SKUDONET 7.0.1 (Community Edition)

25 September, 2023

Improvements:
[iso] Debian Bookworm Official Repositories are added in the Installation
[ssl] Letsencrypt: avoid creating Let’s Encrypt sequential directories on renew action

SKUDONET 7.0.0 (Community Edition)

4 September, 2023

New features:
[system] new Operating system based on Debian 12 Bookworm
[system] new Kernel 6.1 with support for new Network interface models
[system] UEFI support for the Operating System Installation

Improvements:
[gui] new brand from ZEVENET to SKUDONET
[farms] changed HTTP(S) binary from zproxy to pound, stable and robust

ZEVENET 6.2.25 (Enterprise Edition)

14 June, 2023

Improvements:
[cluster] Improved ssyncd daemon logging
[farm] Allow set Alive parameter lower than ConnTO parameter when new generation proxy is disabled
[system] Improved logging when installing new ZEVENET packages
[system] Added ipv6 routing info in Supportsave

Bugfixes:
[cluster] Fixed sessions synchronization in HTTP farm with several services using persistence
[ssl] Fixed creating an existent Let’s Encrypt certificate
[routing] Fixed configure default IPv6 gateway
[farms] Fixed creating farms using IPv6 in VIP
[system] Fixed the following vulnerability issues:
CVE-2022-47015, CVE-2021-38185, CVE-2019-14866, CVE-2023-0466, CVE-2023-0465, CVE-2023-2650, CVE-2023-0464, CVE-2022-4141, CVE-2023-0054, CVE-2023-2610 and CVE-2023-1175

ZEVENET 5.13.4 (Community Edition)

9 June, 2023

Improvements:
[lslb] Avoid duplicating backends with the same IP and port
[proxy] Improved Err directives in the configuration file
[proxy] Code optimization
[proxy] Disallow broadcast IPs for backends

Bugfixes:
[lslb] Fixed start HTTP Farm when the process is running but PID file does not exist
[lslb] Fixed error in the farm config file when adding persistence
[proxy] Fix memory leaks on service unification
[proxy] Fix PARM type persistence
[proxy] Fix possible segmentation fault in Sessions CTL calls

ZEVENET 6.2.24 (Enterprise Edition)

30 May, 2023

Improvements:
[ipds] Improved the WAF Assistant management

Bugfixes:
[webgui] fixed Let’s Encrypt validate domains
[ipds] fixed Ruleset WAF status management
[cluster] fixed conntrack state initial synchronization
[system] fixed the following vulnerability issues:
CVE-2015-20107, CVE-2021-3177, CVE-2019-20907, CVE-2021-3737, CVE-2019-1010238, CVE-2020-8492, CVE-2022-45061 and CVE-2021-3733

ZEVENET 6.2.23 (Enterprise Edition)

15 May, 2023

Improvements:
[guardian] added Priority feature to farmguardian checks

Bugfixes:
[proxy] fixed recovery process handling

ZEVENET 6.2.22 (Enterprise Edition)

9 May, 2023

Improvements:
[system] added file descriptors in Supportsave

Bugfixes:
[cluster] fixed AWS cluster management account
[farm] fixed match proxy process running and PID file in system
[proxy] fixed X-Forwarded-For header management
[system] fixed the following vulnerability issues:
CVE-2023-26604, CVE-2023-28856, CVE-2023-29469 and CVE-2023-28484

ZEVENET 5.13.3 (Community Edition)

21 April, 2023

Improvements:
[system] certificates are not included in Supportsave by default
[proxy] fixed some memory leaks
[proxy] added session synchronization CTL API call
[proxy] minor optimizations
[proxy] sessions table optimization

Bugfixes:
[api] fixed LSLB farm sessions output.
[proxy] fixed backend pending connections stats
[proxy] fixed SSL/TLS options
[proxy] minor fixes

ZEVENET 5.13.2 (Community Edition)

31 March, 2023

Improvements:
[ssl] LetsencryptZ: restore the farm when a certificate renewal is finished by a timeout
[system] added file descriptors info in supportsave

Bugfixes:
[proxy] fixed chunked transfer encoding
[proxy] fixed websocket protocol
[api] fixed create copy from farm action
[api] fixed farm status calculation in backend actions
[api] fixed modify persistence TTL in HTTP farms

ZEVENET 6.2.21 (Enterprise Edition)

22 March, 2023

Bugfixes:
[ssl] LetsencryptZ: restore the farm when a certificate renewal is finished by a timeout
[cluster] fixed error in sync action when deleting files is performed at the same time
[system] fixed the following vulnerability issue:
CVE-2023-25136, CVE-2012-1151, CVE-2020-8991, CVE-2010-1161, CVE-2019-17595, CVE-2019-17595, CVE-2014-0479, CVE-2022-45873, CVE-2022-36021, CVE-2019-20454, CVE-2022-1587 and CVE-2022-1586

ZEVENET 5.13.1 (Community Edition)

10 March, 2023

Improvements:
[networking] improvement starting interfaces
[webgui] improvement applying farmguardian
[lslb] http: scheduling algorithm improvements
[lslb] http: improve pending connection count for backends

Bugfixes:
[system] fixed SupportSave command
[lslb] http: fixed redirect behavior

ZEVENET 5.13 (Community Edition)

24 February, 2023

New features:
[lslb] http: new ZEVENET HTTP/S core zproxy. Improvement on event handlers
[lslb] l4: updated ZEVENET L4 core nftlb

Improvements:
[ssl] added timeout control in Let’s Encrypt integration
[networking] interfaces management improvements for better performance
[system] code optimization for performance improving

Bugfixes:
[lslb] l4: fixed unload NAT protocols module

ZEVENET 6.2.20 (Enterprise Edition)

24 February, 2023

Improvements:
[ssl] improve timeout control in Let’s Encrypt integration
[ssl] added checks for Let’s Encrypt certificate actions
[webgui] added logging for Let’s Encrypt wildcard certificates

ZEVENET 6.2.19 (Enterprise Edition)

8 February, 2023

Improvements:
[guardian] improvement getting the farm status

Bugfixes:
[proxy] fixed delete sessions in maintenance “cut” mode in HTTP/S farms

ZEVENET 6.2.18 (Enterprise Edition)

31 January, 2023

Bugfixes:
[proxy] fixed macro VHOST in redirect
[farms] fixed HTTP farms mark management
[system] fixed HTTP backends stats

ZEVENET 6.2.17 (Enterprise Edition)

25 January, 2023

New features:
[system] add a binary to enable/disable new generation proxy

Bugfixes:
[proxy] fixed decode URL on redirect
[routing] fixed disable floating action

ZEVENET 6.2.16 (Enterprise Edition)

13 January, 2023

Improvements:
[rbac] allow user names starting with a number

Bugfixes:
[proxy] fixed HTTP farm stats management
[proxy] fixed location URL encoding in redirect responses

ZEVENET 6.2.15 (Enterprise Edition)

10 January, 2023

Improvements:
[system] added ZEVENET service restart flag in package installation

Bugfixes:
[cluster] fixed azure cluster management account

ZEVENET 6.2.14 (Enterprise Edition)

5 January, 2023

Improvements:
[networking] improve backend source address calculation

Bugfixes:
[api] fixed start farm action
[system] fixed the following vulnerability issue:
CVE-2022-47629

ZEVENET 6.2.13 (Enterprise Edition)

21 December, 2022

Improvements:
[cluster] improve cluster management and logging

Bugfixes:
[api] fixed virtual interfaces list status “down” string
[farm] fixed HTTP redirection to an HTTPS protocol URL
[farm] fixed HTTP logging issue
[system] fixed the following vulnerability issue:
CVE-2022-42898

ZEVENET 6.2.12 (Enterprise Edition)

28 November, 2022

Improvements:
[ssl] added a timeout for Let’s Encrypt automatic renew action
[ipds] do not run IPDS collector process by default
[networking] improve network actions process time

Bugfixes:
[farm] fixed HTTP response headers management
[ipds] fixed Blacklists migration script
[system] fixed the following vulnerabilities issues:
CVE-2022-43680, CVE-2022-29458, CVE-2022-40303, CVE-2022-40304, CVE-2022-23218, CVE-2022-44638, CVE-2022-0729, CVE-2021-3927, CVE-2021-3928, CVE-2021-3974, CVE-2021-3984, CVE-2021-4019, CVE-2021-4069, CVE-2021-4192, CVE-2022-0261, CVE-2022-0351, CVE-2022-0359, CVE-2022-0361, CVE-2022-0368, CVE-2022-0408, CVE-2022-0413, CVE-2022-0417, CVE-2022-0443, CVE-2022-0554, CVE-2022-0685, CVE-2022-0943, CVE-2022-1154, CVE-2022-1616, CVE-2022-1720, CVE-2022-1898, CVE-2022-1968, CVE-2022-2304, CVE-2022-2946, CVE-2022-3099, CVE-2022-3134, CVE-2022-3234, CVE-2022-3324, CVE-2022-3705, CVE-2022-0213, CVE-2021-4193, CVE-2022-0319, CVE-2022-0714, CVE-2022-0572, CVE-2022-1851, CVE-2022-2285, CVE-2022-2598, CVE-2022-0392, CVE-2022-1619, CVE-2022-1621, CVE-2022-1785, CVE-2022-1942, CVE-2022-1897, CVE-2022-2000, CVE-2022-0629, CVE-2022-3256, CVE-2022-2129, CVE-2022-2129, CVE-2022-3235, CVE-2022-0318, CVE-2022-0696 and CVE-2022-3352

ZEVENET 6.2.11 (Enterprise Edition)

28 October, 2022

New features:
[webgui] add a column to differentiate user-defined Blacklists from preloaded

Improvements:
[ssl] implemented SNI when creating CSR certificates

Bugfixes:
[farms] fixed unloading kernel NAT protocol modules
[farms] fixed L4xNAT maintenance management
[system] fixed the following vulnerabilities issues:
CVE-2021-33574, CVE-2020-27618, CVE-2022-23219, CVE-2021-35942, CVE-2020-6096, CVE-2021-3999, CVE-2021-3326, CVE-2016-10228, CVE-2021-27645, CVE-2019-19126, CVE-2019-25013, CVE-2020-10029, CVE-2020-1752 and CVE-2022-3515

ZEVENET 6.2.10 (Enterprise Edition)

13 October, 2022

New features:
[webgui] add a “save all” button

Improvements:
[cluster] improvement switching roles action

Bugfixes:
[ssl] fixed Let’s Encrypts Wildcard renew action
[webgui] fixed Local IP filter in Cluster settings
[system] fixed the following vulnerabilities issues:
CVE-2022-27404, CVE-2022-25308, CVE-2022-27405, CVE-2022-27406, CVE-2022-25309, CVE-2022-25310, CVE-2022-37434, CVE-2021-20223, CVE-2020-35525, CV
E-2020-35527, CVE-2021-3800, CVE-2022-0530, CVE-2022-0529, CVE-2022-40674, CVE-2022-31081, CVE-2022-42012, CVE-2022-42011, CVE-2022-42010 and CVE-
2022-40617

ZEVENET 6.2.9 (Enterprise Edition)

29 August, 2022

Improvements:
[ssl] add a stronger check to SSL certificates
[ipds] set WAF assistant enabled by default
[ipds] improvement of WAF assistant management

Bugfixes:
[ipds] fixed delete WAF rule conditions
[farms] fixed SRV and NAPTR type resources on GSLB farms
[system] fixed the following vulnerabilities issues:
CVE-2022-2469, CVE-2022-2509, CVE-2021-4209, CVE-2022-2625, CVE-2022-37452

ZEVENET 5.12.2 (Community Edition)

12 July, 2022

New features:
[ssl] add autorenewal configuration for Let’s Encrypt certificates

Improvements:
[farms] L4xnat: Add module parameters configuration in global.conf for SIP protocol
[ssl] reload farms renewing Let’s Encrypt certificates
[networking] improve default GW managing
[farms] L4xnat: improve multiport handle
[webgui] add backend status in LSLB view

Bugfixes:
[ssl] fixed renewing staging Let’s Encrypt certificates
[farms] L4xnat: fixed copy farm action
[system] reload cron configuration after zevenet restart
[networking] fixed configure default GW application order in ZEVENET service
[config] fixed remove zapikey from global.conf disabling root zapi permission

ZEVENET 6.2.8 (Enterprise Edition)

12 July, 2022

New features:
[ssl] add autorenewal configuration for Let’s Encrypt certificates

Improvements:
[ssl] reload farms renewing Let’s Encrypt certificates
[webgui] add backend status in LSLB view

Bugfixes:
[webgui] fixed activation certificate information
[ssl] fixed renewing staging Let’s Encrypt certificates
[system] fixed the following vulnerabilities issues:
CVE-2022-34903

ZEVENET 6.2.7 (Enterprise Edition)

30 June, 2022

Improvements:
[ipds] reload blacklists without disabling them
[ipds] schedule blacklists without restarting them
[system] improve activation certificate notifications
[networking] improve default GW managing
[farms] L4xnat: improve multiport handle

Bugfixes:
[networking] fixed configure default GW application order in ZEVENET service.
[ipds] fixed mismatched blacklists order applied
[farms] L4xnat: fixed copy farm action
[zenbui] fixed interface configuration file not updated
[system] fixed the following vulnerabilities issues:
CVE-2022-1292,CVE-2022-29824,CVE-2022-1664 and CVE-2022-24903

ZEVENET 5.12.1 (Community Edition)

17 May, 2022

Improvements:
[proxy] fixed rewrite location to avoid open redirect vulnerability
[farms] L4xnat: fixed mark masquerade
[farms] L4xnat: add recovery system in NFTLB daemon
[farms] L4xnat: translate the new L4xnat backend status “available” as “up”

Bugfixes:
[webgui] fixed tab title
[webgui] fixed checkupdate message

ZEVENET 6.2.6 (Enterprise Edition)

17 May, 2022

Improvements:
[cluster] Session replication daemon uses system profile
[farms] L4xnat: add recovery system in nftlb daemon
[api] add get farm status call
[system] improve managing activation certificate

Bugfixes:
[cluster] fixed registration HTTP farms in session replication daemon when changing the persistence
[proxy] fixed rewrite location to avoid open redirect vulnerability
[farms] L4xnat: fixed mark masquerade
[system] fixed cron redirection commands
[system] fixed the following vulnerabilities issues:
CVE-2022-1271 and CVE-2022-1552.

ZEVENET 5.12 (Community Edition)

3 May, 2022

New features:
[webgui] new web GUI with new Angular technology v12
[ssl] letsencrypt integration
[lslb] http: add and delete HTTP headers
[lslb] http: priority load balancing support
[lslb] http: rewrite URL directive (proxy pass)
[lslb] http: updated ZEVENET HTTP/S core zproxy
[lslb] l4: updated ZEVENET L4 core nftlb
[zcli] ZEVENET command line improvements
[api] 4.0.2 API version

ZEVENET 6.2.5 (Enterprise Edition)

19 April, 2022

New features:
[proxy] add timeout managing socket control

Improvements:
[system] avoid cerbot command listing LetsEncrypt certificates
[system] add PPID column in supportsave ps info
[stats] disable session information when they are not needed
[cluster] improve performance in sessions replication

Bugfixes:
[farms] fixed backend IP changed when a DHCP modification is performed
[farms] fixed HTTP farm migration script
[farms] fixed l4xnat virtual port changed to multiport when setting protocol to SIP
[farms] l4xnat: fixed scheduler symhash with only one backend available
[webgui] fixed certificate expiration time message

ZEVENET 6.2.4 (Enterprise Edition)

30 March, 2022

New features:
[system] allow Hostname as a rsyslog remote server

Improvements:
[farms] flush connections when a L4 farm is stopped/deleted
[farms] flush connections when a L4 backend is deleted

Bugfixes:
[farms] fixed L7 floating backend sourceaddress assignment
[networking] fixed routing rule validation
[networking] fixed no check route table before listing
[system] fixed the following vulnerabilities issues:
CVE-2021-4160, CVE-2022-0778, CVE-2021-25220, CVE-2019-17041, CVE-2019-17042, CVE-2021-3770, CVE-2021-3778, CVE-2022-24048, CVE-2022-24050, CVE-2022-24051, CVE-2022-24052, CVE-2021-43618, CVE-2021-46667, CVE-2021-3796, CVE-2021-35604, CVE-2021-46659, CVE-2021-46661, CVE-2021-46663, CVE-2021-46662, CVE-2021-46664, CVE-2021-46665, CVE-2019-15165, CVE-2019-20807, CVE-2018-25032

ZEVENET 6.1.27 (Enterprise Edition)

15 March, 2022

Improvements:
[networking] do not delete routes for a nonconfigured interface
[farms] add validation and migration script for HTTP directive “Alive”
[system] add scope validation modifying SNMP scope value.
[system] add ZEVENET 6.2 repository source

Bugfixes:
[farms] fixed established connection for a L4xnat farm are not shown
[ipds] fixed ordering the blacklists
[farms] fixed URL Pattern not allow comments in HTTP Farms
[system] fixed start nftlb if PID file exists but daemon is not running
[system] fixed issue migrating from iptables to nftlb in the backend status

ZEVENET 6.2.3 (Enterprise Edition)

15 March, 2022

Improvements:
[networking] do not delete routes for a nonconfigured interface
[farms] add validation and migration script for HTTP directive “Alive”
[system] add scope validation modifying SNMP scope value
[webgui] enable Cypress Studio for integration tests
[webgui] update Readme

Bugfixes:
[farms] fixed established connection for a L4xnat farm are not shown
[ipds] fixed ordering the blacklists
[farms] fixed URL Pattern not allow comments in HTTP Farms
[system] fixed start nftlb if PID file exists but daemon is not running
[webgui] fix network virtual create form
[webgui] fix blacklist edit form CSS
[webgui] fix memory leak in LSLB farm services list

ZEVENET 6.2.2 (Enterprise Edition)

4 March, 2022

New features:
[webgui] add farm blacklists move action

Improvements:
[farms] enable pound as a proxy by default
[rbac] avoid SO limitation pattern creating a RBAC user
[api] add validations to GET stats API
[api] change IPDS API response messages
[api] add ipds message error when configure duplicate WAF rule ids

Bugfixes:
[system] fixed delete zevenet certificate in factory reset
[system] fixed issue migrating from iptables to nftlb in the backend status
[networking] fixed configure default gw in the main routing table when a NIC is modified
[networking] fixed an Interface that can be reconfigured with the same IP
[networking] ignore dhcp parameter in Interface API if is equals to the configured one
[farms] fixed glsb stats service validation
[farms] get farm PID from the PID file, not from the system
[api] fixed create and modify route validation
[api] fix GET /stats/farms//services//backends to get backends by service
[api] fix cookieinsertion validation
[api] do not allow to create any http cookie directive with any blank parameter
[system] fixed the following vulnerabilities issues:
CVE-2022-0543, CVE-2022-25235, CVE-2022-25236, CVE-2022-25313, CVE-2022-25314, CVE-2022-25315, CVE-2022-24407

ZEVENET 6.1.26 (Enterprise Edition)

1 March, 2022

Improvements:
[proxy] add migration script for old proxy configuration files
[proxy] add a monitor that relaunches the process if it detects a segfault signal
[farms] get farm PID from the PID file, not from the system
[api] add validations to GET stats API
[api] remove name field from GET /stats/system/network/interfaces
[rbac] avoid SO limitation pattern creating a local RBAC user
[guardian] add migration script for old farmguardian configuration files

Bugfixes:
[farms] fixed GSLB stats service validation
[farms] reset L4 farm backend priority, weight and max connection values if send null
[api] fixed the create and modify route validation
[api] fixed cookie insertion validation
[api] do not allow to create an HTTP cookie directive with any blank parameter
[api] fixed status parameter for GET /stats/system/network/interfaces
[networking] ignore DHCP parameter in interface API if it is equal to the configured one
[networking] fixed configure default gw in the main routing table when a NIC is modified
[networking] fixed an Interface that can be reconfigured with the same IP
[networking] fixed an Interface can be configured with the same IP as a Virtual Interface
[networking] fixed list tables from rt_tables when the name contains “-” character
[ipds] fixed not_match field from ipds rules API
[ipds] WAF: fixed get default_log rule field
[ipds] WAF: modify disable_rules field after deleting a rule
[ipds] WAF: update SecRuleRemoveById when a disabled rule is modified
[ipds] WAF: check the rule IDs when setting the disable rules param
[system] fixed notification sec rules
[system] notifications config dir is excluded from synchronization
[guardian] fixed farmguardian conf modification when modifying a farm name

ZEVENET 6.2.1 (Enterprise Edition)

14 February, 2022

New features:
[webgui] add time range selector for time graphs
[webgui] show web GUI version in system information

Improvements:
[farms] optimizing L7 floating
[system] add host name to certificate and package alert messages
[farms] fixed reset L4 farm backend priority, weight and max connection values
[webgui] add tooltips in top navigation elements and breadcrumb links
[webgui] improved HTTPS security against web GUI with meta tag CSP (Content Security Policy)

Bugfixes:
[ipds] fixed check WAF rules ids when set the disable rules param
[ipds] fixed change WAF log sec rule for zproxy new WAF logs patterns
[ipds] fixed configuration of log rule field in WAF
[ipds] fixed issue updating some directives when a disabled rule is modified
[api] fixed minor issues adding require module
[api] fix description field for notification get API
[ipds] fixed WAF regex to avoid posting warnings and get rule name properly
[system] fixed executing permission missing in migration script
[guardian] fixed modification of farmguardian confguration when modifying a farm name
[system] fixed issue applying netplug template
[system] fixed zevenet certificate key changes if a backup is imported of other operating system
[system] fixed migration processes execution applying a backup

[system] fixed the following vulnerabilities issues:
CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-23852, CVE-2022-23990, CVE-2021-45960, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2021-46143

ZEVENET 6.2 (Enterprise Edition)

24 January, 2022

New features:
[system] VPN module
[farms] let’s encrypt integration in the web GUI
[farms] HTTP headers mangling for HTTP(S) profiles
[farms] URL mangling for HTTP(S) profiles
[system] new messages for notifications
[system] configure remote syslog in UDP/TCP mode

Improvements:
[system] ZCLI update
[farms] SSL errors improvements for HTTP(S) farms
[farms] Personalized WAF ERROR code 403
[system] multi-listeners for HTTPS web GUI and SSH service
[system] web GUI SSL certificate modification
[routing] added a new field for comments in the routing module
[cluster] more interfaces can be monitored and members of the cluster service
[ipds] improve user experience configuration for WAF OWASP rulesets
[webgui] new GUI with latest Angular version with user experience improvements

ZEVENET 6.1.25 (Enterprise Edition)

3 December, 2021

Improvements:
[system] add to checkupgrade the option to convert the load balancer in an early adopter version

Bugfixes:
[system] change zproxy logs pattern to fix a notification issue
[system] add execution permissions to the rebuild_delreg_files new script
[system] fix netcat usage in the checkupgrade script
[ipds] fix schedule param message from IPDS
[ipds] fix issue to keep WAF ruleset change after a package update
[networking] remove a warning
[networking] fix wrong bonding status on network statistics API call
[syslog] change the tag of a message from error to info
[farms] fix a bug restarting GSLB farms in ZAPI v3
[farms] fix error checking GSLB configuration file
[farms] add a validation for the farm redirect parameter
[farms] fix updated backend sourceaddress in edit backend action

ZEVENET 6.1.24 (Enterprise Edition)

4 November, 2021

Bugfixes:
[routing] fix an error creating a /32 mask rule
[system] recreate notifications config files when they are empty
[cluster] fix error in ssyncd when it replies sessions to zproxy
[proxy] fix the TTL session when it is added via API
[system] fixed the following vulnerabilities issues:
CVE-2021-37750

ZEVENET 6.1.23 (Enterprise Edition)

27 August, 2021

New features:
[farms] l4xnat: re-enable h232 protocol support

Improvements:
[config] clean config files when a NIC is removed from the system
[api] add root access permission check in API 3.2
[api] check AWS credentials and return code 400 in case of error, and new field status in GET /aws/credentials api
[config] separate nftlb debug config from global debug config
[webgui] check if the root user has access permission to the Web GUI before login
[networking] add a check for the rule action
[farms] l4xnat: speedup farm port ranges rules generation

Bugfixes:
[farms] l4xnat: fixed deleting persistence session for DSR
[config] fix misspelled global variable
[config] add missing semicolons in global.conf.template and add AZ logout in case of error setting AZ credentials
[system] fixed function input JSON decoding error in zevenet installation
[system] updated message after packages update
[zenbui] fixed remove previous interface configuration in Zenbui
[system] uninstall zevenet-ipds package at factory reset
[farms] l4xnat: fixed accept multiple ranges and ports as virtual port
[farms] l4xnat: fix elements flushing from a policy
[farms] l4xnat: add dynamic persistence rules and update timeout in DSR mode
[system] fixed the following vulnerabilities issues: CVE-2021-36222

ZEVENET 6.1.22 (Enterprise Edition)

5 July, 2021

Bugfixes:
[farms] fixed the backend source address NATing for l4xNat when virtual interfaces are used
[farms] fixed the backend source address NATing for l4xNat when a virtual interface event is performed
[system] set the default rt_tables file in factory reset

ZEVENET 6.1.21 (Enterprise Edition)

25 June, 2021

Improvements:
[farms] L4xnat: autodetect backend source-address via the routing table

Bugfixes:
[farms] L4xnat: fixed set route table source as backend address when the route is not applied in the system
[farms] L4xnat: set routing table source instead of floating VIP as backend address
[farms] fixed no update backends status when performing changes of IPDS in a farm
[ipds] fix WAF data files installation path fault
[system] fixed the following vulnerabilities issues:
CVE-2021-3541, CVE-2021-3580, CVE-2021-2154, CVE-2021-2166, CVE-2021-28153, CVE-2021-3537, CVE-2021-31871, CVE-2021-33560, CVE-2020-24977, CVE-2021-25217, CVE-2021-27218, CVE-2021-27219, CVE-2020-24659, CVE-2021-20305, CVE-2021-3516, CVE-2021-3518, CVE-2021-3517, CVE-2021-31873, CVE-2021-31872, CVE-2021-27928, CVE-2021-20232, CVE-2021-31870, CVE-2021-20231

ZEVENET 6.1.20 (Enterprise Edition)

18 May, 2021

Improvements:
[ssl] add openssl configuration to backup/supportsave

Bugfixes:
[farms] L4xNAT: fixed enable logs when the nattype is changed
[farms] L4xNAT: fixed log type on DSR and Stateless DNAT L4xNAT Farms
[farms] HTTP profile was returning a non valid URL when WAF resolution is redirect
[farms] HTTP profile returning a non valid URL when WAF resolution is redirect
[system] fixed the following vulnerabilities issues:
CVE-2021-3449, CVE-2021-21309, CVE-2021-3393, CVE-2020-26116, CVE-2019-13952, CVE-2019-20367, CVE-2020-8231, CVE-2020-8169, CVE-2020-8285, CVE-2020-8286, CVE-2020-8177, CVE-2020-8284, CVE-2021-22876, CVE-2021-22890, CVE-2021-25214, CVE-2021-25216, CVE-2021-25215, CVE-2021-3520, CVE-2021-31535

ZEVENET 6.1.19 (Enterprise Edition)

10 May, 2021

Bugfixes:
[farms] improve the validation for l4xnat port ranges
[farms] configure ALL protocol when all ports are set
[farms] fix an issue related to virtual port when an l4xnat farm is created
[cluster] stop routes in the backup node when a virtual interface is deleted
[cluster] update the slave routing tables when a new route is added in the master node
[networking] remove from the system all custom routes that depend on an interface when this interface is stopped
[stats] fix extra pending connection calculation getting backend status
[stats] remove the initial undefined backend status
[ipds] WAF configures the “SecRequestBodyLimit” instead of ‘SecRequestBodyNoFilesLimit’
[ipds] set the “variable” parameter of WAF as mandatory
[webgui] show the name of the file when in a WAF rule the operator ‘strPhrasesFromFile’ or ‘ipMatchFromFile’ is set
[webgui] fix some typos
[webgui] fix the “update” action in WAF module
[webgui] remove the protocols: amanda, irc, h323, netbios-ns and sane
[webgui] fix errors in service editing when the service has the string “session”

ZEVENET 6.1.18 (Enterprise Edition)

24 March, 2021

Improvements:
[cluster] remove azure account after deleting azure cluster configuration

Bugfixes:
[farms] changed function from checkport to validatePort
[ssl] Letsencryptz forced to use HTTP challenge
[cluster] fixed IP announce in Master node, it is not performed when the backup node is started
[cluster] fixed restart farm on the backup node
[networking] fixed Nonexistent NIC Interface Configuration File is not removed

ZEVENET 6.1.17 (Enterprise Edition)

23 February, 2021

Bugfixes:
[cluster] fixed ssyncd daemon listens on all interfaces
[system] fixed sending gratuitous ARP for down Virtual Interfaces
[system] fixed the following vulnerabilities issues:
CVE-2021-23841, CVE-2021-23840, CVE-2019-1551, CVE-2020-8625, CVE-2021-24032, CVE-2021-24031, CVE-2021-23841, CVE-2021-23840, CVE-2019-1551, CVE-2020-8625

ZEVENET 6.1.16 (Enterprise Edition)

12 February, 2021

Bugfixes:
[webgui] added priority column for backends in HTTPS farms if proxy new generation is in use
[system] fixed some port check issues configuring farm and management services

ZEVENET 6.1.15 (Enterprise Edition)

11 February, 2021

New features:
[cluster] added cluster support in Azure

Improvements:
[farms] remove deprecated l4xnat helpers from API

Bugfixes:
[farms] do not allow auto-updating certbot for letsencryptz
[farms] added checks for VIP, VPORT and protocols for usage in new farms creation
[farms] allow configuring DNS Servers even when no Server is configured yet
[system] fixed the following vulnerabilities issues:
CVE-2014-10402,CVE-2020-36221,CVE-2020-36222,CVE-2020-36223,CVE-2020-36224,CVE-2020-36225,CVE-2020-36226,CVE-2020-36227,CVE-2020-36228,CVE-2020-36229,CVE-2020-36230,CVE-2021-3156,CVE-2018-6942,CVE-2019-1010238,CVE-2019-12900,CVE-2019-18218,CVE-2019-8457,CVE-2019-12735,CVE-2020-10531,CVE-2020-8616,CVE-2020-10543,CVE-2019-5018,CVE-2019-18397,CVE-2019-9513,CVE-2020-14363,CVE-2020-15861,CVE-2020-15862,CVE-2019-19959,CVE-2019-20218,CVE-2019-6477,CVE-2020-12723,CVE-2020-28196,CVE-2020-29361,CVE-2020-29363,CVE-2020-8617,CVE-2019-12749,CVE-2020-14393,CVE-2020-13630,CVE-2019-5094,CVE-2019-5188,CVE-2020-14344,CVE-2020-15999,CVE-2020-8622,CVE-2019-6471,CVE-2020-14422,CVE-2019-17595,CVE-2020-27350,CVE-2020-12049,CVE-2020-13434,CVE-2020-13435,CVE-2020-13632,CVE-2020-14392,CVE-2020-15358,CVE-2020-3810,CVE-2019-17594,CVE-2020-29362,CVE-2019-15795,CVE-2019-15796,CVE-2019-20919,CVE-2020-8624,CVE-2020-27351,CVE-2020-35512

ZEVENET 6.1.14 (Enterprise Edition)

11 December, 2020

Improvements:
[lslb] add a directive to HTTP farms to control the maximum HTTP body analyzed by the proxy.
[api] validate that the name of the objects won’t be “0”
[api] validate the netmask when an interface is modified
[system] add cron information to supportsave
[stats] get farm established connections from binary instead of conntrack (for HTTP profile)

Bugfixes:
[proxy] avoid double port appending in location rewrite.
[proxy] update session-id from the response.
[proxy] do not pass the HTTP body to the WAF when the HEAD method is used.
[proxy] reload WAF rulesets if the proxy daemon fails.
[webgui] fixed message of translations module.
[farms] force farms status down in boot time if the process is not running when is set
[farms] modify the VIP of the farms when the interface is modified (VLAN and bonding).
[lslb] confirm proxy is killed when HTTP farm is stopped.
[system] reconfiguring APT if the certificate serial changed when checkupgrades is executed.
[system] modify the Ssyncd binary path.
[stats] some graphs are not created depending on the bonding name.
[networking] failed to get interface status when it is unset.
[networking] DHCP does not start/stop in bonding interfaces
[networking] applying IP routes and IP rules after creating table ID
[rbac] a user without permissions could watch the farm stats and graphs.

ZEVENET 6.1.13 (Enterprise Edition)

13 November, 2020

Improvements:
[ipds] added the source IP in logs if WAF detects a threat
[farms] accepted none value in l4xnat for disabling persistence
[networking] it is not required to stop slaves from bonding before adding them to the interface
[webgui] homogenized buttons and forms in all the web GUI
[webgui] fixed some forms for routing configuration

Bugfixes:
[networking] fixed add new IPs and apply routes by netplug when the link is UP
[networking] fixed no check slaves when bringing UP a bonding
[cluster] cluster process is not checked if cluster service is not previously configured
[system] disabled useless SNMP errors in Syslog
[system] systems zevenet reload after executing migration scripts
[networking] fixed deleting old rules when a VLAN or bonding is deleted
[system] letsencrypt creates certificates in lower case
[ipds] WAF rules were not ordered properly
[farms] deleted old temporal files in /tmp/ for l4xnat serializer binary
[farms] modified the default value for directive 100-Continue.
[networking] fixed config status when bonding is created
[farms] error returned if the copy farm action fails
[farms] fixed copying a farm if WAF is configured
[networking] fixed error adding IPv6 routing rules
[networking] fixed writing routing rules if the web form field is unset
[networking] configure the NIC in status DOWN if it is added to a bonding
[ipds] fixed issue parsing WAF rules in web GUI view
[networking] Isolated NICs can be configured in the main table
[farms] priority column hidden in HTTP farms when proxy next generation is disabled
[farms] fixed some memory leaks in the l4xnat serializer

ZEVENET 6.1.12 (Enterprise Edition)

14 October, 2020

Improvements:
[system] updated libmodsecurity library
[cluster] cluster interface and slave interfaces can’t be edited
[networking] skip bonding mac change if it is already configured on the system
[zcli] autocomplete improvements for some calls
[cluster] improved the node replication objects when the cluster node not in MASTER role is reachable again
[webgui] added translation messages

Bugfixes:
[networking] fixed updating virtual interface mask
[cluster] sync any change in virtual interface
[networking] avoided configuring bonding interface twice starting zevenet service
[routing] global route params are used wen route table is listed
[rbac] supported dot in the username field
[farms] farmguardian was not stopped if node entered in the maintenance
[cluster] priority 10 causes Master role on the wrong node
[cluster] disable maintenance on the cluster node could be performed with cluster interface DOWN
[cluster] fixed resync node when a node leaves maintenance mode
[cluster] conntrack sync was not called properly once node entered in MASTER status
[farms] switching proxy ng was not done properly
[farms] avoided running a farm if virtual IP is no UP
[cluster] fixed leaves maintenance mode when a link UP is received
[farms] fixed HTTP(S) header persistence session
[farms] fixed error reloading WAF rules in HTTP(S) profiles

ZEVENET 6.1.11 (Enterprise Edition)

3 September, 2020

Improvements:
[ipds] added/delete IPs in the blacklist module in batching
[rbac] added more tests to the LDAP connector for bind DN, filter, and bind user
[certs] added a new unknown status if the certificate format is not detected
[webgui] allowed to search a Virtual IP using the field alias in the farm creation
[webgui] graphs for network traffic changes to Gbytes or Tbytes based on the total of bytes received

Bugfixes:
[cluster] netplug always starts cluster in backup mode discarding maintenance mode
[ssl] fixed issue managing SSL certificates with an unknown format
[ssl] added information if not valid SSL certificate format
[system] fixed issue showing the number of CPU cores if the value is higher than 10
[networking] fixed resetting MACs when a NIC is added/removed of a bonding interface
[system] fixed internet connection check for packages update.
[webgui] added support to DH 2048 in the web server
[farms] fixed error 500 listing GSLB backends
[ssl] removed the key file is a CSR is deleted
[farms] added Alias field when a backend is created
[farms] validate the backend ID before creating sessions
[farms] unset priority for farms if no proxy of the new generation is in use
[farms] fixed issue deleting DSLB farm if the interface used in VIP is down
[farms] update backend priority after backend status change
[webgui] fixed refresh alias if backend changes
[webgui] STS directive is enabled/disabled if HTTPS listener is enabled/disabled without refreshing the view
[webgui] fixed typos in messages for the translation module

ZEVENET 6.1.10 (Enterprise Edition)

30 July, 2020

Bugfixes:
[farms] fixed maintenance mode for a backend with multiport
[webgui] improved translation messages
[webgui] change VLAN name to VLAN ID instead
[system] virtual IPs are configured properly if cluster switches in AWS
[cluster] deleted cluster status if the system is rebooted
[networking] fixed Routing tables configuration with DHCP in AWS

ZEVENET 6.1.9 (Enterprise Edition)

14 July, 2020

Bugfixes:
[webgui] fixed issue creating modifying Alias for VLANs in bonding interfaces

ZEVENET 6.1.8 (Enterprise Edition)

7 July, 2020

Improvements:
[system] kernel updates, fixed the following vulnerabilities: CVE-2019-11477, CVE-2019-11478, CVE-2019-11479

Bugfixes:
[webgui] fixed activation certificate format
[webgui] fixed error disabling/enabling farmguardian
[webgui] factory reset button enabled
[webgui] delete an action if del button in keyboard is pressed for WAF

ZEVENET 6.1.7 (Enterprise Edition)

3 July, 2020

Improvements:
[ipds] blacklisted IPs now are deleted based in the source instead of the dynamic ID

Bugfixes:
[farms] fixed deleting dynamic sessions pined to the deleted backend
[farms] fixed ethernet address discovery for IPV4 backend addresses
[webgui] fixed infinite spinner when a delete action is executed
[webgui] fixed updating and adding aliases for all the network interfaces
[system] fixed issue with the licenses in the subscription plans

ZEVENET 5.2.20 (Enterprise Edition)

2 July, 2020

Improvements:
[farms] improved the l4 load-balanced algorithm for an equal connection sharing

ZEVENET 6.1.6 (Enterprise Edition)

12 June, 2020

Improvements:
[webgui] added spinner to force changes in proxy of the new generation
[webgui] added messages to the translation module
[ipds] added description to WAF operators

Bugfixes:
[webgui] fixed table of backend GSLB with spinner and delete actions
[webgui] fixed backends ID in backends table of farms GSLB
[webgui] fixed creating an alias and create interface alias
[webgui] fixed WAF variables used in forms, data is loaded from API
[webgui] fixed error renaming blacklist
[webgui] changed the update method in routing rules
[webgui] fixed creating and updating routing rules
[webgui] fixed the refresh of stats
[webgui] fixed search of WAF variables
[webgui] fixed changing the schedule for a blacklist
[ssl] fixed issues in letsencrypt certificates management renovations
[ipds] fixed copying RBL lists
[lslb] fixed marks assignment for l4xnat backends
[routing] fixed issue modifying priorities of routing rules
[ipds] fixed deleting blacklist of HTTP profile
[zcli] fixed some issues in autocomplete for boolean values

ZEVENET 5.11.1 (Community Edition)

22 May, 2020

Bugfixes:
[farms] improve performance saving and loading high number of elements
[farms] fix backend maintenance deletion
[farms] keep backend rules in maintenance mode
[farms] fix sigsegv when there is no backend
[farms] disable static sessions when backend is not available due to priority
[farms] avoid limit per client when configured connection limit per backend
[system] change the path for nft binary

ZEVENET 6.1.5 (Enterprise Edition)

18 May, 2020

Improvements:
[webgui] improved translation messages
[webgui] added a button to view certificate content
[waf] better message description in each operator and variable
[lslb] warning message is shown if farmguardian is not configured

Bugfixes:
[lslb] fixed issues connecting to letsencrypt for requesting a new certificate
[system] fixed update packages in the backup node
[lslb] fixed cut mode maintenance behaviour
[lslb] fixed stopping farmguardian in the service name is a number
[lslb] forced to calculate source address for NAT in l4xnat profiles
[lslb] WAF rules were not configured properly if proxyNG was disabled
[lslb] fixed issue in maintenance with drain mode
[lslb] fixed crash when a session was established in a backend in l4xnat
[cluster] fixed issue with the rsa private keys recreating the cluster

ZEVENET 5.11 (Community Edition)

12 May, 2020

New features:
[system] introduce full management command line interface, named zcli
[api] introduce zapi version 4.0.1 including the new features automation
[farms] introduce L4 DSR session persistence support
[farms] reload the runtime http farm configuration when a change is done in the webgui
[farms] button to copy farms

Improvements:
[system] add more information to supportsave about zproxy process
[farms] allow creating farms with the same networking settings
[farms] faster start of farmguardian
[system] add verbose messages in case supportsave has not been generated properly
[system] updated netcat package used for networking test purpose
[farms] if all ports are balanced then all protocols should be configured by default
[system] improve management of errors

Bugfixes:
[farms] HTTP profile was not stopped properly
[ssl] some SSL certificates were not moved to the certificate store
[system] do not start SNMP service if it is disabled
[stats] fix an error in HTTP backend stats
[farms] enable a minimum log level for HTTP farms
[system] fix an error dumping sessions information in supportsave
[ssl] load long certificate lists in less than 1 minute
[farms] solved routing rules for sd-wan (dslb)
[system] now SNMP is started after a reboot
[farms] solved connection issues with farmguardian and persistence
[farms] fixed persistence table management in l4xnat
[system] check the networking settings before applying the configuration to avoid error messages in logs
[webgui] optimize certificates table pagination load
[farms] fixed dashboard view for dslb farms
[webgui] allow using the colon in the password field

ZEVENET 6.1.4 (Enterprise Edition)

1 May, 2020

Bugfixes:
[system] fix an error in the upgrading process that avoids upgrading the cluster backup node
[api] add the HTTP error code 410 to ZAPI version 3.1

ZEVENET 6.1.3 (Enterprise Edition)

30 April, 2020

Improvements:
[networking] announce ARP packet when an interface is created (This only applies when ARP announcement is enabled)
[system] allow passwords until 512 characters
[webgui] add warnings message when a bad backend priority configuration could put the farm out of service

Bugfixes:
[networking] fix an error showing the MAC in virtual interfaces
[networking] fix an error announcing ARP when the cluster is not set
[proxy] the NG proxy is disabled by default
[stats] fix an error in the networking units graphs
[ssl] fix the SSL certificate format
[ipds] improve the system management for DoS rules
[lslb] remove backends sessions before delete or stop a backend
[lslb] fix an error in l4xNAT farms that use backend with a maximum of connections
[lslb] fix an error calculating weight in l4xNAT farms that use least connections algorithm
[lslb] fix an error setting the redirect in HTTP farms
[system] fix an error starting the notification daemon
[system] returns an error when the system fails disabling duplicated networks
[webgui] add some missing messages in the translation module
[webgui] fix an error putting the backend in maintenance mode

ZEVENET 5.2.19 (Enterprise Edition)

22 April, 2020

Bugfixes:
[farms] added an internal locking system to l4xnat farms management
[farms] added protection to avoid marks corruption in l4xnat farms

ZEVENET 6.1.2 (Enterprise Edition)

14 April, 2020

Improvements:
[farms] restart farm is not needed anymore when services are ordered
[webgui] some messages have been fixed for the language module

Bugfixes:
[farms] HTTP profile was not stopped properly
[ssl] some SSL certificates were not moved to the certificate store
[rbac] check users against LDAP if ZAPI key is used
[networking] allowed to enable/disable duplicated_net flag
[system] do not start SNMP service if it is disabled
[webgui] fixed documentation link for certificates view

ZEVENET 6.1.1 (Enterprise Edition)

3 April, 2020

Improvements:
[system] add more information to supportsave about zproxy process
[cluster] protect backup from master updates when upgrading the system

Bugfixes:
[farms] fix the backend routing rules for l4xnat farms
[stats] fix an error in HTTP backend stats
[farms] enable a minimum log level for HTTP farms
[system] fix an error dumping sessions information in supportsave
[rbac] fix an error retrieving the list of expected parameters in adding RBAC user ZAPI request

ZEVENET 6.1 (Enterprise Edition)

31 March, 2020

New features:
[networking] routing module to manage static routing rules
[webgui] multi Language module
[ipds] WAF rules editor from the web gui
[farms] button to copy farms
[rbac] LDAP connector to authenticate RBAC users
[system] introduce full management command line interface, named zcli
[farms] introduce high performance HTTP and HTTPS load balancing reverse proxy core, named zproxy
[api] introduce zapi version 4.0.1 including the new features automation
[farms] introduce priority algorithm for HTTP profile
[farms] introduce L4 DSR session persistence support

Improvements:
[ipds] blacklist update scheduler optimization
[system] add web gui section for advanced settings: ARP announcement, allow routing subnet duplication, session replication service management
[farms] allow creating farms with the same networking settings

Bugfixes:
[ipds] set the default action for all WAF phases

ZEVENET 6.0.18 (Enterprise Edition)

6 March, 2020

Bugfixes:
[certs] load long certificate lists in less than 1 minute
[gui] optimize certificates table pagination load
[farms] solved routing rules for sd-wan (dslb)
[farms] fixed dashboard view for dslb farms
[system] fixed system checks that are running in Azure

ZEVENET 5.10.1-1 (Community Edition)

3 March, 2020

New features:
[proxy] add/delete response headers
[proxy] add multi-listener support
[proxy] add support to listener config reload
[proxy] added WAF support (libmodsecurity3, disabled by default)
[proxy] added automatic memory trimmer
[proxy] add backend server priority setting
[proxy] add -R option to reload listener configuration from file

Improvement:
[proxy] add missing extended HTTP verbs
[proxy] add centralized regex manager
[proxy] add listener CTL management support
[proxy] schedule redirect response if backend connection fails
[proxy] do not load balance if only 1 backend is present
[proxy] add better information in logs
[proxy] set static maximum SSL handshake retries
[proxy] added case insensitive comparator to Headers map

Bugfixes:
[proxy] fixed incomplete response parse continuation
[proxy] fixed Location and Content-Location wrong protocol if RewriteLocation=2
[proxy] fixed crash parsing an HTTPS listener
[proxy] fix session cookie header value parser
[proxy] invalidate sessions if the backend is down
[proxy] fix cookie session-id comparation
[proxy] fix crash on process exit
[proxy] reply err503 on abrupt connection close by the backend
[proxy] fix malformed log data

ZEVENET 6.0.17 (Enterprise Edition)

11 February, 2020

Improvements:
[cluster] faster cluster configuration process
[farms] faster start in farmguardian
[cluster] updated VRRP cluster service

Bugfixes:
[farms] fixed memory leaks in session replication service
[cluster] fixed cluster switching to MASTER in both nodes before to any configuration
[farms] farmguardian was started twice per farm
[system] now SNMP is started after a reboot

ZEVENET 6.0.16 (Enterprise Edition)

4 February, 2020

Bugfixes:
[webgui] fix cluster web form

ZEVENET 6.0.15 (Enterprise Edition)

21 January, 2020

New features:
[system] introduce support of AWS cluster support

Improvements:
[system] add verbose messages in case supportsave has not been generated properly
[system] updated netcat package used for networking test purpose

Bugfixes:
[lslb] fix error deleting SSL certificates in HTTPS farms
[rbac] add check if the user or group already exists in the system
[system] modify binary path for AWS support
[lslb] fix stateless DNAT source MAC translation

ZEVENET 6.0.14 (Enterprise Edition)

12 November, 2019

Improvements:
[system] enable / disable Arp announcement for VIPs
[farm] new HTTP verbs group with OPTIONS enabled

Bugfixes:
[networking] disabled check internet connection before to configure APT repository
[cluster] check cluster status every 30 secs
[webgui] allow using the colon in the password field

ZEVENET 6.0.13 (Enterprise Edition)

24 October, 2019

New features:
[webgui] allowed restart WAF ruleset to apply changes
[webgui] link to farm stats from status icon inside farm edition
[webgui] allow configuring response headers in HTTP farms

Improvements:
[webgui] configure minutes in the range of 30 for scheduling remote blacklist downloads
[webgui] changed some tables behavior, pagination persistence and pages listing to ALL
[ipds] added blacklists download queuing
[farms] added OPTIONS verbs to the default verbs in HTTP profiles
[cluster] register farms in ssyncd only if persistence is enabled
[farms] if all ports are balanced then all protocols should be configured by default

Bugfixes:
[webgui] solved typos to destroy a cluster
[webgui] fix changing the password from RBAC Users
[webgui] fix typo in virtual interface tag
[webgui] solved typo verbs in HTTP farms
[farms] solved connection issues with farmguardian and persistence
[cluster] solved memory leaks with ssyncd
[cluster] fix ssyncd farm registration issues
[farms] fixed persistence table management in l4xnat
[system] fixed issue updating packages with proxy configured

ZEVENET 5.2.18 (Enterprise Edition)

23 October, 2019

Improvement:
[farms] add an option to allow the ‘options’ HTTP verb with the ‘extended HTTP requests’ set of verbs

Bugfixes:
[networking] set the default gateway in the boot although certificate is expired
[stats] fix an error showing the l4xnat stats in multiport farms

ZEVENET 5.10.1 (Community Edition)

11 October, 2019

Improvement:
[webgui] restart notice message after HTTPS changed parameters

Bugfixes:
[farms] fix dh2048.pm path in HTTP template file
[farms] force protocol to ALL when all ports are selected in l4xnat farms
[farms] fix an error modifying https ciphers
[guardian] fix an error copying a farmguardian
[farms] fixed deleting backend ports
[webgui] the webgui actions are translated
[webgui] fix the behavior of javascript messages
[proxy] ssl connections management bugfixes and cleanups
[proxy] fixed redirect behaviour
[proxy] fixed pinning behaviour with SSL protocol
[proxy] fixed URL matcher
[proxy] assign new backend if a timeout is reached
[proxy] assign different backend if session information is not found

ZEVENET 6.0.12 (Enterprise Edition)

10 October, 2019

Improvements:
[cluster] added mutex to cluster events change roles
[system] unlimited number of threads per PID

Bugfixes:
[farms] farmguardian stops suddenly after starting

ZEVENET 5.10 (Community Edition)

9 October, 2019

New features:
[farms] add persistence between clients and backends using hashes depending on “ip”, “port”, “mac”, “source ip and source port” or “source ip and destination port”
[farms] add option to l4xnat to set the port
[farms] add nat type based on stateless dnat
[webgui] add module to translate the webgui to a different language
[webgui] show the session tables for l4xnat farms
[webgui] retrieve the parameter list accepted by the API for a call when it is called without parameters (POST and PUT methods)

Improvements:
[farms] remove and modify backends using the nft mark
[farms] apply deterministic order to farm listings (sorting alphabetically). Pull request from the github user brudo, by William Bruce Dodson
[farms] do not control Access-Control-Allow_Origin header when the request is using the zapi key
[farms] disable the HTTP parameter “ECDHCurve” by default
[farms] add check to avoid port collision with l4xnat farms
[farms] lock HTTP farm config file while a service it is being modified
[farms] create a dummyTable to start the nf_conntrack module
[farmguardian] add checks for “sip” and “redis”
[system] restart web server when ZEVENET is restarted
[system] set the binaries path in the global.conf file
[system] update system dependencies
[system] expand error message
[system] remove the zlb-stop and zlb-start files from the package and set them as templates
[system] postinst refactoring
[system] apply perltidy to code files
[system] move logic from API to the library
[system] remove completely iptables code and dependencies
[system] export global.conf to bash scripts
[system] set all log tags in lower case
[system] check the uploaded backups before that stores it
[system] change restart services for reloading them in cron tasks
[system] move profiling logs to debug level 5
[system] add more system information to supportsave
[api] log the JSON input parameters
[api] standardizer API calls for copying actions
[api] improve the validation of the parameters
[api] refactoring for farm module
[api] returns an error if a sent parameter was not expected for the call
[api] created a new call for getting system information
[cluster] move the local configuration to a local directory
[networking] add arp announce feature after any IP configuration
[networking] masquerade traffic towards the backend with the parent interface of the vip

Bugfixes:
[system] fix an error of looping when a backup is applied
[system] omitting commented routing tables in supportsave
[system] fix typo in output message and logs
[system] nftables is not printed in supportsave
[system] fix the regex for SNMP community and SNMP name parameters
[system] global.conf did not parse the variables with “update” tag
[farms] error returning the ciphers parameter in HTTP farms
[farms] error modifying the custom security ciphers parameter in HTTP farms
[farms] missing farmguardian parameter in the HTTP farm
[farms] solved a bug when parsing the file to add the backend in HTTP farm if the service has the same name as the farm
[farms] fix helpers protocols for l4xnat farms
[farms] force all protocol when setting all ports in l4xnat farms
[farms] fix loading helpers for natting
[farms] fix duplicated rules when the protocol is “all” in l4xnat.
[farms] solved corruption of pound file when enabling TLS/SSL in HTTPS and it was already enabled
[farms] fix the tag and mark generation per backend
[farms] do not allow the ‘prio’ algorithm parameter for l4xnat
[farms] avoid flushing the entire ruleset
[farms] l4xnat farm stats does not return any backend if the farm is down
[farms] returns the backend down if the status is config_error
[farms] fix an error in l4xnat stats with “snat”
[farms] assuring that nftlb is stopped when performing a stop
[farms] avoid the use of Expect in the curl request that can produce recv blocking
[farms] remove regexp for HTTP redirect in HTTP farms
[farmguardian] ZEVENET service script was not calling to farmguardian start
[certificates] error in the certificate parameter ‘issuer’
[networking] group the routing rules by type
[networking] reload routing rules when a farm or interface is modified
[networking] fix an error setting an interface that was in the down interface
[networking] allow creating VLAN without gateway
[networking] solved bug when deleting a VIP
[networking] solved error unsetting a nic that was not applied in the system
[networking] create the nic config file if it does not exist
[networking] improved ipv4 regexp
[networking] do not allow to modify the interface used for management services (HTTP and SSH)
[system] applying backup returns success on failure
[api] change error code 400 for 404 when the certificate is not found
[api] API returns an error when it receives an array or a hash in the JSON parameter and it is not expected

ZEVENET 6.0.11 (Enterprise Edition)

2 October, 2019

Improvement:
[networking] fix routes for interface with same subnet
[webgui] keep the backends pagination after refresh
[checks] updated ZEVENET health checks

Bugfixes:
[farms] fix backend check when backend port is empty
[stats] fix regular expression to show real traffic statistics
[webgui] fix show the first backend in the table
[waf] conditions for a ruleset were not shown properly
[system] fix per backend connection limit kernel race

ZEVENET 6.0.10 (Enterprise Edition)

20 September, 2019

Bugfixes:
[networking] prioritized networking route rules
[farms] fix shown l4xnat backends status in maintenance mode

ZEVENET 5.2.17 (Enterprise Edition)

16 September, 2019

Bugfixes:
[farms] fix virtual-host regexp matching for HTTP/S farms

ZEVENET 6.0.9 (Enterprise Edition)

4 September, 2019

Improvements:
[farms] support of output network interface per backend

Bugfixes:
[farms] fix modify and delete GSLB resources
[farms] fix l4xnat masquerading
[farms] support of stateless dnat for direct client connections
[gui] fix GSLB resources id management

ZEVENET 6.0.8 (Enterprise Edition)

28 August, 2019

Bugfixes:
[networking] routing rules prioritized
[networking] fix supportsave storing l4xnat rules via web gui
[ipds] fix code error in IPDS first load

ZEVENET 6.0.7 (Enterprise Edition)

21 August, 2019

Bugfixes:
[ipds] fix ipds directory structure creation during installation
[farms] force masquerade IP nat when interface is set up/down
[system] fix GPG APT key addition for offline updates
[gui] fix menu display issue due to icons hidden layers

ZEVENET 6.0.6 (Enterprise Edition)

19 August, 2019

New features:
[gui] show network interface aliases in the dashboard

Improvements:
[api] detailed activation error messages
[networking] support of masquerading interfaces in the same subnet

Bugfixes:
[gui] fix remote blacklists update schedule
[gui] fix analytics call with undefined parameters
[gui] fix typo in field of HTTP verbs accepted
[ipds] improve the validation check for blacklist inputs
[ipds] fix ciphers output parameter in HTTP farm

ZEVENET 6.0.5 (Enterprise Edition)

9 August, 2019

New features:
[system] added support for offline updates
[farms] support of source natting per backend in different subnets

Improvements:
[ipds] optimize loading of blacklists
[ipds] support of overlapped IP ranges in blacklists
[ipds] unload blacklists if they are not in use
[ipds] remove SSH Brute force rule
[api] ability to configure AES Cyphers even if the hardware doesn’t support it

Bugfixes:
[cluster] solved memory leak in session sync daemon
[cluster] improved the tcp close connection management for service sync daemon
[farms] fix backend priority in l4xnat
[networking] fixed MAC address with incorrect value in eth0
[networking] virtual interfaces with name 0 were not started/stopped properly

ZEVENET 5.2.16 (Enterprise Edition)

8 August, 2019

Bugfixes:
[networking] virtual interfaces with name 0 were not started/stopped properly
[cluster] solved memory leak in session sync daemon
[cluster] improved the tcp close connection management for service sync daemon

ZEVENET 6.0.4 (Enterprise Edition)

1 August, 2019

New features:
[system] migration from ZEVENET 5 to 6

Improvements:
[cluster] nodes reconnection improvement
[system] LTS Kernel upgrade
[farms] support of source address per backend
[ipds] improved IPDS logging

Bugfixes:
[ipds] solved issue deleting remote blacklists
[system] solved netplugd issue changing default gw by mistake
[networking] modified expression to identify a Virtual Interface in the boot process
[ipds] solved blacklist deletion
[ipds] IPDS was not started properly at boot time
[farms] solved issue in the l4xnat config files generation
[farms] check if a port collision exists with l4 farms
[farms] fix backend priority in l4xnat
[system] local http config is needed to renew certificates for let’s encrypt
[cluster] fix memory leak when persistence is not enabled in a farm

ZEVENET 5.9.3 (Community Edition)

12 July, 2019

Bugfixes:
[farms] stop properly the l4xnat daemon when ZEVENET service is stopped or restarted. This error affects l4 farms running in a cluster

ZEVENET 6.0.3 (Enterprise Edition)

10 July, 2019

New features:
[ssl] let’s encrypt support

Improvements:
[farms] add an option to disable TLS v1.3 in the HTTP farms config file
[system] add more information to supportsave

Bugfixes:
[farms] enable automatic ECDH curve selection if no ECDHCurve parameter is set
[farms] fix an error showing the value of the maximum connection for backend, in L4xnat farms
[farms] fix an error showing the farmguardian in HTTP farms
[farms] fix an error modifying the custom security ciphers in HTTP farms

ZEVENET 6.0.2 (Enterprise Edition)

27 June, 2019

Improvements:
[networking] Bonding interfaces restore their default mac address when the MAC field is empty
[networking] Created a wrapper to store default bonding mac address

Bugfixes:
[farms] fix SNI forward to backend
[system] APT configuration is checked daily and re-configured if required
[api] Fixed error 500 listing HTTP backends in API v3
[farms] fix backend aliases list for HTTP services
[system] Avoid to loop CA crl downloads without an Internet connection

ZEVENET 6.0.1 (Enterprise Edition)

26 June, 2019

New features:
[networking] support of custom script execution after configuring any route in a given interface

Improvements:
[api] return the ZEVENET version in the session response
[system] avoid connections and cluster annoying messages in the logs
[networking] bonding will restore its default MAC address when the MAC field is empty
[networking] default MAC is stored for future restoring
[cluster] increased detailed information in web GUI cluster section

Bugfixes:
[ipds] fix WAF parse failed when the parameter was between quotes
[networking] fix DHCP config overwriting errors after disabling/enabling the service
[networking] fix static IP configuration is not configured properly after disabling DHCP
[system] execute the web server stop/start action in the background
[networking] fix solved routes were not being added if the interface was configured in UP status
[networking] fix deleted routing table inputs when bondings are unset
[networking] fix bonding status lost when unsetting the interface
[rbac] fix RBAC module mutex
[system] make SNMP community string less strict
[api] fix error 500 listing HTTP backends in API v3
[farms] fix backend alias not listed in HTTP services
[system] avoid enqueueing curl commands for license checking
[farms] fix error configuring HTTP redirect code
[system] set a token to block i-notify while the IPDS package is being updated
[farms] added less strict param for gslb which allows using check_icmp
[gui] fix left side menu was not shown properly in some Chrome versions

ZEVENET 5.2.15 (Enterprise Edition)

12 June, 2019

New features:
[networking] added support to run a script after routing config in a given interface

ZEVENET 6.0 (Enterprise Edition)

4 June, 2019

New features:
[farms] direct server return DSR support for L4
[farms] stateless NAT support for L4
[farms] L4 core with round-robin algorithm
[farms] L4 core with IP and port hashing for both destination or source
[farms] L4 core with support of new protocols: SCTP, netbios, snmp, h323, pptp, irc, sane, amanda
[farms] L4 core with configurable persistence per source and destination IP, port or even MAC
[farms] websocket support for HTTP/S
[farms] support of OpenSSL 1.1 for HTTP/S (TLS 1.3)
[system] latest kernel 4.19 with Long Term Support (LTS)
[system] spectre and meltdown mitigations included by default
[system] integration with APT remote repositories by default
[ipds] web application firewall for HTTP/S
[webgui] new web GUI based on Angular 6
[networking] full support of DHCP
[networking] MAC address custom configuration
[rbac] dynamic menu configuration based on RBAC user permissions
[system] added factory reset

Improvements:
[farms] new L4 core system based on nftables
[ipds] optimized security rules based on nftables
[cluster] clustering based on nftables
[api] optimization and refactoring of the API calls
[networking] improve network link management
[guardian] more integrated advanced health checks

ZEVENET 5.2.14 (Enterprise Edition)

16 May, 2019

Improvements:
[networking] force ARP announcement after any IP configuration

Bugfixes:
[networking] fix issue changing IP of one already configured alias
[farms] replace backend check port with the VIP port if this value is not defined

ZEVENET 5.9.2 (Community Edition)

10 April, 2019

Improvements:
[system] remove dependencies with xtable-addons packages

ZEVENET 5.2.13 (Enterprise Edition)

1 April, 2019

Improvements:
[guardian] add a farm guardian check for monitoring SIP services
[webgui] change of farm guardian configuration in GSLB farms
[system] added Kernel Support for Amazon Web Services
[system] ssh service is started even if the certificate is not OK.
[system] start ZEVENET Service as soon as a valid certificate is updated

Bugfixes:
[ipds] solved an issue downloading the scheduled remote lists
[guardian] farm guardian is not linked properly with GSLB farms
[webgui] responsive graphs in the dashboard for Mozilla
[certs] hyphens and dots are not allowed in the CSR section.
[ipds] update remote lists process was not downloading remote URLs.
[guardian] reserved strings are not modified in one match is already executed.

ZEVENET 5.2.12 (Enterprise Edition)

1 March, 2019

New features:
[guardian] redis health check is supported natively

Bugfixes:
[farms] L4xnat stats were not generated properly for farms with the same backend configured twice

ZEVENET 5.2.11 (Enterprise Edition)

8 February, 2019

New features:
[system] add support of ZEVENET subscriptions package

Bugfixes:
[system] solved issue restarting the web server

ZEVENET 5.2.10 (Enterprise Edition)

25 January, 2019

Bugfixes:
[farms] duplicated rules for l4xnat when the configured protocol is ALL
[system] activation certificate was requested even if it was properly upgraded

ZEVENET 5.9.1 (Community Edition)

17 January, 2019

Bugfixes:
[guardian] farmguardian did not start after restart ZEVENET service
[farms] fix master node switching restarting ZEVENET service

ZEVENET 5.9 (Community Edition)

15 January, 2019

New features:
[networking] IPv6 support
[system] 64 bits support
[farms] new L4xNAT core based on nftables and nftlb
[farms] add L4xNAT direct server return support
[gui] new WebGUI with Angular6 based in ngx-admin template
[api] new ZEVENET API 4.0

Improvements:
[system] fix security issues Spectre and Meltdown
[system] kernel update (Debian Buster)
[system] improved support for hypervisors
[system] improved code refactoring

ZEVENET 5.2.9 (Enterprise Edition)

2 January, 2019

Bugfix:
[farms] HTTP farms couldn’t be started because of new use of an HTTP proxy dependency

ZEVENET 5.2.8 (Enterprise Edition)

26 December, 2018

Improvements:
[system] add proxy support for packaging updates through Internet

Bugfixes:
[farms] fix leastconns traffic to down backends
[farms] fix HTTP traffic forwarding when cookie insertion was enabled
[guardian] fix farm guardian doesn’t start up properly
[webgui] fix farm guardian processes were killed if the web GUI was stopped
[webgui] fix memory leaks in the web GUI server
[webgui] a different network interface can be configured if the cluster is enabled.

ZEVENET 5.2.7 (Enterprise Edition)

7 November, 2018

Improvements:
[farms] add multiprotocol and multiport support for SIP
[ssl] not allowed to update the license certificate if it is not valid
[system] kernel update to solve several vulnerabilities (Spectre and Meltdown)

Bugfixes:
[farms] fix backend in maintenance used with the priority algorithm
[farms] solved issue changing TCP to UDP protocol
[farms] modify the virtual port value to * if multiprotocol is configured
[api] latest character was deleted for the hostname
[farms] fixed issues creating load balancing rules for protocol with helpers

ZEVENET 5.0.2 (Community Edition)

5 November, 2018

Improvements:
[ssl] update the HIGH cipher string

Bugfixes:
[farms] error modifying the SSL HTTPS certificate
[ssl] error uploading a SSL certificate
[ssl] set the custom cipher string properly

ZEVENET 5.2.6 (Enterprise Edition)

20 September, 2018

Bugfixes:
[farms] services in HTTP farm show redirect value even when it isn’t configured
[system] check internet connectivity and proxy usage

ZEVENET 5.2.5 (Enterprise Edition)

28 August, 2018

Bugfixes:
[farms] fix l4 switching to ALL protocols
[farms] removed not needed ports for helpers in l4xnat
[farms] fix sip load balancing with NAT and ALL protocols
[farms] fix rules deleting backends in l4 farms
[farms] force to use TCP and UDP protocols for SIP
[farms] disable force to dnat in SIP configurations
[gui] disable port configuration for SIP protocol
[gui] disabled configure port if SIP or ALL protocols is enabled.

ZEVENET 5.2.4 (Enterprise Edition)

10 August, 2018

New features:
[system] ability to configure a http/s proxy for outbound connections
[farms] multiport support for FTP, TFTP and SIP protocols

Bugfixes:
[farms] set STS Timeout by default after disabling the STS Header
[farms] fix FTP, TFTP and SIP loading protocols
[stats] fix FTP and TFTP stat connections
[ipds] limit blaklists name length
[ipds] fix blacklist cron scheduler getting remote lists

ZEVENET 5.2.3 (Enterprise Edition)

24 July, 2018

Improvements:
[webgui] improved behavior of search boxes
[webgui] favicon with dark themes in browsers
[syslog] remove depuration messages

Bugfixes:
[networking] bring up NIC interface when it does not have link
[rbac] modify RBAC user without a new password
[rbac] modify RBAC user without group permissions
[cluster] drop incoming traffic on virtual interfaces with IPv6 in the backup node
[guardian] fix typos in farmguardian templates
[networking] fix bonding interfaces route tables
[farms] GSLB vip status shows critical in the backup node
[guardian] fix farmguardian migration script
[farms] fix error 500 creating GSLB farms
[farms] GSLB statistics does not work in the backup node
[cluster] cluster does not replicate new GSLB farms properly
[networking] fix startup interfaces configuration without an activation certificate
[farms] fix least connections port aware per backend
[system] fix error deleting the activation certificate
[networking] show interface aliases

ZEVENET 5.0.1 (Community Edition)

2 July, 2018

Improvements:
[farms] Locking system for http configuration files
[networking] Add a check to verify the virtual IP when starting a farm

Bugfixes:
[stats] L4xNAT statistics does not show backends list
[stats] HTTP does not show the virtual interfaces stats
[farms] Fix L4xNAT farms and datalink renaming
[farms] Allow character ‘_’ for HTTP service names
[networking] Run virtual interfaces in the start process
[certificates] Fix the load of certificate field ‘Issuer’
[supportsave] Don’t use arptables to resolve IPs
[farms] Remove critical status in HTTP farms when a redirect configured
[farms] Allow setting the backend parameter ‘port’ as blank
[farms] Modifying a L4xNAT farm returns error sometimes
[services] Error parsing the file ‘resolve.conf’
[farms] Use a more restrictive regular expression to get farm file name

ZEVENET 5.2.2 (Enterprise Edition)

29 June, 2018

Improvements:
[rbac] Added two new preconfigured roles to be used in this module: management to allow to stop / start backend, and monitoring to allow to read information about system and farms

Bugfixes:
[rbac] Fix aliases are shown in the backends table even when user doesn’t have permissions to view this information
[alias] Fix aliases can be modified without permissions
[certificates] Fix search and upload actions break the SSL certificates table if some certificate has a CN field empty

ZEVENET 5.2.1 (Enterprise Edition)

20 June, 2018

New features:
[rbac] Roles templates added

Improvements:
[syslog] Log the error output when a command fails
[rbac] Allow more characters for RBAC: users, groups and roles
[rbac] Add RBAC information to supportsave

Bugfixes:
[guardian] Fix typo in farmguardian templates
[guardian] Migrate farmguardian of farms to new farmguardian check
[zenbui] Fix Zenbui symbolic link
[farms] The parameter “Log” in l4xnat farm returns blank sometimes
[rbac] Creating system user and system group needed for RBAC
[notifications] Notifications is enabled by default
[guardian] Run farmguardian in ZEVENET start process

ZEVENET 5.2 (Enterprise Edition)

12 June, 2018

New features:
[farms] Option to enable traffic logs for LSLB, DSLB, GSLB and the connection tracking
[farms] Support of aliases for backends
[networking] Support for aliases per NIC, bonding, VLANs and virtual interfaces.
[system] Role-Based Access Control (RBAC) to define new users, groups and permissions to actions in the system
[api] API 3.2 to manage all the new features
[networking] IPv6 Support for NICs, VLANs, Virtual Interfaces, Bonding and routing
[farms] IPv6 Support for HTTP and L4xNAT farms

Improvements:
[guardian] Improve of usability with several built-in health checks
[farms] More descriptive error messages for HTTP/S farms
[farms] Configurable redirect code for HTTP/S farms
[farms] Backend servers disabled if redirect is used for HTTP/S farms
[farms] Configurable Strict Transport Security header by service in HTTP/S farms
[farms] Improve of session table stats for LSLB farms
[system] Improve of message logs to syslog
[networking] Validation of network configurations
[networking] Automated virtual services configuration when modifying the network configuration
[networking] Real time networking packets/throughput stats per second

ZEVENET 5.1.11 (Enterprise Edition)

24 May, 2018

Bugfixes:
[cluster] When cluster switches to BACKUP, the system never come back to MASTER

ZEVENET 5.1.10 (Enterprise Edition)

16 May, 2018

Bugfixes:
[farms] It is not possible to create http(s) services after moving some service

ZEVENET 5.1.9 (Enterprise Edition)

10 May, 2018

Improvements:
[ipds] included more parameters to check before starting a IPDS
[ssl] better input validation in CSR for organization and locality fields

Bugfixes:
[networking] solved issue stopping and starting bonding interfaces
[networking] ensure that bonding interfaces have a defined IP address before starting
[stats] fix established connections when the farm is not in UP status
[api] fix activation certificate status response
[guardian] update farmguardian statuses after a cluster switch
[farms] fix VIP verification after starting a farm

 

ZEVENET 5.1.8 (Enterprise Edition)

3 May, 2018

Improvements:
[webgui] load HTTP profile parameters faster

Bugfixes:
[farms] fix concurrent changes in HTTP(S) configuration files

ZEVENET 5.1.7 (Enterprise Edition)

23 April, 2018

Improvements:
[webgui] changed datetime format to allow ordering in table views
[farms] http(s) farm is marked in status UP when only a redirect is configured
[system] better and faster information gathering for supportsaves

Bugfixes:
[farms] solved issue modifying datalink farm names
[networking] solved issue modifying floating IPs
[system] solved DNS section parsing configuration file content
[farms] solved issue re-ordering services in http farms
[ipds] blacklist rules were not properly configured in GSLB farms
[farms] solved issue creating a l4 farm, API responds a 400 code instead of 200
[ssl] solved issue parsing “Issuer” field in certificates
[farms] parameter 100continue is not properly modified in http(s) farms

ZEVENET 5.1.6 (Enterprise Edition)

8 March, 2018

Bugfixes:
[networking] Run virtual interfaces in start process

ZEVENET 5.1.5 (Enterprise Edition)

1 March, 2018

Bugfixes:
[farms] Error detected when l4xnat farm parameters are listed

ZEVENET 5.1.4 (Enterprise Edition)

21 February, 2018

Improvements:
[gui] Faster loading of LSLB farms list
[gui] Faster loading of http[s] farms services
[system] Better logs description for http proxy

Bugfixes:
[networking] Configure network if the certificate is temporary or doesn’t exist
[system] Avoid to backup corrupt configuration files

ZEVENET 5.0 (Community Edition)

12 February, 2018

New features:
[gui] A new web GUI frontend in Angular
[api] New API JSON+REST capabilities for processes automation
[networking] New networking section for a better management and configuration of interfaces
[farms] New LSLB module (Local Service Load Balancer) which manages both L4xNAT and HTTP/S profiles
[farms] Two different maintenance modes (cut and drain) for HTTP[S] and L4xNAT profiles
[farms] Improved HTTPS profile with new options to Enable / Disable SSL/TLS protocols
[farms] Max number of connections by backend server in L4xNAT profile
[farms] New DSLB module (Datalink Service Load Balancing) which manages uplinks and inbound LB
[farms] New farms status (UP, DOWN, Critical and Problem)
[farms] New backends Status (UP, DOWN, Maintenance and Undefined)

Improvements:
[system] Faster response based on REST API
[gui] Improved look and UX
[system] Enhanced logs management
[support] Support save options for better troubleshooting and support
[system] Linux Kernel based in a common Debian Stretch
[system] Easier upgrade by modules and transitions to Enterprise
[system] Improved the backup and recovery procedure

ZEVENET 5.1.3 (Enterprise Edition)

1 February, 2018

Bugfixes:
[farms] Issue solved enabling / disabling HTTPS backends checkbox
[farms] Solved segmentation fault in HTTP farms with session replication daemon ssyncd and cookie insertion
[system] Checks if an IP exists in any interface

ZEVENET 5.1.2 (Enterprise Edition)

22 December, 2017

Bugfixes:
[webgui] Not allowed to enter weight values higher than 9 for l4xnat profiles
[guardian] Some farmguardian health checks were not stopped properly
[cluster] Zeninotify was not started after a cluster switch

ZEVENET 5.1.1 (Enterprise Edition)

22 November, 2017

Improvements:
[system] New backup procedure to save the configuration
[system] Set a default SSL certificate for web GUI and API to 2048bits
[api] Added HTTP Headers for API calls to avoid content cache in browsers
[farms] Configurable redirect HTTP codes
[farms] Speed optimization to load SSL SNI certificates list
[gui] Activation certificates expiration notifier

Bugfixes:
[cluster] Leave maintenance mode properly in 3000 and 4000 series
[ipds] Solved some bugs related to RBL rules assignment to farms
[gui] Allowed searches in CN column for Certificates Lists

ZEVENET 5.1 (Enterprise Edition)

1 November, 2017

New features:
[farms] SSL hardware offloading support for HTTPS farms
[farms] new status for VIPs and backends in farm profiles
[farms] new maintenance status (drained and cut)
[cluster] real time sessions table replication for all layers
[ipds] new system rules for threats protection
[ipds] new rule RBL (real time black-hole list)
[system] logs line reader through web GUI

Improvements:
[farms] option to enable or disable different SSL protocols
[farms] reload datalink farms
[farms] better log description in HTTP profiles
[api] API v3.1 better performance and resource usage
[gui] improved the rules assignment to farms and web views
[notifications] encrypt email password to enhance security
[system] ssh and web services automatic reload
[gui] enable web GUI compression
[networking] show virtual interface name in Floating IPs section
[ipds] enable or disable security rules for a farm

ZEVENET 5.0.11 (Enterprise Edition)

30 October, 2017

Bugfixes:
[cluster] Maintenance mode not working in the backup node
[farms] Improved regular expression patterns for http stats when the service include certain private words
[farms] l4xnat profile is not configuring lb rules properly for the first l4xnat farm

ZEVENET 5.0.10 (Enterprise Edition)

25 September, 2017

Improvements:
[lslb] Farmguardian was not disabled in Backup node

Bugfixes:
[networking] VLAN was not started after to configure if NIC was not configured
[lslb] Allowed to add many ssl certificates without breaking the config file
[ipds] Some Dos rules were not applied to http farms
[lslb] Added support to concurrency in netfilter rules for rules modification
[networking] Route rules are not applied until Link is detected in UP mode
[networking] Fixed null response detecting a parent interface of a virtual interface
[lslb] Apply connmark rules before farm rules when farm starts

ZEVENET 5.0.9 (Enterprise Edition)

2 August, 2017

Bugfixes:
[ipds] IPDS rule was unset for the farms if the rule was renamed
[gui] Changed the error message when the activation certificate is wrong
[gslb] Not allowed two services with the same ID anymore
[ipds] Disabled blacklists rule from system when ZEVENET process stops
[lslb] Change to least conns in l4xnat profile returned an error
[cluster] Zeninotify is not stopped when cluster node is in maintenance
[cluster] ARP responses were not disabled when cluster is in maintenance
[gslb] Sync a GSLB config directory to BACKUP node in creation time
[ipds] Not allow to create IPDS rules with the reserved name ‘rule’
[farms] Set and unset wildcard certificates in HTTPS farms
[ipds] SSH brute force rule were loaded twice in system at ZEVENET first start
[lslb] Allowed DNAT mode for SIP protocol in l4xnat profiles
[net] Default GW was deleted for table main if GW for local table was deleted

Improvements:
[system] Stats Block has been deleted from conntrackd configuration file
[system] make selectable the kind of ARP announcement packets
[ipds] Fit the maximum number of sources for a blacklist
[cluster] Added a cluster exception to IPDS module in order to avoid to block cluster IPs

ZEVENET 4.0.4 (Community Edition)

12 June, 2017

Bugfixes:
[users] Password change failed if some special characters are used in the password string
[farms] Solved compilation errors with SIP configuration in L4xNAT farms
[farms] Deleted connection tracking for UDP protocol if backend is configured in maintenance mode

Improvements:
[gui] New section “About” > “ZEVENET LB Version” in menu
[iso] New ZEVENET CE ISO 4.0.4 generated in sourceforge
[apt] New ZEVENET CE package 4.0.4 generated in repository

ZEVENET 5.0.8 (Enterprise Edition)

29 May, 2017

Bugfixes:
[farms] solved issue in GSLB farms, allowed RData values in MX inputs
[farms]Updated farmguardian port checks in gslb farm when default tcp port health check is changed
[certificates] Fixed parse issue for certificate information

ZEVENET 5.0.7 (Enterprise Edition)

24 May, 2017

Bugfixes:
[farms] Allow modifying values for cookie insertion once this option is enabled
[cluster] Conntrackd 1.4 or higher integrated with systemd
[sys] Added expect package as dependency
[sys] Configuration directory is replicated recursively

ZEVENET 5.0.6 (Enterprise Edition)

19 May, 2017

New features:
[farms] Added max conns limit per backend server in l4xnat profiles

Bugfixes:
[farms] migration process from tcp to l4xnat profiles bugfix
[farms] flush udp flows from conntrack table bugfix
[guardian] farmguardian should not be executed if the farm is down
[ipds] ssh brute force protection port is shown in the web gui
[guardian] farmguardian file status for http profiles bugfix
[snmp] snmp doesn’t start automatically after a reboot
[ipds] delete standard error and output error in the startup blacklist process

ZEVENET 5.0.5 (Enterprise Edition)

11 May, 2017

Improvements:
[system] Applied some tuned kernel parameters from systemctl
[farms] Traffic between VIP and backends is forwarded locally instead of sending to gateway
[guardian] Improved farmguardian output messages.

ZEVENET 5.0.4 (Enterprise Edition)

4 May, 2017

Improvements:
[system] Increased information captured in supportsave
[system] Do not log more bonding warning messages

Bugfixes:
[gui] Fix minor bugs related with stats view
[gui] List all used ssl certificates in a running HTTPS farms
[gui] List all available interfaces when edit / create a farm
[farms] Modified logs related to farmguardian when an error is detected
[farms] Least connections algorithm doesn’t detect configured backends
[system] SSH never starts if ssh service is configured in a given IP instead of all IPs
[farms] Kernel modules for sip, ftp or tftp were not loaded properly
[farms] Services Not renamed properly when service name includes farm name string
[farms] Reset UDP packets tracking when any config change is done
[stats] Disabled pending connections information for UDP protocol
[stats] Bugfix in HTTP farms established connections for backends
[farms] Fixed disabling l4xnat IP persistence

ZEVENET 5.0.3 (Enterprise Edition)

21 April, 2017

Improvements:
[support] Include system and cluster details for better analysis in supportsave
[gui] Add test notification button for email notification method
[gui] Add update button when editing remote blacklist
[gui] Change update buttons to updating… when clicked

Bugfixes:
[ipds] Load blacklist when applied to a farm only if the farm is running
[farms] Allow to create several resources with same name in GSLB farms
[cluster] Fix cluster in 3000 series appliances
[gui] Do not require password in email notification method
[gui] Do not allow setting a port in L4xNAT farms when balancing all protocols
[gui] Notify after updating when the port or IP address has been changed
[gui] Fix URL when the GUI HTTP port is changed
[gui] Fix error message on some request failures
[gui] Some GUI style fixes

ZEVENET 5.0.2 (Enterprise Edition)

31 March, 2017

Improvements:
[gui] Messages when there is login error
[gui] Info button in dashboard
[gui] Change icon and tooltip for unset farm in ipds rules
[system] Remove deprecated configuration script

Bug fixes:
[farms] Fix L4xNAT pending and established stats
[system] Add to supportsave arp filtering, node status and L4xNAT persistence
[system] Fix configuration of management interface in zenbui
[networking] Use routing rules per subnet instead of per ip
[gui] Refresh button in stats
[gui] Responsive in stats tables
[gui] Update cluster status after a logout or expired session
[gui] Close selection form when kept open and the view is changed
[gui] System stats responsive
[gui] HTTP Redirect regular expression
[gui] Allow to apply DoS rules (IPDS) to any kind of farm profile

ZEVENET 5.0.1 (Enterprise Edition)

27 March, 2017

Bug fixes:
[ipds] Remove blacklist from memory when no running farm is using it
[api] Fix ciphers information inHTTPS farms
[cluster] Handle password safely configuring the cluster in case there are symbols
[ipds] Fix remote blacklists setup on cluster backup node
[networking] Allow hypens in network interface names
[gui] Fix HTTP Redirect regular expression
[gui] Fix space for period unit field in remote blacklists
[gui] Fix selecting all backups
[gui] Fix HTTP Redirect regular expression
[installer] Include dependencies when upgrading from Zen 4.2

ZEVENET 5.0 (Enterprise Edition)

20 March, 2017

New features:
[api] New API v3 version, entire system can be managed by API Rest+JSON.
[gui] New Web GUI in Angular2 100% responsive.
[security] New security module v1 called Internet prevention and detection service or IPDS with blacklists and DDoS prevention.

Improvements:
[gui] Local service load balancing module or LSLB now manages http, https and l4xnat profiles.
[gui] Global service load balancing module or GSLB now manages gslb profiles.
[gui] Datalink service load balancing module or DSLB now manages datalink profiles.
[doc] Updated documentation for ZEVENET v5.
[system] Floating IPs, VIPs can be assigned to interfaces.
[cluster] Stateful cluster for l4xnat profiles.

ZEVENET 4.3.0

22 February, 2017
[gui] Re-branded from zen to ZEVENET
[system] Renamed package system from zen to ZEVENET

ZEVENET 4.3.1 (Enterprise Edition)

21 February, 2017

Improvements:
[gui] Certificates were not properly managed in SNI list for https farms
[gui] Password is not a mandatory field in Sender notifications by email
[gui] Solved minor bug in Help module

Bug fixes:
[farms] Certificates were not properly managed in SNI list for https farms

ZEVENET v4.0 (Community Edition)

3 February, 2017
Improvements
[sys] Operating system and packages updated to Debian 8.7
[sys] Mini_httpd web server changed for Cherokee web server

Bug fixes
[sys] Backup download files bug has been fixed
[gui] Web GUI has been re-branded from zen to ZEVENET

ZEVENET 4.3.0 (Enterprise Edition)

29 January, 2017
Improvements:

[gui] Re-branded from zen to ZEVENET
[sys] Renamed system packages from zen to ZEVENET