UniFi Security Gateway Firmware Release Notes: 4.4.21, 4.4.22

4.4.21 to 4.4.22

See official release notes.

  • Fixed commit error that was generated when multiple provisions were made of the same configuration.
  • Fixed regression in local web UI introduced in 4.4.21.
  • Fixed potential loop in signature fetching for IDS/IPS.
  • Improved dnsmasq reloading, increased sacalability of hostfile-update feature.
  • Fixed application of config changes on running system in source-validation/uRPF.
  • Updated tzdata (time zones) to version 2018d.
  • USG-XG-8 Only
    • Interface speed is now sent to LCM (display).

4.4.18 to 4.4.21

See official release notes.

  • Added back end port remapping in 5.8.x and newer controller versions.
  • Fixed premature expiring of TCP connection states for long-lived idle connections.
  • Made back end improvements to RADIUS server that remove character restrictions on passwords (‘ and ” now usable).
  • IDS/IPS was upgraded to Suricata 4.0.4 which provides minor performance and back end improvements as well as some bug fixes.
  • CPU utilization had increased in 4.4.18 for gathering statistics, mcad, and ubnt-util, brought back down to normal levels.
  • Resolved a memory leak in mcad.
  • Made back end improvements for dnsmasq, specifically DHCP server handling of hostnames of DHCP reservations.
  • dnsmasq is no longer limited to /8, /16, and /24 networks.
  • Disabled deprecated SSh ciphers.
  • Removed “noccp” from xl2tpd configuration, there should be no reason to disable and some Windows L2TP clients require it.
  • Removed offload scheduler due to performance degradations in some configurations which utilized rate limiting user groups.
  • Fixed a hung connection issue with FTP by importing an FTP contrack fix, only occurred with unusual formatting of 227 message.
  • Fixed use of external guest portal through USG.
  • USG-XG-G Only
    • Updated LCM firmware.
    • Updated Bluetooth back end.
    • Upgraded kernel version to resolve high/growing CU usage from migration processes.
    • Allow disabling of autonegotiation on eth0 port.

Leave a Reply

%d bloggers like this: