zevenet timeline

ZEVENET 6.2.25 (Enterprise Edition)

14 June, 2023

[cluster] Improved ssyncd daemon logging
[farm] Allow set Alive parameter lower than ConnTO parameter when new generation proxy is disabled
[system] Improved logging when installing new ZEVENET packages
[system] Added ipv6 routing info in Supportsave

[cluster] Fixed sessions synchronization in HTTP farm with several services using persistence
[ssl] Fixed creating an existent Let’s Encrypt certificate
[routing] Fixed configure default IPv6 gateway
[farms] Fixed creating farms using IPv6 in VIP
[system] Fixed the following vulnerability issues:
CVE-2022-47015, CVE-2021-38185, CVE-2019-14866, CVE-2023-0466, CVE-2023-0465, CVE-2023-2650, CVE-2023-0464, CVE-2022-4141, CVE-2023-0054, CVE-2023-2610 and CVE-2023-1175

ZEVENET 5.13.4 (Community Edition)

9 June, 2023

[lslb] Avoid duplicating backends with the same IP and port
[proxy] Improved Err directives in the configuration file
[proxy] Code optimization
[proxy] Disallow broadcast IPs for backends

[lslb] Fixed start HTTP Farm when the process is running but PID file does not exist
[lslb] Fixed error in the farm config file when adding persistence
[proxy] Fix memory leaks on service unification
[proxy] Fix PARM type persistence
[proxy] Fix possible segmentation fault in Sessions CTL calls

ZEVENET 6.2.24 (Enterprise Edition)

30 May, 2023

[ipds] Improved the WAF Assistant management

[webgui] fixed Let’s Encrypt validate domains
[ipds] fixed Ruleset WAF status management
[cluster] fixed conntrack state initial synchronization
[system] fixed the following vulnerability issues:
CVE-2015-20107, CVE-2021-3177, CVE-2019-20907, CVE-2021-3737, CVE-2019-1010238, CVE-2020-8492, CVE-2022-45061 and CVE-2021-3733

ZEVENET 6.2.23 (Enterprise Edition)

15 May, 2023

[guardian] added Priority feature to farmguardian checks

[proxy] fixed recovery process handling

ZEVENET 6.2.22 (Enterprise Edition)

9 May, 2023

[system] added file descriptors in Supportsave

[cluster] fixed AWS cluster management account
[farm] fixed match proxy process running and PID file in system
[proxy] fixed X-Forwarded-For header management
[system] fixed the following vulnerability issues:
CVE-2023-26604, CVE-2023-28856, CVE-2023-29469 and CVE-2023-28484

ZEVENET 5.13.3 (Community Edition)

21 April, 2023

[system] certificates are not included in Supportsave by default
[proxy] fixed some memory leaks
[proxy] added session synchronization CTL API call
[proxy] minor optimizations
[proxy] sessions table optimization

[api] fixed LSLB farm sessions output.
[proxy] fixed backend pending connections stats
[proxy] fixed SSL/TLS options
[proxy] minor fixes

ZEVENET 5.13.2 (Community Edition)

31 March, 2023

[ssl] LetsencryptZ: restore the farm when a certificate renewal is finished by a timeout
[system] added file descriptors info in supportsave

[proxy] fixed chunked transfer encoding
[proxy] fixed websocket protocol
[api] fixed create copy from farm action
[api] fixed farm status calculation in backend actions
[api] fixed modify persistence TTL in HTTP farms

ZEVENET 6.2.21 (Enterprise Edition)

22 March, 2023

[ssl] LetsencryptZ: restore the farm when a certificate renewal is finished by a timeout
[cluster] fixed error in sync action when deleting files is performed at the same time
[system] fixed the following vulnerability issue:
CVE-2023-25136, CVE-2012-1151, CVE-2020-8991, CVE-2010-1161, CVE-2019-17595, CVE-2019-17595, CVE-2014-0479, CVE-2022-45873, CVE-2022-36021, CVE-2019-20454, CVE-2022-1587 and CVE-2022-1586

ZEVENET 5.13.1 (Community Edition)

10 March, 2023

[networking] improvement starting interfaces
[webgui] improvement applying farmguardian
[lslb] http: scheduling algorithm improvements
[lslb] http: improve pending connection count for backends

[system] fixed SupportSave command
[lslb] http: fixed redirect behavior

ZEVENET 5.13 (Community Edition)

24 February, 2023

New features:
[lslb] http: new ZEVENET HTTP/S core zproxy. Improvement on event handlers
[lslb] l4: updated ZEVENET L4 core nftlb

[ssl] added timeout control in Let’s Encrypt integration
[networking] interfaces management improvements for better performance
[system] code optimization for performance improving

[lslb] l4: fixed unload NAT protocols module

ZEVENET 6.2.20 (Enterprise Edition)

24 February, 2023

[ssl] improve timeout control in Let’s Encrypt integration
[ssl] added checks for Let’s Encrypt certificate actions
[webgui] added logging for Let’s Encrypt wildcard certificates

ZEVENET 6.2.19 (Enterprise Edition)

8 February, 2023

[guardian] improvement getting the farm status

[proxy] fixed delete sessions in maintenance “cut” mode in HTTP/S farms

ZEVENET 6.2.18 (Enterprise Edition)

31 January, 2023

[proxy] fixed macro VHOST in redirect
[farms] fixed HTTP farms mark management
[system] fixed HTTP backends stats

ZEVENET 6.2.17 (Enterprise Edition)

25 January, 2023

New features:
[system] add a binary to enable/disable new generation proxy

[proxy] fixed decode URL on redirect
[routing] fixed disable floating action

ZEVENET 6.2.16 (Enterprise Edition)

13 January, 2023

[rbac] allow user names starting with a number

[proxy] fixed HTTP farm stats management
[proxy] fixed location URL encoding in redirect responses

ZEVENET 6.2.15 (Enterprise Edition)

10 January, 2023

[system] added ZEVENET service restart flag in package installation

[cluster] fixed azure cluster management account

ZEVENET 6.2.14 (Enterprise Edition)

5 January, 2023

[networking] improve backend source address calculation

[api] fixed start farm action
[system] fixed the following vulnerability issue:

ZEVENET 6.2.13 (Enterprise Edition)

21 December, 2022

[cluster] improve cluster management and logging

[api] fixed virtual interfaces list status “down” string
[farm] fixed HTTP redirection to an HTTPS protocol URL
[farm] fixed HTTP logging issue
[system] fixed the following vulnerability issue:

ZEVENET 6.2.12 (Enterprise Edition)

28 November, 2022

[ssl] added a timeout for Let’s Encrypt automatic renew action
[ipds] do not run IPDS collector process by default
[networking] improve network actions process time

[farm] fixed HTTP response headers management
[ipds] fixed Blacklists migration script
[system] fixed the following vulnerabilities issues:
CVE-2022-43680, CVE-2022-29458, CVE-2022-40303, CVE-2022-40304, CVE-2022-23218, CVE-2022-44638, CVE-2022-0729, CVE-2021-3927, CVE-2021-3928, CVE-2021-3974, CVE-2021-3984, CVE-2021-4019, CVE-2021-4069, CVE-2021-4192, CVE-2022-0261, CVE-2022-0351, CVE-2022-0359, CVE-2022-0361, CVE-2022-0368, CVE-2022-0408, CVE-2022-0413, CVE-2022-0417, CVE-2022-0443, CVE-2022-0554, CVE-2022-0685, CVE-2022-0943, CVE-2022-1154, CVE-2022-1616, CVE-2022-1720, CVE-2022-1898, CVE-2022-1968, CVE-2022-2304, CVE-2022-2946, CVE-2022-3099, CVE-2022-3134, CVE-2022-3234, CVE-2022-3324, CVE-2022-3705, CVE-2022-0213, CVE-2021-4193, CVE-2022-0319, CVE-2022-0714, CVE-2022-0572, CVE-2022-1851, CVE-2022-2285, CVE-2022-2598, CVE-2022-0392, CVE-2022-1619, CVE-2022-1621, CVE-2022-1785, CVE-2022-1942, CVE-2022-1897, CVE-2022-2000, CVE-2022-0629, CVE-2022-3256, CVE-2022-2129, CVE-2022-2129, CVE-2022-3235, CVE-2022-0318, CVE-2022-0696 and CVE-2022-3352

ZEVENET 6.2.11 (Enterprise Edition)

28 October, 2022

New features:
[webgui] add a column to differentiate user-defined Blacklists from preloaded

[ssl] implemented SNI when creating CSR certificates

[farms] fixed unloading kernel NAT protocol modules
[farms] fixed L4xNAT maintenance management
[system] fixed the following vulnerabilities issues:
CVE-2021-33574, CVE-2020-27618, CVE-2022-23219, CVE-2021-35942, CVE-2020-6096, CVE-2021-3999, CVE-2021-3326, CVE-2016-10228, CVE-2021-27645, CVE-2019-19126, CVE-2019-25013, CVE-2020-10029, CVE-2020-1752 and CVE-2022-3515

ZEVENET 6.2.10 (Enterprise Edition)

13 October, 2022

New features:
[webgui] add a “save all” button

[cluster] improvement switching roles action

[ssl] fixed Let’s Encrypts Wildcard renew action
[webgui] fixed Local IP filter in Cluster settings
[system] fixed the following vulnerabilities issues:
CVE-2022-27404, CVE-2022-25308, CVE-2022-27405, CVE-2022-27406, CVE-2022-25309, CVE-2022-25310, CVE-2022-37434, CVE-2021-20223, CVE-2020-35525, CV
E-2020-35527, CVE-2021-3800, CVE-2022-0530, CVE-2022-0529, CVE-2022-40674, CVE-2022-31081, CVE-2022-42012, CVE-2022-42011, CVE-2022-42010 and CVE-

ZEVENET 6.2.9 (Enterprise Edition)

29 August, 2022

[ssl] add a stronger check to SSL certificates
[ipds] set WAF assistant enabled by default
[ipds] improvement of WAF assistant management

[ipds] fixed delete WAF rule conditions
[farms] fixed SRV and NAPTR type resources on GSLB farms
[system] fixed the following vulnerabilities issues:
CVE-2022-2469, CVE-2022-2509, CVE-2021-4209, CVE-2022-2625, CVE-2022-37452

ZEVENET 5.12.2 (Community Edition)

12 July, 2022

New features:
[ssl] add autorenewal configuration for Let’s Encrypt certificates

[farms] L4xnat: Add module parameters configuration in global.conf for SIP protocol
[ssl] reload farms renewing Let’s Encrypt certificates
[networking] improve default GW managing
[farms] L4xnat: improve multiport handle
[webgui] add backend status in LSLB view

[ssl] fixed renewing staging Let’s Encrypt certificates
[farms] L4xnat: fixed copy farm action
[system] reload cron configuration after zevenet restart
[networking] fixed configure default GW application order in ZEVENET service
[config] fixed remove zapikey from global.conf disabling root zapi permission

ZEVENET 6.2.8 (Enterprise Edition)

12 July, 2022

New features:
[ssl] add autorenewal configuration for Let’s Encrypt certificates

[ssl] reload farms renewing Let’s Encrypt certificates
[webgui] add backend status in LSLB view

[webgui] fixed activation certificate information
[ssl] fixed renewing staging Let’s Encrypt certificates
[system] fixed the following vulnerabilities issues:

ZEVENET 6.2.7 (Enterprise Edition)

30 June, 2022

[ipds] reload blacklists without disabling them
[ipds] schedule blacklists without restarting them
[system] improve activation certificate notifications
[networking] improve default GW managing
[farms] L4xnat: improve multiport handle

[networking] fixed configure default GW application order in ZEVENET service.
[ipds] fixed mismatched blacklists order applied
[farms] L4xnat: fixed copy farm action
[zenbui] fixed interface configuration file not updated
[system] fixed the following vulnerabilities issues:
CVE-2022-1292,CVE-2022-29824,CVE-2022-1664 and CVE-2022-24903

ZEVENET 5.12.1 (Community Edition)

17 May, 2022

[proxy] fixed rewrite location to avoid open redirect vulnerability
[farms] L4xnat: fixed mark masquerade
[farms] L4xnat: add recovery system in NFTLB daemon
[farms] L4xnat: translate the new L4xnat backend status “available” as “up”

[webgui] fixed tab title
[webgui] fixed checkupdate message

ZEVENET 6.2.6 (Enterprise Edition)

17 May, 2022

[cluster] Session replication daemon uses system profile
[farms] L4xnat: add recovery system in nftlb daemon
[api] add get farm status call
[system] improve managing activation certificate

[cluster] fixed registration HTTP farms in session replication daemon when changing the persistence
[proxy] fixed rewrite location to avoid open redirect vulnerability
[farms] L4xnat: fixed mark masquerade
[system] fixed cron redirection commands
[system] fixed the following vulnerabilities issues:
CVE-2022-1271 and CVE-2022-1552.

ZEVENET 5.12 (Community Edition)

3 May, 2022

New features:
[webgui] new web GUI with new Angular technology v12
[ssl] letsencrypt integration
[lslb] http: add and delete HTTP headers
[lslb] http: priority load balancing support
[lslb] http: rewrite URL directive (proxy pass)
[lslb] http: updated ZEVENET HTTP/S core zproxy
[lslb] l4: updated ZEVENET L4 core nftlb
[zcli] ZEVENET command line improvements
[api] 4.0.2 API version

ZEVENET 6.2.5 (Enterprise Edition)

19 April, 2022

New features:
[proxy] add timeout managing socket control

[system] avoid cerbot command listing LetsEncrypt certificates
[system] add PPID column in supportsave ps info
[stats] disable session information when they are not needed
[cluster] improve performance in sessions replication

[farms] fixed backend IP changed when a DHCP modification is performed
[farms] fixed HTTP farm migration script
[farms] fixed l4xnat virtual port changed to multiport when setting protocol to SIP
[farms] l4xnat: fixed scheduler symhash with only one backend available
[webgui] fixed certificate expiration time message

ZEVENET 6.2.4 (Enterprise Edition)

30 March, 2022

New features:
[system] allow Hostname as a rsyslog remote server

[farms] flush connections when a L4 farm is stopped/deleted
[farms] flush connections when a L4 backend is deleted

[farms] fixed L7 floating backend sourceaddress assignment
[networking] fixed routing rule validation
[networking] fixed no check route table before listing
[system] fixed the following vulnerabilities issues:
CVE-2021-4160, CVE-2022-0778, CVE-2021-25220, CVE-2019-17041, CVE-2019-17042, CVE-2021-3770, CVE-2021-3778, CVE-2022-24048, CVE-2022-24050, CVE-2022-24051, CVE-2022-24052, CVE-2021-43618, CVE-2021-46667, CVE-2021-3796, CVE-2021-35604, CVE-2021-46659, CVE-2021-46661, CVE-2021-46663, CVE-2021-46662, CVE-2021-46664, CVE-2021-46665, CVE-2019-15165, CVE-2019-20807, CVE-2018-25032

ZEVENET 6.1.27 (Enterprise Edition)

15 March, 2022

[networking] do not delete routes for a nonconfigured interface
[farms] add validation and migration script for HTTP directive “Alive”
[system] add scope validation modifying SNMP scope value.
[system] add ZEVENET 6.2 repository source

[farms] fixed established connection for a L4xnat farm are not shown
[ipds] fixed ordering the blacklists
[farms] fixed URL Pattern not allow comments in HTTP Farms
[system] fixed start nftlb if PID file exists but daemon is not running
[system] fixed issue migrating from iptables to nftlb in the backend status

ZEVENET 6.2.3 (Enterprise Edition)

15 March, 2022

[networking] do not delete routes for a nonconfigured interface
[farms] add validation and migration script for HTTP directive “Alive”
[system] add scope validation modifying SNMP scope value
[webgui] enable Cypress Studio for integration tests
[webgui] update Readme

[farms] fixed established connection for a L4xnat farm are not shown
[ipds] fixed ordering the blacklists
[farms] fixed URL Pattern not allow comments in HTTP Farms
[system] fixed start nftlb if PID file exists but daemon is not running
[webgui] fix network virtual create form
[webgui] fix blacklist edit form CSS
[webgui] fix memory leak in LSLB farm services list

ZEVENET 6.2.2 (Enterprise Edition)

4 March, 2022

New features:
[webgui] add farm blacklists move action

[farms] enable pound as a proxy by default
[rbac] avoid SO limitation pattern creating a RBAC user
[api] add validations to GET stats API
[api] change IPDS API response messages
[api] add ipds message error when configure duplicate WAF rule ids

[system] fixed delete zevenet certificate in factory reset
[system] fixed issue migrating from iptables to nftlb in the backend status
[networking] fixed configure default gw in the main routing table when a NIC is modified
[networking] fixed an Interface that can be reconfigured with the same IP
[networking] ignore dhcp parameter in Interface API if is equals to the configured one
[farms] fixed glsb stats service validation
[farms] get farm PID from the PID file, not from the system
[api] fixed create and modify route validation
[api] fix GET /stats/farms//services//backends to get backends by service
[api] fix cookieinsertion validation
[api] do not allow to create any http cookie directive with any blank parameter
[system] fixed the following vulnerabilities issues:
CVE-2022-0543, CVE-2022-25235, CVE-2022-25236, CVE-2022-25313, CVE-2022-25314, CVE-2022-25315, CVE-2022-24407

ZEVENET 6.1.26 (Enterprise Edition)

1 March, 2022

[proxy] add migration script for old proxy configuration files
[proxy] add a monitor that relaunches the process if it detects a segfault signal
[farms] get farm PID from the PID file, not from the system
[api] add validations to GET stats API
[api] remove name field from GET /stats/system/network/interfaces
[rbac] avoid SO limitation pattern creating a local RBAC user
[guardian] add migration script for old farmguardian configuration files

[farms] fixed GSLB stats service validation
[farms] reset L4 farm backend priority, weight and max connection values if send null
[api] fixed the create and modify route validation
[api] fixed cookie insertion validation
[api] do not allow to create an HTTP cookie directive with any blank parameter
[api] fixed status parameter for GET /stats/system/network/interfaces
[networking] ignore DHCP parameter in interface API if it is equal to the configured one
[networking] fixed configure default gw in the main routing table when a NIC is modified
[networking] fixed an Interface that can be reconfigured with the same IP
[networking] fixed an Interface can be configured with the same IP as a Virtual Interface
[networking] fixed list tables from rt_tables when the name contains “-” character
[ipds] fixed not_match field from ipds rules API
[ipds] WAF: fixed get default_log rule field
[ipds] WAF: modify disable_rules field after deleting a rule
[ipds] WAF: update SecRuleRemoveById when a disabled rule is modified
[ipds] WAF: check the rule IDs when setting the disable rules param
[system] fixed notification sec rules
[system] notifications config dir is excluded from synchronization
[guardian] fixed farmguardian conf modification when modifying a farm name

ZEVENET 6.2.1 (Enterprise Edition)

14 February, 2022

New features:
[webgui] add time range selector for time graphs
[webgui] show web GUI version in system information

[farms] optimizing L7 floating
[system] add host name to certificate and package alert messages
[farms] fixed reset L4 farm backend priority, weight and max connection values
[webgui] add tooltips in top navigation elements and breadcrumb links
[webgui] improved HTTPS security against web GUI with meta tag CSP (Content Security Policy)

[ipds] fixed check WAF rules ids when set the disable rules param
[ipds] fixed change WAF log sec rule for zproxy new WAF logs patterns
[ipds] fixed configuration of log rule field in WAF
[ipds] fixed issue updating some directives when a disabled rule is modified
[api] fixed minor issues adding require module
[api] fix description field for notification get API
[ipds] fixed WAF regex to avoid posting warnings and get rule name properly
[system] fixed executing permission missing in migration script
[guardian] fixed modification of farmguardian confguration when modifying a farm name
[system] fixed issue applying netplug template
[system] fixed zevenet certificate key changes if a backup is imported of other operating system
[system] fixed migration processes execution applying a backup

[system] fixed the following vulnerabilities issues:
CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-23852, CVE-2022-23990, CVE-2021-45960, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2021-46143

ZEVENET 6.2 (Enterprise Edition)

24 January, 2022

New features:
[system] VPN module
[farms] let’s encrypt integration in the web GUI
[farms] HTTP headers mangling for HTTP(S) profiles
[farms] URL mangling for HTTP(S) profiles
[system] new messages for notifications
[system] configure remote syslog in UDP/TCP mode

[system] ZCLI update
[farms] SSL errors improvements for HTTP(S) farms
[farms] Personalized WAF ERROR code 403
[system] multi-listeners for HTTPS web GUI and SSH service
[system] web GUI SSL certificate modification
[routing] added a new field for comments in the routing module
[cluster] more interfaces can be monitored and members of the cluster service
[ipds] improve user experience configuration for WAF OWASP rulesets
[webgui] new GUI with latest Angular version with user experience improvements

ZEVENET 6.1.25 (Enterprise Edition)

3 December, 2021

[system] add to checkupgrade the option to convert the load balancer in an early adopter version

[system] change zproxy logs pattern to fix a notification issue
[system] add execution permissions to the rebuild_delreg_files new script
[system] fix netcat usage in the checkupgrade script
[ipds] fix schedule param message from IPDS
[ipds] fix issue to keep WAF ruleset change after a package update
[networking] remove a warning
[networking] fix wrong bonding status on network statistics API call
[syslog] change the tag of a message from error to info
[farms] fix a bug restarting GSLB farms in ZAPI v3
[farms] fix error checking GSLB configuration file
[farms] add a validation for the farm redirect parameter
[farms] fix updated backend sourceaddress in edit backend action

ZEVENET 6.1.24 (Enterprise Edition)

4 November, 2021

[routing] fix an error creating a /32 mask rule
[system] recreate notifications config files when they are empty
[cluster] fix error in ssyncd when it replies sessions to zproxy
[proxy] fix the TTL session when it is added via API
[system] fixed the following vulnerabilities issues:

ZEVENET 6.1.23 (Enterprise Edition)

27 August, 2021

New features:
[farms] l4xnat: re-enable h232 protocol support

[config] clean config files when a NIC is removed from the system
[api] add root access permission check in API 3.2
[api] check AWS credentials and return code 400 in case of error, and new field status in GET /aws/credentials api
[config] separate nftlb debug config from global debug config
[webgui] check if the root user has access permission to the Web GUI before login
[networking] add a check for the rule action
[farms] l4xnat: speedup farm port ranges rules generation

[farms] l4xnat: fixed deleting persistence session for DSR
[config] fix misspelled global variable
[config] add missing semicolons in global.conf.template and add AZ logout in case of error setting AZ credentials
[system] fixed function input JSON decoding error in zevenet installation
[system] updated message after packages update
[zenbui] fixed remove previous interface configuration in Zenbui
[system] uninstall zevenet-ipds package at factory reset
[farms] l4xnat: fixed accept multiple ranges and ports as virtual port
[farms] l4xnat: fix elements flushing from a policy
[farms] l4xnat: add dynamic persistence rules and update timeout in DSR mode
[system] fixed the following vulnerabilities issues: CVE-2021-36222

ZEVENET 6.1.22 (Enterprise Edition)

5 July, 2021

[farms] fixed the backend source address NATing for l4xNat when virtual interfaces are used
[farms] fixed the backend source address NATing for l4xNat when a virtual interface event is performed
[system] set the default rt_tables file in factory reset

ZEVENET 6.1.21 (Enterprise Edition)

25 June, 2021

[farms] L4xnat: autodetect backend source-address via the routing table

[farms] L4xnat: fixed set route table source as backend address when the route is not applied in the system
[farms] L4xnat: set routing table source instead of floating VIP as backend address
[farms] fixed no update backends status when performing changes of IPDS in a farm
[ipds] fix WAF data files installation path fault
[system] fixed the following vulnerabilities issues:
CVE-2021-3541, CVE-2021-3580, CVE-2021-2154, CVE-2021-2166, CVE-2021-28153, CVE-2021-3537, CVE-2021-31871, CVE-2021-33560, CVE-2020-24977, CVE-2021-25217, CVE-2021-27218, CVE-2021-27219, CVE-2020-24659, CVE-2021-20305, CVE-2021-3516, CVE-2021-3518, CVE-2021-3517, CVE-2021-31873, CVE-2021-31872, CVE-2021-27928, CVE-2021-20232, CVE-2021-31870, CVE-2021-20231

ZEVENET 6.1.20 (Enterprise Edition)

18 May, 2021

[ssl] add openssl configuration to backup/supportsave

[farms] L4xNAT: fixed enable logs when the nattype is changed
[farms] L4xNAT: fixed log type on DSR and Stateless DNAT L4xNAT Farms
[farms] HTTP profile was returning a non valid URL when WAF resolution is redirect
[farms] HTTP profile returning a non valid URL when WAF resolution is redirect
[system] fixed the following vulnerabilities issues:
CVE-2021-3449, CVE-2021-21309, CVE-2021-3393, CVE-2020-26116, CVE-2019-13952, CVE-2019-20367, CVE-2020-8231, CVE-2020-8169, CVE-2020-8285, CVE-2020-8286, CVE-2020-8177, CVE-2020-8284, CVE-2021-22876, CVE-2021-22890, CVE-2021-25214, CVE-2021-25216, CVE-2021-25215, CVE-2021-3520, CVE-2021-31535

ZEVENET 6.1.19 (Enterprise Edition)

10 May, 2021

[farms] improve the validation for l4xnat port ranges
[farms] configure ALL protocol when all ports are set
[farms] fix an issue related to virtual port when an l4xnat farm is created
[cluster] stop routes in the backup node when a virtual interface is deleted
[cluster] update the slave routing tables when a new route is added in the master node
[networking] remove from the system all custom routes that depend on an interface when this interface is stopped
[stats] fix extra pending connection calculation getting backend status
[stats] remove the initial undefined backend status
[ipds] WAF configures the “SecRequestBodyLimit” instead of ‘SecRequestBodyNoFilesLimit’
[ipds] set the “variable” parameter of WAF as mandatory
[webgui] show the name of the file when in a WAF rule the operator ‘strPhrasesFromFile’ or ‘ipMatchFromFile’ is set
[webgui] fix some typos
[webgui] fix the “update” action in WAF module
[webgui] remove the protocols: amanda, irc, h323, netbios-ns and sane
[webgui] fix errors in service editing when the service has the string “session”

ZEVENET 6.1.18 (Enterprise Edition)

24 March, 2021

[cluster] remove azure account after deleting azure cluster configuration

[farms] changed function from checkport to validatePort
[ssl] Letsencryptz forced to use HTTP challenge
[cluster] fixed IP announce in Master node, it is not performed when the backup node is started
[cluster] fixed restart farm on the backup node
[networking] fixed Nonexistent NIC Interface Configuration File is not removed

ZEVENET 6.1.17 (Enterprise Edition)

23 February, 2021

[cluster] fixed ssyncd daemon listens on all interfaces
[system] fixed sending gratuitous ARP for down Virtual Interfaces
[system] fixed the following vulnerabilities issues:
CVE-2021-23841, CVE-2021-23840, CVE-2019-1551, CVE-2020-8625, CVE-2021-24032, CVE-2021-24031, CVE-2021-23841, CVE-2021-23840, CVE-2019-1551, CVE-2020-8625

ZEVENET 6.1.16 (Enterprise Edition)

12 February, 2021

[webgui] added priority column for backends in HTTPS farms if proxy new generation is in use
[system] fixed some port check issues configuring farm and management services

ZEVENET 6.1.15 (Enterprise Edition)

11 February, 2021

New features:
[cluster] added cluster support in Azure

[farms] remove deprecated l4xnat helpers from API

[farms] do not allow auto-updating certbot for letsencryptz
[farms] added checks for VIP, VPORT and protocols for usage in new farms creation
[farms] allow configuring DNS Servers even when no Server is configured yet
[system] fixed the following vulnerabilities issues:

ZEVENET 6.1.14 (Enterprise Edition)

11 December, 2020

[lslb] add a directive to HTTP farms to control the maximum HTTP body analyzed by the proxy.
[api] validate that the name of the objects won’t be “0”
[api] validate the netmask when an interface is modified
[system] add cron information to supportsave
[stats] get farm established connections from binary instead of conntrack (for HTTP profile)

[proxy] avoid double port appending in location rewrite.
[proxy] update session-id from the response.
[proxy] do not pass the HTTP body to the WAF when the HEAD method is used.
[proxy] reload WAF rulesets if the proxy daemon fails.
[webgui] fixed message of translations module.
[farms] force farms status down in boot time if the process is not running when is set
[farms] modify the VIP of the farms when the interface is modified (VLAN and bonding).
[lslb] confirm proxy is killed when HTTP farm is stopped.
[system] reconfiguring APT if the certificate serial changed when checkupgrades is executed.
[system] modify the Ssyncd binary path.
[stats] some graphs are not created depending on the bonding name.
[networking] failed to get interface status when it is unset.
[networking] DHCP does not start/stop in bonding interfaces
[networking] applying IP routes and IP rules after creating table ID
[rbac] a user without permissions could watch the farm stats and graphs.

ZEVENET 6.1.13 (Enterprise Edition)

13 November, 2020

[ipds] added the source IP in logs if WAF detects a threat
[farms] accepted none value in l4xnat for disabling persistence
[networking] it is not required to stop slaves from bonding before adding them to the interface
[webgui] homogenized buttons and forms in all the web GUI
[webgui] fixed some forms for routing configuration

[networking] fixed add new IPs and apply routes by netplug when the link is UP
[networking] fixed no check slaves when bringing UP a bonding
[cluster] cluster process is not checked if cluster service is not previously configured
[system] disabled useless SNMP errors in Syslog
[system] systems zevenet reload after executing migration scripts
[networking] fixed deleting old rules when a VLAN or bonding is deleted
[system] letsencrypt creates certificates in lower case
[ipds] WAF rules were not ordered properly
[farms] deleted old temporal files in /tmp/ for l4xnat serializer binary
[farms] modified the default value for directive 100-Continue.
[networking] fixed config status when bonding is created
[farms] error returned if the copy farm action fails
[farms] fixed copying a farm if WAF is configured
[networking] fixed error adding IPv6 routing rules
[networking] fixed writing routing rules if the web form field is unset
[networking] configure the NIC in status DOWN if it is added to a bonding
[ipds] fixed issue parsing WAF rules in web GUI view
[networking] Isolated NICs can be configured in the main table
[farms] priority column hidden in HTTP farms when proxy next generation is disabled
[farms] fixed some memory leaks in the l4xnat serializer

ZEVENET 6.1.12 (Enterprise Edition)

14 October, 2020

[system] updated libmodsecurity library
[cluster] cluster interface and slave interfaces can’t be edited
[networking] skip bonding mac change if it is already configured on the system
[zcli] autocomplete improvements for some calls
[cluster] improved the node replication objects when the cluster node not in MASTER role is reachable again
[webgui] added translation messages

[networking] fixed updating virtual interface mask
[cluster] sync any change in virtual interface
[networking] avoided configuring bonding interface twice starting zevenet service
[routing] global route params are used wen route table is listed
[rbac] supported dot in the username field
[farms] farmguardian was not stopped if node entered in the maintenance
[cluster] priority 10 causes Master role on the wrong node
[cluster] disable maintenance on the cluster node could be performed with cluster interface DOWN
[cluster] fixed resync node when a node leaves maintenance mode
[cluster] conntrack sync was not called properly once node entered in MASTER status
[farms] switching proxy ng was not done properly
[farms] avoided running a farm if virtual IP is no UP
[cluster] fixed leaves maintenance mode when a link UP is received
[farms] fixed HTTP(S) header persistence session
[farms] fixed error reloading WAF rules in HTTP(S) profiles

ZEVENET 6.1.11 (Enterprise Edition)

3 September, 2020

[ipds] added/delete IPs in the blacklist module in batching
[rbac] added more tests to the LDAP connector for bind DN, filter, and bind user
[certs] added a new unknown status if the certificate format is not detected
[webgui] allowed to search a Virtual IP using the field alias in the farm creation
[webgui] graphs for network traffic changes to Gbytes or Tbytes based on the total of bytes received

[cluster] netplug always starts cluster in backup mode discarding maintenance mode
[ssl] fixed issue managing SSL certificates with an unknown format
[ssl] added information if not valid SSL certificate format
[system] fixed issue showing the number of CPU cores if the value is higher than 10
[networking] fixed resetting MACs when a NIC is added/removed of a bonding interface
[system] fixed internet connection check for packages update.
[webgui] added support to DH 2048 in the web server
[farms] fixed error 500 listing GSLB backends
[ssl] removed the key file is a CSR is deleted
[farms] added Alias field when a backend is created
[farms] validate the backend ID before creating sessions
[farms] unset priority for farms if no proxy of the new generation is in use
[farms] fixed issue deleting DSLB farm if the interface used in VIP is down
[farms] update backend priority after backend status change
[webgui] fixed refresh alias if backend changes
[webgui] STS directive is enabled/disabled if HTTPS listener is enabled/disabled without refreshing the view
[webgui] fixed typos in messages for the translation module

ZEVENET 6.1.10 (Enterprise Edition)

30 July, 2020

[farms] fixed maintenance mode for a backend with multiport
[webgui] improved translation messages
[webgui] change VLAN name to VLAN ID instead
[system] virtual IPs are configured properly if cluster switches in AWS
[cluster] deleted cluster status if the system is rebooted
[networking] fixed Routing tables configuration with DHCP in AWS

ZEVENET 6.1.9 (Enterprise Edition)

14 July, 2020

[webgui] fixed issue creating modifying Alias for VLANs in bonding interfaces

ZEVENET 6.1.8 (Enterprise Edition)

7 July, 2020

[system] kernel updates, fixed the following vulnerabilities: CVE-2019-11477, CVE-2019-11478, CVE-2019-11479

[webgui] fixed activation certificate format
[webgui] fixed error disabling/enabling farmguardian
[webgui] factory reset button enabled
[webgui] delete an action if del button in keyboard is pressed for WAF

ZEVENET 6.1.7 (Enterprise Edition)

3 July, 2020

[ipds] blacklisted IPs now are deleted based in the source instead of the dynamic ID

[farms] fixed deleting dynamic sessions pined to the deleted backend
[farms] fixed ethernet address discovery for IPV4 backend addresses
[webgui] fixed infinite spinner when a delete action is executed
[webgui] fixed updating and adding aliases for all the network interfaces
[system] fixed issue with the licenses in the subscription plans

ZEVENET 5.2.20 (Enterprise Edition)

2 July, 2020

[farms] improved the l4 load-balanced algorithm for an equal connection sharing

ZEVENET 6.1.6 (Enterprise Edition)

12 June, 2020

[webgui] added spinner to force changes in proxy of the new generation
[webgui] added messages to the translation module
[ipds] added description to WAF operators

[webgui] fixed table of backend GSLB with spinner and delete actions
[webgui] fixed backends ID in backends table of farms GSLB
[webgui] fixed creating an alias and create interface alias
[webgui] fixed WAF variables used in forms, data is loaded from API
[webgui] fixed error renaming blacklist
[webgui] changed the update method in routing rules
[webgui] fixed creating and updating routing rules
[webgui] fixed the refresh of stats
[webgui] fixed search of WAF variables
[webgui] fixed changing the schedule for a blacklist
[ssl] fixed issues in letsencrypt certificates management renovations
[ipds] fixed copying RBL lists
[lslb] fixed marks assignment for l4xnat backends
[routing] fixed issue modifying priorities of routing rules
[ipds] fixed deleting blacklist of HTTP profile
[zcli] fixed some issues in autocomplete for boolean values

ZEVENET 5.11.1 (Community Edition)

22 May, 2020

[farms] improve performance saving and loading high number of elements
[farms] fix backend maintenance deletion
[farms] keep backend rules in maintenance mode
[farms] fix sigsegv when there is no backend
[farms] disable static sessions when backend is not available due to priority
[farms] avoid limit per client when configured connection limit per backend
[system] change the path for nft binary

ZEVENET 6.1.5 (Enterprise Edition)

18 May, 2020

[webgui] improved translation messages
[webgui] added a button to view certificate content
[waf] better message description in each operator and variable
[lslb] warning message is shown if farmguardian is not configured

[lslb] fixed issues connecting to letsencrypt for requesting a new certificate
[system] fixed update packages in the backup node
[lslb] fixed cut mode maintenance behaviour
[lslb] fixed stopping farmguardian in the service name is a number
[lslb] forced to calculate source address for NAT in l4xnat profiles
[lslb] WAF rules were not configured properly if proxyNG was disabled
[lslb] fixed issue in maintenance with drain mode
[lslb] fixed crash when a session was established in a backend in l4xnat
[cluster] fixed issue with the rsa private keys recreating the cluster

ZEVENET 5.11 (Community Edition)

12 May, 2020

New features:
[system] introduce full management command line interface, named zcli
[api] introduce zapi version 4.0.1 including the new features automation
[farms] introduce L4 DSR session persistence support
[farms] reload the runtime http farm configuration when a change is done in the webgui
[farms] button to copy farms

[system] add more information to supportsave about zproxy process
[farms] allow creating farms with the same networking settings
[farms] faster start of farmguardian
[system] add verbose messages in case supportsave has not been generated properly
[system] updated netcat package used for networking test purpose
[farms] if all ports are balanced then all protocols should be configured by default
[system] improve management of errors

[farms] HTTP profile was not stopped properly
[ssl] some SSL certificates were not moved to the certificate store
[system] do not start SNMP service if it is disabled
[stats] fix an error in HTTP backend stats
[farms] enable a minimum log level for HTTP farms
[system] fix an error dumping sessions information in supportsave
[ssl] load long certificate lists in less than 1 minute
[farms] solved routing rules for sd-wan (dslb)
[system] now SNMP is started after a reboot
[farms] solved connection issues with farmguardian and persistence
[farms] fixed persistence table management in l4xnat
[system] check the networking settings before applying the configuration to avoid error messages in logs
[webgui] optimize certificates table pagination load
[farms] fixed dashboard view for dslb farms
[webgui] allow using the colon in the password field

ZEVENET 6.1.4 (Enterprise Edition)

1 May, 2020

[system] fix an error in the upgrading process that avoids upgrading the cluster backup node
[api] add the HTTP error code 410 to ZAPI version 3.1

ZEVENET 6.1.3 (Enterprise Edition)

30 April, 2020

[networking] announce ARP packet when an interface is created (This only applies when ARP announcement is enabled)
[system] allow passwords until 512 characters
[webgui] add warnings message when a bad backend priority configuration could put the farm out of service

[networking] fix an error showing the MAC in virtual interfaces
[networking] fix an error announcing ARP when the cluster is not set
[proxy] the NG proxy is disabled by default
[stats] fix an error in the networking units graphs
[ssl] fix the SSL certificate format
[ipds] improve the system management for DoS rules
[lslb] remove backends sessions before delete or stop a backend
[lslb] fix an error in l4xNAT farms that use backend with a maximum of connections
[lslb] fix an error calculating weight in l4xNAT farms that use least connections algorithm
[lslb] fix an error setting the redirect in HTTP farms
[system] fix an error starting the notification daemon
[system] returns an error when the system fails disabling duplicated networks
[webgui] add some missing messages in the translation module
[webgui] fix an error putting the backend in maintenance mode

ZEVENET 5.2.19 (Enterprise Edition)

22 April, 2020

[farms] added an internal locking system to l4xnat farms management
[farms] added protection to avoid marks corruption in l4xnat farms

ZEVENET 6.1.2 (Enterprise Edition)

14 April, 2020

[farms] restart farm is not needed anymore when services are ordered
[webgui] some messages have been fixed for the language module

[farms] HTTP profile was not stopped properly
[ssl] some SSL certificates were not moved to the certificate store
[rbac] check users against LDAP if ZAPI key is used
[networking] allowed to enable/disable duplicated_net flag
[system] do not start SNMP service if it is disabled
[webgui] fixed documentation link for certificates view

ZEVENET 6.1.1 (Enterprise Edition)

3 April, 2020

[system] add more information to supportsave about zproxy process
[cluster] protect backup from master updates when upgrading the system

[farms] fix the backend routing rules for l4xnat farms
[stats] fix an error in HTTP backend stats
[farms] enable a minimum log level for HTTP farms
[system] fix an error dumping sessions information in supportsave
[rbac] fix an error retrieving the list of expected parameters in adding RBAC user ZAPI request

ZEVENET 6.1 (Enterprise Edition)

31 March, 2020

New features:
[networking] routing module to manage static routing rules
[webgui] multi Language module
[ipds] WAF rules editor from the web gui
[farms] button to copy farms
[rbac] LDAP connector to authenticate RBAC users
[system] introduce full management command line interface, named zcli
[farms] introduce high performance HTTP and HTTPS load balancing reverse proxy core, named zproxy
[api] introduce zapi version 4.0.1 including the new features automation
[farms] introduce priority algorithm for HTTP profile
[farms] introduce L4 DSR session persistence support

[ipds] blacklist update scheduler optimization
[system] add web gui section for advanced settings: ARP announcement, allow routing subnet duplication, session replication service management
[farms] allow creating farms with the same networking settings

[ipds] set the default action for all WAF phases

ZEVENET 6.0.18 (Enterprise Edition)

6 March, 2020

[certs] load long certificate lists in less than 1 minute
[gui] optimize certificates table pagination load
[farms] solved routing rules for sd-wan (dslb)
[farms] fixed dashboard view for dslb farms
[system] fixed system checks that are running in Azure

ZEVENET 5.10.1-1 (Community Edition)

3 March, 2020

New features:
[proxy] add/delete response headers
[proxy] add multi-listener support
[proxy] add support to listener config reload
[proxy] added WAF support (libmodsecurity3, disabled by default)
[proxy] added automatic memory trimmer
[proxy] add backend server priority setting
[proxy] add -R option to reload listener configuration from file

[proxy] add missing extended HTTP verbs
[proxy] add centralized regex manager
[proxy] add listener CTL management support
[proxy] schedule redirect response if backend connection fails
[proxy] do not load balance if only 1 backend is present
[proxy] add better information in logs
[proxy] set static maximum SSL handshake retries
[proxy] added case insensitive comparator to Headers map

[proxy] fixed incomplete response parse continuation
[proxy] fixed Location and Content-Location wrong protocol if RewriteLocation=2
[proxy] fixed crash parsing an HTTPS listener
[proxy] fix session cookie header value parser
[proxy] invalidate sessions if the backend is down
[proxy] fix cookie session-id comparation
[proxy] fix crash on process exit
[proxy] reply err503 on abrupt connection close by the backend
[proxy] fix malformed log data

ZEVENET 6.0.17 (Enterprise Edition)

11 February, 2020

[cluster] faster cluster configuration process
[farms] faster start in farmguardian
[cluster] updated VRRP cluster service

[farms] fixed memory leaks in session replication service
[cluster] fixed cluster switching to MASTER in both nodes before to any configuration
[farms] farmguardian was started twice per farm
[system] now SNMP is started after a reboot

ZEVENET 6.0.16 (Enterprise Edition)

4 February, 2020

[webgui] fix cluster web form

ZEVENET 6.0.15 (Enterprise Edition)

21 January, 2020

New features:
[system] introduce support of AWS cluster support

[system] add verbose messages in case supportsave has not been generated properly
[system] updated netcat package used for networking test purpose

[lslb] fix error deleting SSL certificates in HTTPS farms
[rbac] add check if the user or group already exists in the system
[system] modify binary path for AWS support
[lslb] fix stateless DNAT source MAC translation

ZEVENET 6.0.14 (Enterprise Edition)

12 November, 2019

[system] enable / disable Arp announcement for VIPs
[farm] new HTTP verbs group with OPTIONS enabled

[networking] disabled check internet connection before to configure APT repository
[cluster] check cluster status every 30 secs
[webgui] allow using the colon in the password field

ZEVENET 6.0.13 (Enterprise Edition)

24 October, 2019

New features:
[webgui] allowed restart WAF ruleset to apply changes
[webgui] link to farm stats from status icon inside farm edition
[webgui] allow configuring response headers in HTTP farms

[webgui] configure minutes in the range of 30 for scheduling remote blacklist downloads
[webgui] changed some tables behavior, pagination persistence and pages listing to ALL
[ipds] added blacklists download queuing
[farms] added OPTIONS verbs to the default verbs in HTTP profiles
[cluster] register farms in ssyncd only if persistence is enabled
[farms] if all ports are balanced then all protocols should be configured by default

[webgui] solved typos to destroy a cluster
[webgui] fix changing the password from RBAC Users
[webgui] fix typo in virtual interface tag
[webgui] solved typo verbs in HTTP farms
[farms] solved connection issues with farmguardian and persistence
[cluster] solved memory leaks with ssyncd
[cluster] fix ssyncd farm registration issues
[farms] fixed persistence table management in l4xnat
[system] fixed issue updating packages with proxy configured

ZEVENET 5.2.18 (Enterprise Edition)

23 October, 2019

[farms] add an option to allow the ‘options’ HTTP verb with the ‘extended HTTP requests’ set of verbs

[networking] set the default gateway in the boot although certificate is expired
[stats] fix an error showing the l4xnat stats in multiport farms

ZEVENET 5.10.1 (Community Edition)

11 October, 2019

[webgui] restart notice message after HTTPS changed parameters

[farms] fix dh2048.pm path in HTTP template file
[farms] force protocol to ALL when all ports are selected in l4xnat farms
[farms] fix an error modifying https ciphers
[guardian] fix an error copying a farmguardian
[farms] fixed deleting backend ports
[webgui] the webgui actions are translated
[webgui] fix the behavior of javascript messages
[proxy] ssl connections management bugfixes and cleanups
[proxy] fixed redirect behaviour
[proxy] fixed pinning behaviour with SSL protocol
[proxy] fixed URL matcher
[proxy] assign new backend if a timeout is reached
[proxy] assign different backend if session information is not found

ZEVENET 6.0.12 (Enterprise Edition)

10 October, 2019

[cluster] added mutex to cluster events change roles
[system] unlimited number of threads per PID

[farms] farmguardian stops suddenly after starting

ZEVENET 5.10 (Community Edition)

9 October, 2019

New features:
[farms] add persistence between clients and backends using hashes depending on “ip”, “port”, “mac”, “source ip and source port” or “source ip and destination port”
[farms] add option to l4xnat to set the port
[farms] add nat type based on stateless dnat
[webgui] add module to translate the webgui to a different language
[webgui] show the session tables for l4xnat farms
[webgui] retrieve the parameter list accepted by the API for a call when it is called without parameters (POST and PUT methods)

[farms] remove and modify backends using the nft mark
[farms] apply deterministic order to farm listings (sorting alphabetically). Pull request from the github user brudo, by William Bruce Dodson
[farms] do not control Access-Control-Allow_Origin header when the request is using the zapi key
[farms] disable the HTTP parameter “ECDHCurve” by default
[farms] add check to avoid port collision with l4xnat farms
[farms] lock HTTP farm config file while a service it is being modified
[farms] create a dummyTable to start the nf_conntrack module
[farmguardian] add checks for “sip” and “redis”
[system] restart web server when ZEVENET is restarted
[system] set the binaries path in the global.conf file
[system] update system dependencies
[system] expand error message
[system] remove the zlb-stop and zlb-start files from the package and set them as templates
[system] postinst refactoring
[system] apply perltidy to code files
[system] move logic from API to the library
[system] remove completely iptables code and dependencies
[system] export global.conf to bash scripts
[system] set all log tags in lower case
[system] check the uploaded backups before that stores it
[system] change restart services for reloading them in cron tasks
[system] move profiling logs to debug level 5
[system] add more system information to supportsave
[api] log the JSON input parameters
[api] standardizer API calls for copying actions
[api] improve the validation of the parameters
[api] refactoring for farm module
[api] returns an error if a sent parameter was not expected for the call
[api] created a new call for getting system information
[cluster] move the local configuration to a local directory
[networking] add arp announce feature after any IP configuration
[networking] masquerade traffic towards the backend with the parent interface of the vip

[system] fix an error of looping when a backup is applied
[system] omitting commented routing tables in supportsave
[system] fix typo in output message and logs
[system] nftables is not printed in supportsave
[system] fix the regex for SNMP community and SNMP name parameters
[system] global.conf did not parse the variables with “update” tag
[farms] error returning the ciphers parameter in HTTP farms
[farms] error modifying the custom security ciphers parameter in HTTP farms
[farms] missing farmguardian parameter in the HTTP farm
[farms] solved a bug when parsing the file to add the backend in HTTP farm if the service has the same name as the farm
[farms] fix helpers protocols for l4xnat farms
[farms] force all protocol when setting all ports in l4xnat farms
[farms] fix loading helpers for natting
[farms] fix duplicated rules when the protocol is “all” in l4xnat.
[farms] solved corruption of pound file when enabling TLS/SSL in HTTPS and it was already enabled
[farms] fix the tag and mark generation per backend
[farms] do not allow the ‘prio’ algorithm parameter for l4xnat
[farms] avoid flushing the entire ruleset
[farms] l4xnat farm stats does not return any backend if the farm is down
[farms] returns the backend down if the status is config_error
[farms] fix an error in l4xnat stats with “snat”
[farms] assuring that nftlb is stopped when performing a stop
[farms] avoid the use of Expect in the curl request that can produce recv blocking
[farms] remove regexp for HTTP redirect in HTTP farms
[farmguardian] ZEVENET service script was not calling to farmguardian start
[certificates] error in the certificate parameter ‘issuer’
[networking] group the routing rules by type
[networking] reload routing rules when a farm or interface is modified
[networking] fix an error setting an interface that was in the down interface
[networking] allow creating VLAN without gateway
[networking] solved bug when deleting a VIP
[networking] solved error unsetting a nic that was not applied in the system
[networking] create the nic config file if it does not exist
[networking] improved ipv4 regexp
[networking] do not allow to modify the interface used for management services (HTTP and SSH)
[system] applying backup returns success on failure
[api] change error code 400 for 404 when the certificate is not found
[api] API returns an error when it receives an array or a hash in the JSON parameter and it is not expected

ZEVENET 6.0.11 (Enterprise Edition)

2 October, 2019

[networking] fix routes for interface with same subnet
[webgui] keep the backends pagination after refresh
[checks] updated ZEVENET health checks

[farms] fix backend check when backend port is empty
[stats] fix regular expression to show real traffic statistics
[webgui] fix show the first backend in the table
[waf] conditions for a ruleset were not shown properly
[system] fix per backend connection limit kernel race

ZEVENET 6.0.10 (Enterprise Edition)

20 September, 2019

[networking] prioritized networking route rules
[farms] fix shown l4xnat backends status in maintenance mode

ZEVENET 5.2.17 (Enterprise Edition)

16 September, 2019

[farms] fix virtual-host regexp matching for HTTP/S farms

ZEVENET 6.0.9 (Enterprise Edition)

4 September, 2019

[farms] support of output network interface per backend

[farms] fix modify and delete GSLB resources
[farms] fix l4xnat masquerading
[farms] support of stateless dnat for direct client connections
[gui] fix GSLB resources id management

ZEVENET 6.0.8 (Enterprise Edition)

28 August, 2019

[networking] routing rules prioritized
[networking] fix supportsave storing l4xnat rules via web gui
[ipds] fix code error in IPDS first load

ZEVENET 6.0.7 (Enterprise Edition)

21 August, 2019

[ipds] fix ipds directory structure creation during installation
[farms] force masquerade IP nat when interface is set up/down
[system] fix GPG APT key addition for offline updates
[gui] fix menu display issue due to icons hidden layers

ZEVENET 6.0.6 (Enterprise Edition)

19 August, 2019

New features:
[gui] show network interface aliases in the dashboard

[api] detailed activation error messages
[networking] support of masquerading interfaces in the same subnet

[gui] fix remote blacklists update schedule
[gui] fix analytics call with undefined parameters
[gui] fix typo in field of HTTP verbs accepted
[ipds] improve the validation check for blacklist inputs
[ipds] fix ciphers output parameter in HTTP farm

ZEVENET 6.0.5 (Enterprise Edition)

9 August, 2019

New features:
[system] added support for offline updates
[farms] support of source natting per backend in different subnets

[ipds] optimize loading of blacklists
[ipds] support of overlapped IP ranges in blacklists
[ipds] unload blacklists if they are not in use
[ipds] remove SSH Brute force rule
[api] ability to configure AES Cyphers even if the hardware doesn’t support it

[cluster] solved memory leak in session sync daemon
[cluster] improved the tcp close connection management for service sync daemon
[farms] fix backend priority in l4xnat
[networking] fixed MAC address with incorrect value in eth0
[networking] virtual interfaces with name 0 were not started/stopped properly

ZEVENET 5.2.16 (Enterprise Edition)

8 August, 2019

[networking] virtual interfaces with name 0 were not started/stopped properly
[cluster] solved memory leak in session sync daemon
[cluster] improved the tcp close connection management for service sync daemon

ZEVENET 6.0.4 (Enterprise Edition)

1 August, 2019

New features:
[system] migration from ZEVENET 5 to 6

[cluster] nodes reconnection improvement
[system] LTS Kernel upgrade
[farms] support of source address per backend
[ipds] improved IPDS logging

[ipds] solved issue deleting remote blacklists
[system] solved netplugd issue changing default gw by mistake
[networking] modified expression to identify a Virtual Interface in the boot process
[ipds] solved blacklist deletion
[ipds] IPDS was not started properly at boot time
[farms] solved issue in the l4xnat config files generation
[farms] check if a port collision exists with l4 farms
[farms] fix backend priority in l4xnat
[system] local http config is needed to renew certificates for let’s encrypt
[cluster] fix memory leak when persistence is not enabled in a farm

ZEVENET 5.9.3 (Community Edition)

12 July, 2019

[farms] stop properly the l4xnat daemon when ZEVENET service is stopped or restarted. This error affects l4 farms running in a cluster

ZEVENET 6.0.3 (Enterprise Edition)

10 July, 2019

New features:
[ssl] let’s encrypt support

[farms] add an option to disable TLS v1.3 in the HTTP farms config file
[system] add more information to supportsave

[farms] enable automatic ECDH curve selection if no ECDHCurve parameter is set
[farms] fix an error showing the value of the maximum connection for backend, in L4xnat farms
[farms] fix an error showing the farmguardian in HTTP farms
[farms] fix an error modifying the custom security ciphers in HTTP farms

ZEVENET 6.0.2 (Enterprise Edition)

27 June, 2019

[networking] Bonding interfaces restore their default mac address when the MAC field is empty
[networking] Created a wrapper to store default bonding mac address

[farms] fix SNI forward to backend
[system] APT configuration is checked daily and re-configured if required
[api] Fixed error 500 listing HTTP backends in API v3
[farms] fix backend aliases list for HTTP services
[system] Avoid to loop CA crl downloads without an Internet connection

ZEVENET 6.0.1 (Enterprise Edition)

26 June, 2019

New features:
[networking] support of custom script execution after configuring any route in a given interface

[api] return the ZEVENET version in the session response
[system] avoid connections and cluster annoying messages in the logs
[networking] bonding will restore its default MAC address when the MAC field is empty
[networking] default MAC is stored for future restoring
[cluster] increased detailed information in web GUI cluster section

[ipds] fix WAF parse failed when the parameter was between quotes
[networking] fix DHCP config overwriting errors after disabling/enabling the service
[networking] fix static IP configuration is not configured properly after disabling DHCP
[system] execute the web server stop/start action in the background
[networking] fix solved routes were not being added if the interface was configured in UP status
[networking] fix deleted routing table inputs when bondings are unset
[networking] fix bonding status lost when unsetting the interface
[rbac] fix RBAC module mutex
[system] make SNMP community string less strict
[api] fix error 500 listing HTTP backends in API v3
[farms] fix backend alias not listed in HTTP services
[system] avoid enqueueing curl commands for license checking
[farms] fix error configuring HTTP redirect code
[system] set a token to block i-notify while the IPDS package is being updated
[farms] added less strict param for gslb which allows using check_icmp
[gui] fix left side menu was not shown properly in some Chrome versions

ZEVENET 5.2.15 (Enterprise Edition)

12 June, 2019

New features:
[networking] added support to run a script after routing config in a given interface

ZEVENET 6.0 (Enterprise Edition)

4 June, 2019

New features:
[farms] direct server return DSR support for L4
[farms] stateless NAT support for L4
[farms] L4 core with round-robin algorithm
[farms] L4 core with IP and port hashing for both destination or source
[farms] L4 core with support of new protocols: SCTP, netbios, snmp, h323, pptp, irc, sane, amanda
[farms] L4 core with configurable persistence per source and destination IP, port or even MAC
[farms] websocket support for HTTP/S
[farms] support of OpenSSL 1.1 for HTTP/S (TLS 1.3)
[system] latest kernel 4.19 with Long Term Support (LTS)
[system] spectre and meltdown mitigations included by default
[system] integration with APT remote repositories by default
[ipds] web application firewall for HTTP/S
[webgui] new web GUI based on Angular 6
[networking] full support of DHCP
[networking] MAC address custom configuration
[rbac] dynamic menu configuration based on RBAC user permissions
[system] added factory reset

[farms] new L4 core system based on nftables
[ipds] optimized security rules based on nftables
[cluster] clustering based on nftables
[api] optimization and refactoring of the API calls
[networking] improve network link management
[guardian] more integrated advanced health checks

ZEVENET 5.2.14 (Enterprise Edition)

16 May, 2019

[networking] force ARP announcement after any IP configuration

[networking] fix issue changing IP of one already configured alias
[farms] replace backend check port with the VIP port if this value is not defined

ZEVENET 5.9.2 (Community Edition)

10 April, 2019

[system] remove dependencies with xtable-addons packages

ZEVENET 5.2.13 (Enterprise Edition)

1 April, 2019

[guardian] add a farm guardian check for monitoring SIP services
[webgui] change of farm guardian configuration in GSLB farms
[system] added Kernel Support for Amazon Web Services
[system] ssh service is started even if the certificate is not OK.
[system] start ZEVENET Service as soon as a valid certificate is updated

[ipds] solved an issue downloading the scheduled remote lists
[guardian] farm guardian is not linked properly with GSLB farms
[webgui] responsive graphs in the dashboard for Mozilla
[certs] hyphens and dots are not allowed in the CSR section.
[ipds] update remote lists process was not downloading remote URLs.
[guardian] reserved strings are not modified in one match is already executed.

ZEVENET 5.2.12 (Enterprise Edition)

1 March, 2019

New features:
[guardian] redis health check is supported natively

[farms] L4xnat stats were not generated properly for farms with the same backend configured twice

ZEVENET 5.2.11 (Enterprise Edition)

8 February, 2019

New features:
[system] add support of ZEVENET subscriptions package

[system] solved issue restarting the web server

ZEVENET 5.2.10 (Enterprise Edition)

25 January, 2019

[farms] duplicated rules for l4xnat when the configured protocol is ALL
[system] activation certificate was requested even if it was properly upgraded

ZEVENET 5.9.1 (Community Edition)

17 January, 2019

[guardian] farmguardian did not start after restart ZEVENET service
[farms] fix master node switching restarting ZEVENET service

ZEVENET 5.9 (Community Edition)

15 January, 2019

New features:
[networking] IPv6 support
[system] 64 bits support
[farms] new L4xNAT core based on nftables and nftlb
[farms] add L4xNAT direct server return support
[gui] new WebGUI with Angular6 based in ngx-admin template
[api] new ZEVENET API 4.0

[system] fix security issues Spectre and Meltdown
[system] kernel update (Debian Buster)
[system] improved support for hypervisors
[system] improved code refactoring

ZEVENET 5.2.9 (Enterprise Edition)

2 January, 2019

[farms] HTTP farms couldn’t be started because of new use of an HTTP proxy dependency

ZEVENET 5.2.8 (Enterprise Edition)

26 December, 2018

[system] add proxy support for packaging updates through Internet

[farms] fix leastconns traffic to down backends
[farms] fix HTTP traffic forwarding when cookie insertion was enabled
[guardian] fix farm guardian doesn’t start up properly
[webgui] fix farm guardian processes were killed if the web GUI was stopped
[webgui] fix memory leaks in the web GUI server
[webgui] a different network interface can be configured if the cluster is enabled.

ZEVENET 5.2.7 (Enterprise Edition)

7 November, 2018

[farms] add multiprotocol and multiport support for SIP
[ssl] not allowed to update the license certificate if it is not valid
[system] kernel update to solve several vulnerabilities (Spectre and Meltdown)

[farms] fix backend in maintenance used with the priority algorithm
[farms] solved issue changing TCP to UDP protocol
[farms] modify the virtual port value to * if multiprotocol is configured
[api] latest character was deleted for the hostname
[farms] fixed issues creating load balancing rules for protocol with helpers

ZEVENET 5.0.2 (Community Edition)

5 November, 2018

[ssl] update the HIGH cipher string

[farms] error modifying the SSL HTTPS certificate
[ssl] error uploading a SSL certificate
[ssl] set the custom cipher string properly

ZEVENET 5.2.6 (Enterprise Edition)

20 September, 2018

[farms] services in HTTP farm show redirect value even when it isn’t configured
[system] check internet connectivity and proxy usage

ZEVENET 5.2.5 (Enterprise Edition)

28 August, 2018

[farms] fix l4 switching to ALL protocols
[farms] removed not needed ports for helpers in l4xnat
[farms] fix sip load balancing with NAT and ALL protocols
[farms] fix rules deleting backends in l4 farms
[farms] force to use TCP and UDP protocols for SIP
[farms] disable force to dnat in SIP configurations
[gui] disable port configuration for SIP protocol
[gui] disabled configure port if SIP or ALL protocols is enabled.

ZEVENET 5.2.4 (Enterprise Edition)

10 August, 2018

New features:
[system] ability to configure a http/s proxy for outbound connections
[farms] multiport support for FTP, TFTP and SIP protocols

[farms] set STS Timeout by default after disabling the STS Header
[farms] fix FTP, TFTP and SIP loading protocols
[stats] fix FTP and TFTP stat connections
[ipds] limit blaklists name length
[ipds] fix blacklist cron scheduler getting remote lists

ZEVENET 5.2.3 (Enterprise Edition)

24 July, 2018

[webgui] improved behavior of search boxes
[webgui] favicon with dark themes in browsers
[syslog] remove depuration messages

[networking] bring up NIC interface when it does not have link
[rbac] modify RBAC user without a new password
[rbac] modify RBAC user without group permissions
[cluster] drop incoming traffic on virtual interfaces with IPv6 in the backup node
[guardian] fix typos in farmguardian templates
[networking] fix bonding interfaces route tables
[farms] GSLB vip status shows critical in the backup node
[guardian] fix farmguardian migration script
[farms] fix error 500 creating GSLB farms
[farms] GSLB statistics does not work in the backup node
[cluster] cluster does not replicate new GSLB farms properly
[networking] fix startup interfaces configuration without an activation certificate
[farms] fix least connections port aware per backend
[system] fix error deleting the activation certificate
[networking] show interface aliases

ZEVENET 5.0.1 (Community Edition)

2 July, 2018

[farms] Locking system for http configuration files
[networking] Add a check to verify the virtual IP when starting a farm

[stats] L4xNAT statistics does not show backends list
[stats] HTTP does not show the virtual interfaces stats
[farms] Fix L4xNAT farms and datalink renaming
[farms] Allow character ‘_’ for HTTP service names
[networking] Run virtual interfaces in the start process
[certificates] Fix the load of certificate field ‘Issuer’
[supportsave] Don’t use arptables to resolve IPs
[farms] Remove critical status in HTTP farms when a redirect configured
[farms] Allow setting the backend parameter ‘port’ as blank
[farms] Modifying a L4xNAT farm returns error sometimes
[services] Error parsing the file ‘resolve.conf’
[farms] Use a more restrictive regular expression to get farm file name

ZEVENET 5.2.2 (Enterprise Edition)

29 June, 2018

[rbac] Added two new preconfigured roles to be used in this module: management to allow to stop / start backend, and monitoring to allow to read information about system and farms

[rbac] Fix aliases are shown in the backends table even when user doesn’t have permissions to view this information
[alias] Fix aliases can be modified without permissions
[certificates] Fix search and upload actions break the SSL certificates table if some certificate has a CN field empty

ZEVENET 5.2.1 (Enterprise Edition)

20 June, 2018

New features:
[rbac] Roles templates added

[syslog] Log the error output when a command fails
[rbac] Allow more characters for RBAC: users, groups and roles
[rbac] Add RBAC information to supportsave

[guardian] Fix typo in farmguardian templates
[guardian] Migrate farmguardian of farms to new farmguardian check
[zenbui] Fix Zenbui symbolic link
[farms] The parameter “Log” in l4xnat farm returns blank sometimes
[rbac] Creating system user and system group needed for RBAC
[notifications] Notifications is enabled by default
[guardian] Run farmguardian in ZEVENET start process

ZEVENET 5.2 (Enterprise Edition)

12 June, 2018

New features:
[farms] Option to enable traffic logs for LSLB, DSLB, GSLB and the connection tracking
[farms] Support of aliases for backends
[networking] Support for aliases per NIC, bonding, VLANs and virtual interfaces.
[system] Role-Based Access Control (RBAC) to define new users, groups and permissions to actions in the system
[api] API 3.2 to manage all the new features
[networking] IPv6 Support for NICs, VLANs, Virtual Interfaces, Bonding and routing
[farms] IPv6 Support for HTTP and L4xNAT farms

[guardian] Improve of usability with several built-in health checks
[farms] More descriptive error messages for HTTP/S farms
[farms] Configurable redirect code for HTTP/S farms
[farms] Backend servers disabled if redirect is used for HTTP/S farms
[farms] Configurable Strict Transport Security header by service in HTTP/S farms
[farms] Improve of session table stats for LSLB farms
[system] Improve of message logs to syslog
[networking] Validation of network configurations
[networking] Automated virtual services configuration when modifying the network configuration
[networking] Real time networking packets/throughput stats per second

ZEVENET 5.1.11 (Enterprise Edition)

24 May, 2018

[cluster] When cluster switches to BACKUP, the system never come back to MASTER

ZEVENET 5.1.10 (Enterprise Edition)

16 May, 2018

[farms] It is not possible to create http(s) services after moving some service

ZEVENET 5.1.9 (Enterprise Edition)

10 May, 2018

[ipds] included more parameters to check before starting a IPDS
[ssl] better input validation in CSR for organization and locality fields

[networking] solved issue stopping and starting bonding interfaces
[networking] ensure that bonding interfaces have a defined IP address before starting
[stats] fix established connections when the farm is not in UP status
[api] fix activation certificate status response
[guardian] update farmguardian statuses after a cluster switch
[farms] fix VIP verification after starting a farm


ZEVENET 5.1.8 (Enterprise Edition)

3 May, 2018

[webgui] load HTTP profile parameters faster

[farms] fix concurrent changes in HTTP(S) configuration files

ZEVENET 5.1.7 (Enterprise Edition)

23 April, 2018

[webgui] changed datetime format to allow ordering in table views
[farms] http(s) farm is marked in status UP when only a redirect is configured
[system] better and faster information gathering for supportsaves

[farms] solved issue modifying datalink farm names
[networking] solved issue modifying floating IPs
[system] solved DNS section parsing configuration file content
[farms] solved issue re-ordering services in http farms
[ipds] blacklist rules were not properly configured in GSLB farms
[farms] solved issue creating a l4 farm, API responds a 400 code instead of 200
[ssl] solved issue parsing “Issuer” field in certificates
[farms] parameter 100continue is not properly modified in http(s) farms

ZEVENET 5.1.6 (Enterprise Edition)

8 March, 2018

[networking] Run virtual interfaces in start process

ZEVENET 5.1.5 (Enterprise Edition)

1 March, 2018

[farms] Error detected when l4xnat farm parameters are listed

ZEVENET 5.1.4 (Enterprise Edition)

21 February, 2018

[gui] Faster loading of LSLB farms list
[gui] Faster loading of http[s] farms services
[system] Better logs description for http proxy

[networking] Configure network if the certificate is temporary or doesn’t exist
[system] Avoid to backup corrupt configuration files

ZEVENET 5.0 (Community Edition)

12 February, 2018

New features:
[gui] A new web GUI frontend in Angular
[api] New API JSON+REST capabilities for processes automation
[networking] New networking section for a better management and configuration of interfaces
[farms] New LSLB module (Local Service Load Balancer) which manages both L4xNAT and HTTP/S profiles
[farms] Two different maintenance modes (cut and drain) for HTTP[S] and L4xNAT profiles
[farms] Improved HTTPS profile with new options to Enable / Disable SSL/TLS protocols
[farms] Max number of connections by backend server in L4xNAT profile
[farms] New DSLB module (Datalink Service Load Balancing) which manages uplinks and inbound LB
[farms] New farms status (UP, DOWN, Critical and Problem)
[farms] New backends Status (UP, DOWN, Maintenance and Undefined)

[system] Faster response based on REST API
[gui] Improved look and UX
[system] Enhanced logs management
[support] Support save options for better troubleshooting and support
[system] Linux Kernel based in a common Debian Stretch
[system] Easier upgrade by modules and transitions to Enterprise
[system] Improved the backup and recovery procedure

ZEVENET 5.1.3 (Enterprise Edition)

1 February, 2018

[farms] Issue solved enabling / disabling HTTPS backends checkbox
[farms] Solved segmentation fault in HTTP farms with session replication daemon ssyncd and cookie insertion
[system] Checks if an IP exists in any interface

ZEVENET 5.1.2 (Enterprise Edition)

22 December, 2017

[webgui] Not allowed to enter weight values higher than 9 for l4xnat profiles
[guardian] Some farmguardian health checks were not stopped properly
[cluster] Zeninotify was not started after a cluster switch

ZEVENET 5.1.1 (Enterprise Edition)

22 November, 2017

[system] New backup procedure to save the configuration
[system] Set a default SSL certificate for web GUI and API to 2048bits
[api] Added HTTP Headers for API calls to avoid content cache in browsers
[farms] Configurable redirect HTTP codes
[farms] Speed optimization to load SSL SNI certificates list
[gui] Activation certificates expiration notifier

[cluster] Leave maintenance mode properly in 3000 and 4000 series
[ipds] Solved some bugs related to RBL rules assignment to farms
[gui] Allowed searches in CN column for Certificates Lists

ZEVENET 5.1 (Enterprise Edition)

1 November, 2017

New features:
[farms] SSL hardware offloading support for HTTPS farms
[farms] new status for VIPs and backends in farm profiles
[farms] new maintenance status (drained and cut)
[cluster] real time sessions table replication for all layers
[ipds] new system rules for threats protection
[ipds] new rule RBL (real time black-hole list)
[system] logs line reader through web GUI

[farms] option to enable or disable different SSL protocols
[farms] reload datalink farms
[farms] better log description in HTTP profiles
[api] API v3.1 better performance and resource usage
[gui] improved the rules assignment to farms and web views
[notifications] encrypt email password to enhance security
[system] ssh and web services automatic reload
[gui] enable web GUI compression
[networking] show virtual interface name in Floating IPs section
[ipds] enable or disable security rules for a farm

ZEVENET 5.0.11 (Enterprise Edition)

30 October, 2017

[cluster] Maintenance mode not working in the backup node
[farms] Improved regular expression patterns for http stats when the service include certain private words
[farms] l4xnat profile is not configuring lb rules properly for the first l4xnat farm

ZEVENET 5.0.10 (Enterprise Edition)

25 September, 2017

[lslb] Farmguardian was not disabled in Backup node

[networking] VLAN was not started after to configure if NIC was not configured
[lslb] Allowed to add many ssl certificates without breaking the config file
[ipds] Some Dos rules were not applied to http farms
[lslb] Added support to concurrency in netfilter rules for rules modification
[networking] Route rules are not applied until Link is detected in UP mode
[networking] Fixed null response detecting a parent interface of a virtual interface
[lslb] Apply connmark rules before farm rules when farm starts

ZEVENET 5.0.9 (Enterprise Edition)

2 August, 2017

[ipds] IPDS rule was unset for the farms if the rule was renamed
[gui] Changed the error message when the activation certificate is wrong
[gslb] Not allowed two services with the same ID anymore
[ipds] Disabled blacklists rule from system when ZEVENET process stops
[lslb] Change to least conns in l4xnat profile returned an error
[cluster] Zeninotify is not stopped when cluster node is in maintenance
[cluster] ARP responses were not disabled when cluster is in maintenance
[gslb] Sync a GSLB config directory to BACKUP node in creation time
[ipds] Not allow to create IPDS rules with the reserved name ‘rule’
[farms] Set and unset wildcard certificates in HTTPS farms
[ipds] SSH brute force rule were loaded twice in system at ZEVENET first start
[lslb] Allowed DNAT mode for SIP protocol in l4xnat profiles
[net] Default GW was deleted for table main if GW for local table was deleted

[system] Stats Block has been deleted from conntrackd configuration file
[system] make selectable the kind of ARP announcement packets
[ipds] Fit the maximum number of sources for a blacklist
[cluster] Added a cluster exception to IPDS module in order to avoid to block cluster IPs

ZEVENET 4.0.4 (Community Edition)

12 June, 2017

[users] Password change failed if some special characters are used in the password string
[farms] Solved compilation errors with SIP configuration in L4xNAT farms
[farms] Deleted connection tracking for UDP protocol if backend is configured in maintenance mode

[gui] New section “About” > “ZEVENET LB Version” in menu
[iso] New ZEVENET CE ISO 4.0.4 generated in sourceforge
[apt] New ZEVENET CE package 4.0.4 generated in repository

ZEVENET 5.0.8 (Enterprise Edition)

29 May, 2017

[farms] solved issue in GSLB farms, allowed RData values in MX inputs
[farms]Updated farmguardian port checks in gslb farm when default tcp port health check is changed
[certificates] Fixed parse issue for certificate information

ZEVENET 4.0.3 (Community Edition)

26 May, 2017

[farms] Reset connexion tracking for udp in L4xNAT farms

ZEVENET 5.0.7 (Enterprise Edition)

24 May, 2017

[farms] Allow modifying values for cookie insertion once this option is enabled
[cluster] Conntrackd 1.4 or higher integrated with systemd
[sys] Added expect package as dependency
[sys] Configuration directory is replicated recursively

ZEVENET 5.0.6 (Enterprise Edition)

19 May, 2017

New features:
[farms] Added max conns limit per backend server in l4xnat profiles

[farms] migration process from tcp to l4xnat profiles bugfix
[farms] flush udp flows from conntrack table bugfix
[guardian] farmguardian should not be executed if the farm is down
[ipds] ssh brute force protection port is shown in the web gui
[guardian] farmguardian file status for http profiles bugfix
[snmp] snmp doesn’t start automatically after a reboot
[ipds] delete standard error and output error in the startup blacklist process

ZEVENET 5.0.5 (Enterprise Edition)

11 May, 2017

[system] Applied some tuned kernel parameters from systemctl
[farms] Traffic between VIP and backends is forwarded locally instead of sending to gateway
[guardian] Improved farmguardian output messages.

ZEVENET 5.0.4 (Enterprise Edition)

4 May, 2017

[system] Increased information captured in supportsave
[system] Do not log more bonding warning messages

[gui] Fix minor bugs related with stats view
[gui] List all used ssl certificates in a running HTTPS farms
[gui] List all available interfaces when edit / create a farm
[farms] Modified logs related to farmguardian when an error is detected
[farms] Least connections algorithm doesn’t detect configured backends
[system] SSH never starts if ssh service is configured in a given IP instead of all IPs
[farms] Kernel modules for sip, ftp or tftp were not loaded properly
[farms] Services Not renamed properly when service name includes farm name string
[farms] Reset UDP packets tracking when any config change is done
[stats] Disabled pending connections information for UDP protocol
[stats] Bugfix in HTTP farms established connections for backends
[farms] Fixed disabling l4xnat IP persistence

ZEVENET 5.0.3 (Enterprise Edition)

21 April, 2017

[support] Include system and cluster details for better analysis in supportsave
[gui] Add test notification button for email notification method
[gui] Add update button when editing remote blacklist
[gui] Change update buttons to updating… when clicked

[ipds] Load blacklist when applied to a farm only if the farm is running
[farms] Allow to create several resources with same name in GSLB farms
[cluster] Fix cluster in 3000 series appliances
[gui] Do not require password in email notification method
[gui] Do not allow setting a port in L4xNAT farms when balancing all protocols
[gui] Notify after updating when the port or IP address has been changed
[gui] Fix URL when the GUI HTTP port is changed
[gui] Fix error message on some request failures
[gui] Some GUI style fixes

ZEVENET 5.0.2 (Enterprise Edition)

31 March, 2017

[gui] Messages when there is login error
[gui] Info button in dashboard
[gui] Change icon and tooltip for unset farm in ipds rules
[system] Remove deprecated configuration script

Bug fixes:
[farms] Fix L4xNAT pending and established stats
[system] Add to supportsave arp filtering, node status and L4xNAT persistence
[system] Fix configuration of management interface in zenbui
[networking] Use routing rules per subnet instead of per ip
[gui] Refresh button in stats
[gui] Responsive in stats tables
[gui] Update cluster status after a logout or expired session
[gui] Close selection form when kept open and the view is changed
[gui] System stats responsive
[gui] HTTP Redirect regular expression
[gui] Allow to apply DoS rules (IPDS) to any kind of farm profile

ZEVENET 5.0.1 (Enterprise Edition)

27 March, 2017

Bug fixes:
[ipds] Remove blacklist from memory when no running farm is using it
[api] Fix ciphers information inHTTPS farms
[cluster] Handle password safely configuring the cluster in case there are symbols
[ipds] Fix remote blacklists setup on cluster backup node
[networking] Allow hypens in network interface names
[gui] Fix HTTP Redirect regular expression
[gui] Fix space for period unit field in remote blacklists
[gui] Fix selecting all backups
[gui] Fix HTTP Redirect regular expression
[installer] Include dependencies when upgrading from Zen 4.2

ZEVENET 5.0 (Enterprise Edition)

20 March, 2017

New features:
[api] New API v3 version, entire system can be managed by API Rest+JSON.
[gui] New Web GUI in Angular2 100% responsive.
[security] New security module v1 called Internet prevention and detection service or IPDS with blacklists and DDoS prevention.

[gui] Local service load balancing module or LSLB now manages http, https and l4xnat profiles.
[gui] Global service load balancing module or GSLB now manages gslb profiles.
[gui] Datalink service load balancing module or DSLB now manages datalink profiles.
[doc] Updated documentation for ZEVENET v5.
[system] Floating IPs, VIPs can be assigned to interfaces.
[cluster] Stateful cluster for l4xnat profiles.


22 February, 2017
[gui] Re-branded from zen to ZEVENET
[system] Renamed package system from zen to ZEVENET

ZEVENET 4.3.1 (Enterprise Edition)

21 February, 2017

[gui] Certificates were not properly managed in SNI list for https farms
[gui] Password is not a mandatory field in Sender notifications by email
[gui] Solved minor bug in Help module

Bug fixes:
[farms] Certificates were not properly managed in SNI list for https farms

ZEVENET v4.0 (Community Edition)

3 February, 2017
[sys] Operating system and packages updated to Debian 8.7
[sys] Mini_httpd web server changed for Cherokee web server

Bug fixes
[sys] Backup download files bug has been fixed
[gui] Web GUI has been re-branded from zen to ZEVENET

ZEVENET 4.3.0 (Enterprise Edition)

29 January, 2017

[gui] Re-branded from zen to ZEVENET
[sys] Renamed system packages from zen to ZEVENET

Zen Load Balancer v4.2.5 (Enterprise Edition)

3 January, 2017

Bug fixes:
[farms] Solved issue showing Established Conns in HTTP farms in API v2 and v2.1.
[net] Bonding interfaces don’t start after a reboot.

Zen Load Balancer v4.2.4 (Enterprise Edition)

28 November, 2016

Bug fixes:
[farms] Not allowed to modify any value if farm is up.

Zen Load Balancer v4.2.3 (Enterprise Edition)

14 November, 2016

[farms] Reduce UDP conntrack timeout and increase UDP memory.

Bug fixes:
[net] Route tables were not loaded at boot time.
[gui] Disable the possibility of farm renaming in WebGUI when they are up and running.

Zen Load Balancer v4.2.2 (Enterprise Edition)

24 October, 2016

[notifications] Notification module sends mails without authentication in smtp server.

Bug fixes:
[notifications] Notification module configuration is preserved during update.
[farms] Solved bug with L4xnat Persistence session.
[cluster] Some network interfaces weren’t stopping in cluster switching.
[farmguardian] Solved advanced health checks compatibility between zen 3100 and zen 4100.
[net] Solved issue with link interface status (UNKNOWN) for driver vmxnet3 (Vmware).
[notifications] Modified some regular expressions in the Notifications module and l4xnat profile.
[cluster] Forced network advertisement once startlocal concludes.

Zen Load Balancer v4.2.1 (Enterprise Edition)

22 September, 2016

[notifications] Notification module sends mails without authentication in smtp server.

Bug fixes:
[cluster] Solved issue listing all virtual interfaces in zen advertisement event.

Zen Load Balancer v4.2 (Enterprise Edition)

21 September, 2016

New features:
[sys] SNMPD is supported.
[sys] Bonding. Supported 7 different types, LACP included.
[farms] New DNS records can be created, AAAA, MX, TXT, SRV, PTR, NAPTR.
[farms] FarmGuardian configuration for GSLB profiles.
[sys] Notifications: System alerts through email when a backend server goes DOWN / UP
[sys] Notifications: System alerts through email when cluster service switches.

[farms] HTTP and HTTPS Statistics, Stats are generated in base of the Service that manages the request in place of the Virtual IP.
[farms] HTTP and HTTPS services order can be changed, useful for users that use Zen HTTP profiles as reverse proxy.
[sys] All services integrate logs with syslog.
[farms] Added more checks for FarmGuardian: native checks for oracle, mysql, dns, postgresql, ftp, radius and more.

Bug fixes:
[sys] Minor bugfix in input form parameters and regular expressions.
[farmguardian] FarmGuardian icon is shown in conns stats when farmguardian disables backend for HTTP and HTTPS profiles.

Zen Load Balancer v4.1.13 (Enterprise Edition)

26 August, 2016

Bug fixes:
[farms] Disabled flood messages when session is created / updated in HTTP farms.
[cluster] Stop virtual interfaces configured in the same interface that cluster runs.

Zen Load Balancer v4.1.12 (Enterprise Edition)

5 August, 2016

Bug fixes:
[farms] Fix HTTP profile during migration to 402.
[farms] HTTP binary profile compilation for GLIBC 2.13 instead of 2.14.

Zen Load Balancer v4.1.11 (Enterprise Edition)

14 July, 2016

Bug fixes:
[cluster]Issue sending gratuitous arp packets just after a cluster switching.

Zen Load Balancer v4.1.10 (Enterprise Edition)

11 July, 2016

Bug fixes:
[cluster] Fix random cluster flapping.

Zen Load Balancer v4.1.9 (Enterprise Edition)

26 June, 2016

New features:
[sys] Plugins system.
[sys] Help plugin.

[sys] HTTP profile memory efficient dynamic thread model.

Bug fixes:
[sys] Several graph fixes and improvements.
[api] ZAPI v2 GSLB backend removal.
[sys] Fix management interface in zenbui.

Zen Load Balancer v4.1.8 (Enterprise Edition)

9 June, 2016

Bug fixes:
[sys] Fix interfaces configuration with same ip.
[sys] Fix cgi handling for web and zapi interfaces.

Zen Load Balancer v4.1.7 (Enterprise Edition)

5 May, 2016

Bug fixes:
[farms] Fix L4xNAT connmark rules.
[farms] Start farm at the end of L4xNAT farm creation process.
[farms] Improved multiport definition detection.

Zen Load Balancer v4.1.6 (Enterprise Edition)

1 April, 2016

Bug fixes:
[sys] Error control when a new Virtual Network Interface or Vlan is created.
[sys] Error control when we set up or down a Virtual Network Interface or Vlan.
[farms] Enable session status table for HTTP Conn Stats.
[farms] Configure Disable SSLv3 in https farms.
[cluster] Cluster configuration when a backup failover is reboot.

Zen Load Balancer v3.10 (Community Edition)

29 March, 2016

New features:
[sys] New Kernel Updated to 3.16 (Debian Jessie Base)
[sys] Debian packages consolidation
[farms] Allow to edit farms with stopped status

[farms] TCP profile deleted, L4xNAT should be used instead
[farms] GSLB Profile deleted
[sys] L7 profile for HTTP[S] core updated with distro package
[sys] Openssl Library updated with distro package
[sys] Cluster service updated with distro package
[sys] Web GUI service updated with distro package
[sys] Added and updated libexec scripts
[sys] Include disks information through snmp

Bug fixes:
[farms] Minor bugs fixing related to HTTP farms services
[farmguardian] Fix persistence sessions losing L4xNAT after deactivating a backend
[farms] Fixed online weight calculation L4xNAT farms
[net] Minor bugs fixed in section Conns Stats
[gui] Fix special characters issue with root/admin password

Zen Load Balancer v4.1.5 (Enterprise Edition)

16 March, 2016

[farmguardian] FarmGuardian’s memory resource usage is reduced.

Bug fixes:
[cluster] Cluster global checks for zen latency and zen inotify.
[farms] Migration script for HTTP and HTTPS profiles (Disable SSLv3, Backend Cookie, dyn scale and others directives).
[sys] Allowed reserved characters “$” for root password in webgui.
[api] ZAPI input control error for virtual network interfaces and reject to configure a duplicated IP.

Zen Load Balancer v4.1.4 (Enterprise Edition)

4 March, 2016

Bug fixes:
[farms] IP persistence in L4xNAT regression bug.

Zen Load Balancer v4.1.2 (Enterprise Edition)

17 February, 2016

[sys] Include package list and system statistics for better analysis.

Bug fixes:
[farms] Fix L4 backend marks.

Zen Load Balancer v4.1.3 (Enterprise Edition)

17 February, 2016

Bug fixes:
[farms] Set save parameters for L4xNAT profile with persistence in ZLB 3000 series.

Zen Load Balancer v4.1.1 (Enterprise Edition)

2 February, 2016

[farmguardian] Compact logs in Farmguardian.

Bug fixes:
[farms] Improved maximum number of threads.
[farmguardian] Farmguardian memory leak.
[farmguardian] Farmguardian start in farms L4xNAT.
[farmguardian] Farmguardian failure with HTTP farms.

Zen Load Balancer v4.1 (Enterprise Edition)

28 January, 2016

New features:
[farms] Maintenance mode for L4xNAT backends.
[farms] Deprecated TCP / UDP profile.
[gui] Enable modify farms in stopped mode.
[api] New ZAPI version v2.
[api] Monitoring farms through API.

[gui] Farms global parameters reorganization.
[gui] Configuration forms usage improvement.
[net] Improved the global stats calculation.
[gui] Reduced navigation urls in webgui.
[farms] Modify l4xnat’s farm parameters on the fly.
[farms] L4 farms performance improvement.
[gui] Improved responsive web inteface.

Bug fixes:
[all] Source code refactoring.
[all] Minor bug fixing.

Zen Load Balancer v4.0 (Enterprise Edition)

16 June, 2015

[farms] HTTP/S farms core update
[gui] New web GUI with responsive support
[system] Improved graphic first menu setup
[gui] Improved CGI execution access protection

Bug fixes:
[gui] web GUI interface reset after upgrade
[farmguardian] L4xNAT farmguardian bugfix changing backend states
[farms] L4xNAT scheduler bugfixes

New features:
[gui] RESTful API
[system] New web GUI server
[gui] System users management integrated in the web GUI and Zen API

Zen Load Balancer v3.08 (Enterprise Edition)

24 March, 2015

[networking] UDP and TCP timeout stream optimization

Bug fixes:
[farms] Solved issue with connection stats
[farms] Not allowed to rename a farm with an empty value
[farms] Preserve .htpasswd after upgrading
[farms] GSLB several bugfixes
[farms] Disable SSLv3 for Poodle in HTTPS farms
[farms] Load conntrack modules after upgrade

Zen Load Balancer v3.06 (Enterprise Edition)

17 February, 2015

New Features:
[farms] New Least Response HTTP algorithm
[farms] New SNI multiple certificates handler for HTTPS farms
[farms] SAN certificates added support. Disable exit error when CN is not present.
[farms] New xHTTP PATCH verb support for HTTP farms
[farms] L4 SIP improvements, FTP and TFTP support. Least Connections algorithm.

[farms] Enable DNAT option for SIP protocols
[cluster] Clustering gratuitous ping support
[farms] Pound patches until 1 Nov 2014
[net] Static routes improvement
[farms] Several SIP farms support in different ports
[farms] Updated GSLB farm

[farms] SIP connections are not being shown in the web GUI
[farms] SSLv3 vulnerability POODLE patch
[farms] CRIME attack vulnerability patch
[farms] Validate service name within HTTP farms without no valid characters
[gui] Networking extension functions ending file bug
[gui] Problem syncing the root password through the web GUI
[farms] Rename RRD files to the new farm name
[farms] Delete old farms graphs
[sys] Dependency order for SSH and zenloadbalancer services
[cluster] Startup cluster service bugfix

Zen Load Balancer v3.05 (Community Edition)

26 August, 2014

New Features:
[farms] L4 SIP load balancing support
[farms] Simple GSLB load balancing support
[ssl] Granted CA SSL Certificates automatic generation
[gui] Dynamic news platform support

[gui] HTTP farm client request timeout with unit “seconds”
[gui] Refreshing timeout for farms status view
[cluster] Improved RSA synchronization
[gui] Advise message regarding no cluster configuration found
[gui] return back button to All Farms in farm edition panel

[farms] Datalink farm wrong info in farms table
[farms] FG backend status file mutex implementation
[gui] date-time wrong formatted fix
[farms] Modification of Priority and Timeout parameters could cause a inconsistency in the HTTP/S farms configuration file
[farms] Farmguardian error in TCP farms, the backends are not remaining down while FG is checking them.

Zen Load Balancer v3.04 (Enterprise Edition)

5 April, 2014

[cluster] Cluster service avoid hardcoded vhid and deadratio parameters
[installation] Postinstallation script global.conf checking

Bug fixes:
[farmguardian] Farmguardian startup bug fixes
[farmguardian] Fix FarmGuardian execution for L4 farms
[farms] Datalink infinite loop getDevData() showing farm info
[farms] Manage HTTP/S farms connection bug due to wrong lb core child pid
[farms] L4 persistency multiprotocol command fix
[farms] Set priority value for L4 by default
[farmguardian] Farmguardian startup status fixed
[farms] Farms name hyphens filtering fixed
[farmguardian] FarmGuardian up status for the backends before stopping the FG service
[farms] L4 netstat connections
[farms] HTTP/S farm redirect fix when a redirect name is used
[logs] Regression: delete debug messages
[farms] Backend states on HTTP/HTTPS farms become inconsistent when the service doesn’t exist in the configuration file (the farm restart has not been performed). Service ID will be null
[farms] New backends are not included in the backend status file
[farms] Setting L4 TTL field is not applied by default. An automatic restart is needed
[farms] DateTime errors in the log files. The DateTime has been changed to system ‘date’ command
[farms] Force drain sessions automatically when a backend is detected as down
[farms] L4 farms connections accounting are not showing properly in the status panel
[config] Delete generated global.conf, it could be rewritten an already configured load balancer by the default one
[installation] Include interactive mode post-installation and error solved
[installation] Delete config files at installation time
[gui] Shell error solved getting ZLB version
[farmguardian] Farmguardian defunct processes and tcp/udp farm malfunction
[farms] TCP and UDP with pen LB, the backend never comes alive from FGdown. These kind of farms doesn’t need to detect the state change for a backend, as they need to refresh always the blacklisted timeout

Zen Load Balancer v3.03

18 October, 2013

New Features:
[farms] HTTPS Backends. The load balancer can manage https connections to backends, ssl offload can be disabled.
[farms] HTTP timeouts. Added new timeout fields for managing time in response and request headers
[farms] L4 agnostic protocol. It can be balanced any kind of protocol, not only UDP or TCP.
[farms] Added priority algorithm for L4 load balancing.
[cluster] Added a new timeout field for managing the response time for switching the service.
[gui] Added a logout button in the web gui.
[system] Run own scripts. Added the possibility for making own scripts that are executed in events: start / stop service, i.e. firewall configuration, sending mails, etc.
[L4 masquerade] the farm connects to backends from the IP in the same subnet that backend.

[farms] HTTP and HTTPS in a farm. Now the HTTPS configuration is a property of HTTP farms, not a different farm.
[farms] TNAT and UNAT in a farm. Now TCP or UDP protocols can be managed in the same L4 farm.
[gui] For saving resources, RRD graphs are created on the fly, not in a cron task.

[gui] Solved bug for syncing web gui user password and root system user password
[farms] L4 CONNECTIONS. Solved issue for showing connections status in L4 farms
[Farmguardian] Solved bug for managing backend checks and backends status.
[farms] Improvement in some HTTP regular expression for VIrtual Host and Redirect fields.

Zen Load Balancer v3.02

22 February, 2013

[farmguardian] Advanced checking system optimization switching backend states
[cluster] Time synchronization improvement

New features:
[farmguardian] Layer 4 advanced checking support
[system] Security improvement

[system] Vulnerabilities fix
[webgui] css iexplorer 9 compliance
[farms] adding l4 backends without weight value

Version 3rc1

16 August, 2012

New Features:

[farms] Layer 4 Includes: several listening ports for a farm, DNAT and NAT load balancing methods
[farmguardian] Advanced Farmguardian support for HTTP and HTTPS
[farms] Virtual host support for HTTP and HTTPS farms


[farms] HTTP/HTTPS farms core balancing upgrade

Version 2rc0

10 April, 2012


[farms] Fix regression max number of available connections for TCP farms
[farms] Check invalid characters for a farm name
[system] Do not reset the GUI password when updating the package
[farms] Bad formatted error message when inserting bad weight value for http and https farms


[networking] Disable TCP recycle
[system] Improvement sysctl options at boot time

Version 2rc3

28 February, 2012


[farms] Custom ciphers form for https farm
[farms] HTTP and HTTPS maintenance mode lose configuration
[cluster] Cluster failover by itself
[cluster] Cluster failover master node returns to backup on equals mode
[system] Configure the default apt sources for v2
[gui] Max length in virtual interface field
[gui] Only allow numeric characters in vlan field
[gui] Change position for Test RSA button
[farms] Max Connections for real servers could produce a farm to close connections


[farms] Setting algorithm for uplink load balancing: weight and priority.
[gui] Sort monitoring graphs.
[gui] Check http(s) farms configuration before stop
[gui] Expand farm name in the top of the Manage Farms panel
[cluster] Maintenance mode for cluster nodes
[cluster] Disable _modify cluster type_ in the backup node
[cluster] Include VHID param in cluster configuration
[gui] Increase farm’s name field size

Version 2rc2

13 February, 2012


[networking] Deleting VLAN interfaces
[networking] Problem configuring VLAN interface over a down physical interface
[gui] No connections appears for status backends when the farm is started over a virtual interface
[cluster] Failover button always failback to the primary node – Change ‘Force failover’ to ‘Test failover’ text button
[farms] Disable rewrite location for HTTP farms
[gui] Fix HTTP/S farm configuration CSS
[gui] SSL certificates uploading from Windows systems shows the full file path
[gui] Treatment of special characters under the farmguardian field
[gui] Shows the default global gateway under the interfaces table when an interface hasn’t a route table
[gui] CPU rrd graph always show the same values
[gui] Incorrect CPU and MEM farms data in Global View


[gui] Don’t show overflowed age clients in the farm status panel
[gui] Improve SSL certificates panel
[cluster] Improve cluster startup
[cluster] Improve SSH connection between nodes
[farms] Keepalive configuration for inactive TCP connections through firewalls

New features:

[farms] Ciphers configuration for PCI (Payment Card Industry) compliance
[farms] Maintenance button for backends
[gui] Farm connections monitoring graphs
[farms] Uplinks load balancing
[gui] Change GUI port

Version 2rc1

21 November, 2011


Gratuitous ARP for cluster speedup
TCP Kernel tuning to improve throughput


Farm renaming
Improve load balancer algorithm for TCP farms
Profiles support
UDP support
Advanced HTTP/HTTPS support
SSL wrapper
Certificates management for https profiles


Manual force failover
Crossover support


Improving RRD files and graphs for monitoring
State icons on farms and backends
Improving status backends section
Minimize button for views on farm status section
Improving Global View
New certificates manager section for https profiles
Improve CSS look web panel

Version 1rc5

26 September, 2011


When ifup is executed, try to create the interface first
MAC duplication fixed and interface group sort is applied
Fix network interface unlink state
Check UP interface in state
Modified zenloadbalancer script for add more open files permission
Modified zenrrd script to save one year of date
Modified zenrrd task to run every 5 minutes
Regular expression function ifexist
Regular expression function getDefaultGW
Modified zenloadbalancer init script to add fs.file-max
Rewrite $if for down interfaces

New features:

An icon is included when no link is detected in network interfaces
Confirm dialog boxes while deleting configuration

Version 1rc4

1 August, 2011

Fix creation of network rules for every interface
Delete rrd graphs for unavaliable network interfaces
Fix Global Information section of Global view
Improvement of CSS frontend
Implemented suggestion: Add delete network interface icon for physical NICs
Improved configuration process and panel of Cluster section
Implemented suggestion: GUI ip and Cluster ip doesn’t have to be the same
Fix the RSA configuration between cluster nodes
Fix replication service between cluster nodes
Addition of ‘Force sync configuration’ button on the master cluster node
Automatic insertion of apt network repositories
The ZenLB ISO is able to be burned into a USB memory device like a CD
Fix other BUGs detected on lab testing
Fix farmguardian and double quotes on strings for check

Version 1rc3

18 May, 2011

Bugs solved about Delete Real servers on a farm

Version 1rc2

8 April, 2011

Added apt repository for updates
Added APT configuration file on GUI
Added DNS configuration file on GUI
Bugs solved on GUI about HTML standard on form buttons
Added session timeout for connection clients on GUI
Added license section on GUI
Added sync pass with admin user GUI and root user
Bugs solved on GUI entering illegal values on farm configuration
Max connections updated from 507 to 32760 on a farm
Bugs solved about actions buttons on interface section

Version 1rc1

8 March, 2011

A new look for frontend GUI
SSL connection on frontend GUI
Advanced view with progress bar on farms
Cluster Service ACTIVE/PASIVE mode
Automatic replication of Cluster service and Zen service configuration
Advanced networking configuration
Vlan support
Multiples route tables for real and vlan interfaces
ntp sync
Backup configuration. Export/Import
A lot of modifications, bug fixed, improvements and proposals by members of the mailing list

First version 0.2

1 September, 2010

A frontend GUI form manage Zen Load Balancer Appliance
Create a lof of TCP Load Balance
Add virtual interface to Real interface
Zen monitoring appliance over RRD graphics
Modify a lot of farms parameters without stop load balance services
Advanced status view of backend servers and farm