Native Node Artifact Versions and Changelog¶

This document lists available versions of the Native Wallarm Node 0.14.x+ in various form factors, helping you track releases and plan upgrades.

All-in-one installer¶

The all-in-one installer for the Native Node is used for TCP traffic mirror analysis and self-hosted node deployment with the MuleSoft Mule or Flex Gateway, CloudFront, Cloudflare, Istio, Broadcom Layer7 API Gateway, Fastly, IBM DataPower connectors.

History of all-in-one installer updates simultaneously applies to it's x86_64 and ARM64 (beta) versions.

How to upgrade

0.17.1 (2025-08-15)¶

• Fixed the stuffed credentials export to the Cloud

• Improved GraphQL parser

• Optimized the internal channel between the Node and wstore to increase throughput

  This prevents potential data loss when the Node ingests traffic faster than it can export it to postanalytics.

• Fixed an issue where serialized requests without a source IP address failed to be exported to postanalytics

• Bug fixes and internal improvements

0.16.3 (2025-08-05)¶

• Fixed a silent failure when upgrading with the --preserve flag set to true

0.16.1 (2025-08-01)¶

• Introduced the drop_on_overload parameter to control dropping excess input under high load

  Enabled (true) by default.

• Added new Prometheus metrics:

  • wallarm_gonode_application_info with the general Native Node instance information, e.g.:

    wallarm_gonode_application_info{deployment_type="node-native-aio-installer",mode="connector-server",version="0.16.1"} 1
    

  • wallarm_gonode_http_inspector_balancer_workers

  • wallarm_gonode_http_inspector_debug_container_len now includes aggregate="sum" for type="channel:in"
  • wallarm_gonode_http_inspector_errors_total now includes a new type="FlowTimeouts"

• Improved stability in the internal http_inspector module

0.16.0 (2025-07-23)¶

• Added support for the MuleSoft Flex Gateway connector

• Introduced the input_filters configuration section, allowing to define which requests should be inspected or bypassed by the Node

• Fixed memory leak

• In rules, the separator used in xml_tag values that combine a URI, namespace, and tag name has been changed from : to |

• Fixed blocking issue with denylisted origins and Wallarm Console UI-configured mode

• Internal improvements

0.15.1 (2025-07-08)¶

• Introduced the proxy_headers configuration to configure trusted networks and extract real client IP and host headers

  This replaces http_inspector.real_ip_header used in earlier versions in the tcp-capture mode.

• Added the metrics.namespace configuration option to customize the prefix of Prometheus metrics exposed by the go-node binary

• Fixed the --preserve script flag behavior to correctly retain the existing node.yaml and env.list files during upgrade

  Previously, these files could be overwritten, resulting in loss of configuration.

• Added connector.per_connection_limits to control keep-alive connection limits

• Minor internal file structure change

• Fixed wstore ports binding: now bound to 127.0.0.1 instead of 0.0.0.0

• Fixed the CVE-2025-22874 vulnerability

• Fixed the CVE-2025-47273 vulnerability

0.14.1 (2025-05-07)¶

• Added support for enumeration mitigation controls

• Added support for DoS protection mitigation control

• Added support for the IBM API Connect connector

• Fixed the CVE-2024-56406, CVE-2025-31115 vulnerabilities

• Added support for external health check endpoint in the connector-server mode

  This is controlled by the new connector.external_health_check configuration section.

• Fixed a recurring intermittent bug that could cause occasional corruption of request and response bodies

• The following fixes and updates were made in tcp-capture mode:

  • GoReplay is now built with Go 1.24
  • Fixed: go-node process no longer hangs when the goreplay process crashes
  • Fixed a crash caused by a slice out-of-bounds error during header parsing in GoReplay
  • Fixed incorrect display of Native Node versions in Wallarm Console → Nodes

0.14.0 (2025-04-16)¶

• Wallarm Node now uses wstore, a Wallarm-developed service, instead of Tarantool for local postanalytics processing

• The collectd service, previously installed on all filtering nodes, has been removed along with its related plugins

  Metrics are now collected and sent using Wallarm's built-in mechanisms, reducing dependencies on external tools.

Helm chart¶

The Helm chart for the Native Node is used for self-hosted node deployments with the MuleSoft Mule or Flex Gateway, CloudFront, Cloudflare, Broadcom Layer7 API Gateway, Fastly, IBM DataPower, Kong API Gateway, and Istio connectors.

How to upgrade

0.17.1 (2025-08-15)¶

• Introduced the proxy_headers configuration to configure trusted networks and extract real client IP and host headers

• Fixed the stuffed credentials export to the Cloud

• Improved GraphQL parser

• Optimized the internal channel between the Node and wstore to increase throughput

  This prevents potential data loss when the Node ingests traffic faster than it can export it to postanalytics.

• Fixed an issue where serialized requests without a source IP address failed to be exported to postanalytics

• Bug fixes and internal improvements

0.16.3 (2025-08-05)¶

• Bug fixes

0.16.1 (2025-08-01)¶

• Introduced the input_filters configuration section, allowing to define which requests should be inspected or bypassed by the Node

• Introduced the drop_on_overload parameter to control dropping excess input under high load

  Enabled (true) by default.

• Added new Prometheus metrics:

  • wallarm_gonode_application_info with the general Native Node instance information, e.g.:

    wallarm_gonode_application_info{deployment_type="node-native-aio-installer",mode="connector-server",version="0.16.1"} 1
    

  • wallarm_gonode_http_inspector_balancer_workers

  • wallarm_gonode_http_inspector_debug_container_len now includes aggregate="sum" for type="channel:in"
  • wallarm_gonode_http_inspector_errors_total now includes a new type="FlowTimeouts"

• Deprecated the Wallarm Connector for Istio that relied on a Lua plugin

  We recommend using the gRPC-based external processing filter for Istio instead.

• For the deprecated Istio connector, the following improvements were made to ensure compatibility in existing deployments:

  • Fixed mesh balancing logic for messages
  • Added the disable_mesh parameter to process all connector traffic on the Node without mesh balancing (false by default - mesh balancing is enabled)
  • Added support for the drop_on_overload parameter

• Improved stability in the internal http_inspector module

0.16.0 (2025-07-23)¶

• Added support for the MuleSoft Flex Gateway connector

• Fixed memory leak

• In rules, the separator used in xml_tag values that combine a URI, namespace, and tag name has been changed from : to |

• Fixed blocking issue with denylisted origins and Wallarm Console UI-configured mode

• Internal improvements

0.15.1 (2025-07-08)¶

• Added support for the config.aggregation.serviceAddress parameter to customize the address and port for incoming wstore connections

• Minor internal file structure change

• Fixed the CVE-2025-22874 vulnerability

• Fixed the CVE-2025-47273 vulnerability

0.14.1 (2025-05-07)¶

• Added support for the IBM API Connect connector

• Fixed the CVE-2025-22871 vulnerability

• Fixed handling of clusterIP: None in Helm chart headless service

• Fixed a recurring intermittent bug that could cause occasional corruption of request and response bodies

• Fixed incorrect display of Native Node versions in Wallarm Console → Nodes

0.14.0 (2025-04-16)¶

• Wallarm Node now uses wstore, a Wallarm-developed service, instead of Tarantool for local postanalytics processing

• All tarantool references in values.yaml (including container names and parameter keys) have been renamed to wstore

  If you override these parameters in your configuration, update their names accordingly.

• The collectd service, previously installed on all filtering nodes, has been removed along with its related plugins

  Metrics are now collected and sent using Wallarm's built-in mechanisms, reducing dependencies on external tools.

• Renamed the container label to type in all Prometheus metrics matching *_container_* to prevent conflicts with Kubernetes system labels

Docker image¶

The Docker image for the Native Node is used for self-hosted node deployment with the MuleSoft Mule or Flex Gateway, CloudFront, Cloudflare, Istio, Broadcom Layer7 API Gateway, Fastly, IBM DataPower connectors.

How to upgrade

0.17.1 (2025-08-15)¶

• Fixed the stuffed credentials export to the Cloud

• Improved GraphQL parser

• Optimized the internal channel between the Node and wstore to increase throughput

  This prevents potential data loss when the Node ingests traffic faster than it can export it to postanalytics.

• Fixed an issue where serialized requests without a source IP address failed to be exported to postanalytics

• Bug fixes and internal improvements

0.16.3 (2025-08-05)¶

• Fixed a silent failure when upgrading with the --preserve flag set to true

0.16.1 (2025-08-01)¶

• Introduced the drop_on_overload parameter to control dropping excess input under high load

  Enabled (true) by default.

• Added new Prometheus metrics:

  • wallarm_gonode_application_info with the general Native Node instance information, e.g.:

    wallarm_gonode_application_info{deployment_type="node-native-aio-installer",mode="connector-server",version="0.16.1"} 1
    

  • wallarm_gonode_http_inspector_balancer_workers

  • wallarm_gonode_http_inspector_debug_container_len now includes aggregate="sum" for type="channel:in"
  • wallarm_gonode_http_inspector_errors_total now includes a new type="FlowTimeouts"

• Improved stability in the internal http_inspector module

0.16.0 (2025-07-23)¶

• Added support for the MuleSoft Flex Gateway connector

• Introduced the input_filters configuration section, allowing to define which requests should be inspected or bypassed by the Node

• Fixed memory leak

• In rules, the separator used in xml_tag values that combine a URI, namespace, and tag name has been changed from : to |

• Fixed blocking issue with denylisted origins and Wallarm Console UI-configured mode

• Internal improvements

0.15.1 (2025-07-08)¶

• Introduced the proxy_headers configuration to configure trusted networks and extract real client IP and host headers

  This replaces http_inspector.real_ip_header used in earlier versions in the tcp-capture mode.

• Added the metrics.namespace configuration option to customize the prefix of Prometheus metrics exposed by the go-node binary

• Added connector.per_connection_limits to control keep-alive connection limits

• Minor internal file structure change

• Fixed wstore ports binding: now bound to 127.0.0.1 instead of 0.0.0.0

• Fixed the CVE-2025-22874 vulnerability

• Fixed the CVE-2025-47273 vulnerability

0.14.1 (2025-05-07)¶

• Added support for the IBM API Connect connector

• Fixed the CVE-2025-22871 vulnerability

• Added support for external health check endpoint

  This is controlled by the new connector.external_health_check configuration section.

• Fixed a recurring intermittent bug that could cause occasional corruption of request and response bodies

• Fixed incorrect display of Native Node versions in Wallarm Console → Nodes

0.14.0 (2025-04-16)¶

• Wallarm Node now uses wstore, a Wallarm-developed service, instead of Tarantool for local postanalytics processing

• The collectd service, previously installed on all filtering nodes, has been removed along with its related plugins

  Metrics are now collected and sent using Wallarm's built-in mechanisms, reducing dependencies on external tools.

Amazon Machine Image (AMI)¶

0.14.0 (2025-05-07)¶

• Initial release

Was this page helpful?

How can we improve this article? (Optional)

Information is unclear or confusing

Insufficient information

Outdated or incorrect information

0/240

Send