6.32.3 has been moved to bugfix channel.
What’s new in 6.33 (2015-Nov-06 12:49):
*) dns - initial fix for situation when dynamic dns servers could disappear;
*) winbox - dropped support for winbox v3.0beta and v3.0rc (use winbox v3.0);
*) dhcpv6 - various improvement and fixes for dhcp-pd client and ippool6;
*) defconf - fixed rare situation where configuration was only partially loaded;
*) net - fix possible never ending loop when bad CDP discovery packet is received;
*) log - make default disk file name to reside in flash dir if it exists;
*) romon - change port list to be not ordered in export;
*) capsman - limit number of simultaneous DTLS handshakes;
*) capsman - fixed memory leak on CAP joining CAPsMAN when ssld is used;
*) winbox - added allow-fast-path to eoip, gre & ipip;
*) winbox - do not show power-cycle properties on non poe ports;
*) l2tp: implemented PPPoE over L2TP in LNS mode, RFC3817;
*) webfig - some of the setting were shifted to the right;
*) packages - allow to reinstall from bundle to separate packages & vice versa;
*) packages - prefer out of bundle packages when both of them are installed;
*) packages - fix a problem of upgrading bundle package to non bundled ones;
*) ipsec - force flow cache validation once in 1h;
*) winbox - make sure that all setting names get shown in full;
*) winbox - added poe power-cycle-ping settings to ethernet interfaces;
*) ppp - handle properly case were ppp client is given same address for local & remote end;
*) winbox - added vlan-mode & vlan-id to virtual-ap interface;
*) winbox - added timeout column to ipv6 address lists;
*) winbox - show SFP Tx/Rx Power properly;
*) winbox - added min-links to bonding interface;
*) winbox - do not show health menu on RB951Ui-2HnD;
*) winbox - added support for Login-Timeout & MAC-Auth-Mode in hotspot;
*) cerm - added option to disable crl download in ‘/certificate settings’;
*) winbox - make user ssh key import work again;
*) webfig - make “Copy to Access List” work in CAPsMAN Registration Table;
*) userman - fix report generation problem which could result in some users being skipped from it;
*) winbox - fix to allow cpu-port as mirror-target
*) proxy - error.html parsing enhancement to improve performance
*) CCR1072 - improve ether1 performance under heavy load
*) routerboard - indicate RouterBOOT type in /system routerboard print;
*) mpls - properly use mpls mtu for routes;
*) cerm - fix key description for signed certificates;
*) trafflow - report flow addresses in v1 and v5 without NAT awareness;
*) hotspot - add mac-auth-mode setting for mac-as-passwd option;
*) hotspot - add login-timeout setting to force login for unauth hosts;
*) auto-upgrade - fixed auto upgrade for smipsbe;
*) dns - do not create duplicate entries for same dynamic dns server addresses;
*) ipsec - fix set on multiple policies which could result in adding non existent dynamic policies to the list;
*) email - allow server to be specified as fqdn which is resolved on each send;
*) fastpath - eoip,gre,ipip tunnels support fastpath (new per tunnel setting “allow-fast-path”);
*) ppp, pptp, l2tp, pppoe - fix ppp compression related crashes;
*) cerm - also accept downloaded CRLs in PEM format;
*) userman - added ‘history clear’ to allow flushing undo history, which may take up significant amount of memory for huge databases with hundreds of users;
*) health - fix voltage for CRS109, CRS112 and CRS210 if powered from external adapter;
*) userman - added phone number support to signup form;
*) ip pool6 - try to acquire the same prefix if info matches recently freed;
*) ipsec - fix transport mode ph2 ID ports when policy selects specific ip protocol on initiator;
*) ipsec - use local-address for phase 1 matching and initiation;
*) route - fixed crash on removing route that was aggregated;
*) ipsec - fix replay window, was accidentally disabled since version 6.30;
*) ssh - allow host key import/export;
*) ssh - use 2048bit RSA host key when strong-crypto enabled;
*) ssh - support RSA keys for user authentication;
*) wlan - improved WMM-PowerSave support in wireless-cm2 package;
*) pptp & l2tp - fixed problem where android client could not connect if both dns names were not provided (was broken since v6.30);
*) auto-upgrade - added ability to select which versions to select when upgrading;
*) quickset - fixed HomeAP mode;
*) lte - improved modem identification to better support multiple identical modems;
*) snmp - fix system scripts table;
*) tunnels - eoip,eoipv6,gre,gre6,ipip,ipipv6,6to4 tunnels now support dns name as remote address;
*) fastpath - active mac-winbox or mac-telnet session no longer suspends fastpath;
*) fastpath - added per interface fastpath counters;
*) fastpath - added trafflow support in basic ipv4 and fasttrack ipv4 fastpath;
*) ppp - added on-up & on-down scripts to ppp profile;
*) winbox - allow to specify dns name in all the tunnels;
*) pppoe - added support for MTU > 1492 on PPPoE;
*) cerm - fix scep server certificate-reply degenerate PKCS#7 signed-data content;
*) ppp-client - added default channels for Alcatel OneTouch L100V;
*) defconf - fix for boards that had bridge with only wlan ports;
*) ovpn: support OpenWRT ovpn clients (or any other with enable-small option enabled);
*) cerm - use certificate file name for imported cert name;
*) fetch - fixed error message when error code 200 was received;
*) cerm - rebuild crl for local ca if crl file does not exist;
*) winbox - make directed broadcasts work for neighbor discovery;
*) upnp: automatically adjust mappings to new external ip change;
*) ppp - added ppp interface to upnp internals/externals if requested;
*) ppp - when adding ipv6 default route use user provided distance;
*) userman - allow to correctly enable CoA on router;
*) cerm - show crl nextupdate time;
*) ppp - added CoA support to PPPoE, PPTP & L2TP (Mikrotik-Recv-Limit, Mikrotik-Xmit-Limit, Mikrotik-Rate-Limit, Ascend-Data-Rate, Ascend-XMit-Rate, Session-Timeout);
*) ppp - added new option under “ppp aaa” - “use-circuit-id-in-nas-port-id”;
*) userman - refresh active sessions/users view dynamically;
*) package - added version tag and show everywhere alongside of version number;
*) wlan - improved 802.11 protocol single connection TCP performance for ac chipset with cm2 package.
Was able to get in after downloading Winbox 3.0.