Skip to content

Infix v25.10.0

Choose a tag to compare

View all tags
@github-actions github-actions released this 31 Oct 16:12
· 223 commits to main since this release
v25.10.0
This tag was signed with the committer’s verified signature.
troglobit Joachim Wiberg
GPG key ID: ECA826A37B6C7409
Verified
Learn about vigilant mode.
75c2520
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Note

Noteworthy changes and additions in this release:

🛡️ Zone-Based Firewall (ZBF): Protect your network with our zone-based firewall powered by firewalld. Define security zones, set policies between them, and enable masquerading.

📊 System & Hardware Monitoring: CLI show system, show services, and show hardware now give you instant visibility into CPU temperature, fan speeds, memory, running services, and sensor data from SFP modules, WiFi radios, and more. All operational data also available over NETCONF and RESTCONF.

🚀 Expanded Hardware Support: The NanoPi R2S is now included in the default Aarch64 build, which also adds support for Raspberry Pi 3B, and Raspberry Pi CM4 variants. All boards now benefit from automatic /var partition expansion on first boot.

Changes

  • Upgrade Buildroot to 2025.02.7 (LTS)

  • Upgrade Linux kernel to 6.12.56 (LTS)

  • Extend NETCONF and RESTCONF scripting documentation with operational data examples, discovery patterns, and common workflow examples, issue #1156

  • Initial support for a zone-based firewall, based on firewalld, issue #448

  • Add validate option to CLI copy command. This can be used before doing a restore of a backup, or when having edited configuration files manually. With the validate flag (-n from the shell) the file is only loaded and validated against the YANG models, it is not rolled in if validation is successful, issue #373. Example:

      copy /media/backup/old.cfg running-config validate

  • Automatically expand /var partition at first boot on all MMC-based devices

  • New upgrade RPC (action) for containers using images with mutable tags

  • Optimize startup of preexisting containers by adding metadata to track all OCI archives loaded into container store, and all container configurations used to create container instances. Instances are now only recreated when metadata from an existing instance does not match either the configuration or the image — because of configuration changes or image upgrades

  • Updated container documentation on volumes, image tags, and image upgrade

  • Add new show services command to display running system services

  • Add new show system command with comprehensive system overview including hostname, uptime, load average, CPU/fan temperatures, memory, disk usage

  • Add hardware sensor monitoring support in show hardware with hierarchical display of temperature, fan, voltage, current, and power sensors

  • Add support for NanoPi R2S router platform to the default Aarch64 build, bumping it to Tier 2 support (SD-card images built separately)

  • Add support for Raspberry Pi 3B (BCM2837)

  • Add support for Raspberry Pi Compute Module 4 IoT Router Board Mini

  • Add support for Raspberry Pi Compute Module 4 NVME NAS box

  • Add reboot option to CLI upgrade command for automatic system restart

Fixes

  • Fix #981: copying any file, including running-config, to the persistent back-end store for startup-config, does not take
  • Fix #1121: Ensure DHCP server does not crash if no address pool is set. This change infers a pool range (only) for /24 networks, and only when a pool is enabled. YANG validation for this and other use-cases is also included. As an unforeseen bonus, Infix now also support non-pool (static lease) setups
  • Fix #1122: Add YANG validation for consistency, IP addresses are not allowed on bridge port (interfaces). Even though Infix previously allowed this, but disregarded it operationally, it is no longer supported in the configuration
  • Fix #1146: Possible to set longer containers names than the system supports. Root cause, a limit of 15 characters implicitly imposed by the service mgmt daemon, Finit. The length has not been increased to 64 characters (min: 2) and the YANG model now properly warns if the name is outside of these limits
  • Fix #1147: Use container metadata to clean up lingering old container images instead of using the too broad podman image prune -af command
  • Fix #1148: Only retry container instance create on remote images
  • Fix #1149: Increase podman stop timeout, from 10 to 30 seconds, needed with bigger containers on heavily loaded systems
  • Fix #1194: CLI text-editor command does not do proper input sanitation
  • Fix #1197: RPi4 no longer boots after BPi-R3 merge, introduced in v25.09
  • Upgrade fixes for containers with mutable images, e.g., :latest. Infix now always tries to fetch a new version of the OCI archive, for remote images, regardless of the transport. After upgrade the old image is pruned
  • Fix #1203: copying any file, including startup-config, to running-config does not take

Tip

Try Infix in GNS3! Download the appliance from the GNS3 Marketplace to test Infix in a virtual network environment without hardware.

Assets 14
Loading
0 Join discussion