Skip to content
Oct 20 / Greg

Mikrotik ROS Change Log 6.32.3

First, it’s been ages since I’ve posted, and even longer since it was a change log hehe. So here we gooooooo

I’m sure you’ve also noticed how MTK is now doing bug fix releases. They only introduce new features when you change middle revision numbers. This allows you to find a stable version, and just pull bug fixes…unless you are brave, then you can just straight to the newest version 😉

What’s new in 6.32.3 (2015-Oct-19 11:13):

*) switch – fixed CRS settings set back to defaults after a reboot;Seems like a major fix. I wonder what odds you had of it resetting?
*) netinstall – include missing RB1200 drivers;
*) firewall – fixed connection-rate matcher;Big one I use frequently
*) ppp, pptp, l2tp, pppoe: fixed router dead locked if compression was enabled on link;I use this regularly also…haven’t seen the lockup, though.
*) quickset – create proper firewall rules when PPPoE is used for address acquisition;
*) sstp – fixed kernel crash when other party started to fragment ppp packets in the middle;
*) ippool6 – optimize same prefix acquisition;
*) winbox – Shift+Ins & Shift+Del did not work in multi entry fields;I didn’t even know this was a thing…
*) winbox – allow to specify ipv6 address in traffic flow target;
*) winbox – allow to specify eap-radius-accounting in CAPsMAN;
*) winbox – allow to enter dns name in email server;Awesome
*) ups – fix console oid print;
*) tunnel – fix loopback keepalives on gre and ipip;
*) pptp,l 2tp, sstp, pppoe: do not send data packets before we have negotiated connection with other
side (happens on dial-on-demand interfaces), this brakes when connecting to other party servers;
*) pptp, l2tp, sstp – make it work when add-default-route & dial-on-demand both are enabled;
*) pptp, l2tp, sstp, pppoe clients – fixed problem where they failed to connect
at startup and only reboot helped; Ugh…tshooting nightmare on that one
*) nv2 – fixed kernel failure with frame size accounting;
*) ovpn client – fixed crash when ovpn didn’t receive it’s ip address;
*) lcd – fix slideshow for CCR1072, and possible sign issues for temperatures;
*) winbox – make console notice correct screen size;
*) ssh – allow to specify pass as argument for private key import;
*) winbox – refetch hotspot walled garden hit counter;
*) winbox – added client-connections & server-connections to web proxy status;
*) cerm – fix scep server certificate-reply degenerate PKCS#7 signed-data content;
*) bgp – specific BGP networks were changed to different ones;Ugh
*) cerm – allow export for all types except templates;
*) wlan – update brazil-anatel country;
*) winbox – fixed context menu actions to apply to all selected items;

A lot of good bug fixes!


leave a comment
  1. Old Man / Oct 20 2015

    Pipe down, some of us enjoyed the silence.

  2. C D Tavares / Nov 3 2015

    “*) winbox – allow to enter dns name in email server; Awesome”

    Much less than awesome, if you’ve tried to use it.

    When I read this, I thought, great — I was going to be able to store “” in the email configuration, and have it evaluated anew each time an email was sent. This would have solved my problem of having to reconfigure a 100+ device network just because the administrator of happened to get a different IP address.

    But that’s not how they implemented it. All 6.32.2 does is allow you to type in “”, whereupon they immediately evaluate its IP address and store that in the configuration, just like it always has. So this is a really, really minor user interface convenience, and nothing else.

    Sure, I can run a periodic script to evaluate “” twice a day and stuff the IP address into email and watchdog, but I could do that prior to 6.32.2 as well.

    Another irony is that you llikely can’t even use this feature in your day-to-day configuration of new devices on the bench, because chances are you don’t have them hooked up to live connections so no DNS is available, and the name resolution is going to fail anyway.

  3. Greg / Nov 10 2015

    Balls man. I saw they are adding DNS for tunnels too, but it’s useless for me if it operates in the same fashion. It needs to check DNS each time it needs to establish, and each time an email needs to send *sigh*

  4. C D Tavares / Nov 10 2015

    6.33, which they just announced yesterday, is supposed to “do this right.” Not sure why they “did it wrong” in the interim; perhaps they heard this complaint from multiple sources after releasing 6.32.3.

  5. Greg / Nov 10 2015

    Progress is progress, right? I’ve seen them far more responsive as of late. Did you put in a feature request for it…perhaps you are part of the reason they fixed it?

  6. C D Tavares / Nov 10 2015

    I told them that the implementation as announced in 6.32.3 was not useful, and why; and got a response indicating that they had already cooked up a release that did the right thing and I could upgrade in a day or so.

    The feature request at the top of my personal list is a niggling little thing… I want “/system upgrade upgrade-package-source add” to accept a password on the command line instead of insisting on asking for it interactively. This one shortcoming makes it impossible to use flashfig to configure our CPEs. They claim they do it for security, but every other CLI command that deals with passwords allows this, and the auto-upgrade account password is arguably the least sensitive password on the router.

    (I must admit, their recent enhancement to specify the owner of a new script removed the only OTHER reason we couldn’t use flashfig, so at least we’re down to one roadblock now.)

  7. Greg / Nov 10 2015

    @CD let me know when they make it happen.

  8. C D Tavares / Nov 30 2015

    6.33.1 fixed the problem with proper (run-time) evaluation of the SMTP server name in /tool e-mail. However, they forgot(?) to make the same fix in /system watchdog.

Leave a Comment