directories in Let’s Encrypt renew action
[system] fixed the following vulnerability issues:
CVE-2023-43787,CVE-2023-43786,CVE-2023-43785,CVE-2023-32665,CVE-2023-32611,CVE-2023-29499,CVE-2023-40217,CVE-2021-23336,CVE-2023-24329,CVE-2022-48560,CVE-022-0391,CVE-2022-48566,CVE-2022-48565,CVE-2020-22218,CVE-2019-17498,CVE-2019-3115,CVE-2023-38408,CVE-2023-3817,CVE-2023-3446 and CVE-2023-2828

SKUDONET 7.0.1 (Community Edition)


[iso] Debian Bookworm Official Repositories are added in the Installation
[ssl] Letsencrypt: avoid creating Let’s Encrypt sequential directories on renew action

SKUDONET 7.0.0 (Community Edition)


New features:
[system] new Operating system based on Debian 12 Bookworm
[system] new Kernel 6.1 with support for new Network interface models
[system] UEFI support for the Operating System Installation

[gui] new brand from ZEVENET to SKUDONET
[farms] changed HTTP(S) binary from zproxy to pound, stable and robust

SKUDONET 6.3.0 (Enterprise Edition)


New Features:
[system] rebranded to SKUDONET

[farms] avoid mixing different IP versions in L4xNAT Backends

[cluster] fixed contract flush action when enabling a node in maintenance
[farms] fixed deleting wrong backend sessions
[farms] fixed changing VIP IP version in L4xNAt farms

SKUDONET 6.2.25 (Enterprise Edition)


[cluster] Improved ssyncd daemon logging
[farm] Allow set Alive parameter lower than ConnTO parameter when new generation proxy is disabled
[system] Improved logging when installing new SKUDONET packages
[system] Added ipv6 routing info in Supportsave

[cluster] Fixed sessions synchronization in HTTP farm with several services using persistence
[ssl] Fixed creating an existent Let’s Encrypt certificate
[routing] Fixed configure default IPv6 gateway
[farms] Fixed creating farms using IPv6 in VIP
[system] Fixed the following vulnerability issues:
CVE-2022-47015, CVE-2021-38185, CVE-2019-14866, CVE-2023-0466, CVE-2023-0465, CVE-2023-2650, CVE-2023-0464, CVE-2022-4141, CVE-2023-0054, CVE-2023-2610 and CVE-2023-1175

SKUDONET 5.13.4 (Community Edition)


[lslb] Avoid duplicating backends with the same IP and port
[proxy] Improved Err directives in the configuration file
[proxy] Code optimization
[proxy] Disallow broadcast IPs for backends

[lslb] Fixed start HTTP Farm when the process is running but PID file does not exist
[lslb] Fixed error in the farm config file when adding persistence
[proxy] Fix memory leaks on service unification
[proxy] Fix PARM type persistence
[proxy] Fix possible segmentation fault in Sessions CTL calls

SKUDONET 6.2.24 (Enterprise Edition)


[ipds] Improved the WAF Assistant management

[webgui] fixed Let’s Encrypt validate domains
[ipds] fixed Ruleset WAF status management
[cluster] fixed conntrack state initial synchronization
[system] fixed the following vulnerability issues:
CVE-2015-20107, CVE-2021-3177, CVE-2019-20907, CVE-2021-3737, CVE-2019-1010238, CVE-2020-8492, CVE-2022-45061 and CVE-2021-3733

SKUDONET 6.2.23 (Enterprise Edition)


[guardian] added Priority feature to farmguardian checks

[proxy] fixed recovery process handling

SKUDONET 6.2.22 (Enterprise Edition)


[system] added file descriptors in Supportsave

[cluster] fixed AWS cluster management account
[farm] fixed match proxy process running and PID file in system
[proxy] fixed X-Forwarded-For header management
[system] fixed the following vulnerability issues:
CVE-2023-26604, CVE-2023-28856, CVE-2023-29469 and CVE-2023-28484

SKUDONET 5.13.3 (Community Edition)


[system] certificates are not included in Supportsave by default
[proxy] fixed some memory leaks
[proxy] added session synchronization CTL API call
[proxy] minor optimizations
[proxy] sessions table optimization

[api] fixed LSLB farm sessions output.
[proxy] fixed backend pending connections stats
[proxy] fixed SSL/TLS options
[proxy] minor fixes

SKUDONET 5.13.2 (Community Edition)


[ssl] LetsencryptZ: restore the farm when a certificate renewal is finished by a timeout
[system] added file descriptors info in supportsave

[proxy] fixed chunked transfer encoding
[proxy] fixed websocket protocol
[api] fixed create copy from farm action
[api] fixed farm status calculation in backend actions
[api] fixed modify persistence TTL in HTTP farms

SKUDONET 6.2.21 (Enterprise Edition)


[ssl] LetsencryptZ: restore the farm when a certificate renewal is finished by a timeout
[cluster] fixed error in sync action when deleting files is performed at the same time
[system] fixed the following vulnerability issue:
CVE-2023-25136, CVE-2012-1151, CVE-2020-8991, CVE-2010-1161, CVE-2019-17595, CVE-2019-17595, CVE-2014-0479, CVE-2022-45873, CVE-2022-36021, CVE-2019-20454, CVE-2022-1587 and CVE-2022-1586

SKUDONET 5.13.1 (Community Edition)


[networking] improvement starting interfaces
[webgui] improvement applying farmguardian
[lslb] http: scheduling algorithm improvements
[lslb] http: improve pending connection count for backends

[system] fixed SupportSave command
[lslb] http: fixed redirect behavior

SKUDONET 5.13 (Community Edition)


New features:
[lslb] http: new SKUDONET HTTP/S core zproxy. Improvement on event handlers
[lslb] l4: updated SKUDONET L4 core nftlb

[ssl] added timeout control in Let’s Encrypt integration
[networking] interfaces management improvements for better performance
[system] code optimization for performance improving

[lslb] l4: fixed unload NAT protocols module

SKUDONET 6.2.20 (Enterprise Edition)


[ssl] improve timeout control in Let’s Encrypt integration
[ssl] added checks for Let’s Encrypt certificate actions
[webgui] added logging for Let’s Encrypt wildcard certificates

SKUDONET 6.2.19 (Enterprise Edition)


[guardian] improvement getting the farm status

[proxy] fixed delete sessions in maintenance “cut” mode in HTTP/S farms

SKUDONET 6.2.18 (Enterprise Edition)


[proxy] fixed macro VHOST in redirect
[farms] fixed HTTP farms mark management
[system] fixed HTTP backends stats

SKUDONET 6.2.17 (Enterprise Edition)


New features:
[system] add a binary to enable/disable new generation proxy

[proxy] fixed decode URL on redirect
[routing] fixed disable floating action

SKUDONET 6.2.16 (Enterprise Edition)


[rbac] allow user names starting with a number

[proxy] fixed HTTP farm stats management
[proxy] fixed location URL encoding in redirect responses

SKUDONET 6.2.15 (Enterprise Edition)


[system] added SKUDONET service restart flag in package installation

[cluster] fixed azure cluster management account

SKUDONET 6.2.14 (Enterprise Edition)


[networking] improve backend source address calculation

[api] fixed start farm action
[system] fixed the following vulnerability issue:

SKUDONET 6.2.13 (Enterprise Edition)


[cluster] improve cluster management and logging

[api] fixed virtual interfaces list status “down” string
[farm] fixed HTTP redirection to an HTTPS protocol URL
[farm] fixed HTTP logging issue
[system] fixed the following vulnerability issue:

SKUDONET 6.2.12 (Enterprise Edition)


[ssl] added a timeout for Let’s Encrypt automatic renew action
[ipds] do not run IPDS collector process by default
[networking] improve network actions process time

[farm] fixed HTTP response headers management
[ipds] fixed Blacklists migration script
[system] fixed the following vulnerabilities issues:
CVE-2022-43680, CVE-2022-29458, CVE-2022-40303, CVE-2022-40304, CVE-2022-23218, CVE-2022-44638, CVE-2022-0729, CVE-2021-3927, CVE-2021-3928, CVE-2021-3974, CVE-2021-3984, CVE-2021-4019, CVE-2021-4069, CVE-2021-4192, CVE-2022-0261, CVE-2022-0351, CVE-2022-0359, CVE-2022-0361, CVE-2022-0368, CVE-2022-0408, CVE-2022-0413, CVE-2022-0417, CVE-2022-0443, CVE-2022-0554, CVE-2022-0685, CVE-2022-0943, CVE-2022-1154, CVE-2022-1616, CVE-2022-1720, CVE-2022-1898, CVE-2022-1968, CVE-2022-2304, CVE-2022-2946, CVE-2022-3099, CVE-2022-3134, CVE-2022-3234, CVE-2022-3324, CVE-2022-3705, CVE-2022-0213, CVE-2021-4193, CVE-2022-0319, CVE-2022-0714, CVE-2022-0572, CVE-2022-1851, CVE-2022-2285, CVE-2022-2598, CVE-2022-0392, CVE-2022-1619, CVE-2022-1621, CVE-2022-1785, CVE-2022-1942, CVE-2022-1897, CVE-2022-2000, CVE-2022-0629, CVE-2022-3256, CVE-2022-2129, CVE-2022-2129, CVE-2022-3235, CVE-2022-0318, CVE-2022-0696 and CVE-2022-3352

SKUDONET 6.2.11 (Enterprise Edition)


New features:
[webgui] add a column to differentiate user-defined Blacklists from preloaded

[ssl] implemented SNI when creating CSR certificates

[farms] fixed unloading kernel NAT protocol modules
[farms] fixed L4xNAT maintenance management
[system] fixed the following vulnerabilities issues:
CVE-2021-33574, CVE-2020-27618, CVE-2022-23219, CVE-2021-35942, CVE-2020-6096, CVE-2021-3999, CVE-2021-3326, CVE-2016-10228, CVE-2021-27645, CVE-2019-19126, CVE-2019-25013, CVE-2020-10029, CVE-2020-1752 and CVE-2022-3515

SKUDONET 6.2.10 (Enterprise Edition)


New features:
[webgui] add a “save all” button

[cluster] improvement switching roles action

[ssl] fixed Let’s Encrypts Wildcard renew action
[webgui] fixed Local IP filter in Cluster settings
[system] fixed the following vulnerabilities issues:
CVE-2022-27404, CVE-2022-25308, CVE-2022-27405, CVE-2022-27406, CVE-2022-25309, CVE-2022-25310, CVE-2022-37434, CVE-2021-20223, CVE-2020-35525, CV
E-2020-35527, CVE-2021-3800, CVE-2022-0530, CVE-2022-0529, CVE-2022-40674, CVE-2022-31081, CVE-2022-42012, CVE-2022-42011, CVE-2022-42010 and CVE-

SKUDONET 6.2.9 (Enterprise Edition)


[ssl] add a stronger check to SSL certificates
[ipds] set WAF assistant enabled by default
[ipds] improvement of WAF assistant management

[ipds] fixed delete WAF rule conditions
[farms] fixed SRV and NAPTR type resources on GSLB farms
[system] fixed the following vulnerabilities issues:
CVE-2022-2469, CVE-2022-2509, CVE-2021-4209, CVE-2022-2625, CVE-2022-37452

SKUDONET 5.12.2 (Community Edition)


New features:
[ssl] add autorenewal configuration for Let’s Encrypt certificates

[farms] L4xnat: Add module parameters configuration in global.conf for SIP protocol
[ssl] reload farms renewing Let’s Encrypt certificates
[networking] improve default GW managing
[farms] L4xnat: improve multiport handle
[webgui] add backend status in LSLB view

[ssl] fixed renewing staging Let’s Encrypt certificates
[farms] L4xnat: fixed copy farm action
[system] reload cron configuration after skudonet restart
[networking] fixed configure default GW application order in SKUDONET service
[config] fixed remove zapikey from global.conf disabling root zapi permission

SKUDONET 6.2.8 (Enterprise Edition)


New features:
[ssl] add autorenewal configuration for Let’s Encrypt certificates

[ssl] reload farms renewing Let’s Encrypt certificates
[webgui] add backend status in LSLB view

[webgui] fixed activation certificate information
[ssl] fixed renewing staging Let’s Encrypt certificates
[system] fixed the following vulnerabilities issues:

SKUDONET 6.2.7 (Enterprise Edition)


[ipds] reload blacklists without disabling them
[ipds] schedule blacklists without restarting them
[system] improve activation certificate notifications
[networking] improve default GW managing
[farms] L4xnat: improve multiport handle

[networking] fixed configure default GW application order in SKUDONET service.
[ipds] fixed mismatched blacklists order applied
[farms] L4xnat: fixed copy farm action
[zenbui] fixed interface configuration file not updated
[system] fixed the following vulnerabilities issues:
CVE-2022-1292,CVE-2022-29824,CVE-2022-1664 and CVE-2022-24903

SKUDONET 5.12.1 (Community Edition)


[proxy] fixed rewrite location to avoid open redirect vulnerability
[farms] L4xnat: fixed mark masquerade
[farms] L4xnat: add recovery system in NFTLB daemon
[farms] L4xnat: translate the new L4xnat backend status “available” as “up”

[webgui] fixed tab title
[webgui] fixed checkupdate message

SKUDONET 6.2.6 (Enterprise Edition)


[cluster] Session replication daemon uses system profile
[farms] L4xnat: add recovery system in nftlb daemon
[api] add get farm status call
[system] improve managing activation certificate

[cluster] fixed registration HTTP farms in session replication daemon when changing the persistence
[proxy] fixed rewrite location to avoid open redirect vulnerability
[farms] L4xnat: fixed mark masquerade
[system] fixed cron redirection commands
[system] fixed the following vulnerabilities issues:
CVE-2022-1271 and CVE-2022-1552.

SKUDONET 5.12 (Community Edition)


New features:
[webgui] new web GUI with new Angular technology v12
[ssl] letsencrypt integration
[lslb] http: add and delete HTTP headers
[lslb] http: priority load balancing support
[lslb] http: rewrite URL directive (proxy pass)
[lslb] http: updated SKUDONET HTTP/S core zproxy
[lslb] l4: updated SKUDONET L4 core nftlb
[zcli] SKUDONET command line improvements
[api] 4.0.2 API version

SKUDONET 6.2.5 (Enterprise Edition)


New features:
[proxy] add timeout managing socket control

[system] avoid cerbot command listing LetsEncrypt certificates
[system] add PPID column in supportsave ps info
[stats] disable session information when they are not needed
[cluster] improve performance in sessions replication

[farms] fixed backend IP changed when a DHCP modification is performed
[farms] fixed HTTP farm migration script
[farms] fixed l4xnat virtual port changed to multiport when setting protocol to SIP
[farms] l4xnat: fixed scheduler symhash with only one backend available
[webgui] fixed certificate expiration time message

SKUDONET 6.2.4 (Enterprise Edition)


New features:
[system] allow Hostname as a rsyslog remote server

[farms] flush connections when a L4 farm is stopped/deleted
[farms] flush connections when a L4 backend is deleted

[farms] fixed L7 floating backend sourceaddress assignment
[networking] fixed routing rule validation
[networking] fixed no check route table before listing
[system] fixed the following vulnerabilities issues:
CVE-2021-4160, CVE-2022-0778, CVE-2021-25220, CVE-2019-17041, CVE-2019-17042, CVE-2021-3770, CVE-2021-3778, CVE-2022-24048, CVE-2022-24050, CVE-2022-24051, CVE-2022-24052, CVE-2021-43618, CVE-2021-46667, CVE-2021-3796, CVE-2021-35604, CVE-2021-46659, CVE-2021-46661, CVE-2021-46663, CVE-2021-46662, CVE-2021-46664, CVE-2021-46665, CVE-2019-15165, CVE-2019-20807, CVE-2018-25032

SKUDONET 6.2.3 (Enterprise Edition)


[networking] do not delete routes for a nonconfigured interface
[farms] add validation and migration script for HTTP directive “Alive”
[system] add scope validation modifying SNMP scope value
[webgui] enable Cypress Studio for integration tests
[webgui] update Readme

[farms] fixed established connection for a L4xnat farm are not shown
[ipds] fixed ordering the blacklists
[farms] fixed URL Pattern not allow comments in HTTP Farms
[system] fixed start nftlb if PID file exists but daemon is not running
[webgui] fix network virtual create form
[webgui] fix blacklist edit form CSS
[webgui] fix memory leak in LSLB farm services list

SKUDONET 6.1.27 (Enterprise Edition)


[networking] do not delete routes for a nonconfigured interface
[farms] add validation and migration script for HTTP directive “Alive”
[system] add scope validation modifying SNMP scope value.
[system] add SKUDONET 6.2 repository source

[farms] fixed established connection for a L4xnat farm are not shown
[ipds] fixed ordering the blacklists
[farms] fixed URL Pattern not allow comments in HTTP Farms
[system] fixed start nftlb if PID file exists but daemon is not running
[system] fixed issue migrating from iptables to nftlb in the backend status

SKUDONET 6.2.2 (Enterprise Edition)


New features:
[webgui] add farm blacklists move action

[farms] enable pound as a proxy by default
[rbac] avoid SO limitation pattern creating a RBAC user
[api] add validations to GET stats API
[api] change IPDS API response messages
[api] add ipds message error when configure duplicate WAF rule ids

[system] fixed delete SKUDONET certificate in factory reset
[system] fixed issue migrating from iptables to nftlb in the backend status
[networking] fixed configure default gw in the main routing table when a NIC is modified
[networking] fixed an Interface that can be reconfigured with the same IP
[networking] ignore dhcp parameter in Interface API if is equals to the configured one
[farms] fixed glsb stats service validation
[farms] get farm PID from the PID file, not from the system
[api] fixed create and modify route validation
[api] fix GET /stats/farms//services//backends to get backends by service
[api] fix cookieinsertion validation
[api] do not allow to create any http cookie directive with any blank parameter
[system] fixed the following vulnerabilities issues:
CVE-2022-0543, CVE-2022-25235, CVE-2022-25236, CVE-2022-25313, CVE-2022-25314, CVE-2022-25315, CVE-2022-24407

SKUDONET 6.1.26 (Enterprise Edition)


[proxy] add migration script for old proxy configuration files
[proxy] add a monitor that relaunches the process if it detects a segfault signal
[farms] get farm PID from the PID file, not from the system
[api] add validations to GET stats API
[api] remove name field from GET /stats/system/network/interfaces
[rbac] avoid SO limitation pattern creating a local RBAC user
[guardian] add migration script for old farmguardian configuration files

[farms] fixed GSLB stats service validation
[farms] reset L4 farm backend priority, weight and max connection values if send null
[api] fixed the create and modify route validation
[api] fixed cookie insertion validation
[api] do not allow to create an HTTP cookie directive with any blank parameter
[api] fixed status parameter for GET /stats/system/network/interfaces
[networking] ignore DHCP parameter in interface API if it is equal to the configured one
[networking] fixed configure default gw in the main routing table when a NIC is modified
[networking] fixed an Interface that can be reconfigured with the same IP
[networking] fixed an Interface can be configured with the same IP as a Virtual Interface
[networking] fixed list tables from rt_tables when the name contains “-” character
[ipds] fixed not_match field from ipds rules API
[ipds] WAF: fixed get default_log rule field
[ipds] WAF: modify disable_rules field after deleting a rule
[ipds] WAF: update SecRuleRemoveById when a disabled rule is modified
[ipds] WAF: check the rule IDs when setting the disable rules param
[system] fixed notification sec rules
[system] notifications config dir is excluded from synchronization
[guardian] fixed farmguardian conf modification when modifying a farm name

SKUDONET 6.2.1 (Enterprise Edition)


New features:
[webgui] add time range selector for time graphs
[webgui] show web GUI version in system information

[farms] optimizing L7 floating
[system] add host name to certificate and package alert messages
[farms] fixed reset L4 farm backend priority, weight and max connection values
[webgui] add tooltips in top navigation elements and breadcrumb links
[webgui] improved HTTPS security against web GUI with meta tag CSP (Content Security Policy)

[ipds] fixed check WAF rules ids when set the disable rules param
[ipds] fixed change WAF log sec rule for zproxy new WAF logs patterns
[ipds] fixed configuration of log rule field in WAF
[ipds] fixed issue updating some directives when a disabled rule is modified
[api] fixed minor issues adding require module
[api] fix description field for notification get API
[ipds] fixed WAF regex to avoid posting warnings and get rule name properly
[system] fixed executing permission missing in migration script
[guardian] fixed modification of farmguardian confguration when modifying a farm name
[system] fixed issue applying netplug template
[system] fixed SKUDONET certificate key changes if a backup is imported of other operating system
[system] fixed migration processes execution applying a backup

[system] fixed the following vulnerabilities issues:
CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-23852, CVE-2022-23990, CVE-2021-45960, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2021-46143

SKUDONET 6.2 (Enterprise Edition)


New features:
[system] VPN module
[farms] let’s encrypt integration in the web GUI
[farms] HTTP headers mangling for HTTP(S) profiles
[farms] URL mangling for HTTP(S) profiles
[system] new messages for notifications
[system] configure remote syslog in UDP/TCP mode

[system] ZCLI update
[farms] SSL errors improvements for HTTP(S) farms
[farms] Personalized WAF ERROR code 403
[system] multi-listeners for HTTPS web GUI and SSH service
[system] web GUI SSL certificate modification
[routing] added a new field for comments in the routing module
[cluster] more interfaces can be monitored and members of the cluster service
[ipds] improve user experience configuration for WAF OWASP rulesets
[webgui] new GUI with latest Angular version with user experience improvements

SKUDONET 6.1.25 (Enterprise Edition)


[system] add to checkupgrade the option to convert the load balancer in an early adopter version

[system] change zproxy logs pattern to fix a notification issue
[system] add execution permissions to the rebuild_delreg_files new script
[system] fix netcat usage in the checkupgrade script
[ipds] fix schedule param message from IPDS
[ipds] fix issue to keep WAF ruleset change after a package update
[networking] remove a warning
[networking] fix wrong bonding status on network statistics API call
[syslog] change the tag of a message from error to info
[farms] fix a bug restarting GSLB farms in ZAPI v3
[farms] fix error checking GSLB configuration file
[farms] add a validation for the farm redirect parameter
[farms] fix updated backend sourceaddress in edit backend action

SKUDONET 6.1.24 (Enterprise Edition)


[routing] fix an error creating a /32 mask rule
[system] recreate notifications config files when they are empty
[cluster] fix error in ssyncd when it replies sessions to zproxy
[proxy] fix the TTL session when it is added via API
[system] fixed the following vulnerabilities issues:

SKUDONET 6.1.23 (Enterprise Edition)


New features:
[farms] l4xnat: re-enable h232 protocol support

[config] clean config files when a NIC is removed from the system
[api] add root access permission check in API 3.2
[api] check AWS credentials and return code 400 in case of error, and new field status in GET /aws/credentials api
[config] separate nftlb debug config from global debug config
[webgui] check if the root user has access permission to the Web GUI before login
[networking] add a check for the rule action
[farms] l4xnat: speedup farm port ranges rules generation

[farms] l4xnat: fixed deleting persistence session for DSR
[config] fix misspelled global variable
[config] add missing semicolons in global.conf.template and add AZ logout in case of error setting AZ credentials
[system] fixed function input JSON decoding error in SKUDONET installation
[system] updated message after packages update
[zenbui] fixed remove previous interface configuration in Zenbui
[system] uninstall skudonet-ipds package at factory reset
[farms] l4xnat: fixed accept multiple ranges and ports as virtual port
[farms] l4xnat: fix elements flushing from a policy
[farms] l4xnat: add dynamic persistence rules and update timeout in DSR mode
[system] fixed the following vulnerabilities issues: CVE-2021-36222

SKUDONET 6.1.22 (Enterprise Edition)


[farms] fixed the backend source address NATing for l4xNat when virtual interfaces are used
[farms] fixed the backend source address NATing for l4xNat when a virtual interface event is performed
[system] set the default rt_tables file in factory reset

SKUDONET 6.1.21 (Enterprise Edition)


[farms] L4xnat: autodetect backend source-address via the routing table

[farms] L4xnat: fixed set route table source as backend address when the route is not applied in the system
[farms] L4xnat: set routing table source instead of floating VIP as backend address
[farms] fixed no update backends status when performing changes of IPDS in a farm
[ipds] fix WAF data files installation path fault
[system] fixed the following vulnerabilities issues:
CVE-2021-3541, CVE-2021-3580, CVE-2021-2154, CVE-2021-2166, CVE-2021-28153, CVE-2021-3537, CVE-2021-31871, CVE-2021-33560, CVE-2020-24977, CVE-2021-25217, CVE-2021-27218, CVE-2021-27219, CVE-2020-24659, CVE-2021-20305, CVE-2021-3516, CVE-2021-3518, CVE-2021-3517, CVE-2021-31873, CVE-2021-31872, CVE-2021-27928, CVE-2021-20232, CVE-2021-31870, CVE-2021-20231

SKUDONET 6.1.20 (Enterprise Edition)


[ssl] add openssl configuration to backup/supportsave

[farms] L4xNAT: fixed enable logs when the nattype is changed
[farms] L4xNAT: fixed log type on DSR and Stateless DNAT L4xNAT Farms
[farms] HTTP profile was returning a non valid URL when WAF resolution is redirect
[farms] HTTP profile returning a non valid URL when WAF resolution is redirect
[system] fixed the following vulnerabilities issues:
CVE-2021-3449, CVE-2021-21309, CVE-2021-3393, CVE-2020-26116, CVE-2019-13952, CVE-2019-20367, CVE-2020-8231, CVE-2020-8169, CVE-2020-8285, CVE-2020-8286, CVE-2020-8177, CVE-2020-8284, CVE-2021-22876, CVE-2021-22890, CVE-2021-25214, CVE-2021-25216, CVE-2021-25215, CVE-2021-3520, CVE-2021-31535

SKUDONET 6.1.19 (Enterprise Edition)


[farms] improve the validation for l4xnat port ranges
[farms] configure ALL protocol when all ports are set
[farms] fix an issue related to virtual port when an l4xnat farm is created
[cluster] stop routes in the backup node when a virtual interface is deleted
[cluster] update the slave routing tables when a new route is added in the master node
[networking] remove from the system all custom routes that depend on an interface when this interface is stopped
[stats] fix extra pending connection calculation getting backend status
[stats] remove the initial undefined backend status
[ipds] WAF configures the “SecRequestBodyLimit” instead of ‘SecRequestBodyNoFilesLimit’
[ipds] set the “variable” parameter of WAF as mandatory
[webgui] show the name of the file when in a WAF rule the operator ‘strPhrasesFromFile’ or ‘ipMatchFromFile’ is set
[webgui] fix some typos
[webgui] fix the “update” action in WAF module
[webgui] remove the protocols: amanda, irc, h323, netbios-ns and sane
[webgui] fix errors in service editing when the service has the string “session”

SKUDONET 6.1.18 (Enterprise Edition)


[cluster] remove azure account after deleting azure cluster configuration

[farms] changed function from checkport to validatePort
[ssl] Letsencryptz forced to use HTTP challenge
[cluster] fixed IP announce in Master node, it is not performed when the backup node is started
[cluster] fixed restart farm on the backup node
[networking] fixed Nonexistent NIC Interface Configuration File is not removed

SKUDONET 6.1.17 (Enterprise Edition)


[cluster] fixed ssyncd daemon listens on all interfaces
[system] fixed sending gratuitous ARP for down Virtual Interfaces
[system] fixed the following vulnerabilities issues:
CVE-2021-23841, CVE-2021-23840, CVE-2019-1551, CVE-2020-8625, CVE-2021-24032, CVE-2021-24031, CVE-2021-23841, CVE-2021-23840, CVE-2019-1551, CVE-2020-8625

SKUDONET 6.1.16 (Enterprise Edition)


[webgui] added priority column for backends in HTTPS farms if proxy new generation is in use
[system] fixed some port check issues configuring farm and management services

SKUDONET 6.1.15 (Enterprise Edition)


New features:
[cluster] added cluster support in Azure

[farms] remove deprecated l4xnat helpers from API

[farms] do not allow auto-updating certbot for letsencryptz
[farms] added checks for VIP, VPORT and protocols for usage in new farms creation
[farms] allow configuring DNS Servers even when no Server is configured yet
[system] fixed the following vulnerabilities issues:

SKUDONET 6.1.14 (Enterprise Edition)


[lslb] add a directive to HTTP farms to control the maximum HTTP body analyzed by the proxy.
[api] validate that the name of the objects won’t be “0”
[api] validate the netmask when an interface is modified
[system] add cron information to supportsave
[stats] get farm established connections from binary instead of conntrack (for HTTP profile)

[proxy] avoid double port appending in location rewrite.
[proxy] update session-id from the response.
[proxy] do not pass the HTTP body to the WAF when the HEAD method is used.
[proxy] reload WAF rulesets if the proxy daemon fails.
[webgui] fixed message of translations module.
[farms] force farms status down in boot time if the process is not running when is set
[farms] modify the VIP of the farms when the interface is modified (VLAN and bonding).
[lslb] confirm proxy is killed when HTTP farm is stopped.
[system] reconfiguring APT if the certificate serial changed when checkupgrades is executed.
[system] modify the Ssyncd binary path.
[stats] some graphs are not created depending on the bonding name.
[networking] failed to get interface status when it is unset.
[networking] DHCP does not start/stop in bonding interfaces
[networking] applying IP routes and IP rules after creating table ID
[rbac] a user without permissions could watch the farm stats and graphs.

SKUDONET 6.1.13 (Enterprise Edition)


[ipds] added the source IP in logs if WAF detects a threat
[farms] accepted none value in l4xnat for disabling persistence
[networking] it is not required to stop slaves from bonding before adding them to the interface
[webgui] homogenized buttons and forms in all the web GUI
[webgui] fixed some forms for routing configuration

[networking] fixed add new IPs and apply routes by netplug when the link is UP
[networking] fixed no check slaves when bringing UP a bonding
[cluster] cluster process is not checked if cluster service is not previously configured
[system] disabled useless SNMP errors in Syslog
[system] systems SKUDONET reload after executing migration scripts
[networking] fixed deleting old rules when a VLAN or bonding is deleted
[system] letsencrypt creates certificates in lower case
[ipds] WAF rules were not ordered properly
[farms] deleted old temporal files in /tmp/ for l4xnat serializer binary
[farms] modified the default value for directive 100-Continue.
[networking] fixed config status when bonding is created
[farms] error returned if the copy farm action fails
[farms] fixed copying a farm if WAF is configured
[networking] fixed error adding IPv6 routing rules
[networking] fixed writing routing rules if the web form field is unset
[networking] configure the NIC in status DOWN if it is added to a bonding
[ipds] fixed issue parsing WAF rules in web GUI view
[networking] Isolated NICs can be configured in the main table
[farms] priority column hidden in HTTP farms when proxy next generation is disabled
[farms] fixed some memory leaks in the l4xnat serializer

SKUDONET 6.1.12 (Enterprise Edition)


[system] updated libmodsecurity library
[cluster] cluster interface and slave interfaces can’t be edited
[networking] skip bonding mac change if it is already configured on the system
[zcli] autocomplete improvements for some calls
[cluster] improved the node replication objects when the cluster node not in MASTER role is reachable again
[webgui] added translation messages

[networking] fixed updating virtual interface mask
[cluster] sync any change in virtual interface
[networking] avoided configuring bonding interface twice starting SKUDONET service
[routing] global route params are used wen route table is listed
[rbac] supported dot in the username field
[farms] farmguardian was not stopped if node entered in the maintenance
[cluster] priority 10 causes Master role on the wrong node
[cluster] disable maintenance on the cluster node could be performed with cluster interface DOWN
[cluster] fixed resync node when a node leaves maintenance mode
[cluster] conntrack sync was not called properly once node entered in MASTER status
[farms] switching proxy ng was not done properly
[farms] avoided running a farm if virtual IP is no UP
[cluster] fixed leaves maintenance mode when a link UP is received
[farms] fixed HTTP(S) header persistence session
[farms] fixed error reloading WAF rules in HTTP(S) profiles

SKUDONET 6.1.11 (Enterprise Edition)


[ipds] added/delete IPs in the blacklist module in batching
[rbac] added more tests to the LDAP connector for bind DN, filter, and bind user
[certs] added a new unknown status if the certificate format is not detected
[webgui] allowed to search a Virtual IP using the field alias in the farm creation
[webgui] graphs for network traffic changes to Gbytes or Tbytes based on the total of bytes received

[cluster] netplug always starts cluster in backup mode discarding maintenance mode
[ssl] fixed issue managing SSL certificates with an unknown format
[ssl] added information if not valid SSL certificate format
[system] fixed issue showing the number of CPU cores if the value is higher than 10
[networking] fixed resetting MACs when a NIC is added/removed of a bonding interface
[system] fixed internet connection check for packages update.
[webgui] added support to DH 2048 in the web server
[farms] fixed error 500 listing GSLB backends
[ssl] removed the key file is a CSR is deleted
[farms] added Alias field when a backend is created
[farms] validate the backend ID before creating sessions
[farms] unset priority for farms if no proxy of the new generation is in use
[farms] fixed issue deleting DSLB farm if the interface used in VIP is down
[farms] update backend priority after backend status change
[webgui] fixed refresh alias if backend changes
[webgui] STS directive is enabled/disabled if HTTPS listener is enabled/disabled without refreshing the view
[webgui] fixed typos in messages for the translation module

SKUDONET 6.1.10 (Enterprise Edition)


[farms] fixed maintenance mode for a backend with multiport
[webgui] improved translation messages
[webgui] change VLAN name to VLAN ID instead
[system] virtual IPs are configured properly if cluster switches in AWS
[cluster] deleted cluster status if the system is rebooted
[networking] fixed Routing tables configuration with DHCP in AWS

SKUDONET 6.1.9 (Enterprise Edition)


[webgui] fixed issue creating modifying Alias for VLANs in bonding interfaces

SKUDONET 6.1.8 (Enterprise Edition)


[system] kernel updates, fixed the following vulnerabilities: CVE-2019-11477, CVE-2019-11478, CVE-2019-11479

[webgui] fixed activation certificate format
[webgui] fixed error disabling/enabling farmguardian
[webgui] factory reset button enabled
[webgui] delete an action if del button in keyboard is pressed for WAF

SKUDONET 6.1.7 (Enterprise Edition)


[ipds] blacklisted IPs now are deleted based in the source instead of the dynamic ID

[farms] fixed deleting dynamic sessions pined to the deleted backend
[farms] fixed ethernet address discovery for IPV4 backend addresses
[webgui] fixed infinite spinner when a delete action is executed
[webgui] fixed updating and adding aliases for all the network interfaces
[system] fixed issue with the licenses in the subscription plans

SKUDONET 5.2.20 (Enterprise Edition)


[farms] improved the l4 load-balanced algorithm for an equal connection sharing

SKUDONET 6.1.6 (Enterprise Edition)


[webgui] added spinner to force changes in proxy of the new generation
[webgui] added messages to the translation module
[ipds] added description to WAF operators

[webgui] fixed table of backend GSLB with spinner and delete actions
[webgui] fixed backends ID in backends table of farms GSLB
[webgui] fixed creating an alias and create interface alias
[webgui] fixed WAF variables used in forms, data is loaded from API
[webgui] fixed error renaming blacklist
[webgui] changed the update method in routing rules
[webgui] fixed creating and updating routing rules
[webgui] fixed the refresh of stats
[webgui] fixed search of WAF variables
[webgui] fixed changing the schedule for a blacklist
[ssl] fixed issues in letsencrypt certificates management renovations
[ipds] fixed copying RBL lists
[lslb] fixed marks assignment for l4xnat backends
[routing] fixed issue modifying priorities of routing rules
[ipds] fixed deleting blacklist of HTTP profile
[zcli] fixed some issues in autocomplete for boolean values

SKUDONET 5.11.1 (Community Edition)


[farms] improve performance saving and loading high number of elements
[farms] fix backend maintenance deletion
[farms] keep backend rules in maintenance mode
[farms] fix sigsegv when there is no backend
[farms] disable static sessions when backend is not available due to priority
[farms] avoid limit per client when configured connection limit per backend
[system] change the path for nft binary

SKUDONET 6.1.5 (Enterprise Edition)


[webgui] improved translation messages
[webgui] added a button to view certificate content
[waf] better message description in each operator and variable
[lslb] warning message is shown if farmguardian is not configured

[lslb] fixed issues connecting to letsencrypt for requesting a new certificate
[system] fixed update packages in the backup node
[lslb] fixed cut mode maintenance behaviour
[lslb] fixed stopping farmguardian in the service name is a number
[lslb] forced to calculate source address for NAT in l4xnat profiles
[lslb] WAF rules were not configured properly if proxyNG was disabled
[lslb] fixed issue in maintenance with drain mode
[lslb] fixed crash when a session was established in a backend in l4xnat
[cluster] fixed issue with the rsa private keys recreating the cluster

SKUDONET 5.11 (Community Edition)


New features:
[system] introduce full management command line interface, named zcli
[api] introduce zapi version 4.0.1 including the new features automation
[farms] introduce L4 DSR session persistence support
[farms] reload the runtime http farm configuration when a change is done in the webgui
[farms] button to copy farms

[system] add more information to supportsave about zproxy process
[farms] allow creating farms with the same networking settings
[farms] faster start of farmguardian
[system] add verbose messages in case supportsave has not been generated properly
[system] updated netcat package used for networking test purpose
[farms] if all ports are balanced then all protocols should be configured by default
[system] improve management of errors

[farms] HTTP profile was not stopped properly
[ssl] some SSL certificates were not moved to the certificate store
[system] do not start SNMP service if it is disabled
[stats] fix an error in HTTP backend stats
[farms] enable a minimum log level for HTTP farms
[system] fix an error dumping sessions information in supportsave
[ssl] load long certificate lists in less than 1 minute
[farms] solved routing rules for sd-wan (dslb)
[system] now SNMP is started after a reboot
[farms] solved connection issues with farmguardian and persistence
[farms] fixed persistence table management in l4xnat
[system] check the networking settings before applying the configuration to avoid error messages in logs
[webgui] optimize certificates table pagination load
[farms] fixed dashboard view for dslb farms
[webgui] allow using the colon in the password field

SKUDONET 6.1.4 (Enterprise Edition)


[system] fix an error in the upgrading process that avoids upgrading the cluster backup node
[api] add the HTTP error code 410 to ZAPI version 3.1

SKUDONET 6.1.3 (Enterprise Edition)


[networking] announce ARP packet when an interface is created (This only applies when ARP announcement is enabled)
[system] allow passwords until 512 characters
[webgui] add warnings message when a bad backend priority configuration could put the farm out of service

[networking] fix an error showing the MAC in virtual interfaces
[networking] fix an error announcing ARP when the cluster is not set
[proxy] the NG proxy is disabled by default
[stats] fix an error in the networking units graphs
[ssl] fix the SSL certificate format
[ipds] improve the system management for DoS rules
[lslb] remove backends sessions before delete or stop a backend
[lslb] fix an error in l4xNAT farms that use backend with a maximum of connections
[lslb] fix an error calculating weight in l4xNAT farms that use least connections algorithm
[lslb] fix an error setting the redirect in HTTP farms
[system] fix an error starting the notification daemon
[system] returns an error when the system fails disabling duplicated networks
[webgui] add some missing messages in the translation module
[webgui] fix an error putting the backend in maintenance mode

SKUDONET 5.2.19 (Enterprise Edition)


[farms] added an internal locking system to l4xnat farms management
[farms] added protection to avoid marks corruption in l4xnat farms

SKUDONET 6.1.2 (Enterprise Edition)


[farms] restart farm is not needed anymore when services are ordered
[webgui] some messages have been fixed for the language module

[farms] HTTP profile was not stopped properly
[ssl] some SSL certificates were not moved to the certificate store
[rbac] check users against LDAP if ZAPI key is used
[networking] allowed to enable/disable duplicated_net flag
[system] do not start SNMP service if it is disabled
[webgui] fixed documentation link for certificates view

SKUDONET 6.1.1 (Enterprise Edition)


[system] add more information to supportsave about zproxy process
[cluster] protect backup from master updates when upgrading the system

[farms] fix the backend routing rules for l4xnat farms
[stats] fix an error in HTTP backend stats
[farms] enable a minimum log level for HTTP farms
[system] fix an error dumping sessions information in supportsave
[rbac] fix an error retrieving the list of expected parameters in adding RBAC user ZAPI request

SKUDONET 6.1 (Enterprise Edition)


New features:
[networking] routing module to manage static routing rules
[webgui] multi Language module
[ipds] WAF rules editor from the web gui
[farms] button to copy farms
[rbac] LDAP connector to authenticate RBAC users
[system] introduce full management command line interface, named zcli
[farms] introduce high performance HTTP and HTTPS load balancing reverse proxy core, named zproxy
[api] introduce zapi version 4.0.1 including the new features automation
[farms] introduce priority algorithm for HTTP profile
[farms] introduce L4 DSR session persistence support

[ipds] blacklist update scheduler optimization
[system] add web gui section for advanced settings: ARP announcement, allow routing subnet duplication, session replication service management
[farms] allow creating farms with the same networking settings

[ipds] set the default action for all WAF phases

SKUDONET 6.0.18 (Enterprise Edition)


[certs] load long certificate lists in less than 1 minute
[gui] optimize certificates table pagination load
[farms] solved routing rules for sd-wan (dslb)
[farms] fixed dashboard view for dslb farms
[system] fixed system checks that are running in Azure

SKUDONET 5.10.1-1 (Community Edition)


New features:
[proxy] add/delete response headers
[proxy] add multi-listener support
[proxy] add support to listener config reload
[proxy] added WAF support (libmodsecurity3, disabled by default)
[proxy] added automatic memory trimmer
[proxy] add backend server priority setting
[proxy] add -R option to reload listener configuration from file

[proxy] add missing extended HTTP verbs
[proxy] add centralized regex manager
[proxy] add listener CTL management support
[proxy] schedule redirect response if backend connection fails
[proxy] do not load balance if only 1 backend is present
[proxy] add better information in logs
[proxy] set static maximum SSL handshake retries
[proxy] added case insensitive comparator to Headers map

[proxy] fixed incomplete response parse continuation
[proxy] fixed Location and Content-Location wrong protocol if RewriteLocation=2
[proxy] fixed crash parsing an HTTPS listener
[proxy] fix session cookie header value parser
[proxy] invalidate sessions if the backend is down
[proxy] fix cookie session-id comparation
[proxy] fix crash on process exit
[proxy] reply err503 on abrupt connection close by the backend
[proxy] fix malformed log data

SKUDONET 6.0.17 (Enterprise Edition)


[cluster] faster cluster configuration process
[farms] faster start in farmguardian
[cluster] updated VRRP cluster service

[farms] fixed memory leaks in session replication service
[cluster] fixed cluster switching to MASTER in both nodes before to any configuration
[farms] farmguardian was started twice per farm
[system] now SNMP is started after a reboot

SKUDONET 6.0.16 (Enterprise Edition)


[webgui] fix cluster web form

SKUDONET 6.0.15 (Enterprise Edition)


New features:
[system] introduce support of AWS cluster support

[system] add verbose messages in case supportsave has not been generated properly
[system] updated netcat package used for networking test purpose

[lslb] fix error deleting SSL certificates in HTTPS farms
[rbac] add check if the user or group already exists in the system
[system] modify binary path for AWS support
[lslb] fix stateless DNAT source MAC translation

SKUDONET 6.0.14 (Enterprise Edition)


[system] enable / disable Arp announcement for VIPs
[farm] new HTTP verbs group with OPTIONS enabled

[networking] disabled check internet connection before to configure APT repository
[cluster] check cluster status every 30 secs
[webgui] allow using the colon in the password field

SKUDONET 6.0.13 (Enterprise Edition)


New features:
[webgui] allowed restart WAF ruleset to apply changes
[webgui] link to farm stats from status icon inside farm edition
[webgui] allow configuring response headers in HTTP farms

[webgui] configure minutes in the range of 30 for scheduling remote blacklist downloads
[webgui] changed some tables behavior, pagination persistence and pages listing to ALL
[ipds] added blacklists download queuing
[farms] added OPTIONS verbs to the default verbs in HTTP profiles
[cluster] register farms in ssyncd only if persistence is enabled
[farms] if all ports are balanced then all protocols should be configured by default

[webgui] solved typos to destroy a cluster
[webgui] fix changing the password from RBAC Users
[webgui] fix typo in virtual interface tag
[webgui] solved typo verbs in HTTP farms
[farms] solved connection issues with farmguardian and persistence
[cluster] solved memory leaks with ssyncd
[cluster] fix ssyncd farm registration issues
[farms] fixed persistence table management in l4xnat
[system] fixed issue updating packages with proxy configured

SKUDONET 5.2.18 (Enterprise Edition)


[farms] add an option to allow the ‘options’ HTTP verb with the ‘extended HTTP requests’ set of verbs

[networking] set the default gateway in the boot although certificate is expired
[stats] fix an error showing the l4xnat stats in multiport farms

SKUDONET 5.10.1 (Community Edition)


[webgui] restart notice message after HTTPS changed parameters

[farms] fix path in HTTP template file
[farms] force protocol to ALL when all ports are selected in l4xnat farms
[farms] fix an error modifying https ciphers
[guardian] fix an error copying a farmguardian
[farms] fixed deleting backend ports
[webgui] the webgui actions are translated
[webgui] fix the behavior of javascript messages
[proxy] ssl connections management bugfixes and cleanups
[proxy] fixed redirect behaviour
[proxy] fixed pinning behaviour with SSL protocol
[proxy] fixed URL matcher
[proxy] assign new backend if a timeout is reached
[proxy] assign different backend if session information is not found

SKUDONET 6.0.12 (Enterprise Edition)


[cluster] added mutex to cluster events change roles
[system] unlimited number of threads per PID

[farms] farmguardian stops suddenly after starting

SKUDONET 5.10 (Community Edition)


New features:
[farms] add persistence between clients and backends using hashes depending on “ip”, “port”, “mac”, “source ip and source port” or “source ip and destination port”
[farms] add option to l4xnat to set the port
[farms] add nat type based on stateless dnat
[webgui] add module to translate the webgui to a different language
[webgui] show the session tables for l4xnat farms
[webgui] retrieve the parameter list accepted by the API for a call when it is called without parameters (POST and PUT methods)

[farms] remove and modify backends using the nft mark
[farms] apply deterministic order to farm listings (sorting alphabetically). Pull request from the github user brudo, by William Bruce Dodson
[farms] do not control Access-Control-Allow_Origin header when the request is using the zapi key
[farms] disable the HTTP parameter “ECDHCurve” by default
[farms] add check to avoid port collision with l4xnat farms
[farms] lock HTTP farm config file while a service it is being modified
[farms] create a dummyTable to start the nf_conntrack module
[farmguardian] add checks for “sip” and “redis”
[system] restart web server when SKUDONET is restarted
[system] set the binaries path in the global.conf file
[system] update system dependencies
[system] expand error message
[system] remove the zlb-stop and zlb-start files from the package and set them as templates
[system] postinst refactoring
[system] apply perltidy to code files
[system] move logic from API to the library
[system] remove completely iptables code and dependencies
[system] export global.conf to bash scripts
[system] set all log tags in lower case
[system] check the uploaded backups before that stores it
[system] change restart services for reloading them in cron tasks
[system] move profiling logs to debug level 5
[system] add more system information to supportsave
[api] log the JSON input parameters
[api] standardizer API calls for copying actions
[api] improve the validation of the parameters
[api] refactoring for farm module
[api] returns an error if a sent parameter was not expected for the call
[api] created a new call for getting system information
[cluster] move the local configuration to a local directory
[networking] add arp announce feature after any IP configuration
[networking] masquerade traffic towards the backend with the parent interface of the vip

[system] fix an error of looping when a backup is applied
[system] omitting commented routing tables in supportsave
[system] fix typo in output message and logs
[system] nftables is not printed in supportsave
[system] fix the regex for SNMP community and SNMP name parameters
[system] global.conf did not parse the variables with “update” tag
[farms] error returning the ciphers parameter in HTTP farms
[farms] error modifying the custom security ciphers parameter in HTTP farms
[farms] missing farmguardian parameter in the HTTP farm
[farms] solved a bug when parsing the file to add the backend in HTTP farm if the service has the same name as the farm
[farms] fix helpers protocols for l4xnat farms
[farms] force all protocol when setting all ports in l4xnat farms
[farms] fix loading helpers for natting
[farms] fix duplicated rules when the protocol is “all” in l4xnat.
[farms] solved corruption of pound file when enabling TLS/SSL in HTTPS and it was already enabled
[farms] fix the tag and mark generation per backend
[farms] do not allow the ‘prio’ algorithm parameter for l4xnat
[farms] avoid flushing the entire ruleset
[farms] l4xnat farm stats does not return any backend if the farm is down
[farms] returns the backend down if the status is config_error
[farms] fix an error in l4xnat stats with “snat”
[farms] assuring that nftlb is stopped when performing a stop
[farms] avoid the use of Expect in the curl request that can produce recv blocking
[farms] remove regexp for HTTP redirect in HTTP farms
[farmguardian] SKUDONET service script was not calling to farmguardian start
[certificates] error in the certificate parameter ‘issuer’
[networking] group the routing rules by type
[networking] reload routing rules when a farm or interface is modified
[networking] fix an error setting an interface that was in the down interface
[networking] allow creating VLAN without gateway
[networking] solved bug when deleting a VIP
[networking] solved error unsetting a nic that was not applied in the system
[networking] create the nic config file if it does not exist
[networking] improved ipv4 regexp
[networking] do not allow to modify the interface used for management services (HTTP and SSH)
[system] applying backup returns success on failure
[api] change error code 400 for 404 when the certificate is not found
[api] API returns an error when it receives an array or a hash in the JSON parameter and it is not expected

SKUDONET 6.0.11 (Enterprise Edition)


[networking] fix routes for interface with same subnet
[webgui] keep the backends pagination after refresh
[checks] updated SKUDONET health checks

[farms] fix backend check when backend port is empty
[stats] fix regular expression to show real traffic statistics
[webgui] fix show the first backend in the table
[waf] conditions for a ruleset were not shown properly
[system] fix per backend connection limit kernel race

SKUDONET 6.0.10 (Enterprise Edition)


[networking] prioritized networking route rules
[farms] fix shown l4xnat backends status in maintenance mode

SKUDONET 5.2.17 (Enterprise Edition)


[farms] fix virtual-host regexp matching for HTTP/S farms

SKUDONET 6.0.9 (Enterprise Edition)


[farms] support of output network interface per backend

[farms] fix modify and delete GSLB resources
[farms] fix l4xnat masquerading
[farms] support of stateless dnat for direct client connections
[gui] fix GSLB resources id management

SKUDONET 6.0.8 (Enterprise Edition)


[networking] routing rules prioritized
[networking] fix supportsave storing l4xnat rules via web gui
[ipds] fix code error in IPDS first load

SKUDONET 6.0.7 (Enterprise Edition)


[ipds] fix ipds directory structure creation during installation
[farms] force masquerade IP nat when interface is set up/down
[system] fix GPG APT key addition for offline updates
[gui] fix menu display issue due to icons hidden layers

SKUDONET 6.0.6 (Enterprise Edition)


New features:
[gui] show network interface aliases in the dashboard

[api] detailed activation error messages
[networking] support of masquerading interfaces in the same subnet

[gui] fix remote blacklists update schedule
[gui] fix analytics call with undefined parameters
[gui] fix typo in field of HTTP verbs accepted
[ipds] improve the validation check for blacklist inputs
[ipds] fix ciphers output parameter in HTTP farm

SKUDONET 6.0.5 (Enterprise Edition)


New features:
[system] added support for offline updates
[farms] support of source natting per backend in different subnets

[ipds] optimize loading of blacklists
[ipds] support of overlapped IP ranges in blacklists
[ipds] unload blacklists if they are not in use
[ipds] remove SSH Brute force rule
[api] ability to configure AES Cyphers even if the hardware doesn’t support it

[cluster] solved memory leak in session sync daemon
[cluster] improved the tcp close connection management for service sync daemon
[farms] fix backend priority in l4xnat
[networking] fixed MAC address with incorrect value in eth0
[networking] virtual interfaces with name 0 were not started/stopped properly

SKUDONET 5.2.16 (Enterprise Edition)


[networking] virtual interfaces with name 0 were not started/stopped properly
[cluster] solved memory leak in session sync daemon
[cluster] improved the tcp close connection management for service sync daemon

SKUDONET 6.0.4 (Enterprise Edition)


New features:
[system] migration from SKUDONET 5 to 6

[cluster] nodes reconnection improvement
[system] LTS Kernel upgrade
[farms] support of source address per backend
[ipds] improved IPDS logging

[ipds] solved issue deleting remote blacklists
[system] solved netplugd issue changing default gw by mistake
[networking] modified expression to identify a Virtual Interface in the boot process
[ipds] solved blacklist deletion
[ipds] IPDS was not started properly at boot time
[farms] solved issue in the l4xnat config files generation
[farms] check if a port collision exists with l4 farms
[farms] fix backend priority in l4xnat
[system] local http config is needed to renew certificates for let’s encrypt
[cluster] fix memory leak when persistence is not enabled in a farm

SKUDONET 5.9.3 (Community Edition)


[farms] stop properly the l4xnat daemon when SKUDONET service is stopped or restarted. This error affects l4 farms running in a cluster

SKUDONET 6.0.3 (Enterprise Edition)


New features:
[ssl] let’s encrypt support

[farms] add an option to disable TLS v1.3 in the HTTP farms config file
[system] add more information to supportsave

[farms] enable automatic ECDH curve selection if no ECDHCurve parameter is set
[farms] fix an error showing the value of the maximum connection for backend, in L4xnat farms
[farms] fix an error showing the farmguardian in HTTP farms
[farms] fix an error modifying the custom security ciphers in HTTP farms

SKUDONET 6.0.2 (Enterprise Edition)


[networking] Bonding interfaces restore their default mac address when the MAC field is empty
[networking] Created a wrapper to store default bonding mac address

[farms] fix SNI forward to backend
[system] APT configuration is checked daily and re-configured if required
[api] Fixed error 500 listing HTTP backends in API v3
[farms] fix backend aliases list for HTTP services
[system] Avoid to loop CA crl downloads without an Internet connection

SKUDONET 6.0.1 (Enterprise Edition)


New features:
[networking] support of custom script execution after configuring any route in a given interface

[api] return the SKUDONET version in the session response
[system] avoid connections and cluster annoying messages in the logs
[networking] bonding will restore its default MAC address when the MAC field is empty
[networking] default MAC is stored for future restoring
[cluster] increased detailed information in web GUI cluster section

[ipds] fix WAF parse failed when the parameter was between quotes
[networking] fix DHCP config overwriting errors after disabling/enabling the service
[networking] fix static IP configuration is not configured properly after disabling DHCP
[system] execute the web server stop/start action in the background
[networking] fix solved routes were not being added if the interface was configured in UP status
[networking] fix deleted routing table inputs when bondings are unset
[networking] fix bonding status lost when unsetting the interface
[rbac] fix RBAC module mutex
[system] make SNMP community string less strict
[api] fix error 500 listing HTTP backends in API v3
[farms] fix backend alias not listed in HTTP services
[system] avoid enqueueing curl commands for license checking
[farms] fix error configuring HTTP redirect code
[system] set a token to block i-notify while the IPDS package is being updated
[farms] added less strict param for gslb which allows using check_icmp
[gui] fix left side menu was not shown properly in some Chrome versions

SKUDONET 5.2.15 (Enterprise Edition)


New features:
[networking] added support to run a script after routing config in a given interface

SKUDONET 6.0 (Enterprise Edition)


New features:
[farms] direct server return DSR support for L4
[farms] stateless NAT support for L4
[farms] L4 core with round-robin algorithm
[farms] L4 core with IP and port hashing for both destination or source
[farms] L4 core with support of new protocols: SCTP, netbios, snmp, h323, pptp, irc, sane, amanda
[farms] L4 core with configurable persistence per source and destination IP, port or even MAC
[farms] websocket support for HTTP/S
[farms] support of OpenSSL 1.1 for HTTP/S (TLS 1.3)
[system] latest kernel 4.19 with Long Term Support (LTS)
[system] spectre and meltdown mitigations included by default
[system] integration with APT remote repositories by default
[ipds] web application firewall for HTTP/S
[webgui] new web GUI based on Angular 6
[networking] full support of DHCP
[networking] MAC address custom configuration
[rbac] dynamic menu configuration based on RBAC user permissions
[system] added factory reset

[farms] new L4 core system based on nftables
[ipds] optimized security rules based on nftables
[cluster] clustering based on nftables
[api] optimization and refactoring of the API calls
[networking] improve network link management
[guardian] more integrated advanced health checks

SKUDONET 5.2.14 (Enterprise Edition)


[networking] force ARP announcement after any IP configuration

[networking] fix issue changing IP of one already configured alias
[farms] replace backend check port with the VIP port if this value is not defined

SKUDONET 5.9.2 (Community Edition)


[system] remove dependencies with xtable-addons packages

SKUDONET 5.2.13 (Enterprise Edition)


[guardian] add a farm guardian check for monitoring SIP services
[webgui] change of farm guardian configuration in GSLB farms
[system] added Kernel Support for Amazon Web Services
[system] ssh service is started even if the certificate is not OK.
[system] start SKUDONET Service as soon as a valid certificate is updated

[ipds] solved an issue downloading the scheduled remote lists
[guardian] farm guardian is not linked properly with GSLB farms
[webgui] responsive graphs in the dashboard for Mozilla
[certs] hyphens and dots are not allowed in the CSR section.
[ipds] update remote lists process was not downloading remote URLs.
[guardian] reserved strings are not modified in one match is already executed.

SKUDONET 5.2.12 (Enterprise Edition)


New features:
[guardian] redis health check is supported natively

[farms] L4xnat stats were not generated properly for farms with the same backend configured twice

SKUDONET 5.2.11 (Enterprise Edition)


New features:
[system] add support of SKUDONET subscriptions package

[system] solved issue restarting the web server

SKUDONET 5.2.10 (Enterprise Edition)


[farms] duplicated rules for l4xnat when the configured protocol is ALL
[system] activation certificate was requested even if it was properly upgraded

SKUDONET 5.9.1 (Community Edition)


[guardian] farmguardian did not start after restart SKUDONET service
[farms] fix master node switching restarting SKUDONET service

SKUDONET 5.9 (Community Edition)


New features:
[networking] IPv6 support
[system] 64 bits support
[farms] new L4xNAT core based on nftables and nftlb
[farms] add L4xNAT direct server return support
[gui] new WebGUI with Angular6 based in ngx-admin template
[api] new SKUDONET API 4.0

[system] fix security issues Spectre and Meltdown
[system] kernel update (Debian Buster)
[system] improved support for hypervisors
[system] improved code refactoring

SKUDONET 5.2.9 (Enterprise Edition)


[farms] HTTP farms couldn’t be started because of new use of an HTTP proxy dependency

SKUDONET 5.2.8 (Enterprise Edition)


[system] add proxy support for packaging updates through Internet

[farms] fix leastconns traffic to down backends
[farms] fix HTTP traffic forwarding when cookie insertion was enabled
[guardian] fix farm guardian doesn’t start up properly
[webgui] fix farm guardian processes were killed if the web GUI was stopped
[webgui] fix memory leaks in the web GUI server
[webgui] a different network interface can be configured if the cluster is enabled.

SKUDONET 5.2.7 (Enterprise Edition)


[farms] add multiprotocol and multiport support for SIP
[ssl] not allowed to update the license certificate if it is not valid
[system] kernel update to solve several vulnerabilities (Spectre and Meltdown)

[farms] fix backend in maintenance used with the priority algorithm
[farms] solved issue changing TCP to UDP protocol
[farms] modify the virtual port value to * if multiprotocol is configured
[api] latest character was deleted for the hostname
[farms] fixed issues creating load balancing rules for protocol with helpers

SKUDONET 5.0.2 (Community Edition)


[ssl] update the HIGH cipher string

[farms] error modifying the SSL HTTPS certificate
[ssl] error uploading a SSL certificate
[ssl] set the custom cipher string properly

SKUDONET 5.2.6 (Enterprise Edition)


[farms] services in HTTP farm show redirect value even when it isn’t configured
[system] check internet connectivity and proxy usage

SKUDONET 5.2.5 (Enterprise Edition)


[farms] fix l4 switching to ALL protocols
[farms] removed not needed ports for helpers in l4xnat
[farms] fix sip load balancing with NAT and ALL protocols
[farms] fix rules deleting backends in l4 farms
[farms] force to use TCP and UDP protocols for SIP
[farms] disable force to dnat in SIP configurations
[gui] disable port configuration for SIP protocol
[gui] disabled configure port if SIP or ALL protocols is enabled.

SKUDONET 5.2.4 (Enterprise Edition)


New features:
[system] ability to configure a http/s proxy for outbound connections
[farms] multiport support for FTP, TFTP and SIP protocols

[farms] set STS Timeout by default after disabling the STS Header
[farms] fix FTP, TFTP and SIP loading protocols
[stats] fix FTP and TFTP stat connections
[ipds] limit blaklists name length
[ipds] fix blacklist cron scheduler getting remote lists

SKUDONET 5.2.3 (Enterprise Edition)


[webgui] improved behavior of search boxes
[webgui] favicon with dark themes in browsers
[syslog] remove depuration messages

[networking] bring up NIC interface when it does not have link
[rbac] modify RBAC user without a new password
[rbac] modify RBAC user without group permissions
[cluster] drop incoming traffic on virtual interfaces with IPv6 in the backup node
[guardian] fix typos in farmguardian templates
[networking] fix bonding interfaces route tables
[farms] GSLB vip status shows critical in the backup node
[guardian] fix farmguardian migration script
[farms] fix error 500 creating GSLB farms
[farms] GSLB statistics does not work in the backup node
[cluster] cluster does not replicate new GSLB farms properly
[networking] fix startup interfaces configuration without an activation certificate
[farms] fix least connections port aware per backend
[system] fix error deleting the activation certificate
[networking] show interface aliases

SKUDONET 5.0.1 (Community Edition)


[farms] Locking system for http configuration files
[networking] Add a check to verify the virtual IP when starting a farm

[stats] L4xNAT statistics does not show backends list
[stats] HTTP does not show the virtual interfaces stats
[farms] Fix L4xNAT farms and datalink renaming
[farms] Allow character ‘_’ for HTTP service names
[networking] Run virtual interfaces in the start process
[certificates] Fix the load of certificate field ‘Issuer’
[supportsave] Don’t use arptables to resolve IPs
[farms] Remove critical status in HTTP farms when a redirect configured
[farms] Allow setting the backend parameter ‘port’ as blank
[farms] Modifying a L4xNAT farm returns error sometimes
[services] Error parsing the file ‘resolve.conf’
[farms] Use a more restrictive regular expression to get farm file name

SKUDONET 5.2.2 (Enterprise Edition)


[rbac] Added two new preconfigured roles to be used in this module: management to allow to stop / start backend, and monitoring to allow to read information about system and farms

[rbac] Fix aliases are shown in the backends table even when user doesn’t have permissions to view this information
[alias] Fix aliases can be modified without permissions
[certificates] Fix search and upload actions break the SSL certificates table if some certificate has a CN field empty

SKUDONET 5.2.1 (Enterprise Edition)


New features:
[rbac] Roles templates added

[syslog] Log the error output when a command fails
[rbac] Allow more characters for RBAC: users, groups and roles
[rbac] Add RBAC information to supportsave

[guardian] Fix typo in farmguardian templates
[guardian] Migrate farmguardian of farms to new farmguardian check
[zenbui] Fix Zenbui symbolic link
[farms] The parameter “Log” in l4xnat farm returns blank sometimes
[rbac] Creating system user and system group needed for RBAC
[notifications] Notifications is enabled by default
[guardian] Run farmguardian in SKUDONET start process

SKUDONET 5.2 (Enterprise Edition)


New features:
[farms] Option to enable traffic logs for LSLB, DSLB, GSLB and the connection tracking
[farms] Support of aliases for backends
[networking] Support for aliases per NIC, bonding, VLANs and virtual interfaces.
[system] Role-Based Access Control (RBAC) to define new users, groups and permissions to actions in the system
[api] API 3.2 to manage all the new features
[networking] IPv6 Support for NICs, VLANs, Virtual Interfaces, Bonding and routing
[farms] IPv6 Support for HTTP and L4xNAT farms

[guardian] Improve of usability with several built-in health checks
[farms] More descriptive error messages for HTTP/S farms
[farms] Configurable redirect code for HTTP/S farms
[farms] Backend servers disabled if redirect is used for HTTP/S farms
[farms] Configurable Strict Transport Security header by service in HTTP/S farms
[farms] Improve of session table stats for LSLB farms
[system] Improve of message logs to syslog
[networking] Validation of network configurations
[networking] Automated virtual services configuration when modifying the network configuration
[networking] Real time networking packets/throughput stats per second

SKUDONET 5.1.11 (Enterprise Edition)


[cluster] When cluster switches to BACKUP, the system never come back to MASTER

SKUDONET 5.1.10 (Enterprise Edition)


[farms] It is not possible to create http(s) services after moving some service

SKUDONET 5.1.9 (Enterprise Edition)


[ipds] included more parameters to check before starting a IPDS
[ssl] better input validation in CSR for organization and locality fields

[networking] solved issue stopping and starting bonding interfaces
[networking] ensure that bonding interfaces have a defined IP address before starting
[stats] fix established connections when the farm is not in UP status
[api] fix activation certificate status response
[guardian] update farmguardian statuses after a cluster switch
[farms] fix VIP verification after starting a farm


SKUDONET 5.1.8 (Enterprise Edition)


[webgui] load HTTP profile parameters faster

[farms] fix concurrent changes in HTTP(S) configuration files

SKUDONET 5.1.7 (Enterprise Edition)


[webgui] changed datetime format to allow ordering in table views
[farms] http(s) farm is marked in status UP when only a redirect is configured
[system] better and faster information gathering for supportsaves

[farms] solved issue modifying datalink farm names
[networking] solved issue modifying floating IPs
[system] solved DNS section parsing configuration file content
[farms] solved issue re-ordering services in http farms
[ipds] blacklist rules were not properly configured in GSLB farms
[farms] solved issue creating a l4 farm, API responds a 400 code instead of 200
[ssl] solved issue parsing “Issuer” field in certificates
[farms] parameter 100continue is not properly modified in http(s) farms

SKUDONET 5.1.6 (Enterprise Edition)


[networking] Run virtual interfaces in start process

SKUDONET 5.1.5 (Enterprise Edition)


[farms] Error detected when l4xnat farm parameters are listed

SKUDONET 5.1.4 (Enterprise Edition)


[gui] Faster loading of LSLB farms list
[gui] Faster loading of http[s] farms services
[system] Better logs description for http proxy

[networking] Configure network if the certificate is temporary or doesn’t exist
[system] Avoid to backup corrupt configuration files

SKUDONET 5.0 (Community Edition)


New features:
[gui] A new web GUI frontend in Angular
[api] New API JSON+REST capabilities for processes automation
[networking] New networking section for a better management and configuration of interfaces
[farms] New LSLB module (Local Service Load Balancer) which manages both L4xNAT and HTTP/S profiles
[farms] Two different maintenance modes (cut and drain) for HTTP[S] and L4xNAT profiles
[farms] Improved HTTPS profile with new options to Enable / Disable SSL/TLS protocols
[farms] Max number of connections by backend server in L4xNAT profile
[farms] New DSLB module (Datalink Service Load Balancing) which manages uplinks and inbound LB
[farms] New farms status (UP, DOWN, Critical and Problem)
[farms] New backends Status (UP, DOWN, Maintenance and Undefined)

[system] Faster response based on REST API
[gui] Improved look and UX
[system] Enhanced logs management
[support] Support save options for better troubleshooting and support
[system] Linux Kernel based in a common Debian Stretch
[system] Easier upgrade by modules and transitions to Enterprise
[system] Improved the backup and recovery procedure

SKUDONET 5.1.3 (Enterprise Edition)


[farms] Issue solved enabling / disabling HTTPS backends checkbox
[farms] Solved segmentation fault in HTTP farms with session replication daemon ssyncd and cookie insertion
[system] Checks if an IP exists in any interface

SKUDONET 5.1.2 (Enterprise Edition)


[webgui] Not allowed to enter weight values higher than 9 for l4xnat profiles
[guardian] Some farmguardian health checks were not stopped properly
[cluster] Zeninotify was not started after a cluster switch

SKUDONET 5.1.1 (Enterprise Edition)


[system] New backup procedure to save the configuration
[system] Set a default SSL certificate for web GUI and API to 2048bits
[api] Added HTTP Headers for API calls to avoid content cache in browsers
[farms] Configurable redirect HTTP codes
[farms] Speed optimization to load SSL SNI certificates list
[gui] Activation certificates expiration notifier

[cluster] Leave maintenance mode properly in 3000 and 4000 series
[ipds] Solved some bugs related to RBL rules assignment to farms
[gui] Allowed searches in CN column for Certificates Lists

SKUDONET 5.1 (Enterprise Edition)


New features:
[farms] SSL hardware offloading support for HTTPS farms
[farms] new status for VIPs and backends in farm profiles
[farms] new maintenance status (drained and cut)
[cluster] real time sessions table replication for all layers
[ipds] new system rules for threats protection
[ipds] new rule RBL (real time black-hole list)
[system] logs line reader through web GUI

[farms] option to enable or disable different SSL protocols
[farms] reload datalink farms
[farms] better log description in HTTP profiles
[api] API v3.1 better performance and resource usage
[gui] improved the rules assignment to farms and web views
[notifications] encrypt email password to enhance security
[system] ssh and web services automatic reload
[gui] enable web GUI compression
[networking] show virtual interface name in Floating IPs section
[ipds] enable or disable security rules for a farm

SKUDONET 5.0.11 (Enterprise Edition)


[cluster] Maintenance mode not working in the backup node
[farms] Improved regular expression patterns for http stats when the service include certain private words
[farms] l4xnat profile is not configuring lb rules properly for the first l4xnat farm

SKUDONET 5.0.10 (Enterprise Edition)


[lslb] Farmguardian was not disabled in Backup node

[networking] VLAN was not started after to configure if NIC was not configured
[lslb] Allowed to add many ssl certificates without breaking the config file
[ipds] Some Dos rules were not applied to http farms
[lslb] Added support to concurrency in netfilter rules for rules modification
[networking] Route rules are not applied until Link is detected in UP mode
[networking] Fixed null response detecting a parent interface of a virtual interface
[lslb] Apply connmark rules before farm rules when farm starts

SKUDONET 5.0.9 (Enterprise Edition)


[ipds] IPDS rule was unset for the farms if the rule was renamed
[gui] Changed the error message when the activation certificate is wrong
[gslb] Not allowed two services with the same ID anymore
[ipds] Disabled blacklists rule from system when SKUDONET process stops
[lslb] Change to least conns in l4xnat profile returned an error
[cluster] Zeninotify is not stopped when cluster node is in maintenance
[cluster] ARP responses were not disabled when cluster is in maintenance
[gslb] Sync a GSLB config directory to BACKUP node in creation time
[ipds] Not allow to create IPDS rules with the reserved name ‘rule’
[farms] Set and unset wildcard certificates in HTTPS farms
[ipds] SSH brute force rule were loaded twice in system at SKUDONET first start
[lslb] Allowed DNAT mode for SIP protocol in l4xnat profiles
[net] Default GW was deleted for table main if GW for local table was deleted

[system] Stats Block has been deleted from conntrackd configuration file
[system] make selectable the kind of ARP announcement packets
[ipds] Fit the maximum number of sources for a blacklist
[cluster] Added a cluster exception to IPDS module in order to avoid to block cluster IPs

SKUDONET 4.0.4 (Community Edition)


[users] Password change failed if some special characters are used in the password string
[farms] Solved compilation errors with SIP configuration in L4xNAT farms
[farms] Deleted connection tracking for UDP protocol if backend is configured in maintenance mode

[gui] New section “About” > “SKUDONET LB Version” in menu
[iso] New SKUDONET CE ISO 4.0.4 generated in sourceforge
[apt] New SKUDONET CE package 4.0.4 generated in repository

SKUDONET 5.0.8 (Enterprise Edition)


[farms] solved issue in GSLB farms, allowed RData values in MX inputs
[farms]Updated farmguardian port checks in gslb farm when default tcp port health check is changed
[certificates] Fixed parse issue for certificate information

SKUDONET 5.0.7 (Enterprise Edition)


[farms] Allow modifying values for cookie insertion once this option is enabled
[cluster] Conntrackd 1.4 or higher integrated with systemd
[sys] Added expect package as dependency
[sys] Configuration directory is replicated recursively

SKUDONET 5.0.6 (Enterprise Edition)


New features:
[farms] Added max conns limit per backend server in l4xnat profiles

[farms] migration process from tcp to l4xnat profiles bugfix
[farms] flush udp flows from conntrack table bugfix
[guardian] farmguardian should not be executed if the farm is down
[ipds] ssh brute force protection port is shown in the web gui
[guardian] farmguardian file status for http profiles bugfix
[snmp] snmp doesn’t start automatically after a reboot
[ipds] delete standard error and output error in the startup blacklist process

SKUDONET 5.0.5 (Enterprise Edition)


[system] Applied some tuned kernel parameters from systemctl
[farms] Traffic between VIP and backends is forwarded locally instead of sending to gateway
[guardian] Improved farmguardian output messages.

SKUDONET 5.0.4 (Enterprise Edition)


[system] Increased information captured in supportsave
[system] Do not log more bonding warning messages

[gui] Fix minor bugs related with stats view
[gui] List all used ssl certificates in a running HTTPS farms
[gui] List all available interfaces when edit / create a farm
[farms] Modified logs related to farmguardian when an error is detected
[farms] Least connections algorithm doesn’t detect configured backends
[system] SSH never starts if ssh service is configured in a given IP instead of all IPs
[farms] Kernel modules for sip, ftp or tftp were not loaded properly
[farms] Services Not renamed properly when service name includes farm name string
[farms] Reset UDP packets tracking when any config change is done
[stats] Disabled pending connections information for UDP protocol
[stats] Bugfix in HTTP farms established connections for backends
[farms] Fixed disabling l4xnat IP persistence

SKUDONET 5.0.3 (Enterprise Edition)


[support] Include system and cluster details for better analysis in supportsave
[gui] Add test notification button for email notification method
[gui] Add update button when editing remote blacklist
[gui] Change update buttons to updating… when clicked

[ipds] Load blacklist when applied to a farm only if the farm is running
[farms] Allow to create several resources with same name in GSLB farms
[cluster] Fix cluster in 3000 series appliances
[gui] Do not require password in email notification method
[gui] Do not allow setting a port in L4xNAT farms when balancing all protocols
[gui] Notify after updating when the port or IP address has been changed
[gui] Fix URL when the GUI HTTP port is changed
[gui] Fix error message on some request failures
[gui] Some GUI style fixes

Download Skudonet ADC Load Balancer
Community Edition

Source Code

A versatile and installable ADC system designed for diverse vendor hardware.


Installable ISO 

Load Balancing as a Service alongside an ADC orchestration toolkit.

Download Community Edition

Download Community Edition

“We manage the information you provide with the sole aim of assisting with your requests or queries in regards to our products or services; applying the computer and security procedures to ensure its protection. Your data can be rectified or removed upon request but won’t be offered to any third parties, unless we are legally required to do so.” Responsible: SKUDONET SL -