OpenSync 2.4 Release Notes

Owned by Shruti Royyuru
Last updated: Jan 19, 2024 by Dejan Pojbič
5 min read

Release 2.4.6.0

Notable Fixes

  • FCM: Resolved deregistration of OVSDB monitor events during plugin removal

  • CM:

    • Fix skipping restart managers for BLE connectable state

    • The ares resolving process now restarts if an IP address does not exist on the main interface.

  • Fix LAN stats bytes & packets count (32bits to 64bits)

  • Fix cleanup of persist configuration when cloudless route operation is disabled

  • osn_qos_null function prototype does not match to osn_qos.h

  • NM: DHCP option 12 under includes hostname

  • BM:

    • Fixed incorrect probe request SNR readings (platform/bcm)

    • Fixed incomplete STA disconnect handling (platform/bcm)

    • Fixed ifindex value overflow (platform/qca)

  • WM:

    • Improved stale station link purging (L2UF)

    • Fixed client connection/disconnection event reporting

    • Mitigated WiFi client handling (flush and leak)

    • Updated L2UF filter to avoid hairpinning issues

  • FSM:

    • Fixed memory leak upon failed sending of mDNS report

    • Fix TTL for local/private IP address

    • Fixed mDNS plugin instability once Service_Announcement OVSDB table is toggled

  • WANO: Add API (.has_L3) to better handle parent interfaces and force a+r permissions on /tmp/resolv.conf

  • Removed non-primary PSKs and secondary VAPs from persistent storage

  • SM: Fixed issue with the client MQTT report including an older SSID than the one used when a client moves to a different SSID

Notable Enhancements

  • Added OpenSync logger support to mdnsd. Changed log level to debug to prevent message flooding

  • CM: Cleaned up the code by using SCHEMA_SET helpers and C_IFNAME_LEN constant

  • Removed WAN bridge support

  • Enhanced HealthCheck DNS test case with IPv6 (12_dns.sh)

  • BM:

    • Improved 11k/11v neighbor list filtering policy based on STA's Beacon Measurement Reports (invalid RCPI, invalid channel)

    • 11k/11v neighbors are filtered by the priority field in Wifi_VIF_Neighbors per AP

    • Modified client (STA) polling from 5 s to 0.5 s (platform/bcm)

Platform Support

  • Removed parameters gcsainteropaggr and scsainteropaggr to prevent warnings related to iwpriv (platform/qca)

  • Ignore WDS interfaces inside hostap helper to not wasting HW resources (platform/bcm)

  • Reduced system recovery time after a link loss caused by a beacon loss (platform/bcm)

  • Updated connector example with new WPA3 security schema within Wifi_VIF_Config table under vendor/bcm-template and vendor/qca-template

Release 2.4.5.1

Notable Fixes

  • build: Pinned versions of Jinja2 and MarkupSafe in Dockerfile

  • Updated CA certificates (opensync_ca.pem)

Release 2.4.5.0

Notable Fixes

  • SM: Fixed a crash caused by unnecessary allocations of hapd objects when moving home VAPs between 5GL and 5GU

  • FSM/FCM fixes and enhancements:

    • Fixed incorrect handling of default logging level in mDNS plugin

    • Improved handling of ICMP flows to also provide direction information

    • Additional fixes of code that handles ICMP flows, which can now also be properly blocked

Notable Enhancements

  • Updated CA certificates (opensync_ca.pem)

  • Behavior of memutil helpers adjusted to abort (SIGABRT) on failures

  • logpull: Added detailed memory footprint information

Platform Support

  • Disabled MBO at startup, because it is enabled by default on some drivers and can cause interoperability issues (platform/bcm)

  • Added a missing check for SNR calculation (platform/bcm)

  • Improved probe request filtering which was causing connectivity issues in some situations (platform/bcm)

  • Fixed an issue with setting the off-channel dwell time on QCA 11ax (platform/qca)

  • Added a workaround to prevent kernel panic caused by radartool code on QCA 11ax (platform/qca)

  • Added WANO interface list configuration for 11ax reference boards (vendor/qca-template)

Release 2.4.4.0

Notable Fixes

  • CM: Fixed logic in connectivity checks for faster detection of broken connectivity, and to switch between IPv4 and IPv6 promptly

  • hapd: Fixed a problem with DPP_LISTEN, which caused DPP responder to not work correctly

  • WM, hapd: Added a workaround for client's oftag not being populated when WPA3 is used

  • NM: Fixed problems with configuration being applied too early (most notably for DHCPv6 client)

  • NM: Fixed occasional ‘use-after-free’ crashes (nm2_dhcpv6_client_release(), nm2_dhcpv6_server_release())

  • NFM: Fixed incorrect behavior when deleting rules referring to no longer existing tags

  • OSN: Added missing ‘null’ implementations of functions in osn_route_null.c

  • FSM/FCM fixes and enhancements:

    • Using new memutil macros for improved diagnostics of memory usage

    • Fixed several memory leaks

    • Fixed some unit tests and added a few new ones

    • Fixed flow filtering

    • Fixed a FSM crash caused by incorrectly handled offset in lib/mdnsd

    • Fixed a FSM crash caused by improper cleanup in ct_stats and nf_ct

    • Fixed a FSM crash caused by not properly restarting the pcap container when configuration options change

    • Fixed an issue which caused replies from upstream being marked as a separate inbound flow

Notable Enhancements

  • CM: Reduced the amount of ICMP traffic (ping) in normal state (connected to the cloud)

  • Optimized 'ip -6 route replace' commands to improve behavior of traffic accelerators

  • Adjusted or removed several log messages that were causing unnecessary ‘noise’ in logs

  • Replaced proprietary plookup with nslookup in healthcheck

  • Added a pattern for Kernel crash reporting for ATOM-based platforms

Platform Support

  • Fixed 'mcp reload' which could have failed because mcpd was not ready, resulting in snooping settings not being applied (platform/bcm)

  • Added a workaround for a bug in some drivers, which resets the ‘MPC’ power saving mode to ‘1’ (platform/bcm)

  • Added an option to adjust netfilter NAT options to resolve problems with SIP phones (platform/qca)

  • Fixed a memory leak in osync_nl80211_scan_results_fetch() (platform/qca)

Release 2.4.3.0

Notable Fixes

  • CM: Fixed LAN connectivity loss after a prolonged Internet outage

  • NM: Fixed MSS clamping rules for PPPoE

  • BM: Added missing CLIENT_BTM_STATUS in protobuf

  • QM: Fixed MQTT reconnect logic

  • FSM/FCM fixes and enhancements:

    • Fixed a crash when disabling then enabling IP threat protection

    • Fixed dns_cache hit count

    • Added filtering for invalid DNS lookups

    • Improved blocking of UDP packets

    • Improved memory usage threshold handling

    • Various improvements and fixes in lan_stats

Platform Support

  • Fixed handling of open network clients so that they can be steered (platform/bcm)

  • Removed the ‘DPP mcast action rx’ workaround, now relying on a patch in the driver (platform/qca)

Release 2.4.2.0

Notable Enhancements

  • NM: Reduced the number of ‘ip’ calls during status updates

Notable Fixes

  • NM: Added MSS clamping rules for PPPoE

  • WM: Fixed an out of bounds crash (core, platform/qca)

  • FSM: Fixed incorrect handling of reserved ports (< 1024)

  • FSM: Fixes and enhancements in the Gatekeeper plugin

Platform Support

  • OSN: Added support for the egress QoS map (platform/bcm)

  • Improved netlink event processing to ignore uninteresting events (platform/bcm

Release 2.4.1.0

New Features

  • A new FSM plugin (src/lib/gatekeeper_plugin), acting as a policy engine using an external threat intelligence service

Notable Enhancements

  • PM: Thermal management can be configured to ignore thermal state overrides

Notable Fixes

  • FSM: Fixed bugs related to stale cached data

  • FSM: Fixed risk level processing

Release 2.4.0.0

New Features

  • WPA3 support for 11ax platforms

  • DPP 1.1 support (on Qualcomm only)

  • FSM/FCM features and enhancements:

    • FSM reports mDNS records for improved device typing

    • Additional FSM plugin (src/lib/ipthreat_dpi) for IP-based threat detection using an external service

    • Additional FSM plugin (src/lib/fsm_dpi_sni) for URL and SNI processing

    • Extended flow reports to include directionality information

  • DM: Introduced a new speed test infrastructure using plugins

  • Added a modular ‘healthcheck’ service (core, platform/bcm, platform/qca)

  • Added a modular ‘logpull’ framework (core, platform/bcm, platform/qca)

  • Crash log collection and reporting

Notable Enhancements

  • QM, SM: MQTT reporting interval is now configurable to allow near real-time monitoring (on-demand, controlled by the cloud)

  • CM: Boot time is recorded in OVSDB

  • Extended default implementation of osp_unit_serial_get() with several alternatives (configurable via Kconfig)

  • Revised handling of static routes and VLANs (including support for VLAN 0)

  • Kconfig enhancements:

    • Added support for including configuration files in a configuration file

    • Introduced ‘base’ configuration files (in platform layer) for various chipsets, which can then be included in per-model configuration files (in vendor layer)

    • 3rdparty layer modules can be enabled/disabled via Kconfig

Platform Support

  • Support for hardware acceleration of multicast over VLAN (platform/bcm)