UTM Changelog For Version 6.5.0 - 2022-10-10

Aggregated changelog: 20221010034557

Product Machine Version
mercury-100 nsa1150 6.5.0

Core API

CORE-4839 Bug: Gunicorn redirect are not handled correctly
CORE-4849 Bug: 500 internal server error when accessing API unauthenticated with cookies
CORE-4863 Bug: API to check for available updates fails without channels
CORE-4883 Bug: Update process is interrupted when gunicorn is restarted

Core Authentication layer

CORE-1289 Improvement: Add status.authentication.connections
CORE-1356 Bug: Fix wrong imports in endian.authentication_frontend.web
CORE-1506 Task: Support additional parameters in endian.authentication.auth_client.authenticate
CORE-1566 Improvement: Report the authentication provider for successfully login
CORE-1632 Task: Create /var/efw/access/rsa as nobody nogroup
CORE-1732 Task: Filter the DataSource exposed over HTTPS according to the user permisisons
CORE-1938 Bug: Ca authentication handler needs /var/efw/vpn/ca folder to be packaged
CORE-2122 Task: Adapt the authentication layer to support new Apache groups
CORE-2153 Task: Introduce python-oauthlib and requests-oauthlib Python libraries
CORE-2591 Bug: move gui password controller in the correct package
CORE-2751 Bug: Unrecoverable error in the server deleting a CA
CORE-2811 Bug: Error deleting CA
CORE-3134 Bug: Authentication fails is username is numeric and starts with 0
CORE-3238 Improvement: Avoid openssl.rand usage
CORE-3288 Improvement: Add user IP address to authentication daemon logs
CORE-3932 Improvement: Add user IP address to authentication daemon logs
CORE-4458 Bug: Group cannot be deleted because of a typo
CORE-4744 Improvement: Create authentication layer async client
CORE-4745 Bug: Non-standard GUI users cannot login to management interface
CORE-4848 Bug: RequestException not imported in authentication daemon

Core Backup

CORE-1492 Bug: Factory default does not restore ethernet settings
CORE-1501 Bug: Restoring a 3.0 backup on 3.2 will leave files with wrong permissions
CORE-1536 Bug: Cannot create archive only backups
CORE-1561 Bug: Network hosts imported from 3.0 to 3.2 cause a traceback
CORE-1920 Bug: ECDSA ssh keys are not included in settings backup
CORE-2026 Task: Add an option to backup-restore for restoring only non-system-specific settings
CORE-2272 Bug: Factory reset is not complete
CORE-2307 Task: Rewrite scheduled backup GUI
CORE-2338 Task: Rewrite backup GUI
CORE-2343 Bug: Emi cannot delete backups
CORE-2357 Bug: Factory-default script use smart command
CORE-2359 Bug: Backup creation not enforcing our exclude list
CORE-2364 Task: Use bootstrap classes in backup GUI
CORE-2394 Improvement: Remove sleep usage in backup creation
CORE-2427 Improvement: Fix backup table visualization
CORE-2618 Bug: Scheduled backup gui does not work becase loadConfig is not defined
CORE-2647 Task: Add wizard restore backup GUI
CORE-2678 Bug: Fix backup wrong FileUpload component
CORE-2821 Bug: Update backup GUI and replace old slider buttons
CORE-2976 Improvement: Backup GUI: add confirmation for backup deletion
CORE-3037 Improvement: wrong options order in tar invocation
CORE-3155 New Feature: Implement pre and post hooks (run-parts) in
CORE-3255 Improvement: Add spinner inside create backup button
CORE-3360 Bug: Factory default doesn't clean openvpnclients correctly
CORE-3652 Bug: Backup restore during wizard do not works
CORE-3657 Bug: Backup hardware data are not backed-up
CORE-3709 Bug: Backup: No user feedback while restoring a backup
CORE-3786 Bug: Large backups cannot be downloaded on 32bit appliances
CORE-3795 Improvement: Backup: Missing validator for options
CORE-3930 Task: Custom repo files are not deleted by factory default
CORE-4018 Bug: Factory default does not reset hostname
CORE-4042 Task: Technical documentation of backup settings
CORE-4070 Bug: Cannot create backup if the remark field contains only integers
CORE-4083 Bug: Database from backup file is not restored
CORE-4509 Bug: Scheduled automatic backup timer not saved after reboot
CORE-4828 Bug: After factory reset ha settings are still present
CORE-4833 Bug: HTTP/SMTP specific formatting from eos-5 backup breaks API settings read on eos-6

Core Base system

CORE-1309 Task: Enable OpenSSH by default
CORE-1340 Task: Add default Vim configuration
CORE-1353 Task: Add default pythonrc
CORE-1362 Task: Allow wildcards hostname in Dnsmasq configuration
CORE-1368 Bug: Replace deprecated Perl calls
CORE-1370 Improvement: Add netwizard to the console menu
CORE-1388 Task: Add reboot and shutdown functions in job base
CORE-1468 Bug: Fix sshd reload call
CORE-1509 Improvement: Ability to set a custom Diffie-Hellman group for Apache
CORE-1546 Task: Remove obsolete ipcopdeath, ipcoprebirth, and iowrap scripts
CORE-1569 New Feature: Integrate ModemManager
CORE-1582 Task: Display GREEN zone, uplinks, ports status on console
CORE-1585 Improvement: Update ciphers in ssh_config
CORE-1777 Task: Allow SSH client to pass locale environment variables
CORE-1797 Task: Optimize firewall restart criteria on boot
CORE-1800 Bug: No monit socket before first netwizard
CORE-1833 Improvement: Disable OpenSSH port 222
CORE-1927 Task: Add efw-shell config command for managing configuration revisions with git
CORE-1961 Task: Package the latest version of jQuery
CORE-1965 Task: Do not redefine open in some endian-core modules
CORE-1975 Task: Fix certificate creation at first boot
CORE-1985 Bug: Wrong ownership on paths created by new filetools.makedirs methods
CORE-1988 Task: Allow configuring several SSH daemon options
CORE-2002 Task: Disable colors in shell commands while piping or redirecting output
CORE-2019 Task: Do not delete the wtmp file on reboot
CORE-2059 Task: Implement Endian Bus (Internal IPC bus)
CORE-2125 Task: Add docker package
CORE-2176 Bug: Wrong default PATH in /etc/init.d/functions
CORE-2179 Task: Introduce Python bleach for UTM
CORE-2204 Improvement: Improve the datasource command allowing changing settings values
CORE-2207 Task: Make console menu configurable
CORE-2260 Improvement: Add CLI notification when a reboot is required
CORE-2266 Task: Update efw-shell
CORE-2309 Task: Update misc-progs
CORE-2398 Bug: Broken require in first wizard
CORE-2417 Improvement: do not define statically countries
CORE-2492 Task: Remove obsolete/unused code from endian-core
CORE-2498 Improvement: Remove obsolete substitutors
CORE-2502 Task: Move led and cpu from endian.core to endian.system
CORE-2507 Bug: Fix various import and templates
CORE-2513 Task: Create module for the upstream proxy
CORE-2520 Improvement: Refactor uplinksdaemon imports and functions
CORE-2522 Task: Don't cache the get_version response
CORE-2524 Improvement: usb-modeswitch is compiled without systemd support
CORE-2622 Improvement: Yocto 2.4: Fix serial-getty efw-console
CORE-2624 Improvement: Yocto 2.4: redis permission denied on /var/log/redis
CORE-2626 Bug: led-control unit fails
CORE-2635 Improvement: get rid of businfotab
CORE-2713 Improvement: Yocto 2.4: convert scripts timers
CORE-2715 Task: Remove obsolete options in ssh_config
CORE-2723 Improvement: Yocto 2.4: traceback in openvpnserver
CORE-2745 Improvement: Move ethconfig into efw-network
CORE-2747 Improvement: yocto 2.4: Cleanup OpenSSL
CORE-2760 Bug: Disable weak MACs on OpenSSH
CORE-2774 Improvement: Upgrade modemmanager
CORE-2776 Improvement: Completely remove businfotab
CORE-2788 Improvement: Refactor zones code
CORE-2793 Task: Remove last turbogears imports
CORE-2800 Bug: Fix zone code
CORE-2802 Bug: dhcp restartscript fails with a traceback
CORE-2805 Bug: Typo in netwizard
CORE-2997 Bug: Fix documentation url retrieving on version transition
CORE-3013 Improvement: Prevent system reboot during system upgrade
CORE-3019 Improvement: Remove OOM adjust hack from ssh restartscript
CORE-3023 Improvement: remove efw-monit from src-manifest
CORE-3024 Improvement: Remove modules job
CORE-3031 Improvement: Compile python cryptography with pthread lib
CORE-3034 Improvement: yocto 2.5: Convert timers (phase 2)
CORE-3039 Improvement: Add a systemd unit that cleans generated config files at startup
CORE-3041 Improvement: Cleanup config files at startup
CORE-3058 Improvement: Rework timers and units
CORE-3072 Improvement: refactor cleanup scripts
CORE-3075 New Feature: add rng-tools package as base dependency
CORE-3077 Improvement: review cleanup of jobs and units
CORE-3079 Improvement: Rework systemd and endian-system class
CORE-3087 Improvement: remove pkg_resources namespace declaring
CORE-3089 Improvement: Fix efw-shell wrong color representation
CORE-3091 Improvement: grub: cleanup bbappend
CORE-3095 Improvement: remove libsmooth dependency
CORE-3097 Improvement: update grub doesn't check for Image kernel format
CORE-3102 Improvement: Get rid of PyCrypto
CORE-3110 Improvement: Upgrade kernel, networkmanager, modemmanager
CORE-3112 New Feature: remove VERSION from source makefile
CORE-3115 Improvement: emi rpm scriptlet fails with code 3
CORE-3116 Improvement: modemmanager: package json serviceproviders
CORE-3126 Improvement: remove tmpwatch
CORE-3139 Bug: Fix samba SRC_URI
CORE-3141 Improvement: pycountry: split locales
CORE-3149 Improvement: add inhibited flags to timers
CORE-3150 Improvement: move unattended into its own systemd service unit
CORE-3207 Improvement: Remove Locale ACCEPTENV from SSH server
CORE-3250 Bug: RRD Graphs doesn't work
CORE-3267 Bug: 4i-edge-x: collectd doesn't start
CORE-3296 Improvement: Cleanup duplicated functions get_uplinks
CORE-3327 Bug: collectd fills all tmp space if using docker and a lot of interfaces and disks
CORE-3341 Bug: collecd: missing interface plugin loading
CORE-3353 Bug: Network settings not applied correcty due to missing settings.old files
CORE-3370 Bug: YamlConfigFile may return items with wrong order
CORE-3374 Bug: Reorder openssl methods and fix parameters order
CORE-3377 Bug: Fix various efw-networkd bugs
CORE-3385 Bug: ca-certificates wrong certs.pem link for ssl 1.1
CORE-3387 Improvement: collectd: ignore /var/lib/docker
CORE-3451 Bug: LVM: upgrade to 2.03.02
CORE-3465 Improvement: Implement led/beep server
CORE-3473 Improvement: Get rid of last led/beep direct calls
CORE-3530 Improvement: Various Firewall and Network refactoring
CORE-3546 Bug: Upstream proxy options are not updated
CORE-3570 Bug: System registration does not set the wizard state to DONE
CORE-3582 Improvement: Uplinks: cleanup networkmanager connections at startup
CORE-3592 Improvement: Remove duplicated qos restartscript
CORE-3597 Improvement: Add dmi bios nvstorage driver
CORE-3607 Improvement: add template for /etc/resolv.conf
CORE-3613 Improvement: Get rid of get_ethernet_nics and refactor wizard
CORE-3619 Improvement: efw-networkd: replace async loop with glibcoro
CORE-3620 Improvement: refactor firewall and change template engine
CORE-3632 Improvement: Remove unnecessary import of FormEncode
CORE-3647 Bug: wrong subprocess import in getstatusoutput call
CORE-3656 Bug: Routing: Source type is not displayed while editing a rule
CORE-3690 Bug: Wrong help links in new section System > Settings
CORE-3695 Bug: Certificate cache is not instantiated with nobody:nogroup as owner
CORE-3708 Bug: Udev triggers for usbstick are not working
CORE-3756 Task: Optimize imports of to_bool function.
CORE-3774 Bug: No service creates default certificate
CORE-3780 Bug: Some unit doesn't have the restarts
CORE-3782 Bug: License proposed before the wizard
CORE-3798 Task: Update OpenSSH to 8.0p1
CORE-3863 Bug: missing dhcp-server-config after no recommendation fix
CORE-3866 Bug: Avoid sdcard mounting as a usb key device on 4i-edge-x
CORE-3874 Improvement: Review 4i-edge-x LEDS behaviour
CORE-3882 Bug: Missing dependency on python-requests
CORE-3897 Task: Remove redundant implementation of XMLRPCClient
CORE-3937 New Feature: Introduce SIM PIN unlock on ModemManager
CORE-3953 Task: Remove outdated cgi pages and menu
CORE-3962 Bug: Conntrack not cleaned when uplink disconnect multiple times
CORE-3988 Bug: Remove legacy ordered_dict file that is raising a warning
CORE-3995 Improvement: add test-requirements.txt to endian-core
CORE-4015 Bug: Syslog's log not availble from Status > Services
CORE-4022 Bug: Avoid packaging ssh and sshd default config files
CORE-4052 Task: Migrate docstrings in epydoc syntax to sphinx
CORE-4055 Task: Write unit tests for validator classes in src-endian-core
CORE-4077 Bug: Restore ObjectId validator
CORE-4088 Task: Convert as many existing possible tests to pytest
CORE-4096 Task: Increase unit tests code coverage
CORE-4102 Bug: Fix broken unit tests in src-endian-core
CORE-4115 Task: Test datasource for injections
CORE-4123 Task: Fix warning on non registered pytest markers
CORE-4130 Task: Use pyfakefs on all unit tests
CORE-4134 Bug: Settings file container dosn't allow writing of some licit values
CORE-4141 Bug: Connections summary breaks if any OpenVPN client g2g is present
CORE-4155 Task: Improve unit testing
CORE-4185 Bug: Port validators accept invalid input
CORE-4218 Bug: Delay import of paramiko to avoid blocking on get_random at boot
CORE-4242 Bug: Notification icon does not show collapsed notifications
CORE-4295 Improvement: Verify all links from the GUI to the contextual help
CORE-4309 Bug: Starting OpenVPN server using weak signature algorithm on host cert should fail
CORE-4314 Bug: OpenVPN gw2gw does not allow PKCS12 import
CORE-4330 Bug: Upgrade to OpenVPN 2.4.9 breaks existing connections if authentication is based on certificates without key usage extension
CORE-4343 Bug: Body of HA notification mails are sent as attachments
CORE-4383 Improvement: Make CTRL + left and right arrow work in CLI
CORE-4420 Bug: Datasource to annotate needreload jobs are in /tmp
CORE-4447 Task: Update python uvicorn to 0.13.1
CORE-4451 Bug: VPN gw2gw breaks if a white space is present in the name
CORE-4476 Task: Move python3 datasource in eos.core module
CORE-4484 Bug: show status command shows wrong version
CORE-4488 Bug: Missing file in python3 core package
CORE-4491 New Feature: Create a datasource_apply script and document it.
CORE-4499 Improvement: Fix python modules permissions
CORE-4526 Improvement: Fix logging of gunicorn daemon
CORE-4543 Improvement: New Webconsole
CORE-4568 Task: Package redis configuration for emi visits caching
CORE-4576 Bug: Fix redis tmpfiles creation
CORE-4584 Improvement: Multiple Zones support
CORE-4613 New Feature: Define Base services and models for API
CORE-4616 New Feature: Create YAML backend for API
CORE-4637 Bug: Missing makefile in eos-app-network
CORE-4642 New Feature: Web login
CORE-4648 Improvement: Web Login fix logos and backrounds
CORE-4654 Bug: Missing dependency in eos-api
CORE-4670 Task: Migrate efw-redirect from DataSource to SettingsFile
CORE-4674 Improvement: Create python3 async DBusService
CORE-4680 Task: Implement query usage on YAMLEngine for new API backend
CORE-4687 Bug: python-certifi should read system CA bundle
CORE-4695 Bug: toscawidgets calls a useless time consuming logging function
CORE-4715 Bug: API: apiserver app list doesn't work
CORE-4751 Bug: eos-api requires restart of httpd in postinst
CORE-4758 Improvement: Rearrange menus and add dashboard top level menu
CORE-4769 New Feature: Create inadyn and libconfuse packages
CORE-4771 New Feature: Backend API for Dynamic DNS
CORE-4772 New Feature: Frontend for Dynamic DNS
CORE-4788 Task: Remove bpf type disk from get_disks output
CORE-4800 Bug: Fix unit tests on src-eos-app-network
CORE-4817 Bug: systemctl condrestart commands hangs at boot
CORE-4834 Bug: inadyn remains stopped if configuration is wrong
CORE-4837 Bug: Make dnf upgrade more error prone
CORE-4854 Improvement: Multiple low priority little improvements
CORE-4873 Improvement: openssl: upgrade to 1.1.1q
CORE-4881 Task: Fix eos-core unittests

Core Bootloader

CORE-3481 Bug: grub reinstall removes /etc/default/grub

Core Dashboard

CORE-1526 Bug: Mountpoints are shown on "Hardware information" in dashboard page
CORE-1753 Improvement: Remove Status column from Dashboard Network Interfaces plugin
CORE-1814 Improvement: Show in dashboard if signatures download is disabled by an uplink configuration
CORE-1908 Improvement: Mechanism to notify users about a required reboot
CORE-2244 Bug: DashBoardConfig object has no attribute copy
CORE-2373 Task: Use bootstrap classes in dashboard
CORE-2989 Improvement: Limit raw size while displaying firewall rules
CORE-3127 Bug: CPU load indicator in dashboard is missing
CORE-3220 Bug: Network objects that contain multiple subnets are shown inline
CORE-3666 Improvement: Unsecure password for SSH and GUI
CORE-3827 Bug: Network graphs does not show data any data
CORE-3856 Bug: WiFi rescan does not work in Uplink manager
CORE-4361 Bug: Reintroduce the checkbox to disable and enable uplinks from dashboard
CORE-4426 Improvement: fuse connections should be removed from disks

Core Documentation

CORE-4139 Task: Wrong documentation about CONFIG_TYPE option in ethernet settings
CORE-4503 Task: Fix documentation errors

Core EMI

CORE-1403 Task: Rewrite shutdown and gui settings in emi
CORE-1446 Bug: Restrictions ignored when EMI is stopped
CORE-1497 Bug: Non-ASCII subject of mails in quarantine are not displayed correctly
CORE-1650 New Feature: Tag packets by setting TOS/DSCP bits
CORE-1670 Task: Add endian.platform.nvstorage module for ARM platform
CORE-1762 Bug: Disabling the first tab with guiprofile also removes menu item
CORE-1768 Bug: Allow web console to run with non root user
CORE-1830 Task: Add require.js and other JavaScript libraries
CORE-1845 Bug: Proxy HTTP button incorrectly displayed on some products
CORE-1860 Bug: Impossibility to accept license agreement with emi no root
CORE-1867 Bug: Traceback on httpd job on start
CORE-1973 Bug: Additional gui users cannot access to emi webpages
CORE-2012 Bug: Wrong ownership for emi cachestorage file
CORE-2031 Improvement: Add JSON payload support for EMI commands
CORE-2041 Task: Show hooks in datasource command output
CORE-2047 Task: Update JQuery DataTables
CORE-2071 Improvement: Start emi/acpid/ulog before the netwizard
CORE-2111 Improvement: GUI to manage web users
CORE-2130 Bug: text.js is wrongly packaged as require-text.js
CORE-2133 Improvement: Register emi commands with a decorator
CORE-2188 Task: Add new stylesheets and icons (Bootstrap)
CORE-2198 Task: Encrypt PersistentDict with AES
CORE-2201 Bug: JSON EMI command parameter parsing is broken
CORE-2237 Task: NetworkAddress validator optionally calculate network addresses
CORE-2289 Task: Create a function for getting running services
CORE-2311 Task: Remove TurboGears dependency for EMI
CORE-2345 Task: Network status GUI
CORE-2355 Task: Minify some CSS
CORE-2370 Improvement: Add missing ssh password page on new menu
CORE-2374 Improvement: Gui layout improvements
CORE-2382 Improvement: Add modal to shutdown-reboot page
CORE-2386 Bug: Convert Vue components .js into .vue
CORE-2408 Task: Add endian.core.needreload module
CORE-2420 Task: Adjust lables and menu structure
CORE-2436 Task: Replace Perl menu with JavaScript menu
CORE-2462 Task: Fix standalone template with new GUI stylesheets and js
CORE-2473 Task: Restart Apache after certificate renew
CORE-2496 Task: Create IPRange validator
CORE-2510 Task: Install 2048
CORE-2527 Task: Add bootstrap 4 libs and SASS customizations
CORE-2545 Task: Add ES6-style Promises polyfill library
CORE-2547 Task: Replace Q.js with ES6 Promises
CORE-2549 Bug: Fix efw-snmp recipe
CORE-2552 Task: Fix js-es6-promise recipe
CORE-2565 Task: Replace Q.js with ES6 Promises
CORE-2575 Task: Remove obsolete style.css and gallery widget
CORE-2585 Bug: Fix Web Console style
CORE-2589 Task: Add Trafic Graphs page
CORE-2606 Bug: Fix emi manifest files on bridge appliance
CORE-2609 Improvement: Add an option to GUI setting for the Management GUI HTTPS certificate
CORE-2640 Task: Upgrade VueJS to v2.5.16
CORE-2656 Task: Fix password-with-strength component
CORE-2676 Bug: Missing perl module dependency on template expr
CORE-2797 Task: Cleanup old interface editor CGI and js
CORE-2807 Bug: Remove ipv4-fqdn-field from uplink required components
CORE-2819 Bug: emi-select component not working when multiple option is used
CORE-2823 Improvement: Update slider buttons on various GUI
CORE-2854 Bug: SettingsFile broken
CORE-2888 Task: Create a generic REST controller for logs
CORE-2891 Task: Logs: add a REST controller for log tables
CORE-2894 Task: Add vue2-datatable-component
CORE-2896 Task: Logs: add new firewall log page
CORE-2960 Bug: Cannot generate a certificate on the Management GUI
CORE-2974 Bug: GUI: add confirmation for rule deletion
CORE-2979 Bug: GUI: after change settings page shoud move on the apply button
CORE-3085 Bug: Avoid emitting event on labelled button initialization
CORE-3104 Bug: RestGridController does not accept arrays in query strings
CORE-3114 Bug: RestController validator overwrite not updated fields whith default values
CORE-3118 Bug: RestController POST does not return created object
CORE-3130 New Feature: Add custom template support to emi-select
CORE-3132 Bug: Fix emi-input-checkbox double click
CORE-3143 New Feature: add ability to deselect items in emi-select
CORE-3145 Bug: fix remove bug on emi-select
CORE-3179 Improvement: Substitute Kendo Grids with Vue Datatables
CORE-3205 Improvement: Substitute switch buttons with Vue toggle component
CORE-3210 New Feature: Add endian loader
CORE-3212 Task: Move ssh password menu under system - ssh access
CORE-3213 Improvement: Substitute Drag & Drop widget with Vue component in VPN Users
CORE-3219 Task: Uniform alerts on switch button
CORE-3225 New Feature: add emi-textbox
CORE-3227 Improvement: Avoid restart of apache2 on emi postinst
CORE-3228 Bug: GUI: add indication for firewall time base rule in firewall pages
CORE-3239 Task: Substitute default checkboxes with left inline checkboxes
CORE-3240 Improvement: Substitute GUI panels with a basic Vue component
CORE-3253 Task: Uniform actions icons
CORE-3261 Improvement: labelled switch componnent improvement
CORE-3285 Bug: Correctly align switch buttons on vue GUI
CORE-3302 Bug: Blacklisted url are not hidden from EMI menu
CORE-3316 Bug: EMI path access control do not work
CORE-3326 Bug: if multiple grid instances are on the same page data is not fetched correctly
CORE-3335 Task: Create tab switcher Vue component
CORE-3338 Task: Remove bootstrap 4 libs and SASS customizations
CORE-3342 Bug: Logout button not working
CORE-3364 Task: Set automatic copyright date change in the footer
CORE-3365 Improvement: Adjust the side menu and top bar as indicated by the desing language
CORE-3379 Bug: Align core and components css with their minified versions
CORE-3383 Bug: Fix broken labelled switch button
CORE-3389 Improvement: disable responsive content centering
CORE-3399 Improvement: Add new menu arrow, burger, and endian logo images
CORE-3400 Bug: GUI: invert subnet mask list order
CORE-3404 Bug: fix horizontal scrollbar
CORE-3407 Bug: Fix emi-grid action URL templating
CORE-3409 Bug: Add a global bus to capture emi-select component events from old jQuery code
CORE-3536 Bug: EMI memory leak while saving a firewall rule
CORE-3543 Task: Remove Kendo libs imports from SettingsEditor
CORE-3665 Bug: GUI shows wrong logged user
CORE-3671 Bug: GUI: Adding parameters IPsec IKE sections causes the parameters to pop out from the box
CORE-3704 Improvement: align toggle with design language
CORE-3716 Task: Fix color visualization of L2TP or VPN items in firewall rules
CORE-3800 Bug: Uploading a CA certificate breaks emi cacerts cache
CORE-3802 Bug: GUI settings: cannot remove digest-md5 from outgoing mail settings
CORE-3804 Bug: GUI settings: cannot setup and send email through gmail in outgoing mail settings
CORE-3807 Bug: GUI settings: Management interface certificate keep asking for apply the configuration changes
CORE-3809 Bug: GUI settings: Upstream proxy password with special chararacters breaks en-client
CORE-3831 Bug: Collection of typos on GUI
CORE-3851 Bug: Limit to specific Groups widget in authentication server configuration page
CORE-3890 Task: Add vue-color 2.7.0 component
CORE-3901 Improvement: Fix side menu colors
CORE-3910 Task: Remove unused CSS rules from components.css
CORE-3924 Improvement: Remove button style from vue grid refresh action
CORE-3959 Bug: Wrong redirection if update is in progress
CORE-3972 Task: Disable VueJS development mode
CORE-3975 Task: Update VueJS to version 2.6.10
CORE-3983 Task: Move RequireJS BaseURL configuration into the header
CORE-4003 Bug: Fix emi Traceback error when deleting cookie
CORE-4029 Bug: Services status page accordions overflow horizontally
CORE-4062 Bug: Dashboard Help link points to wrong page
CORE-4085 Task: Inconsistent text and label in docker traffic
CORE-4254 Improvement: We should display just MemTotal and MemAvailable to avoid confusion
CORE-4319 Bug: Default Certificate key size should be 2048
CORE-4332 Improvement: Show MB and percentage for the RAM usage instead of Gigabytes
CORE-4351 Bug: Services and Proxy shouldn't be clickable in path bar otherwise a 404 will be generated
CORE-4409 Bug: Wrong version shown in GUI footer. Emi do not restart if forced
CORE-4417 Bug: Wrong version shown in several places
CORE-4442 Bug: Escape output values in EMI templates to avoid XSS
CORE-4516 Improvement: Update redis and python-redis
CORE-4599 Improvement: Remove visit debug log from emi
CORE-4602 Bug: redis cache for emi doesn't start at first boot
CORE-4644 Bug: If OpenVPN server instance "bridged" checkbox is unchecked it cannot be checked
CORE-4659 Bug: Basic auth comes back randomly if license is not accepted and if discarded it completely blocks access to the management interface
CORE-4709 Improvement: emi thread dies without informations
CORE-4805 Bug: Update process stuck because of emi logout
CORE-4851 Bug: Emi visits are not expiring

Core Event Notifications

CORE-1347 Bug: Raid events not detected
CORE-1411 Bug: Raid failing event not detected
CORE-1430 Improvement: Add SSL/TLS and STARTTLS support to email notifications
CORE-1726 Bug: Fix notifications functions update_patterndb
CORE-2051 Bug: openvpnclient events for tunnel opening and closing not triggered
CORE-3161 Bug: Openvpn login successful event doesn't match log pattern
CORE-3165 Bug: Openvpn logout event not matched with some special characters
CORE-3614 Bug: Event notifications: Is not possible to turn on or off the daemon
CORE-3956 Bug: Some notifications templates point to removed cgi url

Core Firewall

CORE-1624 Bug: VPN Firewall rules are not applied
CORE-1855 Bug: Conntrack connections table not cleaned after uplink failover
CORE-2222 Bug: Snort doesn't work when HTTP proxy is ON
CORE-2254 Improvement: Remove snort pid checking from queuefw rules
CORE-2392 Task: Rewrite routing GUI
CORE-2469 Bug: Incorrect broute rules added by default in bridged mode
CORE-2505 Bug: Fix firewall start
CORE-2533 Task: Add network objects (firewall object) support
CORE-2573 Task: Rewrite Firewall Diagrams page with Vue
CORE-2587 Bug: Traceback on queuefw job accessing rule.log attribute
CORE-2602 Bug: Implicit dependencies on firewall jobs on bridge appliance
CORE-2725 Bug: Traceback on firewall rules templates using time
CORE-2791 Improvement: Add snmp module to helper settings
CORE-2864 Bug: Cannot edit previously created Inter-Zone traffic rule on master
CORE-2920 Bug: Traceback in setrouting restart
CORE-2937 Bug: Firewall services are not sorted in alphabetical order
CORE-2972 Bug: Deleted network object in use are not removed in ipset
CORE-2973 Bug: Restarting ipset with --debug doesn't produce any output
CORE-2988 Bug: Network Object and Network/IP field EMI have an high CPU usage
CORE-3167 Epic: Firewall optimizations
CORE-3182 Bug: Outgoing firewall rules applied also when firewall is disabled
CORE-3189 Bug: Ipset wrongly applied to dnat target option --to-destination
CORE-3191 Bug: ipset name hashing must sort elements
CORE-3199 Bug: Firewall rules with "ANY" as src_dev not applied due to substitution error
CORE-3201 Bug: Jobsengine log has many validation errors loading firewall rules
CORE-3235 Bug: Correctly raise exceptions in firewall substitutors
CORE-3236 Improvement: Create ipset sets with an identifiable name
CORE-3259 Bug: Fix firewall execution and restart
CORE-3269 Bug: Prevent VPN_AS chain flushing
CORE-3273 Improvement: Add shared substitutors cache to firewall plugins
CORE-3275 Bug: Xtaccess rules substitutors are not applied correctly
CORE-3277 Improvement: Use a single istance of UplinksHelper for all fw substitutors
CORE-3280 Improvement: Applying firewall rules must handle rule errors
CORE-3282 Bug: Proxyinout traceback due to invalid substitutors usage
CORE-3311 Bug: Firewall traceback when using a wi-fi uplink
CORE-3345 Bug: efw-networkd: continue applying firewall plugins if some fails
CORE-3358 Bug: Fix rule parsing in firewall restore command
CORE-3366 Bug: Reintroduce source nat functionality to uplink
CORE-3368 Bug: Uniform substitutors return values
CORE-3426 Bug: In Outgoing firewall is not possible to choose RED or Uplink as destination
CORE-3428 Bug: Outgoing firewall GUI allow to choose inactive interfaces
CORE-3429 Bug: Improve and fix rules validator error message
CORE-3430 Bug: Network Object and Network/IP field EMI have an high CPU usage
CORE-3433 Bug: Outgoing firewall GUI rules based on physical interface are displayed wrongly
CORE-3434 Bug: Firewall rules with logging enabled contains a wrong nflog-prefix
CORE-3436 Bug: Issues with deleted network objects
CORE-3439 Bug: Destination port label in outgoing firewall GUI misleading/incomplete
CORE-3447 Bug: Multiple Mac address non handled correctly on policy routing rules
CORE-3449 Improvement: Outgoing firewall rules with multiple mac address are not created with ipset
CORE-3472 Bug: In Outgoing firewall is not possible to choose a specific Uplink as destination
CORE-3494 Bug: Network objects widget for show/hide multiple subnets is not working properly and have a wrong colour
CORE-3511 Bug: After deleting a Network Object the corrispective ipset rule is not removed
CORE-3512 Bug: In Outgoing firewall is not possible save a rule with specific Uplink as destination
CORE-3521 Bug: Time based firewall rules are wrongly converted to UTC time
CORE-3522 Bug: Outgoing firewall GUI allow to insert invalid ICMP type
CORE-3537 Bug: VPN traffic: rules based on All OpenVPN Server are not displayed properly
CORE-3544 Bug: Dnat rules are not validated correctly
CORE-3559 Bug: Cannot delete uplink checkhosts
CORE-3564 Bug: VPN traffic: cannot choose a vpn instance or a vpn tunnel with the same name
CORE-3566 Bug: Cannot edit static uplink
CORE-3567 Bug: Port forwarding: Filter policy field should not be under "Access from"
CORE-3575 Bug: Port forwarding: Rules with allow from are wrong
CORE-3600 Improvement: Interface mark doesn't consider child interface (pppoe/modem)
CORE-3602 Bug: Outgoing firewall GUI display a truncated line in the last rule
CORE-3603 Improvement: Source NAT: expand to source address widget
CORE-3622 Bug: firewalld: fix snat plugin cache
CORE-3625 Bug: Outgoing firewall: Remarks for system rules are not displayed
CORE-3635 Improvement: Port forwarding: create rules with ipset while using multiple incoming ports
CORE-3644 Bug: No source nat rule for vpn client tunnel
CORE-3653 Bug: Routing: Cannot save rule with source MAC and destination port
CORE-3659 Bug: Some firewall substituors keep using local storage instead of cache
CORE-3668 Bug: Routing: Wrong label "to subnet" while choosing static gateway
CORE-3673 Bug: Port forwarding: Port in translate to field is displayed on a new line
CORE-3674 Bug: Routing: Route via uplink doesn't display the uplink name for main uplink
CORE-3675 Improvement: Routing: Move use backuplink checkbox next to the uplink list
CORE-3689 Bug: Substitutors error when using rules matching L2TPDEVICE:ALL
CORE-3692 Bug: Firewall tracebacks on custom SNAT rules
CORE-3706 Bug: Missing whitespace in dnat firewall rules template
CORE-3711 Bug: Firewall rules with network object are not displayed properly
CORE-3720 Bug: Port forwarding: Rules with allow from are not easy to understand
CORE-3724 Task: Invalid dnat rule due to broken template file
CORE-3743 Bug: Inter-Zone: Cannot edit default rules
CORE-3745 Bug: Source NAT: Rules with "No NAT" option are improperly displayed
CORE-3748 Bug: Port forwarding rules for L2TP are wrongly created
CORE-3750 Bug: Port Forward: Load Balancing rule are wrongly created if NAT policy is not specified
CORE-3760 Bug: Invalid snat rules for ipsec destination
CORE-3771 Bug: L2TP user disconnection doesn't trigger fw rules updates
CORE-3785 Bug: Time selector for firewall rules is wrongly shown
CORE-3836 Improvement: Remove duplicate substitutors definition
CORE-3940 Bug: Interface mark substitutor fails when use_backup is on
CORE-3943 Bug: Established connections on backup link stop working after main uplink comes back online
CORE-3966 Bug: Wrong match of ipset in ZONETRAFFIC rule allow unauthorized access
CORE-3968 Improvement: Firewall time based rules wrongly apply contiguous parameter
CORE-3980 Bug: Rules in CUSTOM chains are flushed by firewalljob restart and never restored
CORE-3996 Task: Create unit tests for firewall components
CORE-4033 Task: Create unit tests on firewall state
CORE-4047 Bug: Missing validator for firewall time based rules
CORE-4152 Bug: source addresses of xtaccess rules are not substituted with ipset
CORE-4158 Bug: DNAT dest interface not applied correctly
CORE-4172 Task: Increase firewall unit tests
CORE-4181 Bug: Fix firewall substitutors errors
CORE-4195 Bug: Firewall wrongly substitute a single subnet into an ipset
CORE-4285 Bug: Allow from field should show VPN tunnels as option
CORE-4340 Bug: New PROXYOUTGOINGFW drop traffic on http proxy port
CORE-4397 Bug: Vpnfw rule are not deleted right after the creation
CORE-4403 Improvement: DNAT GUI editor does not allow to specify a port forward from an OpenVPN server in tun mode
CORE-4424 Task: Improve unit-tests for OPENVPN user substitution
CORE-4537 New Feature: Geoip based firewall rules
CORE-4551 Improvement: Add conntrack and netlink support to netify
CORE-4558 Bug: Incoming routed traffic becomes unusable when using destination subnet
CORE-4561 Bug: Adding SMTP system rule in outgoing results in error due to space.
CORE-4564 Bug: ipset time restriction rules are not applied in outgoing firewall
CORE-4592 Bug: Typo in filename of /run/ip6tables_state
CORE-4594 Bug: Firewall rules are not applied in many circumstances if ipset is used
CORE-4699 Improvement: vpnfwdst chain is populated also if not used
CORE-4719 Bug: NAT VPN selector missing when creating a SNAT rule
CORE-4733 Task: Revert Priority for policy routing rules is not respected between fwmark and src-dst rules
CORE-4770 Bug: QoS gui on 6.x needs porting
CORE-4791 Task: Update xtables-addons-dbip release
CORE-4795 Bug: Substitutions failed are logged if outgoingfw is disabled
CORE-4798 Bug: Substitutions failed are logged if zonefw is disabled

Core Hardware support

CORE-2388 Improvement: The cdc_ether kernel module is missing in some utm appliances
CORE-2784 Improvement: Add kernel module rndis_host for LTE modem
CORE-3197 Improvement: 4i-edge-X: add hw support
CORE-3949 Bug: 4i-edge-x: stopping vpn via jobcontrol function call doesn't turn vpn len off
CORE-4245 Improvement: Add kernel module RTL8152/RTL8153

Core Installer

CORE-1380 Bug: 3.2 cannot be installed on vmware 5.5
CORE-2217 Bug: Enabling serial console in installer doesn't work

Core Jobsengine

CORE-1407 Bug: Fix wrong imports in endian.restartscripts.getblackholedns
CORE-1439 Bug: Signature updates may leave files in inconsistent state
CORE-1593 Task: Create a testing script for playing jobrequests
CORE-1604 Bug: Jobsengine unresponsive logging "Too many open files"
CORE-1655 New Feature: Disable signature updates for certain uplinks
CORE-1853 Bug: An invalid exit code in a Job action prevents successive Job execution
CORE-1963 Task: Move generic files functions from endian.job.commons to endian.core.filetools
CORE-2009 Task: Missing variables in endian.job.commons
CORE-2034 Bug: Stop deleting Jobsengine socket on exit
CORE-3083 Bug: Fix typo in jobsengine recipe
CORE-4209 Bug: Review updatewizard checks on HA status

Core Kernel

CORE-1678 Improvement: remove CPU core limit from kernel configuration
CORE-2056 Epic: Extend kernel 4.1 compatibility
CORE-2621 Improvement: Yocto 2.4: upgrade kernel to 4.14
CORE-2659 Improvement: Yocto 2.4: Reintroduce Huawei modem patch into kernel
CORE-2778 Improvement: Add possiblity to remove SIP netfilter kernel modules
CORE-2882 Improvement: Upgrade kernel to 4.14.74
CORE-3093 Improvement: and dracut don't check for Image kernel format
CORE-3204 Improvement: Kernel: Upgrade to 4.19
CORE-3438 Bug: Kernel upgrade leaves old initramfs
CORE-3482 Improvement: Create a new systemd unit to sync kernel timezone
CORE-4248 Improvement: Add NVMe support to kernel
CORE-4554 Bug: usb stick is no longer automounted
CORE-4704 Improvement: Upgrade kernel to 5.10 LTS
CORE-4876 Improvement: Upgrade kernel to 5.10.133

Core License

CORE-3314 Improvement: Fix license agreement
CORE-4668 Bug: Unaccepted license cause redirection loop

Core Logging & Monitoring

CORE-1488 Bug: Ulogd does not start on netwizard
CORE-1512 Bug: Ipsec logs not rotated due to missing folder in /var/log/archives
CORE-1540 Bug: syslog-ng runs in multiple instances
CORE-2084 Bug: HTTP Proxy logs not rotated
CORE-2147 Bug: Event reporting graphs not working
CORE-2250 Bug: AttributeError: MultiLineSysLogHandler object has no attribute formatException
CORE-2441 Bug: Add livelog menu item
CORE-2494 Bug: Review journald and logs
CORE-2516 Task: Fix import in Trusted Timestamping jobs and gui
CORE-2614 Task: Rewrite log settings GUI
CORE-2625 Improvement: Yocto 2.4: convert syslog reload calls from logrotate files
CORE-2709 Improvement: Yocto 2.4: Convert logrotate cron to systemd timer
CORE-2813 Bug: Fix logging menu
CORE-2870 Improvement: Verify journald - syslog-ng interaction and cleanup configuration
CORE-2902 Task: Logs: add new IDS log page
CORE-2908 Task: Logs: add new OpenVPN log page
CORE-2914 New Feature: Logs: add new OpenVPN server log page
CORE-2916 Improvement: Remove unused parameters from log settings GUI
CORE-2918 New Feature: Logs: add new system log page
CORE-2922 Bug: Sarg retention in monthly cron is not working
CORE-2924 New Feature: Logs: add new IPSec log page
CORE-2926 Bug: Fix OpenVPN and IPsec log controllers
CORE-2931 Task: Logs: add new ClamAV log page
CORE-2934 Bug: Logs: system logs page is not reachable
CORE-3043 Improvement: Refactor logrotate
CORE-3157 New Feature: Make snmp modular extendible
CORE-3264 Bug: efw-logrotate-generate-config script must exit if /etc/logrotate.conf cannot be created
CORE-3497 Bug: Wrong date in filename for archived logs
CORE-3531 Bug: Log calendar shows available days that do not contain logs
CORE-3574 Improvement: Implement new live log list page front-end
CORE-3617 Improvement: Implement log summary page in python
CORE-3777 Task: System logs improvements and fixes
CORE-4640 Bug: Warning syslog-ng configuration file format is too old
CORE-4782 Bug: HTTP proxy logs not shown in livelogs
CORE-4793 Task: Update live logs css
CORE-4811 Task: Improve live logs GUI experience

Core Menu

CORE-2275 New Feature: New emi menu
CORE-2443 Task: Remove perl menus
CORE-2611 Task: Remove wizard from system menu
CORE-2867 Bug: Page for change GUI password is missing
CORE-2981 Improvement: Wrong contextual help links for EasyVPN
CORE-3262 Improvement: Create global settings item in System menu

Core Network configuration

CORE-1344 Bug: Wrong businfotab for 3.0.5 on Macro 1000 and 2500
CORE-1358 Bug: Modify "Welcome to Endian Firewall" string in Network Wizard
CORE-1578 Task: Before the netwizard, activate the DHCP client on WAN interface
CORE-1658 Task: Add an option for enabling DHCP server on GREEN from the netwizard
CORE-1704 Improvement: Change order of uplinks type
CORE-1739 Bug: Modem Manager not working properly if language is different than english
CORE-1842 Task: Support Modem Manager uplink in textual netwizard
CORE-1924 Bug: Network Wizard from CLI cannot add multiple IPs on red interface
CORE-1930 Bug: Network interfaces change order
CORE-2298 Task: Textual netwizard should ask for root/admin password
CORE-2330 Bug: Remove emergency_fill_br0 from network restartscript
CORE-2405 Task: Create zones/VLANs configuration GUI
CORE-2432 Bug: Remove efw-network-status dependency
CORE-2434 Task: Create Bonding GUI
CORE-2480 Improvement: Remove modemmanager restartscript
CORE-2482 New Feature: Introduce NetworkManager dependency on efw-network
CORE-2633 Task: Fix proxy server authentication indentation
CORE-2645 Task: Backend APIs for uplink management
CORE-2650 Improvement: Bridge: Add test udev rules for pci ethernet
CORE-2707 Improvement: Fix uplink IP list component usability
CORE-2758 Task: GUI for ethernet DHCP and static uplink
CORE-2779 Task: GUI for mobile broadband uplink
CORE-2792 Task: Add to src-efw-interfaceeditor and fix the makefile
CORE-2795 Improvement: Add the possibility to change settings for uplinks already configured
CORE-2862 Bug: Add missing init
CORE-2873 Improvement: Introduce policy routing rules via VPN gw2gw tunnels
CORE-2983 Bug: fix invalid PV in efw-netwizard recipe
CORE-3068 Improvement: fix bondconfig script and covert into unit file
CORE-3171 Bug: Cannot use CIDR /32 or /31 for additional IP addresses
CORE-3195 Bug: Network Wizard from CLI displays main interface when vlans are in use
CORE-3217 Improvement: Change default BLUE and ORANGE bridge settings
CORE-3232 Bug: Connections not shown
CORE-3324 Bug: Missing column remark in host configuration
CORE-3348 Bug: Fix core calls to retrieve network devices
CORE-3372 Bug: Refactor network and bridges code
CORE-3381 Bug: efw-networkd: flush ip address if zone is disabled
CORE-3474 Bug: Netwizard: cannot configure appliance in bridged mode
CORE-3500 Improvement: VLAN is not shown in zones and interface page
CORE-3527 Bug: Interface editor does not show anything if files exist in /var/efw/uplinks
CORE-3539 Improvement: Refactor network configuration
CORE-3554 Improvement: Upgrade modemmanager and fix static modem bearer
CORE-3677 Bug: Uplinks: GUI and settings glitches
CORE-3679 Bug: Uplinks: cannot change modem provider
CORE-3768 Improvement: Disable beeps of ifplugd
CORE-3818 Bug: Commandline netwizard doesn't set password
CORE-3853 Bug: Interface selectors should show the port id
CORE-3868 Bug: No default route in bridged mode after efw-networkd restart
CORE-3876 Bug: Zones and Interface allows to insert a network or broadcast address for a zone
CORE-3894 Improvement: Avoid writing unused RED_BROADCAST and RED_NETADDRESS into datasource
CORE-3977 Bug: Uplink directory not deleted on uplink deletion from GUI
CORE-4065 Bug: Network status page shows only one IP for each device
CORE-4149 Task: Minimize bond and vlan reconfiguration changes
CORE-4178 Bug: Fix virtual appliances DHCP client on first boot
CORE-4232 Bug: Routing rules aren't correctly applied after uplinks goes online
CORE-4263 Bug: Impossible to set a second IP address of the same subnet
CORE-4276 Bug: Wi-Fi uplink initial scan is not executed because of an undefined variable
CORE-4353 Bug: Editing the green zone interfaces will remove the bridged uplink from the zone
CORE-4428 Improvement: Add the possibility to set custom DNS while configuring Wi-fi uplink in DHCP mode
CORE-4581 Bug: Priority for policy routing rules is not respected between fwmark and src-dst rules
CORE-4634 New Feature: Create network API to retrieve configured zone
CORE-4661 Bug: NetWizard configures in datasource all bridges also for custom zones
CORE-4721 Bug: docker0 bridge is missing after upgrade
CORE-4776 Bug: Restart network-awareness on uplinks address changes
CORE-4778 Bug: netifyd do not start if configured on a zone without IP assigned
CORE-4804 Task: remove stale efw-setddns service and timer
CORE-4836 Bug: Docker user-created network is not recreated at reboot
CORE-4841 Bug: efw-networkd should be able to increase log verbosity (debug)

Core Package management

CORE-1414 Bug: Rpm database rebuild procedure slow

Core Service Templates

CORE-1935 Improvement: Add custom configuration file for each OpenVPN client
CORE-3081 Improvement: Run createtemplates from a systemd unit

Core Setup Wizard

CORE-1311 Improvement: Force the BLUE zone to be configured
CORE-1336 Task: Add batch option to netwizard
CORE-2500 Bug: Netwizard ignores change on system access rules
CORE-2542 Task: Add Wi-Fi uplink back-end API
CORE-2553 Task: Add backup uplink back-end API
CORE-2556 Bug: Fix wizard skip step procedure
CORE-2558 Bug: Fix missing init and controller registration
CORE-2559 Task: Complete static, dhcp, and bridged mode GUI
CORE-2564 Task: Add registration step
CORE-2577 Bug: Interfaces are not written into bridge settings during the wizard apply
CORE-2593 Task: Add wizard claim GUI
CORE-2595 Bug: Fix wizard registration code validator
CORE-2603 Bug: Continue button is disabled in timezone step even if timezone is selected
CORE-2604 Bug: Search function is missing in the timezone select box
CORE-2616 Task: Add a common wizard step Vue component
CORE-2654 Bug: Fix missing uplink error in bridged mode
CORE-2657 Task: Create modem uplink GUI
CORE-2661 Bug: After wizard registration does not show connection errors
CORE-2666 Improvement: Refactor dhcp, static, bridged and no-uplink into wired component
CORE-2668 Task: Substitute accordion component with collapsable-panel
CORE-2670 Bug: User cannot change the inserted AC through wizard Plug and Connect
CORE-2674 Bug: Fix typo in endian-registration-form
CORE-2681 Bug: Set ENABLE_SSH to on instead of True
CORE-2690 Bug: Activation code is not shown during the wizard registration
CORE-2691 Task: Implement wizard uplink backup GUIs
CORE-2706 Improvement: port-select usability refactor
CORE-2757 Bug: Show no backup option in wizad backup uplink configuration
CORE-2780 Improvement: Modem component improvement
CORE-2782 Bug: Replace checkbox-styled and ipv4-fqdn-field with emi-input-checkbox and emi-input-remote
CORE-2798 Bug: emi-select doesn't deselect field
CORE-2803 Task: Wizard Wi-Fi GUI: add network list
CORE-2808 Task: Fix wizard language selection misalignment
CORE-2845 Bug: Add a final step apply to the wizard
CORE-2847 Task: Wizard Wi-Fi GUI: add configuration form
CORE-2850 Task: Add 5 Ghz wifi channels validator
CORE-2868 Task: Wizard WiFi GUI: implement BSSID selection
CORE-2871 Task: Show the wizard Menu step as a normal step
CORE-2877 Improvement: psk field show password
CORE-2880 Improvement: UI review
CORE-2886 Bug: emi-select default value
CORE-2900 Improvement: add image to language step
CORE-2904 Task: Zones setup step
CORE-2929 Task: Zones configuration step
CORE-2948 Bug: dhcp range is optional in zones configuration
CORE-2950 New Feature: Add Collector demo
CORE-2962 Bug: Fix validation error in wizard zone configuration
CORE-2968 Bug: Change zone-configuration wizard dependency into network-configuration
CORE-2999 Bug: Zone configuration validation deferal
CORE-3006 Task: Wizard modem configuration: add support for more than one technology per modem
CORE-3015 Task: Wizard Wi-Fi GUI usability fixes
CORE-3050 Bug: If uplink is not wired a missing uplink port validation error is returned
CORE-3053 Task: Move collector configuration step into efw-collector
CORE-3056 Task: If the appliance has two ethernet ports Zone Configurations shows a blank page
CORE-3066 Task: Refactor of Internet configuration step API
CORE-3069 Task: Add smarthost configuration back-end API
CORE-3283 Improvement: Add configuration for smarthost and notification mails settings
CORE-3294 Bug: auth method in smarthost configuration should be multi-selectable
CORE-3317 Improvement: Wizard password step allow changing the password without its confirmation
CORE-3321 Bug: Wi-fi SSID list accordions open and close inconsistently
CORE-3332 Improvement: add new loader to wizard
CORE-3339 Bug: Wizard does not set the Time Zone in time.settings
CORE-3352 Bug: Wizard language is importing missing GuiController
CORE-3354 Task: Add MAC spoof in Internet configuration
CORE-3453 Bug: KeyError: 'CHECKHOSTS' during netwizard
CORE-3454 Bug: Netwizard: wrong procedure for bridged mode
CORE-3460 Bug: Netwizard: cannot complete wizard while in no uplink mode
CORE-3464 Bug: Netwizard: wrong DHCP range error messages are not shown
CORE-3466 Bug: Netwizard: cannot configure and complete the procedure while Wi-Fi uplink as backup uplink is choosen
CORE-3483 Bug: Netwizard: No user feedback while importing a backup
CORE-3492 Bug: Netwizard: blank page after first configuration
CORE-3498 Bug: Netwizard: Outgoing Mail Server textbox are not properly alligned
CORE-3510 Bug: Netwizard: if network mode or internet connection type is changed the previous configuration is shown
CORE-3549 Bug: Netwizard: Service and License Agreement can be skipped
CORE-3556 Bug: Netwizard: default subnets are missing
CORE-3594 Bug: Netwizard: restore backup is called asyncronously
CORE-3596 Bug: Modem configuration does not save parameters of the apn wizard
CORE-3633 Bug: Netwizard: the word "bridged" doesn't have capital letter
CORE-3670 Task: Add new Edge X wizard image
CORE-3684 Task: Disable email/username/password autocomplete in the wizard
CORE-3685 Task: Wizard: add ID to all input elements to facilitate automatic testing
CORE-3714 Task: Netwizard: select is shown wrongly
CORE-3721 Task: Redirect wizard URL when wizard is completed
CORE-3722 Bug: Netwizard: Country field is not properly alligned in registration form
CORE-3728 Task: Add a setting to allow wizard access without basic auth
CORE-3740 Task: Netwizard: emi-select are shown wrongly
CORE-3753 Bug: Netwizard: wrong redirect after last step post
CORE-3870 Task: Fix wizard labels, texts, and input placeholders
CORE-4008 Bug: Wizard P&C: after the network configuration it is not possible to continue
CORE-4068 Bug: Wizard shows a blank registration page with multiple IPs assigned on GREEN
CORE-4235 Bug: Interface labels are not shown in wizard
CORE-4454 Bug: Network configuration wizard with Wifi uplink in DHCP does not set optional flag to DNS settings correctly
CORE-4780 Task: Disable language selection from wizard

Core System status

CORE-2292 Task: Rewrite System status information GUI
CORE-2579 Task: Create Services Status page
CORE-2581 Bug: Add missing collected patch for graph title
CORE-2583 Task: Add System Graphs page
CORE-3729 Bug: Connection status items are not coloured
CORE-3747 Bug: System and traffic graphs are displayed shrinked

Core Time

CORE-1297 Improvement: Introduce UTC and GMT timezones
CORE-2390 Task: Rewrite NTP GUI

Core Traffic monitoring

CORE-4531 New Feature: Create efw-network-awareness package
CORE-4610 Improvement: Improve restart script of network-awareness
CORE-4691 Task: Add export_json option to netifyd
CORE-4766 Bug: Fix netifyd recipes

Core Translations

CORE-1350 Task: Update translations
CORE-1699 Task: Update 5.0 translations
CORE-1772 Task: Update 5.0 translations
CORE-3299 Task: Change of language must apply the language on GUI
CORE-3356 Bug: Italian misleading translation of Snort GUI actions

Core Update procedure

CORE-2227 Bug: Autoupdate script not linked after netwizard
CORE-3842 Bug: Wrong parsing of updates prevents to update the system
CORE-3860 Bug: Use absolute paths in rpm transaction runpart scripts
CORE-4822 Improvement: Add API for upgrade progress feedback
CORE-4856 Bug: Dnf doesn't load .pyc plugins
CORE-4858 Bug: Progress file must be updated atomically

Core Uplinksdaemon

CORE-1709 Improvement: Uplink GUI string changes
CORE-2423 Task: Fix uplinksdaemon stop_uplinks
CORE-2786 Improvement: Cleanup modem cgi and js
CORE-3337 Bug: Static uplinks has a wrong broadcast and netaddress
CORE-3435 Bug: Cannot configure eth2 as Uplink interface from /manage/uplinks/ on Edge X
CORE-3437 Bug: Cannot configure a PPPoE Uplink from /manage/uplinks/
CORE-3503 Bug: Cannot edit uplink checkhosts
CORE-3520 Bug: Cannot edit static uplink
CORE-3568 Bug: Usability: It's not simple to add more than one checkhost
CORE-3577 Improvement: Uplinks settings are not applied after wizard
CORE-3580 Improvement: Upgrade mobile broadband info to 20190618
CORE-3598 Bug: Cannot change Wi-Fi uplink password
CORE-3681 Bug: Remove uplinksdaemon triggers for qos
CORE-3849 Bug: IP address and subnet assigned to physical interface with PPPoE uplink is currently used by Cloudflare
CORE-3905 Improvement: Add ability to insert SIM PIN Code
CORE-3907 Bug: Uplink PPPoE: No user feedback for mandatory fields
CORE-3946 New Feature: 4i-edge-x: add uplink led behaviour
CORE-4036 Bug: Wrong label on uplink selector for VLAN interfaces
CORE-4039 Bug: uplinksdaemonjob offline function Traceback due to missing runpart folder
CORE-4045 Bug: uplinksdaemon is not triggered if wifi connection is lost
CORE-4221 Improvement: Change Uplinkdsaemon killmode to process
CORE-4228 Bug: Main uplink default config must be created only if it doesn't exists
CORE-4301 Bug: RED_DEV parameters is not saved when changing the uplink type
CORE-4814 Bug: PPPoE Interface doesn't reconnect

Core Web server

CORE-1524 Task: Improve ciphers used by Apache
CORE-1533 Bug: Apache job fail to start due to missing certificate
CORE-1590 Improvement: Improve encryption and key length for httpd service
CORE-1821 Task: Serve the source Javascript instead of the minified if the source is available
CORE-2220 Task: Add SSLStrictSNIVHostCheck off to httpd configuration
CORE-2567 Bug: Gui Internal Server Error due to missing file
CORE-2683 Bug: 3DES ciphers used on apache are vulnerable to SWEET32
CORE-3588 Improvement: Change httpd lib module path
CORE-3737 Bug: Apache children crash in mod_xml2enc due to cgi page not handling post content
CORE-3914 Bug: Disable TRACE and TRACK method from apache
CORE-3918 Bug: Suppress log unable to link apache config on wrong item
CORE-4305 Bug: Limit GUI self-signed certificate lifetime to 825 days
CORE-4312 Bug: Meet OSX Catalina requirements for Self Signed certificates
CORE-4327 Improvement: remove default-site from apache package
CORE-4463 Bug: CherryPy SimpleCookie renders with \r
CORE-4665 Improvement: Return correct mime type for .vue files

Firewall Community Community packages

COMMUNITY-157 Bug: urlfilter job can't decompress the downloaded file
COMMUNITY-224 Bug: Event notifications edit not working on Community

Firewall Community Registration

COMMUNITY-222 New Feature: Force community registration
COMMUNITY-314 Improvement: Trivial error on registration form

Frontend base

FE-32 Bug: Login screen shown when opening the proxy GUI from switchboard portal
FE-60 Bug: Cannot add single or two letter domains on all "Domain or IP" input fields
FE-74 Bug: DynDNS result in not found if accessed through switchboard
FE-87 Bug: Fixes of FE_83, FE_43, FE_82, FE_81, FE_41

Frontend design

FE-27 Improvement: Each GUI element should have a unique / unchanging ID for robotframework compatibility
FE-47 New Feature: Various post release fixes and optimizations to HTTP and SMTP proxy
FE-66 Improvement: Improve UI in mobile view in HTTP proxy access policy filtering modal

Frontend framework

FE-116 Bug: Fix Update GUI responsive layout
FE-15 Task: Notification center backporting for eos-6.0
FE-31 Bug: Mail server address field in SMTP proxy incoming domain settings behaves buggy when hitting backspace key
FE-40 Bug: Inconsistent state is shown when navigating away from a tab and not saving changes

Frontend page

FE-30 Bug: Some labels are shown on top of the header
FE-35 Bug: HTTP proxy frontend should allow input of IP addresses in do-not-cache-these-destination field
FE-61 Task: You need to hit twice slash / when inserting a subnet into Source / Destination IP widget
FE-65 Bug: Unable to add in proxy do not cache these destinations
FE-68 Bug: Rules data should be visible in access policy overview (user experience)
FE-77 Bug: Snort rules are editable during apply call
FE-79 Improvement: New Upgrade GUI
FE-88 Bug: Password field for Dynamic DNS is of type text
FE-91 Bug: Network Awareness Graph is not showing the right selected time range in Time Machine
FE-95 Bug: Apply button disappears after save for disabling HTTP/SMTP proxy

Hotspot API

HOTSPOT-737 Bug: Hotspot API Test Page not working
HOTSPOT-854 Bug: Username/password are randomly changed in API user modify call

Hotspot Administration

HOTSPOT-428 Task: Update message strings and translations
HOTSPOT-442 Improvement: Limit the number of hotspot users based on subscriptions
HOTSPOT-446 Improvement: Enable Hotspot by default
HOTSPOT-451 Improvement: Default rates for the Hotspot
HOTSPOT-468 Bug: "Settings did not change" message while they indeed changed
HOTSPOT-476 Improvement: Prevent ticket rates used by Social Login from being deleted
HOTSPOT-478 Bug: Labels that describes hotspot dhcp options are misleading
HOTSPOT-487 Bug: Duplicated message on hotspot GUI to notify setting changes
HOTSPOT-512 Bug: Millisconds are shown, printing dates and times
HOTSPOT-551 Bug: Error while uploading image using WYSIWYG editor
HOTSPOT-572 Improvement: Better error messages for Cyclic rates
HOTSPOT-638 New Feature: Redirect homepage to external site (SurfNow)
HOTSPOT-641 Bug: fckeditor can list and overwrite system files
HOTSPOT-666 Bug: Cannot copy the SurfNow code snippet
HOTSPOT-677 Bug: Fix boolean verification in Hotspot shouldstart method
HOTSPOT-693 Improvement: Cyclic Tickets for Smart Connect, Account Generator and Quick Tickets
HOTSPOT-697 Improvement: Account Editor add default language option
HOTSPOT-699 Bug: If an Hotspot Account Editor edits any field the language is reset to English
HOTSPOT-740 Improvement: Print account using selected language
HOTSPOT-742 Bug: Language settings show error for arabic language
HOTSPOT-751 Improvement: Correct and simplify the print behavior of the infoedit page
HOTSPOT-766 Improvement: Add the option Delete expired accounts on a daily basis
HOTSPOT-785 Bug: Reload of Hotspot emi GUI module fails
HOTSPOT-812 Task: Remove TurboGears dependency for Hotspot
HOTSPOT-858 Improvement: Add all the user fields available to the SmartConnect FormField widget

Hotspot Authentication

CORE-2274 Bug: EMI traceback with hotspot external LDAP authentication
HOTSPOT-515 Bug: Hotspot registering wrong session time (-1 hour) on Connection Logs
HOTSPOT-518 Task: Increase CoovaChilli lease time
HOTSPOT-559 Bug: CoovaChilli cannot authenticate users because of radius queue full
HOTSPOT-598 Bug: Hotspot account passwords are logged by apache in clear text
HOTSPOT-704 Bug: Empty page is generated when no SmartConnect rates are available to the user
HOTSPOT-715 Bug: Social login authentication issue with IE / Edge
HOTSPOT-729 Bug: Android captive portal redirection shown on all zones
HOTSPOT-761 Improvement: Custom UAM UI server url
HOTSPOT-815 Bug: Hotspot with Proxy "keep source IP address" option causes asymmetrical routing
HOTSPOT-873 New Feature: Introduce the possibility to set a limit for multiple simultaneous logins

Hotspot CoovaChilli

HOTSPOT-458 Bug: Hotspot activation does not "lock" DHCP settings for the blue zone
HOTSPOT-473 Bug: CoovaChilli 1.3.0 is limited by default to 512 clients
HOTSPOT-475 Bug: Hotspot upload suffer of limited throughput
HOTSPOT-841 Improvement: CoovaChilli vulnerable to SWEET32
HOTSPOT-882 Bug: Fix coova-chilli to compile with openssl 1.1.1
HOTSPOT-884 Bug: reenable coova-chilli RDEPENDS

Hotspot Database

HOTSPOT-456 Bug: emi Traceback saving hotspot settings
HOTSPOT-461 Bug: Database restored from a backup contains an invalid stored procedure
HOTSPOT-465 Bug: Unable to create traffic tickets bigger than 4 gigabytes
HOTSPOT-466 Bug: Unable to create traffic tickets bigger than 4 gigabytes
HOTSPOT-472 Improvement: Default rate for SmartConnect email registration
HOTSPOT-481 Bug: Elements of radgroupreply table must be strings
HOTSPOT-503 Bug: The hotspot traffic is growing after browsing with 5Gb limit
HOTSPOT-570 Improvement: Add 12h and 24h as connection time out
HOTSPOT-596 Bug: Database of 3.0.5 is not migrated to 3.2
HOTSPOT-659 Bug: Invalid rpm trigger
HOTSPOT-688 New Feature: Introduce new fields: company and job title
HOTSPOT-779 Bug: Social Login data not stored in hotspot account table
HOTSPOT-796 New Feature: Include NAS-Identifier into radacct table

Hotspot Login portal

HOTSPOT-421 New Feature: Reverse proxy for Hotspot portal background homepage
HOTSPOT-425 New Feature: Ability to change the "start browsing" URL after the Portal was loaded
HOTSPOT-462 Improvement: Add new walled garden domains for Apple
HOTSPOT-471 Bug: Arrow keys can change the displayed Hotspot step
HOTSPOT-530 Bug: Logger instance not initialized for database connections
HOTSPOT-574 Improvement: Pressing Enter, the user is not logged in
HOTSPOT-576 Bug: Login fails if HTTPS proxy is enabled
HOTSPOT-578 Bug: High EMI CPU usage due to requests
HOTSPOT-581 Task: Use a strong Diffie-Hellman for Hotspot
HOTSPOT-584 Epic: Hotspot Social Enabler
HOTSPOT-613 Bug: Error reloading the /portal/login miniportal page
HOTSPOT-634 Improvement: Introduce a Social Login flow for the Captive Portal Login of Android and iOS
HOTSPOT-695 Improvement: French translation for the Hotspot
HOTSPOT-706 Improvement: Update payment labels
HOTSPOT-709 Bug: Unable to register with the Smart Connect if the email is more than 40 chars
HOTSPOT-722 Improvement: Hotspot portal Arabic translation
HOTSPOT-744 Bug: Telephone country code unavailable in Smart connect via e-mail
HOTSPOT-756 Bug: Portal login page doesn't detect whether the user is already connected
HOTSPOT-769 Bug: Emi traceback while trying to register an already existent user
HOTSPOT-832 Task: Restart Hotspot after certificate renew
HOTSPOT-898 Task: Renewal of the certificate
HOTSPOT-943 Bug: Renewal of the certificate

Hotspot Network

HOTSPOT-448 Bug: Unable to start Hotspot since HA was removed
HOTSPOT-923 Task: Remove unnecessary ha templates

Hotspot RADIUS

HOTSPOT-483 Bug: Segmentation faults when radiusd is reloaded
HOTSPOT-631 Bug: Radius warning message "Child is hung for request"
HOTSPOT-933 Improvement: Upgrade freeradius to 3.0.21

Hotspot Social Login

HOTSPOT-459 Bug: Google login failure on yocto
HOTSPOT-489 Bug: Social Login with Facebook doesn't work with iOS 9.2
HOTSPOT-499 Bug: Logging in with valid Facebook credentials fails the second time
HOTSPOT-524 Bug: Social login with Facebook is not working with iOS
HOTSPOT-653 Bug: Social login authentication fail due missing variable
HOTSPOT-655 Improvement: Extract more information from Social Login
HOTSPOT-680 Bug: Hotspot login with AD does not work due to emi error
HOTSPOT-725 Bug: Social Login not available on satellite
HOTSPOT-758 Bug: Social login authentication return InvalidToken after hotspot purge
HOTSPOT-764 Bug: Fail-safe management of Social Login
HOTSPOT-776 Bug: Social Login is not working if Term of Service is enabled
HOTSPOT-782 Improvement: Improve Social Enabler mobile experience
HOTSPOT-790 New Feature: Twitter and Instagram Social Login
HOTSPOT-798 New Feature: Add information about the social provider used to create an account
HOTSPOT-869 Bug: Facebook API 2.8 EOL
HOTSPOT-928 Improvement: Update Google and Instagram social logins

Management Center Client

EMC-154 Task: Add a command for getting running services from gateways
EMC-170 Task: Add a command for getting maintenance expiration
EMC-18 Task: Create EMC client (Recognizer)
EMC-198 Improvement: recognizer: convert init into unit file
EMC-260 Improvement: replace pycrypto with cryptography in python-potr
EMC-298 Bug: recognizer is not restarted unless forced
EMC-37 Task: Add python-sleekxmpp recipe
EMC-48 Task: Add python upstream recipes


EOS-1955 Improvement: Add Amazon ENA kernel module
EOS-1976 Improvement: Enable Mercury 100 LCD
EOS-2057 New Feature: Finalize OTSB Product
EOS-2079 Task: Add missing python namespace info

OS Buildsystem Tools

EOS-1467 Bug: Fix uglifyjs options to remove build path from sourceMappingURL
EOS-1765 Improvement: add pytest and some plugins in devtools
EOS-1885 Improvement: doc-development: add initial DataSource documentation structure
EOS-2109 Bug: Upgrade uglify-js to 3.13.7
EOS-2140 Improvement: Rework package group and remove acs
EOS-2161 Improvement: Upgrade netifyd to 3.11
EOS-2211 Bug: Fix netifyd recipes
EOS-2215 Bug: Fix various 6.x products
EOS-2231 Task: re-add MMC support on mini-2022 5.10 kernel
EOS-2262 Improvement: Unlock second core on mini-10
EOS-2284 Improvement: Upgrade nodejs to 14 LTS

OS Deprecated Tools

EOS-1530 Bug: efw-frox: Upgrade to newer conntrack helpers

OS Installer

EOS-1368 Task: installer: force grub target to i386-pc (non-UEFI)
EOS-1788 Improvement: 4i-edge-x: Implement production workflow into installer
EOS-2126 Improvement: Add UEFI support for the EOS installer

OS Product Branding

EOS-1007 Bug: Forced dependency to db-bin because on some product was missing
EOS-1147 Task: Fix wrong merge on master
EOS-1448 New Feature: Create Mercury 50mk2 images
EOS-555 Task: Disable automatic lock on edge appliances
EOS-759 Bug: Panda AV and IPS shows up in 4I and hotspot products Live Logs

OS Yocto

EOS-1022 Bug: Duplicate package after an update that restarts sshd
EOS-1078 Task: remove e1000e and e1000e_update blacklist
EOS-1123 Task: Fix wrong acs-module recipe license
EOS-1132 Improvement: Prevent old RPM channels from being installed on Yocto-based systems
EOS-1136 Task: Migrate endian-client sources and recipe to git repository
EOS-1144 New Feature: Create mini-10 appliance on SCB6901
EOS-1176 Task: Review postinst management with sub-vars
EOS-1218 Improvement: Apply efw-snort patches on sources
EOS-1233 Improvement: Replace turbogears dependency with endian_setup
EOS-1235 Improvement: Cleanup packages for meta-endian recipes
EOS-1238 Task: Cleanup packages for meta-enterprise-endian recipes
EOS-1242 Task: Cleanup packages for meta-enterprise-endian-antivirus recipes
EOS-1244 Task: Cleanup packages for meta-enterprise-endian-hotspot recipes
EOS-1254 Task: Cleanup packages for meta-enterprise-endian-webfilter recipes
EOS-1255 Task: Cleanup packages for meta-enterprise-endian-vpn recipes
EOS-1256 Task: Cleanup packages for meta-enterprise-endian-system recipes
EOS-1258 Improvement: Restore parameters
EOS-1265 Task: Update PR
EOS-1272 Task: Remove endian-python inherit
EOS-1277 Task: Review postinst management with sub-vars on upstream recipes
EOS-1308 Task: Use external license file
EOS-1310 New Feature: Prepare new layers for js packages
EOS-1339 Task: Apply recipe patches in meta-endian layer
EOS-1341 Task: Apply recipe patches in meta-enterprise-endian-system layer
EOS-1343 Task: File cleanup on meta-endian
EOS-1362 New Feature: Create mini-25 and mini-25-wifi product based on SCB6901 machine with dual core and mmc
EOS-1364 Epic: Upgrade yocto to 2.2
EOS-1399 Task: Uniform PR usage
EOS-1401 Task: Apply meta-endian patches to sources
EOS-1403 Task: Fix pyc file splitting for dnf-plugin-core package
EOS-1406 Improvement: Link serial console with efw-console
EOS-1411 Improvement: yocto: upgrade to 2.4 (rocko)
EOS-1420 Bug: /var/log/archives/clamav is not packaged by efw-clamav
EOS-1435 Improvement: Yocto 2.4: QUEUEFW rules missing after enabling snort
EOS-1437 Task: Code cleanup
EOS-1450 Task: Cleanup disused cgi pages
EOS-1452 Task: Cleanup monit residue
EOS-1456 Bug: wrong patch re-added to efw-endian-client
EOS-1463 Bug: Fix base-files-endian profile file providing
EOS-1489 Task: Remove replaced cgi and perl menu files
EOS-1501 Task: Create pycountry recipe
EOS-1505 New Feature: Pre-Evaluate HW image with EFI for bridge
EOS-1516 Improvement: Yocto 2.4: upgrade syslog conf
EOS-1518 Bug: systemd-hostnamed sometimes fails at boot
EOS-1520 Task: Move python recipes to use meta-python pypi class
EOS-1524 Improvement: Convert sysctl.conf to use new drop-in sysctl.d
EOS-1528 Bug: fix sshd ignored options
EOS-1535 Bug: Move halt scripts into units
EOS-1539 Task: Handle led at shutdown
EOS-1540 Bug: Yocto 2.4: Re-enable shutdown beeps
EOS-1545 Improvement: Re-enable static python
EOS-1554 Bug: Yocto 2.4: core2_32 machines override now i686
EOS-1563 Task: Yocto 2.4: Convert Timers
EOS-1566 Task: Verify if we can remove endian-gpgkey package from images
EOS-1577 Improvement: Change bridge machine name from aaeon1 to fws2275
EOS-1579 Task: Code cleanup
EOS-1584 Task: Analyze what to do to remove migration scripts from 2.5 and versions below
EOS-1586 Improvement: Code cleanup
EOS-1588 Bug: Fix wrongly merged recipes
EOS-1590 Improvement: Replace old slider button on remote access GUI
EOS-1607 Improvement: Split appliances sources
EOS-1609 New Feature: Evaluate impact of upgrading master to yocto 2.5 (sumo) release
EOS-1619 Bug: 50led_ifa1610 file is wrongly packaged
EOS-1622 Task: Remove duplicated code, delete outdated repos
EOS-1624 Task: Cleanup initscripts and monit
EOS-1625 Improvement: Move migration scripts out of sources
EOS-1632 Improvement: Optimize rpm scriptlets using transactions
EOS-1634 Task: Check rpmrebuild methods
EOS-1647 Task: Cleanup unnecessary postinst ontarget
EOS-1653 Task: Remove initscripts
EOS-1662 Task: Remove monit conffiles
EOS-1681 Improvement: Evaluate upgrade to thud
EOS-1690 Bug: Missing libwww-perl on edge-x image
EOS-1698 Bug: check-conf for apache2 is wrongly packaged
EOS-1702 Task: Remove cgi status files
EOS-1704 Task: Remove legacy files
EOS-1706 Task: Remove monit file in sources
EOS-1708 Improvement: multi-instance syslog systemd unit
EOS-1710 Improvement: Move /var/run files into /run
EOS-1712 Improvement: Improve docker chain usage
EOS-1721 Task: /var/run used in volatile files
EOS-1722 Improvement: Proxy service status wrongly shown on edge dashboard
EOS-1724 Task: Fix QA errors on sources and update file headers
EOS-1728 Improvement: rpm debug on target is too vebose
EOS-173 Bug: EMI i18n domain FormEncode not found with other language than English
EOS-1740 Task: Review i18n tools usage and update .pot files
EOS-1743 Task: Remove unnecessary load_timestamp service
EOS-1748 Improvement: Align to lastest thud commits
EOS-1812 Task: Align to latest yocto thud commits
EOS-1822 Bug: Remove appliances autogenerated conflicts
EOS-1893 Task: Convert old unittests to pytest
EOS-1897 Bug: All VPN traffic blocked during authentication
EOS-1906 Task: Cleanup legacy csv tests
EOS-1911 Task: Some unit tests modify datasource constants
EOS-1917 Improvement: Update python-paramiko pkg
EOS-1920 Task: Create python-rollback recipe
EOS-1935 Task: Update ca-certificates package to 20200601
EOS-1941 New Feature: Create OTSB product
EOS-1988 Task: Add FastAPI and dependencies to devtools
EOS-1991 Task: update setuptools-scm package
EOS-1997 Bug: /etc/profile: Make sbin(s) dirs available to all users
EOS-2023 Task: Create a core FastApi capable of loading app routers dynamically
EOS-2028 Task: Fix tox environment to locally run fastapi server
EOS-2053 Task: Create Mercury 2021 model
EOS-2062 Task: Create deepdiff recipe
EOS-2085 Task: Create aiocache recipe
EOS-2091 Task: Bump appliance package to add dependency on efw-fail2ban
EOS-2113 Task: aiocache cannot use redis cache on unix socket
EOS-2122 Bug: missing dependency from python3-pyyaml in eos-core
EOS-2144 Task: Frontend packages must be build with fixed versioned dependencies
EOS-2149 Task: update python-hiredis version
EOS-2153 Task: Create asyncinotify package
EOS-2163 Task: Add frontend repositories to manifest with latest updates
EOS-2165 Task: Remove ENDIAN_GIT_TAG in eos-app-ui-utm recipy
EOS-2168 Improvement: Fix warning on polkit recipe
EOS-2177 Task: Remove easyvpn
EOS-2179 New Feature: Create Mini (2022 Edition) product
EOS-2207 New Feature: Add frontend -dbg packages
EOS-2225 Task: Add eos-ui-app-base to images
EOS-306 Epic: Fix perl native sysroot errors on some recipes
EOS-338 Bug: Increment -release packages to x.x.5
EOS-348 New Feature: x86: update to new machines
EOS-350 Task: Create better filename format for yocto images
EOS-356 Task: Bump release to 3.10.6
EOS-381 Bug: Fix sqlobject 2.2.0 ex_setup compile error
EOS-386 New Feature: x86: Implement installer
EOS-392 New Feature: x86: add ipset tools
EOS-395 Improvement: package oauth2client and dependencies
EOS-432 Task: Make source retrieve mode switch more friendly
EOS-437 Bug: libacpi doesn't exists on arm. Remove dependency.
EOS-442 Improvement: Upgrade kernel to 3.18.22 for x86 machines
EOS-446 Bug: acpi: wrong dependencies and version
EOS-455 Bug: Deploy and re-tag sources with missing empty files
EOS-458 Improvement: Evaluate 4.1.y LTS kernels for x86
EOS-459 Improvement: Evaluate 4.1.y LTS kernels for x86
EOS-462 Task: Align recipes to 2015-11-19
EOS-505 Bug: x86; Upgrade kernel to 4.1.12
EOS-551 Bug: x86: missing lcm kernel driver
EOS-610 Bug: Fix kernel lcm KERNEL_VERSION on recipe
EOS-613 Improvement: x86: upgrade kernel to 4.1.13
EOS-622 Bug: kernel: misc fixes
EOS-632 New Feature: Implement multilib
EOS-633 New Feature: Implement multilib
EOS-665 Bug: Fix src-common tag and review recipes for master branch
EOS-687 New Feature: x86: upgrade kernel to 4.1.14
EOS-703 New Feature: x86: upgrade kernel to 4.1.15
EOS-710 Task: Fix appliance file naming
EOS-714 Bug: lib32-perl-db-file: QA issue on .debug files
EOS-720 Bug: yocto compile issues
EOS-731 Bug: coova_chilli logs in /var/log/messages instead of /var/log/hotspot/chilli
EOS-735 Bug: sum-events-db fails due to missing pysqlite2 library
EOS-753 Bug: acpid is stopped after wizard
EOS-756 Bug: apache2 is in /etc/ folder
EOS-758 Improvement: x86: add kernel fragments infrastucture
EOS-770 Bug: x86: Upgrade kernel to 4.1.16
EOS-772 Bug: acs-module: move to "all" architecture
EOS-773 Bug: p3scan: Doesn't start on 64 bit machines
EOS-786 Bug: efw-hotspot-4.0.16-1.e13.y7 : patch doesn't apply
EOS-788 New Feature: 64 bit: create community and sw enterprise appliances
EOS-791 Bug: x86: enable pc spkr
EOS-800 Bug: efw-dhcp broken
EOS-809 Bug: add executable permissions to wpad.dat
EOS-826 Task: Move recipes PV to 5.0.1
EOS-827 Bug: Reverse proxy settings for Portal background reference wrong configuration path
EOS-829 Improvement: x86: Upgrade kernel to 4.1.17
EOS-832 Bug: proxy-html.conf is now in /usr/share/apache2/extra
EOS-834 Bug: coova-chilli: Various fixes while brX intefrace is congested
EOS-848 Bug: Review file owner on packages
EOS-857 Bug: logrotate: packed conf file and config is not generated
EOS-875 Bug: Panda antivirus doesn't start anymore
EOS-884 Bug: efw-panda: syslog conf has nobody group
EOS-917 Task: Update script used to create .pot files
EOS-923 Bug: Introduce initrd in x86 kernels
EOS-928 Bug: usb_modeswitch doesn't create ttyUSB if usb modem is plugged before boot start
EOS-933 Bug: httplib can't be imported by the management center
EOS-972 Bug: url-rewrite: memory leak

Security Base System

SEC-101 Task: CVE 2022-0778
SEC-21 Bug: CVE-2020-8597 (Point-to-Point Protocol Daemon) bof
SEC-26 New Feature: Account lockout policy in Authentication Daemon
SEC-30 Bug: EMI locks up when parallel requests are made
SEC-4 Bug: upgrade lodash to 4.17.15
SEC-40 Bug: dynamically locked users GUI shows no users although there are plenty in the database
SEC-43 Bug: TLSv1 is allowed for all apache virtualhosts
SEC-49 Task: Upgrade sudo to 1.9.5p2
SEC-66 Improvement: Upgrade openssl to 1.1.1k
SEC-7 Bug: Evaluate CVE-2019-16905 on OpenSSH 8.0
SEC-73 New Feature: create efw-fail2ban package
SEC-79 Improvement: Add slowloris mitigation
SEC-84 Bug: CVE-2021-25217 A buffer overrun in lease file parsing code in DHCP / dhclient
SEC-88 Improvement: Upgrade OpenVPN to 2.4.11
SEC-94 Bug: CVE-2021-40438 Apache mod_proxy vulnerability
SEC-98 Bug: CVE-2021-4034 pkexec: local privilege escalation

UTM Antispam: SpamAssassin

UTM-1944 Task: Rewrite spamassassin GUI
UTM-2145 Improvement: fix run_sa_update invocation
UTM-2155 Bug: Spam Training uses wrong command for connection test
UTM-2262 Improvement: Add support for SSL and custom IMAP server port in Spam training
UTM-2280 Bug: If port is not specified spamtraining imap will not connect
UTM-2358 Bug: IMAP training fails if mail is incomplete
UTM-2505 Improvement: Reintroduce spamassassin into 6.x
UTM-2845 Bug: sa-wrapper command is missing

UTM Antivirus: ClamAV

UTM-1777 Task: Update ClamAV to fix some CVE
UTM-1864 Bug: Jobsengine deadlock prevents jobs from starting
UTM-1959 Bug: Update clamav to 0.99.4
UTM-2146 Improvement: fix efw-clamav-cleanup timer
UTM-2605 Improvement: Upgrade ClamAV to 0.104.0

UTM Artwork

ENTERPRISE-1771 Bug: Invalid graphic image for closing button displayed when browsing Firewall Diagrams

UTM Certificate Management

UTM-1321 Bug: Private keys from PKCS12 are not imported
UTM-1403 Task: Allow wildcard certificates generation
UTM-1480 Bug: CA certificate symlink is not created
UTM-1484 Task: Allow at (@) character in certificates common name
UTM-1493 Task: Allow wildcards certificate pkcs12 upload
UTM-1498 Task: Certificated with a CA chains with more than one CA cannot be used in VPN server and VPN portal
UTM-1554 Bug: Uploaded certificate issued by a trusted CA cannot be deleted
UTM-1655 Task: Add an option for choosing the certificates private key size
UTM-1793 Task: Add local CA certificates to CA bundle
UTM-1807 Improvement: In Certificates change Subject Alt Name textinput to a more usable widget
UTM-1809 Task: Include Subject Alternative Name in the host HTTPS certificates
UTM-1981 Task: Use bootstrap classes in SAN selector
UTM-2009 Improvement: Randomize the default certificate organization
UTM-2014 Task: Sign certificates with Let's Encrypt
UTM-2048 New Feature: Add GUI for creating non-wildcard Let's Encrypt certificates
UTM-2082 Bug: Wildcard hostname in certificate creation should be accepted
UTM-2283 Bug: Certificate import fails due to syntax error
UTM-2295 Improvement: Can't import CA generated from Active Directory Certificate Services
UTM-2298 Bug: Certificate filenaming is exploitable
UTM-2335 Bug: Import of self-signed certificates fails due to different openssl output
UTM-2363 Task: Introduce key usage extension in all certificates
UTM-2388 Bug: Some jobs don't have a dependency on authentication (aws)
UTM-2391 Bug: Letsencrypt PKCS#12 file is empty and (as a result) cannot be imported.
UTM-2439 Bug: When a backup is imported the certificate cache files need to be deleted
UTM-2452 Bug: Subject Alt Name field rejects FQDNs having numbers after the host part
UTM-2775 Bug: Expired Letsencrypt R3 CA will break letsencrypt SSL connectivity on the affected system
UTM-2805 Task: updates ca-certificates package to 20211016

UTM Configuration

UTM-1585 Task: endian-client services module retrieves partial data
UTM-2478 Improvement: package xtables-addons
UTM-2897 Task: Remove closed beta from UTM logo

UTM Enterprise API

ENTERPRISE-2427 Improvement: Add redis capability to listen on unixsock
ENTERPRISE-2651 Task: Uniform API paths

UTM Enterprise Antispam: Commtouch

ENTERPRISE-1515 Task: Fix spamassassin gui to work with new menu

UTM Enterprise Antivirus

ENTERPRISE-2148 Task: Evaluate antivirus engines
ENTERPRISE-2323 New Feature: Fix dependency loop for antivirus packages
ENTERPRISE-2329 Improvement: Antivirus log page show logs not related to virus events
ENTERPRISE-2452 Bug: icap sends logs not related to viruses to remote syslog
ENTERPRISE-2525 Bug: Antivirus settings page not linked correctly from the menu

UTM Enterprise Antivirus: Bitdefender

ENTERPRISE-2316 Epic: Bitdefender status info and log management
ENTERPRISE-2348 Bug: Bitdefender last signature update is not displayed correctly
ENTERPRISE-2396 Bug: bitdefender not detecting virus locally but detects it on virustotal
ENTERPRISE-2399 Bug: bitdefender not detecting virus locally but detects it on virustotal
ENTERPRISE-2438 New Feature: Integrate Bitdefender Antispam and URL Filter
ENTERPRISE-2440 New Feature: Integrate Bitdefender Antispam and URL Filter
ENTERPRISE-2627 Improvement: Upgrade bitdefender engine to

UTM Enterprise Antivirus: Panda

ENTERPRISE-1047 Bug: efw-panda: missing monit reload for pavapidaemon in postinst
ENTERPRISE-1065 Task: Disable Panda Cloud AV when license has expired
ENTERPRISE-1074 Bug: indentation error on panda restartscript
ENTERPRISE-1081 Bug: Squid error with acs_module installed
ENTERPRISE-1084 Bug: invalid squid configuration with acs_module
ENTERPRISE-1153 Bug: Panda Antivirus engine does not appear in the Antivirus Engine section
ENTERPRISE-1168 Bug: icap throws a SEGV while scans infected archives
ENTERPRISE-1229 Bug: Both Panda Cloud Antivirus and ClamAV started at the same time
ENTERPRISE-1232 Improvement: Avoid pavapidaemon restart if not forced
ENTERPRISE-1486 Bug: PandaAV signatures update stuck
ENTERPRISE-1680 Improvement: Yocto 2.4: panda job fails with traceback

UTM Enterprise Appliance: Hardware

ENTERPRISE-1013 Task: Endian Hotspot 150 appliance
ENTERPRISE-1014 Task: Endian Hotspot 500 appliance
ENTERPRISE-1015 Task: Endian Hotspot 1500 appliance
ENTERPRISE-1016 Task: Endian Hotspot Virtual 150 appliance
ENTERPRISE-1017 Task: Endian Hotspot Virtual 500 appliance
ENTERPRISE-1018 Task: Endian Hotspot Virtual 1500 appliance
ENTERPRISE-1022 Task: Update Hotspot 150 businfotab
ENTERPRISE-1032 Task: Dependency to commtouch-webfilter for all Hotspot appliances
ENTERPRISE-1035 Task: Remove "Appliance" from Hotpost appliances name
ENTERPRISE-1067 Bug: Remove POP3 and IPS signatures summary from dashboard
ENTERPRISE-1095 Bug: Certificate section is viewable from Hotspot products
ENTERPRISE-1104 Bug: Product name not shown correctly on LCD
ENTERPRISE-1190 Task: Add default WAN port configuration
ENTERPRISE-1254 Task: Rename Mini 25 Wireless to Mini 25 Wi-Fi
ENTERPRISE-1260 Task: Create Mini 10 Wi-Fi product
ENTERPRISE-1279 New Feature: Configure kernel to limit to one core only mini-10 product
ENTERPRISE-1283 Bug: Missing businfotab files on Mini 10 WiFi and Mini 25 WiFi
ENTERPRISE-1340 Task: Define bridge appliance and prepare pkg dependencies
ENTERPRISE-1480 Bug: Manage certificate page is available on hotspot products
ENTERPRISE-1696 Bug: Admin user can't download OpenVPN ca certificate on Hotspot appliances
ENTERPRISE-1872 Bug: Add edge-x wizard picture
ENTERPRISE-1959 Task: Create mercury-50-wifi-scb1617a appliance
ENTERPRISE-2111 Improvement: Create new macro 250/500 appliance recipes
ENTERPRISE-2291 Task: Define switchboard macro products
ENTERPRISE-2393 Improvement: Add LCD module support for Macro Plus
ENTERPRISE-2494 New Feature: Create Macro 2021 Edition
ENTERPRISE-2543 Improvement: 6.x closed beta misc fixes - 3
ENTERPRISE-2546 Task: 6.x closed beta misc fixes - 4
ENTERPRISE-2657 Task: Create Macro 2022 Edition
ENTERPRISE-2683 Bug: Set zone limit for mercury 100 to 32

UTM Enterprise Appliance: Software

ENTERPRISE-1026 Task: Default menu for Hotspot appliances
ENTERPRISE-1361 Bug: Wrong product id for software and virtual
ENTERPRISE-2518 Bug: Missing wizard and menu images for virtual and software

UTM Enterprise Appliance: Virtual

ENTERPRISE-1058 Task: Adjust service configuration parameters for Hotspot appliances
ENTERPRISE-1078 Task: Virtual images for Hotspot appliances
ENTERPRISE-1236 Bug: Appliance product name doesn't appear on the web interface
ENTERPRISE-1367 Bug: Virtual appliances are not blocked anymore when maintenance expires
ENTERPRISE-2536 Improvement: 6.x closed beta misc fixes
ENTERPRISE-2540 Improvement: 6.x closed beta misc fixes - 2

UTM Enterprise Application Firewall

ENTERPRISE-1040 Task: Remove references to IPS in firewall GUIs
ENTERPRISE-1596 Epic: Introduce a new Application Firewall
ENTERPRISE-1831 Improvement: Limit life of nfq_ndpi_firewall worker processes

UTM Enterprise Authentication layer: Enterprise

ENTERPRISE-1100 Bug: Edit Authentication server mappings will remove apache as Authentication server
ENTERPRISE-1143 Bug: RADIUS provider fails to load
ENTERPRISE-1214 Bug: OpenVPN client disconnection after 1 hour if OTP is used
ENTERPRISE-1224 Task: Create a script for enabling OTP on all the local users
ENTERPRISE-1625 Improvement: Add support for AES encrypted password
ENTERPRISE-1647 Bug: VPN Authentication on LDAP fails with "operations error"
ENTERPRISE-1925 Bug: Issues with GUI users
ENTERPRISE-2074 New Feature: Support for secure LDAP (ldaps)
ENTERPRISE-2136 Bug: "Invalid credentials" error message not shown when configuring external auth provider
ENTERPRISE-2144 Bug: Quotation marks are not supported in the password authentication for LDAP
ENTERPRISE-2422 Bug: Size limit exceeded on ldap queries

UTM Enterprise Backup

ENTERPRISE-1852 Bug: Restore doesn't work via GUI
ENTERPRISE-1982 Bug: Encrypted backup is not created
ENTERPRISE-2306 Bug: Scheduled backups are not created if there is no USB stick plugged in

UTM Enterprise Documentation

ENTERPRISE-1756 Improvement: EasyVPN Title and Menu text Change

UTM Enterprise Endian Network

ENTERPRISE-1099 Bug: en-client logs fill up /var/log partition if timezone is brought back
ENTERPRISE-1161 Task: Allow the systems registration using the "registration key" instead of the EN password
ENTERPRISE-1165 Bug: Fix endian-client recipes
ENTERPRISE-1196 Task: Create tunnels.config instead of using the obsolete registerLookup
ENTERPRISE-1199 Task: Create smbconfig.config instead of using the obsolete registerLookup
ENTERPRISE-1294 Bug: Traceback after en-client after acs-module installation
ENTERPRISE-1305 Bug: Activation Codes longer than 20 char cannot be entered in GUI registration page
ENTERPRISE-1372 Bug: Initial registration page do not redirect correctly trought Switchboard portal
ENTERPRISE-1382 Task: Remove bzr dependency from endian-client
ENTERPRISE-1387 Task: Register a system on Endian Network with an given System ID
ENTERPRISE-1418 Bug: en-liveclient tracebacks
ENTERPRISE-1484 Bug: Fix channel management, replace smart calls
ENTERPRISE-1488 Improvement: Reintroduce custom channel usage in endian-client
ENTERPRISE-1530 Improvement: Rewrite support GUI
ENTERPRISE-1576 Improvement: Rewrite endian network registration GUI
ENTERPRISE-1578 Task: add labels to support page
ENTERPRISE-1620 Improvement: Add the DataSource hook en.status
ENTERPRISE-1644 Task: Use the upstream proxy configuration module for reading proxy configuration
ENTERPRISE-1649 Bug: It's "endian" not "endina"
ENTERPRISE-1653 Task: Replace Q.js with ES6 Promises (on enterprise)
ENTERPRISE-1658 Bug: Remote Access GUI does not work because sefl is not defined
ENTERPRISE-1689 Bug: Appliance cannot register due to missing file
ENTERPRISE-1693 Task: Wrong count of system users information sent to EN
ENTERPRISE-1728 Bug: Delete-sysid not working during backup restore if reboot option is used
ENTERPRISE-1793 Improvement: Split en-client.conf and en-liveclient.conf configurations
ENTERPRISE-1800 Improvement: Upgrade repository URL from HTTP to HTTPS
ENTERPRISE-1808 Improvement: Verify SSL certificates used by Endian Network Client
ENTERPRISE-1812 Bug: Endian Client not working when upstream proxy is set
ENTERPRISE-1834 Bug: Restore old en-client configuration
ENTERPRISE-1836 Bug: ssh client refuses to use dss key for liveclient
ENTERPRISE-1840 Bug: Fix registration redirection to new wizard page
ENTERPRISE-1844 Bug: efw-endian-client scriptlet fails
ENTERPRISE-1901 Improvement: Link to create new Endian Network user is not easy to find
ENTERPRISE-1909 Bug: When enabling support access no action is sent to Endian Network
ENTERPRISE-1911 Bug: EN liveclient randomly sends wrong access information to EN
ENTERPRISE-1917 Bug: Update default outgoing rules for Endian Network
ENTERPRISE-1931 Bug: EN registration not imported from a backup
ENTERPRISE-2056 New Feature: 4i-edge-x: Add support led
ENTERPRISE-2103 Bug: Jobsengine State 'stop-final-sigterm' timed out. Killing when upgrading endian-client
ENTERPRISE-2352 Bug: Disabling the support access via GUI does not call clearsupportpasswd
ENTERPRISE-2442 Bug: endian-client dependency on endian-core must be updated
ENTERPRISE-2515 Improvement: Double logs for some services in journald
ENTERPRISE-2589 Bug: Cannot register to Endian Network if the password contains round brackets
UTM-2087 Bug: Wrong count of VPN users information sent to EN

UTM Enterprise Enterprise Updates

ENTERPRISE-1474 Task: Upgrade efw-upgrade - proxy support
ENTERPRISE-1545 Improvement: Rewrite updates GUI
ENTERPRISE-1731 Task: Enterprise 5.1 release
ENTERPRISE-1801 Improvement: efw-locales-enterprise restarts emi during rpm update
ENTERPRISE-1967 Task: Remove migration script invocation from upgrade.d
ENTERPRISE-2106 Bug: efw-update install of a package fails

UTM Enterprise License

ENTERPRISE-1009 Improvement: Ability to write a custom support message
ENTERPRISE-1063 Task: Update license
ENTERPRISE-1349 Task: Do not include server host in redirect
ENTERPRISE-1850 Bug: Refactor proprietary licenses
ENTERPRISE-1856 Bug: Key error on enterprise redirect
ENTERPRISE-1991 Improvement: Update address inside license agreement
ENTERPRISE-2032 Bug: License Agreement should not be editable

UTM Enterprise Monitoring, Reporting

ENTERPRISE-1276 Bug: Not found EMI error when clicking Web chart slice from Summary
ENTERPRISE-1301 Bug: Unable to open Event Reporting database imported from a 3.0 backup
ENTERPRISE-1549 Bug: Limit events.db size
ENTERPRISE-1712 Bug: Avoid emi traceback when events.db is incomplete
ENTERPRISE-1733 Improvement: Add missing items in reporting menu
ENTERPRISE-1742 Task: Logs: add new Panda log page
ENTERPRISE-1824 Bug: Panda Antivirus service log points to wrong file
ENTERPRISE-2036 Bug: Livelogs shows a blank page in case of parsing of an uncodified characther
ENTERPRISE-2116 Improvement: Introduce netify as devtools optional package
ENTERPRISE-2168 Bug: Snort logs do not show in graphical logs
ENTERPRISE-2294 Bug: efw-reporting package has wrong PR
ENTERPRISE-2300 New Feature: Upgrade netifyd to 3.0.5
ENTERPRISE-2531 Bug: Syslog match filter broken after upgrade
ENTERPRISE-2564 Improvement: Upgrade netifyd to 3.10
ENTERPRISE-2642 Improvement: netifyd: upgrade to 4.1.11
ENTERPRISE-2649 Bug: Dashboard counters do not work
EOS-1414 Task: Create Redis job

UTM Enterprise Network configuration: Enterprise

ENTERPRISE-1713 Task: GUI for wifi uplink
ENTERPRISE-2041 Improvement: Plug and connect: Netwizard doesn't consider the proposed activation code
ENTERPRISE-2059 Bug: Plug&Connect is not started on client after the first boot
ENTERPRISE-2084 Bug: New zone can be created on uplink's device

UTM Enterprise Network: Wireless

ENTERPRISE-1344 Bug: System access and transparent proxy rules not created for wifi appliances in bridged mode
ENTERPRISE-1754 Improvement: split common wireless module from efw-wireless
ENTERPRISE-1869 Improvement: Switch to static wireless regulatory domain
ENTERPRISE-1904 Improvement: Wifi uplink wpa password fields is not easy to find
ENTERPRISE-1933 Bug: Wifi DHCP Uplink get disconnected right after associating
ENTERPRISE-2139 New Feature: Reintroduce Wireless AP into 6.0

UTM Enterprise Notifications: Custom scripts

ENTERPRISE-1919 Task: Add Script page to Event notification menu

UTM Enterprise Notifications: SMS

ENTERPRISE-1535 Task: Use bootstap classes in SMS event notifcation

UTM Enterprise Provisioning

ENTERPRISE-1333 Bug: Provisioning process prevent network wizard settings application
ENTERPRISE-1336 Task: Use as autoregistration host
ENTERPRISE-1351 Improvement: Autoregistration download from must accept only trusted certificates
ENTERPRISE-1357 Bug: Provisioning fails if unicode characters are used in the Company field
ENTERPRISE-1395 Task: Add options for excluding provisioning sections from import
ENTERPRISE-1422 Bug: Provisioning do not set domainname
ENTERPRISE-1457 Improvement: Check for configurations on for one day after network wizard
ENTERPRISE-1472 Improvement: Add console menu option to connect the system to the Switchboard
ENTERPRISE-1476 New Feature: Add a gui to connect the system to the Switchboard
ENTERPRISE-1492 Bug: Remove git configuration information from provisioning dump
ENTERPRISE-1518 New Feature: Rewrite the configuration Wizard for the new GUI
ENTERPRISE-1560 Improvement: replace smart calls in provisioning
ENTERPRISE-1571 Bug: Factory reset calls inexistent initscript
ENTERPRISE-1593 New Feature: Support Local VPN configuration in provisioning
ENTERPRISE-1908 Bug: Plug and connect doesn't work from wizard and /manage/provisioning/claim/
ENTERPRISE-2013 Bug: provisioning-install stops running after system updates
ENTERPRISE-2023 Bug: provisioning-install cannot decrypt provisioning file
ENTERPRISE-2026 Bug: provisioning-install doesn't run after extending claim period
ENTERPRISE-2030 Bug: provisioning-install is unable to handle self signed certificate
ENTERPRISE-2034 Bug: No user feeback while set a custom registry for connect to Switchboard/EasyVPN
ENTERPRISE-2069 Bug: Make supplying AC impossible if AC on nvstorage exists
ENTERPRISE-2487 Task: Allow provisioning of multiple IP addresses for GREEN, ORANGE, BLUE zones
ENTERPRISE-2596 Task: Provisioning function stuck on DBus call

UTM Enterprise Quality of service: Tagging

ENTERPRISE-1268 Bug: QOS Tagging is not possible to change the rules order
ENTERPRISE-1312 Bug: QoS Tagging rules should tag and return to not match other tag rules
ENTERPRISE-1880 Improvement: QOStagging back-end API rewrite
ENTERPRISE-1885 Improvement: QOStagging front-end rewrite
ENTERPRISE-1935 Task: Fix invalid PV in efw-qostagging recipe
ENTERPRISE-1958 Bug: Quality of Service Tagging: Rules are not applied

UTM Enterprise Service: High Availability

ENTERPRISE-1128 Bug: Uplink remains enabled on the slave unit when in stand-by
ENTERPRISE-1134 Bug: Coova-Chilli release IPs on HA slave in backup state
ENTERPRISE-1140 Bug: HA takeover when interzone firewall is modified
ENTERPRISE-1399 Bug: DHCP HA load-balancing settings block dhcp from releasing IP
ENTERPRISE-1573 Bug: Default GW is not set on slave at take over in No Uplink mode
ENTERPRISE-1580 Task: Fix HA call to uplinksdaemon stop_uplinks
ENTERPRISE-1738 Bug: Traceback on HA restart due to wrong keepalive template
ENTERPRISE-1970 Task: Backport HA into 6.0 and Master
ENTERPRISE-2120 Task: Update keepalived to latest version
ENTERPRISE-2123 Task: Create helper module for ha settings access
ENTERPRISE-2164 Improvement: Mongodb replica-set initialization mechanism
ENTERPRISE-2171 New Feature: Create HA GUI and back-end
ENTERPRISE-2174 Improvement: Review HA interface handling
ENTERPRISE-2177 Bug: First HA file synchronization must use file checksums
ENTERPRISE-2181 Improvement: Rework efw-ha daemon
ENTERPRISE-2184 Task: Use a clean rollback strategy on join operation
ENTERPRISE-2188 Task: Remove unused dirs in exclude.conf
ENTERPRISE-2190 Bug: Unregister of last node leaves some HA files
ENTERPRISE-2193 Improvement: Add success notice after a new node join
ENTERPRISE-2198 Improvement: Improve HA join and unregister mechanisms
ENTERPRISE-2201 Task: Update HA unit tests
ENTERPRISE-2205 Bug: autoupdate call must be local to the appliance
ENTERPRISE-2209 Improvement: Create a rpm transaction step to sync nodes in HA cluster
ENTERPRISE-2212 Bug: Joining an appliance to an HA cluster must create .ssh folder
ENTERPRISE-2216 Improvement: Sync firewall and routing settings on save
ENTERPRISE-2221 Improvement: HA sync is allowed if appliances has the same major version
ENTERPRISE-2225 Bug: Improve the restore of a backup file in HA
ENTERPRISE-2231 Bug: Output of commands run on remote appliance is not read correctly
ENTERPRISE-2234 Improvement: Add banner to slave nodes
ENTERPRISE-2237 Bug: Fix node unregister
ENTERPRISE-2250 Bug: The HA synchronizes output is not clear
ENTERPRISE-2254 Improvement: Get slaves node status remotely
ENTERPRISE-2260 Bug: HA page shows an error when service is disabled
ENTERPRISE-2264 Improvement: Create an event for HA master node transition
ENTERPRISE-2339 Bug: Paramiko doesn't load ed25519 keys correctly
ENTERPRISE-2465 Bug: DHCP server does not start on HA
ENTERPRISE-2499 Bug: The root password is printed plaintext in the journal when a new HA node is added to the cluster
ENTERPRISE-2501 Bug: HA remove node shouldn't display 'even if unreachable' for itself.
ENTERPRISE-2552 Improvement: Rewrite efw-ha binary in python3 using async DBusService
ENTERPRISE-2592 Improvement: Node count on HA page is misleading
ENTERPRISE-2594 Bug: ha0 interface and related firewall rules are not removed after node removal
ENTERPRISE-2597 Bug: Appliance looses all IP addresses if you setup a HA cluster using a wrong interface name
ENTERPRISE-2611 Bug: HA cluster creation introduces network problem
ENTERPRISE-2615 Bug: Traceback installing packages after removing the HA cluster
ENTERPRISE-2620 Improvement: It shouldn't be possible to create a HA cluster or join an unregistered appliance
ENTERPRISE-2629 Bug: remove ha-purge since no longer needed
ENTERPRISE-2632 Improvement: Add efw-ha technical documentation
ENTERPRISE-2635 Task: Port HA helper to python3
ENTERPRISE-2659 Bug: In HA mode all devices are rebooted not just the current master

UTM Enterprise Service: Mail Quarantine

ENTERPRISE-1049 Bug: Quarantine summary reports are quarantined with Cyren enabled
ENTERPRISE-1208 Improvement: Quarantine digest stops when email is not sent and smtp isn't running
ENTERPRISE-1273 Task: Remove debug logs
ENTERPRISE-1447 Bug: XSS in Mail Quarantine
ENTERPRISE-1640 Bug: Error while trying to format column 'from_' value

UTM Enterprise User Interface

ENTERPRISE-1048 Bug: FTP Proxy menu is shown on Hotspot appliances
ENTERPRISE-1072 Task: Remove "Appliance" from CGI footer
ENTERPRISE-1478 Bug: Apache failing to redirect to the dashboard after succesful registration
ENTERPRISE-1498 Bug: Remove Plug and Connect customizations for non-Endian brandings
ENTERPRISE-1524 Bug: Remove Plug and Connect console customizations for non-Endian brandings
ENTERPRISE-1907 Bug: When the appliance is registered no spinner is shown after the submit
ENTERPRISE-1994 Bug: Wrong link for contextual help
ENTERPRISE-2016 Improvement: Add Edge X menu image
ENTERPRISE-2053 Improvement: Update wizard and plug & connect images
ENTERPRISE-2271 Bug: Cannot select bridged on a routed server instance
ENTERPRISE-2304 Improvement: Improve User Experience when the user enables IPsec for the first time
ENTERPRISE-2356 Improvement: "Log all accepted connections" tickbox should warn about risk of filling log partition
ENTERPRISE-2522 Bug: Removing backup uplinks is not intuitive in GUI
ENTERPRISE-2556 Bug: UI - New frontend HTML pages are cached and they include assets having a pseudo-randomly generated name that results in an error if they get renamed
ENTERPRISE-2604 Bug: Cannot override NTP servers on 6.x
ENTERPRISE-2625 Task: Remove FTP proxy settings from antivirus global settings

UTM Enterprise VPN: Enterprise options

ENTERPRISE-1217 Bug: OpenVPN client connection is allowed with empty password
ENTERPRISE-1241 Bug: efw-eal-backend-enterprise migration failure because of KeyError: 'provider_name'
ENTERPRISE-1846 Bug: Missing vpn connection status page
ENTERPRISE-1941 Bug: EasyVPN plug and connect missing style for textboxes and buttons
ENTERPRISE-1978 Task: Enabling EasyVPN service breaks menu gui

UTM Enterprise VPN: L2TP

ENTERPRISE-1119 Bug: L2TP authentcation error if password has special chars
ENTERPRISE-1192 Bug: IPsec/L2TP works with transport mode only on strongSwan 5.3
ENTERPRISE-1319 Bug: L2TP job doesn't start due to wrong shouldstart check
ENTERPRISE-1322 Bug: IPsec job doesn't start due to wrong shouldstart check
ENTERPRISE-1466 Bug: L2TP job remains in waiting_depends status forever when L2TP is not enabled
ENTERPRISE-1551 Bug: L2TP VPN user status not updated in Status VPN Connections
ENTERPRISE-1842 Bug: Incorrect configuration for IPsec/L2TP certificate authentication tunnels
ENTERPRISE-1985 Improvement: Avoid passing all DataSource to xl2tp configuration template

UTM Enterprise VPN: Portal

ENTERPRISE-1090 Bug: VPN Portal requires certificates type server
ENTERPRISE-1149 Improvement: Use apache custom Diffie-Hellman group for Reverse Proxy
ENTERPRISE-1470 Bug: VPN Portal cannot connect to HTTPS servers with small DH
ENTERPRISE-1687 Bug: VPN Portal should set Secure cookie flag OID:
ENTERPRISE-1709 Improvement: VPN Portal add possibility to enable/disable Secure cookie through datasource
ENTERPRISE-2505 Bug: VPN portal GUI to override authentication needs to be ported to 6.x

UTM Enterprise Webfilter: Commtouch

ENTERPRISE-1037 Task: Cyren webfilter and SafeSearch default profiles
ENTERPRISE-2619 Bug: Webfilter profiles must be written to datasource using only [a-z0-9] characters and they have to be unique

UTM Enterprise Webfilter: HTTPS Transparent content filtering

ENTERPRISE-1539 Task: Remove popup to warn users to enable dnsproxy when https urfiltering mode is in use
UTM-1928 New Feature: Content filter for https pages

UTM Enterprise Webfilter: SafeSearch

ENTERPRISE-2646 Bug: Safesearch has not been ported on eos-6.0 on UI and API backend


UTM-1551 Bug: Web filter profile containing space in the name are not applied to proxy ACL
UTM-1561 Bug: Webfilter configurations are not removed and prevent c-icap to start
UTM-1867 Bug: c-icap cannot allocate memory for buffer
UTM-2519 Bug: icap does not start when clamav is used
UTM-2563 Improvement: Upgrade c-icap to 0.5.x
UTM-2883 Bug: Bitdefender Illegal category should be written lowercase

UTM Monitoring, Reporting

UTM-1432 Bug: Mails statistics not shown in Event Reporting mail section
UTM-1851 Improvement: Support for hourly graphs
UTM-2032 Bug: Sarg is loading the wrong configuration
UTM-2102 Improvement: Review SARG retention settings
UTM-2106 Improvement: Update SARG
UTM-2109 Bug: Sarg doesn't load language file
UTM-2473 Improvement: Remove dansguardian configs from sarg
UTM-2611 Bug: Problems with Reporting on 6
UTM-2908 Bug: snort logging lost on eos-6

UTM Proxy: DNS

UTM-1855 Bug: Dnsmasq is not restarted when a new host is added
UTM-2011 Bug: resolv.conf contains wrong information on initial installation
UTM-2177 New Feature: Let Proxy DNS service to log antispyware blocked domains
UTM-2211 Improvement: Suppress dnsmasq version string
UTM-2367 Bug: is blocked by DNS Proxy
UTM-2397 Bug: blackhole_httpd_access and blackhole_error_log are not rotated and should be removed


UTM-1342 Improvement: Single OpenVPN instance
UTM-1343 Improvement: HTTP Proxy always in transparent mode for BLUE zone
UTM-1350 Task: Remove authentication from HTTP Proxy
UTM-1424 Bug: Squid going IPv6 on IPv6 sites resulting in (101) Network is unreachable
UTM-1465 Epic: proxy.pac improvements
UTM-1529 Bug: Proxy authentication is not working with AD
UTM-1566 Epic: Update squid to 3.5.25
UTM-1596 Bug: Squid "number of different IP's per user" setting prevent internet access
UTM-1610 Improvement: SARG report disabled by default
UTM-1653 Bug: wpad is offered via DHCP and HTTP even if proxy is inactive
UTM-1774 Bug: Add parameter winbind max clients to winbind.conf
UTM-1884 Bug: Squid terminates with an error if an entire domain and its subdomains are used in the same access policy
UTM-1987 Bug: WPAD in JSON format
UTM-2054 Improvement: Yocto 2.4: Wrong winbindd service invoked
UTM-2060 Improvement: Remove custom template creation on proxy postinst
UTM-2130 Improvement: Squid: remove hardcoded /usr/lib/squid
UTM-2209 Improvement: Suppress Squid version string info in HTTP headers and HTML error pages
UTM-2312 Bug: Reintroduce squid into 6.0
UTM-2400 Improvement: Proxy exclude logging for specific domains
UTM-2456 Bug: Squid MAXTCPLISTENPORTS/MAXTCPLISTENPORTS is too low for some systems
UTM-2484 Task: Create proxy datasource documentation
UTM-2498 Task: Squid: Upgrade to 4.14
UTM-2529 Task: Define HTTP Proxy openAPI
UTM-2545 Bug: Winbind does not start on 6.x
UTM-2608 Improvement: Add missing routes to HTTP proxy API
UTM-2617 Task: Create eos-ui-app-utm recipe
UTM-2620 Task: Create new pages for HTTP and SMTP proxy
UTM-2626 Bug: Proxy.pac not reachable because commands are not exposed
UTM-2629 Bug: list fields contains invalid empty string if datasource value is not set
UTM-2632 Bug: HTTP Proxy must start on all existing zones
UTM-2639 Bug: apply_config API do not reset the config changed flag
UTM-2642 Bug: API datasource backend writes csv and yaml as root
UTM-2647 Bug: Fix OFFLINE_MODE default value for HTTP proxy
UTM-2650 Task: Optimize proxy menu
UTM-2657 Bug: HTTP Proxy transparent local routes and rules are not created
UTM-2665 Task: Update eos-ui-app-utm package
UTM-2676 Task: remove child item under HTTP proxy menu
UTM-2679 Bug: Hash password of NCSA users
UTM-2682 Bug: Fix API to retrieve HTTPS settings
UTM-2688 Bug: Fix API for NCSA user renaming
UTM-2694 Bug: Misc fixes for new HTTP proxy API
UTM-2697 Improvement: Add name field to HTTP policy
UTM-2700 Bug: eos-ui-app-utm misc fixes
UTM-2703 Bug: Position of the new GUI iframe in mobile view is skewed
UTM-2706 Bug: fix italian language selector in HTTP proxy settings
UTM-2713 Improvement: Add API for HTTPS proxy certificate management
UTM-2716 Bug: eos-ui-app-utm misc fixes (part 2)
UTM-2722 Improvement: remove NO_SSLv2 from squid options
UTM-2725 Improvement: Introduce ERR_PROTOCOL_UNKNOWN template
UTM-2749 Task: eos-ui-app-utm misc fixes (part 3)
UTM-2755 Bug: squid 4.14 multiple CVE's
UTM-2766 Task: eos-ui-app-utm misc fixes (part 4)
UTM-2779 Bug: API for Access Policy Filter should not accept an empty list of IP, MAC, Zones or Domains
UTM-2780 Bug: Syntax definition needs to be refined in multiple places on HTTP Proxy UI
UTM-2782 Task: Define and implement new backend API for changing the order of a list of Access Policy rules in HTTP proxy
UTM-2786 Bug: Port range input field is misleading
UTM-2789 Bug: eos-ui-app-utm misc fixes (part 5)
UTM-2790 Bug: The HTTP proxy policy filter type selection should include also custom-defined webfilters
UTM-2791 Bug: PDC / BDC IP are missing from both frontend and backend (API calls)
UTM-2795 Bug: Proxy's access policy time restriction multiple issues
UTM-2796 Bug: TLS 1.0 and 1.1 is not disabled with non-transparent HTTPs proxy
UTM-2797 Bug: sslproxy_flags is no longer available on squid 4
UTM-2807 New Feature: eos-ui-app-utm misc fixes (part 6)
UTM-2810 Bug: Proxy API for authentication fails with auth_max_userip or auth_ipcache_ttl set to 0
UTM-2838 Improvement: Improve description strings of fastAPI model fields
UTM-2852 Bug: New HTTP and SMTP proxy pages unreachable from Switchboard portal
UTM-2884 Bug: HTTP proxy API does not accept empty values for upstream proxy username and password
UTM-2886 Bug: HTTP proxy NTLM authentication port to 6.x
UTM-2893 Bug: Fix of FE_36, UTM_2828, UTM_2824
UTM-2910 Bug: Proxy username groups are not correctly formatted when stored in datasource
UTM-2919 Bug: Squid exiting with bus error and persisting even after system reboot
UTM-2922 Task: Add unittests and validators on PolicyRule model
UTM-2924 Bug: SINGLE_DH_USE causing error due to openssl's option deprecation
UTM-2938 Task: Create an API to return available mime types
UTM-2944 Task: Missing dependency in tox environment for integration tests
UTM-2953 Bug: The UI should prevent squid fatal bungled configurations (crash) - Backend fix
UTM-2955 Bug: Missing dependency in tox environment for devmode


UTM-2163 Bug: HTTPS Proxy high memory usage

UTM Proxy: POP3

UTM-1523 Bug: POP3 whitelisted/blacklisted addresses are not considered with Cyren
UTM-1942 Task: Rewrite POP3 proxy GUI
UTM-1976 Improvement: Use bootstrap classes in POP3 GUI
UTM-2599 Bug: enabling POP3 will not start the service (smtp disabled)
UTM-2602 Bug: Intercept SSL/TLS encrypted connections having opposite effect


UTM-1317 Bug: BAD HEADER mails are quarantined AND passed
UTM-1337 Improvement: Basic interface to configure SMTP smarthost
UTM-1361 Task: Disable antivirus for SMTP proxy
UTM-1382 Bug: DSN option is not working correctly
UTM-1399 Bug: SSLv3 POODLE for SMTP Proxy
UTM-1429 Bug: IMAP authentication section not required for Hotspot product
UTM-1434 Bug: Sender address is wrongly set if verify_recipients is set to on
UTM-1437 Task: Disable ipv6 on postfix
UTM-1516 Bug: Missing saslauthd on yocto
UTM-1532 Epic: Postfix access control rewrite
UTM-1669 Improvement: Notify recipients when a virus mail has been detected
UTM-1700 Bug: smtpscan Traceback at boot if shoudstart is False
UTM-1966 Bug: amavisd-new doesn't restart after an unclean shutdown due to db corruption
UTM-1971 Bug: AMaViS temporary files are not removed after a day
UTM-2192 Improvement: Update Realtime Blacklist (RBL)
UTM-2320 Improvement: Add office macros extensions to SMTP proxy's list of blockable extensions
UTM-2511 Improvement: Reintroduce postgrey into 6.x
UTM-2541 Bug: Restart firewall correctly after restarting smtpscan
UTM-2557 Bug: Postfix fails to start on 6.x because of missing databases
UTM-2559 Bug: Enable SASL support for postfix on 6.x
UTM-2566 New Feature: Upgrade pyzord to 1.0.0
UTM-2580 Bug: Missing CSV config files from SMTP proxy datasource
UTM-2596 Bug: SMTP Proxy cannot load RBL
UTM-2691 Bug: Fix PlainFile ownership on API write
UTM-2710 Bug: Custom zones are not usable by SMTP proxy
UTM-2831 Bug: saslauthd needs to be ported to systemd init
UTM-2842 Task: Fix broken integration tests of SMTP proxy API
UTM-2846 Bug: Starting SMTPscan proxy having a static routing rule configured results in a traceback
UTM-2847 Bug: Some amavids config is ignored on EOS6
UTM-2849 Bug: SMTP proxy mail template language should be a single-select field
UTM-2885 Bug: RED zone missing from list of available zones in the SMTP proxy
UTM-2890 Bug: Fix of UTM_2877, UTM_2873, UTM_2879, UTM_2880
UTM-2891 Bug: Quarantine email sender/recipient addresses fields mismatch in SMTP proxy blocked files
UTM-2895 Bug: SMTP proxy smarthost settings are overridden by main settings
UTM-2932 Bug: Mail quarantine page 404

UTM Service: DHCP

UTM-1358 Bug: Missing default gateway, primary DNS and domain while enabling the DHCP Server
UTM-1364 Epic: DHCP Service reengineering
UTM-1368 Bug: Error displaying DHCP Server configuration
UTM-1372 Bug: DHCP enable checkbox disappears
UTM-1376 Bug: No possibility to use secondary subnet in DHCP server configuration
UTM-1391 Bug: DHCP failed to run
UTM-1537 Bug: Custom DHCP configuration not applied
UTM-1556 Bug: Wrong DHCP lease expire time
UTM-1574 Task: Before the netwizard, activate the DHCP server on the first interface
UTM-1638 Task: Disable DHCP server before the netwizard on software appliance
UTM-1685 Bug: Missing dhcrelay binary
UTM-1730 Bug: DHCP dynamic leases page show also expired leases
UTM-1749 Task: Upgrade Dnsmasq to 2.76
UTM-2099 Bug: Traceback restarting DHCP calculating zone addresses
UTM-2653 Bug: dhcprelay Append agent option fields not interactable
UTM-2856 Task: DHCP server: Duplicated WINS fields in UI
UTM-2930 Bug: Cannot set DHCP Max lease time

UTM Service: Dynamic DNS

UTM-2148 Improvement: efw-set-ddnss service fails
UTM-2461 Bug: Regfish dyndns is not working

UTM Service: Intrusion Prevention

UTM-1441 Bug: Unable to disable Snort rules due to a TypeError
UTM-1447 Bug: Snort rules based on "preprocessor ssl" prevent snort to start
UTM-1721 Bug: Modification to Snort rules are not applied
UTM-1789 Epic: Snort signatures management fixes
UTM-1859 Bug: Snort signatures are not updated
UTM-1939 Bug: QUEUEFW not cleaned after SNORT is disabled
UTM-1969 Bug: IPS not started on boot if no ALLOW with IPS rules are present
UTM-2029 Bug: IPS not started on boot if no uplink is active
UTM-2043 Task: Upgrade snort
UTM-2171 Bug: IPS alerts or Drops are not differentiated in the logs
UTM-2185 Improvement: New vuejs table for IPS rules editor
UTM-2197 Bug: Snort rules/rulesets are disabled on first policy change
UTM-2214 Improvement: Update snort to 2.9.13
UTM-2241 Improvement: Upgrade snort to 2.9.14
UTM-2301 New Feature: Add Intrusion Detection mode for snort
UTM-2345 Improvement: package Fail2ban
UTM-2863 Task: Introduce a selector to specify IDS or IPS mode
UTM-2923 Bug: cannot edit snort policies because of permissions after 5.x import

UTM Service: Quality of Service

UTM-1800 Bug: Unable to make QoS rules for OpenVPN Server instances

UTM Service: SNMP

UTM-1339 Task: Include snmp custom template
UTM-1662 Task: Rewrite SNMP Gui using VueJs v2 and REST controller
UTM-1978 Task: Use bootstrap classes in SNMP GUI
UTM-2133 Bug: Typo in new SNMP GUI
UTM-2188 Bug: Snmpd not starting

UTM VPN: Client

UTM-1822 Task: Add function for getting the OpenVPN client status
UTM-1886 Task: Send Endian Bus notification on client VPN connection/disconnection
UTM-2058 Task: New openVPN client GUI
UTM-2077 Improvement: OpenVPN Client (Gw2Gw) prevent to start when the protocol is written uppercase
UTM-2089 Improvement: Add the possibility of changing OpenVPN ciphers for Gw2Gw tunnels
UTM-2113 Improvement: Replace advanced accordion on GUI
UTM-2219 Bug: OpenVPN client files not cleaned on delete
UTM-2220 Bug: When a vpn connection name is edited a new connection is created
UTM-2234 Bug: VPN connections table not shown
UTM-2287 Bug: Path traversal vunerability in openvpnclient
UTM-2291 Bug: vpnclient settings file has lowercase keys
UTM-2339 Bug: OpenVPN tunnel name must be saved in lowercase
UTM-2350 Improvement: OpenVPN client must support weak server certificate if needed
UTM-2353 Task: Add checkbox to OpenVPN client GUI to accept weak server certificate
UTM-2820 Bug: TCP openvpn clients stop working after update


UTM-1347 Bug: VPN page doesn't load on Hotspot appliance
UTM-1643 Improvement: Restrict IPsec proposal usage (strict mode)
UTM-1687 Bug: VPN connection status for IPSEC/L2TP Host-to-Net connection doesn't show Assigned IP and Remote IP
UTM-1983 Task: Fix IPSEC menu
UTM-2157 Bug: Missing option in ipsec.secrets template file for green zone
UTM-2159 Improvement: Set default DPD action to CLEAR for XAUTH and L2TP
UTM-2174 Improvement: Add possibility to choose uplink IP on IPSEC Tunnel
UTM-2190 Bug: DPD Action always set to restart
UTM-2255 Improvement: Split IPSec settings and server instances on separate pages
UTM-2269 Bug: Data not removed from ipsec.secrets when ipsec tunnel is disabled
UTM-2393 Bug: IPsec service doesn't create configuration file if a VPN profile is present
UTM-2502 Task: send strongswan service log to journal
UTM-2659 Bug: The emi-select field to choose the ipsec authentication type is covered by the next form field and cannot be selected with the mouse
UTM-2942 Bug: IPsec configuration not reloaded after an IP interface change if not using main uplink


UTM-1333 Bug: OpenVPN Server packets loss when another client connects to the VPN
UTM-1348 Bug: Openvpn client (gw2gw) calls unexistent /bin/ip
UTM-1352 Bug: Missing openssl profile file
UTM-1457 Improvement: Show the total number of connections in "show openvpn"
UTM-1458 Improvement: Show the total number of connections in "show openvpn"
UTM-1474 Bug: Vpnclient not stopped when in HA slave
UTM-1591 Bug: Cannot use certificates with intermediate CAs for OpenVPN server
UTM-1615 New Feature: Upgrade OpenVPN to 2.3.12
UTM-1619 Task: Add an option for disabling channel encryption to OpenVPN instances
UTM-1633 Bug: VPN routing rules are not applied if the language is different from English
UTM-1646 Bug: OpenVPN authentication will fail if user passwords begin with "-"
UTM-1658 Task: Add encryption cipher and digest options to OpenVPN instances
UTM-1684 Epic: Add restart option in vpn postinst and trigger
UTM-1695 Bug: Changing OpenVPN server device type modifies the owner of some cache files
UTM-1702 Bug: Radius authentication does not work on VPN
UTM-1732 Bug: Extra lines included in available TLS ciphers for OpenVPN
UTM-1746 Improvement: Customize OpenVPN dnsmasq vpn prefix
UTM-1751 Improvement: Allow different certificates for each OpenVPN server instance
UTM-1762 Task: Use Base64 for encoding OpenVPN passwords
UTM-1764 New Feature: Update OpenVPN to 2.4.1
UTM-1771 Bug: OpenVPN stopped after efw-vpn update because of authentication daemon restart
UTM-1782 Task: Restructure OpenVPN status parser
UTM-1797 Improvement: Restructure OpenVPN GUI for handle instance with different certificates
UTM-1805 Bug: openvpn-user fakeconnect raises an exception if username contains a slash
UTM-1812 Improvement: Ignore authentication layer exceptions during OpenVPN restart
UTM-1833 Task: Upgrade OpenVPN to version 2.4.3
UTM-1847 Bug: OpenVPN server does not start due to invalid template
UTM-1890 Bug: VPN Connections are not shown
UTM-1913 Improvement: Add option for load custom TLS ciphers
UTM-1919 Bug: Triggers are not executed by openvpn-user fakedisconnect command
UTM-1922 Bug: Server OpenVPN problem after Update
UTM-1954 Bug: OpenVPN job does not start after reboot
UTM-2035 Improvement: Increase DH size for VPN
UTM-2071 Bug: Cannot generate a certificate due to empty GUI accordion
UTM-2079 Bug: Wrong VPN menu and invalid vpnclient template
UTM-2085 Improvement: Fix openvpn services
UTM-2093 Bug: Push block-outside-dns from OpenVPN Server
UTM-2167 Bug: Add verification on OpenVPN's IP pool range
UTM-2169 New Feature: OpenVPN bridged instance can't set virtual IP pool range on second subnet
UTM-2201 Bug: OpenVPN job crash due to purple_ip_begin parameter handled as mandatory
UTM-2204 Bug: Cannot change OpenVPN instance from TUN/TAP
UTM-2216 Improvement: New vpn client download page
UTM-2225 Task: VPN client download page not working
UTM-2228 Bug: Openvpn client does not log anything
UTM-2235 Bug: Openvpn client: deleting a vpn tunnel doesn't delete corrispective systemd unit
UTM-2239 Bug: Port forwarding rules pushed from OpenVPN server are not applied
UTM-2247 Bug: Purple ip range is validated also in routed instances
UTM-2250 Bug: Purple subnet for default Openvpn server contains gateway IP
UTM-2252 Task: Split OpenVPN settings and server instances on separate pages
UTM-2264 Bug: Cannot disable channel encryption to OpenVPN instances
UTM-2331 Improvement: Update OpenVPN to 2.4.9
UTM-2378 Bug: Wrong parsing of tls ciphers
UTM-2385 Improvement: Openvpn loadbalancing persistent dict must be moved in run
UTM-2421 Improvement: user should be passed to USER_TEMPLATE
UTM-2434 Bug: Routing table entry for a specific openvpn gw2gw connection is lost after re-connect
UTM-2442 Bug: OpenVPN server instance GUI allows to define tunnel using TUN device and /30 subnet
UTM-2495 Bug: OpenVPN will try to start also without a certificate ending up in a loop
UTM-2516 Bug: openvpnjob.client_disconnect removes net2net routing rules on OpenVPN server
UTM-2537 Task: Implement explicit-exit-notify
UTM-2823 Bug: Potential deadlock on VPN disconnect

UTM VPN: User & Group Management

UTM-1905 Improvement: Replace "Disabled for service" with "Enabled services" in user editor
UTM-2238 Bug: VPN users are not enabled by default
UTM-2402 Task: GUI to create VPN Users and groups shows collapsed widget

Product Machine Version
switchboard-macro-fws7840 fws7840 6.5.0
switchboard-macro-scb1721 scb1721 6.5.0
switchboard-virtual-x64 softwarex86-64 6.5.0

Frontend base

FE-126 Improvement: Unit test components for src-eos-ui-app-switchboard

Switchboard User management

SB-3512 Bug: Mails are not sent due to missing settings

Product Machine Version
macro-250-scb1721 scb1721 6.5.0
macro-500-scb1721 scb1721 6.5.0
macro-fws7840 fws7840 6.5.0
macro-scb1721 scb1721 6.5.0
mercury-50-scb1617a scb1617a 6.5.0
mercury-50-wifi-scb1617a scb1617a 6.5.0
mercury-100 nsa1150 6.5.0
mercury-fws2365 fws2365 6.5.0
mini-10 scb6901mmc 6.5.0
mini-10-wifi scb6901mmc 6.5.0
mini-25-scb6901mmc2 scb6901mmc2 6.5.0
mini-25-wifi-scb6901mmc2 scb6901mmc2 6.5.0
mini-fws2276 fws2276 6.5.0
software-enterprise-uefi-x64 softwarex86-64 6.5.0
software-enterprise-x64 softwarex86-64 6.5.0
virtual-uefi-x64 softwarex86-64 6.5.0
virtual-x64 softwarex86-64 6.5.0

Core API

CORE-4918 Bug: NTLM AD re-join not working after configuration changes - regression

Core Dashboard

CORE-4903 Bug: purge-events-db has not migrated completely from DataSource to SettingsFile

Frontend base

FE-132 Improvement: Unit test components for src-eos-ui-app-utm

Frontend design

FE-141 Bug: Content filter name not accepting editing once it hits an error exception
FE-145 Bug: HTTPs certificate settings should be seen only when the user selects full

Frontend page

FE-112 Bug: MimeTypes have no "how to compile" suggestion
FE-125 Bug: Domain / IP / MAC placeholders are adding items by right clicking or clicking on the page
FE-127 Task: Frontend for POP3 Proxy
FE-137 Task: Improve SMTP proxy black and whitelist page
FE-140 Bug: content filter error page display is broken with long URL's
FE-146 Bug: MimeTypes should be visible only if the access policy profile is set to deny
FE-155 Bug: virus error page is broken with long URL's
FE-164 Bug: SMTP proxy domain's page save button is always enabled

OS Yocto

EOS-2290 Task: Fix eos-ui-app-utm recipe


UTM-2964 Bug: c-icap if used with clamav will fail to connect to clamav


UTM-2959 Bug: src-efw-proxy contains deprecated code (havp, dansguardian)
UTM-2968 Bug: Squid ACL configuration files are not removed after rule deletion.
UTM-2971 Bug: HTTP and SMTP proxy zone configurations API returns 200 also with wrong zone ids
UTM-2986 Bug: squid error pages are served with static language, while urlfilter pages depends on browser language
UTM-3010 Task: Restore missing log pages for HTTP proxy

UTM Proxy: POP3

UTM-2947 Task: Create FastAPI for POP3 proxy configuration
UTM-2973 Bug: popscan job don't reset p3scan needreload flag
UTM-2980 Bug: bitdefender as antispam engine do not starts if pop3 proxy is enabled only on a user defined zone
UTM-2989 Bug: POP3 proxy firewall rules not applied when enabled - regression


UTM-2978 Bug: Drop templates of unsupported languages
UTM-2981 Bug: Spam black/whitelists should not accept IP addresses as input - Frontend
UTM-2985 Bug: Spam black/whitelists should not accept IP addresses as input - Backend
UTM-2988 Bug: Virus details not shown in quarantine email
UTM-2992 Task: Remove Japanese language from SMTP proxy
UTM-3006 Task: Restore missing log pages for SMTP proxy

UTM Webfilter: integrated

UTM-3012 Task: Restore missing log pages for webfilter

Product Machine Version
macro-250-scb1721 scb1721 6.5.0
macro-500-scb1721 scb1721 6.5.0
macro-fws7840 fws7840 6.5.0
macro-scb1721 scb1721 6.5.0
mercury-50-scb1617a scb1617a 6.5.0
mercury-50-wifi-scb1617a scb1617a 6.5.0
mercury-100 nsa1150 6.5.0
mercury-fws2365 fws2365 6.5.0
mini-10 scb6901mmc 6.5.0
mini-10-wifi scb6901mmc 6.5.0
mini-25-scb6901mmc2 scb6901mmc2 6.5.0
mini-25-wifi-scb6901mmc2 scb6901mmc2 6.5.0
mini-fws2276 fws2276 6.5.0
software-enterprise-uefi-x64 softwarex86-64 6.5.0
software-enterprise-x64 softwarex86-64 6.5.0
switchboard-macro-fws7840 fws7840 6.5.0
switchboard-macro-scb1721 scb1721 6.5.0
switchboard-virtual-x64 softwarex86-64 6.5.0
virtual-uefi-x64 softwarex86-64 6.5.0
virtual-x64 softwarex86-64 6.5.0

Frontend base

FE-143 Improvement: Fix src-ui-core imports

Product Machine Version
4i-edge-software-uefi-x64 softwarex86-64 6.5.0
4i-edge-software-x64 softwarex86-64 6.5.0
4i-edge-virtual-x64 softwarex86-64 6.5.0
4i-edge-x fws2275 6.5.0
4i-mini-fws2276 fws2276 6.5.0
macro-250-scb1721 scb1721 6.5.0
macro-500-scb1721 scb1721 6.5.0
macro-fws7840 fws7840 6.5.0
macro-scb1721 scb1721 6.5.0
mercury-50-scb1617a scb1617a 6.5.0
mercury-50-wifi-scb1617a scb1617a 6.5.0
mercury-100 nsa1150 6.5.0
mercury-fws2365 fws2365 6.5.0
mini-10 scb6901mmc 6.5.0
mini-10-wifi scb6901mmc 6.5.0
mini-25-scb6901mmc2 scb6901mmc2 6.5.0
mini-25-wifi-scb6901mmc2 scb6901mmc2 6.5.0
mini-fws2276 fws2276 6.5.0
software-enterprise-uefi-x64 softwarex86-64 6.5.0
software-enterprise-x64 softwarex86-64 6.5.0
virtual-uefi-x64 softwarex86-64 6.5.0
virtual-x64 softwarex86-64 6.5.0

Core Base system

CORE-4347 Improvement: Upgrade python3 to 3.7.9

OS Yocto

EOS-2002 Improvement: Add recipes for python3 package development

Product Machine Version
4i-edge-software-uefi-x64 softwarex86-64 6.5.0
4i-edge-software-x64 softwarex86-64 6.5.0
4i-edge-virtual-x64 softwarex86-64 6.5.0
4i-edge-x fws2275 6.5.0
4i-mini-fws2276 fws2276 6.5.0
macro-250-scb1721 scb1721 6.5.0
macro-500-scb1721 scb1721 6.5.0
macro-fws7840 fws7840 6.5.0
macro-scb1721 scb1721 6.5.0
mercury-50-scb1617a scb1617a 6.5.0
mercury-50-wifi-scb1617a scb1617a 6.5.0
mercury-100 nsa1150 6.5.0
mercury-fws2365 fws2365 6.5.0
mini-10 scb6901mmc 6.5.0
mini-10-wifi scb6901mmc 6.5.0
mini-25-scb6901mmc2 scb6901mmc2 6.5.0
mini-25-wifi-scb6901mmc2 scb6901mmc2 6.5.0
mini-fws2276 fws2276 6.5.0
software-enterprise-uefi-x64 softwarex86-64 6.5.0
software-enterprise-x64 softwarex86-64 6.5.0
switchboard-macro-fws7840 fws7840 6.5.0
switchboard-macro-scb1721 scb1721 6.5.0
switchboard-virtual-x64 softwarex86-64 6.5.0
virtual-uefi-x64 softwarex86-64 6.5.0
virtual-x64 softwarex86-64 6.5.0

Core API

CORE-4908 Bug: DNS Proxy source bypass not accepting MAC addresses
CORE-4915 Bug: systemd, apache2, "firewall" units not logging via SSE - livelogs

Core Base system

CORE-4625 Bug: Fix python3 DataSource path usage in configfiles
CORE-4723 Improvement: change gunicorn port to a non-common one
CORE-4736 Task: Create a controller to expose OpenAPI of emi commands
CORE-4742 Task: Use eos.apps as a namespace for EOS apps
CORE-4813 Improvement: Remove trailing slash from API

Core EMI

CORE-4920 Improvement: Fix Settings pages save button style

Core Event Notifications

CORE-4887 Bug: Notifications settings not in sync with main mail settings

Core Logging & Monitoring

CORE-4731 New Feature: Create an API to serve logs via Server-Sent Events
CORE-4900 Task: Proxy logs in livelog need to be ported to EOS 6.x

Core Update procedure

CORE-4885 Improvement: Restart Gunicorn only at the end of the upgrade transition

Core Web server

CORE-4867 Improvement: Apache: Upgrade to 2.4.54

Frontend base

FE-135 Improvement: Optimize Network Awareness endpoint config
FE-172 Task: Rename Network Awareness "New" badge with "Preview"
FE-93 Improvement: Unit test components for src-eos-ui-app-base

Frontend design

FE-139 Bug: Frontend notification is not visible and correct in case of missing channels for the updates

Frontend framework

FE-104 Improvement: Various Network Awareness improvements
FE-168 Improvement: Add tag to label the state of an Application

Frontend page

FE-138 Task: Frontend for DNS proxy
FE-148 Task: Frontend for live logs
FE-163 Task: Fix Network Awareness flow display
FE-167 Bug: Rename Time Machine into Network History

OS Buildsystem Tools

EOS-2296 Improvement: Compile pydantic with C speedups

OS Yocto

EOS-2185 Bug: Fix src-eos-* integration tests and code coverage
EOS-2288 Task: Pin dependencies for unittest correct execution
EOS-2294 Task: Fix unittests

UTM Enterprise API

ENTERPRISE-2581 New Feature: Fix licenses and cleanup of FastAPI source code

UTM Enterprise Appliance: Hardware

ENTERPRISE-2678 Task: Finalize mercury 100 product for 6.x

UTM Enterprise Monitoring, Reporting

ENTERPRISE-2565 New Feature: Package eos-app-netawareness
ENTERPRISE-2583 New Feature: package eos-ui-app-base
ENTERPRISE-2687 Improvement: Network Awareness: Disable Active Scan by default
ENTERPRISE-2689 Improvement: Network Awareness: Fix error if interface changes mac address

UTM Enterprise Network configuration: Enterprise

ENTERPRISE-2681 Story: Implement auto upgrade of geoip signatures

UTM Monitoring, Reporting

UTM-2912 Improvement: Finalize netawareness
UTM-3008 Improvement: Netawareness: Performance improvements and cleanup
UTM-3016 Improvement: Network Awareness: Improve flow performance

UTM Proxy: DNS

UTM-2950 Task: Create FastAPI for DNS proxy configuration
UTM-3003 Bug: blackholedns domains infinite loop when redirecting to httpd virtualhost


UTM-2623 Bug: Proxy models must handle also empty string for boolean fields
UTM-2636 Task: Add cookie-authentication dependency to proxy API
UTM-2673 Bug: strictly use on/off for boolean storage of API fields
UTM-2743 New Feature: Create webfilter API
UTM-2746 Improvement: Create webfilter profile API
UTM-2752 Bug: Fix webfilter API
UTM-2758 Improvement: Authenticate API docs
UTM-2774 Improvement: webfilter profiles changes must trigger HTTP proxy "config changed" flag
UTM-2799 Improvement: Improve HTTP Proxy error page template design


UTM-2576 New Feature: Define SMTP proxy openAPI
UTM-2587 Improvement: Improve field names in openAPI models
UTM-2590 Improvement: Move RBL to csv format and create API to read them
UTM-2593 New Feature: Create API to fetch if SMTP proxy config is changed and apply it
UTM-2614 Improvement: Use actions path to apply configuration in SMTP API
UTM-2685 Improvement: Handle new zones in SMTP proxy
UTM-2719 Bug: Fix API backend for IPv4 handling
UTM-2728 Bug: Smarthost settings needs to be validated
UTM-2734 Bug: validate smarthost data only when enabled
UTM-2737 Bug: enhance smtp proxy models validation
UTM-2740 Bug: move reject fields from spam settings to main settings
UTM-2767 Bug: SMTP proxy incoming domain can be also a FQDN
UTM-2899 Bug: SMTP proxy domain routing frontend has several problems
UTM-2941 Bug: Multiple problems while importing SMTP configuration backup
UTM-2977 Bug: SMTP proxy banned files extensions are saved to the datasource with the dot in front

Have more questions? Submit a request