Skip to content

Native Node Artifact Versions and Changelog

This document lists available versions of the Native Wallarm Node 0.14.x+ in various form factors, helping you track releases and plan upgrades.

All-in-one installer

The all-in-one installer for the Native Node is used for TCP traffic mirror analysis and self-hosted node deployment with the MuleSoft Mule or Flex Gateway, CloudFront, Cloudflare, Istio, Broadcom Layer7 API Gateway, Fastly, IBM DataPower connectors.

History of all-in-one installer updates simultaneously applies to it's x86_64 and ARM64 (beta) versions.

How to upgrade

0.16.1 (2025-08-01)

  • Introduced the drop_on_overload parameter to control dropping excess input under high load

    Enabled (true) by default.

  • Added new Prometheus metrics:

    • wallarm_gonode_application_info with the general Native Node instance information, e.g.:

      wallarm_gonode_application_info{deployment_type="node-native-aio-installer",mode="connector-server",version="0.16.1"} 1

    • wallarm_gonode_http_inspector_balancer_workers

    • wallarm_gonode_http_inspector_debug_container_len now includes aggregate="sum" for type="channel:in"
    • wallarm_gonode_http_inspector_errors_total now includes a new type="FlowTimeouts"

  • Improved stability in the internal http_inspector module

0.16.0 (2025-07-23)

  • Added support for the MuleSoft Flex Gateway connector

  • Introduced the input_filters configuration section, allowing to define which requests should be inspected or bypassed by the Node

  • Fixed memory leak

  • In rules, the separator used in xml_tag values that combine a URI, namespace, and tag name has been changed from : to |

  • Fixed blocking issue with denylisted origins and Wallarm Console UI-configured mode

  • Internal improvements

0.15.1 (2025-07-08)

  • Introduced the proxy_headers configuration to configure trusted networks and extract real client IP and host headers

    This replaces http_inspector.real_ip_header used in earlier versions in the tcp-capture mode.

  • Added the metrics.namespace configuration option to customize the prefix of Prometheus metrics exposed by the go-node binary

  • Fixed the --preserve script flag behavior to correctly retain the existing node.yaml and env.list files during upgrade

    Previously, these files could be overwritten, resulting in loss of configuration.

  • Added connector.per_connection_limits to control keep-alive connection limits

  • Minor internal file structure change

  • Fixed wstore ports binding: now bound to 127.0.0.1 instead of 0.0.0.0

  • Fixed the CVE-2025-22874 vulnerability

  • Fixed the CVE-2025-47273 vulnerability

0.14.1 (2025-05-07)

  • Added support for enumeration mitigation controls

  • Added support for Rate abuse protection mitigation control

  • Added support for the IBM API Connect connector

  • Fixed the CVE-2024-56406, CVE-2025-31115 vulnerabilities

  • Added support for external health check endpoint in the connector-server mode

    This is controlled by the new connector.external_health_check configuration section.

  • Fixed a recurring intermittent bug that could cause occasional corruption of request and response bodies

  • The following fixes and updates were made in tcp-capture mode:

    • GoReplay is now built with Go 1.24
    • Fixed: go-node process no longer hangs when the goreplay process crashes
    • Fixed a crash caused by a slice out-of-bounds error during header parsing in GoReplay
    • Fixed incorrect display of Native Node versions in Wallarm Console → Nodes

0.14.0 (2025-04-16)

  • Wallarm Node now uses wstore, a Wallarm-developed service, instead of Tarantool for local postanalytics processing

  • The collectd service, previously installed on all filtering nodes, has been removed along with its related plugins

    Metrics are now collected and sent using Wallarm's built-in mechanisms, reducing dependencies on external tools.

Helm chart

The Helm chart for the Native Node is used for self-hosted node deployments with the MuleSoft Mule or Flex Gateway, CloudFront, Cloudflare, Broadcom Layer7 API Gateway, Fastly, IBM DataPower, Kong API Gateway, and Istio connectors.

How to upgrade

0.16.1 (2025-08-01)

  • Introduced the input_filters configuration section, allowing to define which requests should be inspected or bypassed by the Node

  • Introduced the drop_on_overload parameter to control dropping excess input under high load

    Enabled (true) by default.

  • Added new Prometheus metrics:

    • wallarm_gonode_application_info with the general Native Node instance information, e.g.:

      wallarm_gonode_application_info{deployment_type="node-native-aio-installer",mode="connector-server",version="0.16.1"} 1

    • wallarm_gonode_http_inspector_balancer_workers

    • wallarm_gonode_http_inspector_debug_container_len now includes aggregate="sum" for type="channel:in"
    • wallarm_gonode_http_inspector_errors_total now includes a new type="FlowTimeouts"

  • Deprecated the Wallarm Connector for Istio that relied on a Lua plugin

    We recommend using the gRPC-based external processing filter for Istio instead.

  • For the deprecated Istio connector, the following improvements were made to ensure compatibility in existing deployments:

    • Fixed mesh balancing logic for messages
    • Added the disable_mesh parameter to process all connector traffic on the Node without mesh balancing (false by default - mesh balancing is enabled)
    • Added support for the drop_on_overload parameter

  • Improved stability in the internal http_inspector module

0.16.0 (2025-07-23)

  • Added support for the MuleSoft Flex Gateway connector

  • Fixed memory leak

  • In rules, the separator used in xml_tag values that combine a URI, namespace, and tag name has been changed from : to |

  • Fixed blocking issue with denylisted origins and Wallarm Console UI-configured mode

  • Internal improvements

0.15.1 (2025-07-08)

0.14.1 (2025-05-07)

  • Added support for the IBM API Connect connector

  • Fixed the CVE-2025-22871 vulnerability

  • Fixed handling of clusterIP: None in Helm chart headless service

  • Fixed a recurring intermittent bug that could cause occasional corruption of request and response bodies

  • Fixed incorrect display of Native Node versions in Wallarm Console → Nodes

0.14.0 (2025-04-16)

  • Wallarm Node now uses wstore, a Wallarm-developed service, instead of Tarantool for local postanalytics processing

  • All tarantool references in values.yaml (including container names and parameter keys) have been renamed to wstore

    If you override these parameters in your configuration, update their names accordingly.

  • The collectd service, previously installed on all filtering nodes, has been removed along with its related plugins

    Metrics are now collected and sent using Wallarm's built-in mechanisms, reducing dependencies on external tools.

  • Renamed the container label to type in all Prometheus metrics matching *_container_* to prevent conflicts with Kubernetes system labels

Docker image

The Docker image for the Native Node is used for self-hosted node deployment with the MuleSoft Mule or Flex Gateway, CloudFront, Cloudflare, Istio, Broadcom Layer7 API Gateway, Fastly, IBM DataPower connectors.

How to upgrade

0.16.1 (2025-08-01)

  • Introduced the drop_on_overload parameter to control dropping excess input under high load

    Enabled (true) by default.

  • Added new Prometheus metrics:

    • wallarm_gonode_application_info with the general Native Node instance information, e.g.:

      wallarm_gonode_application_info{deployment_type="node-native-aio-installer",mode="connector-server",version="0.16.1"} 1

    • wallarm_gonode_http_inspector_balancer_workers

    • wallarm_gonode_http_inspector_debug_container_len now includes aggregate="sum" for type="channel:in"
    • wallarm_gonode_http_inspector_errors_total now includes a new type="FlowTimeouts"

  • Improved stability in the internal http_inspector module

0.16.0 (2025-07-23)

  • Added support for the MuleSoft Flex Gateway connector

  • Introduced the input_filters configuration section, allowing to define which requests should be inspected or bypassed by the Node

  • Fixed memory leak

  • In rules, the separator used in xml_tag values that combine a URI, namespace, and tag name has been changed from : to |

  • Fixed blocking issue with denylisted origins and Wallarm Console UI-configured mode

  • Internal improvements

0.15.1 (2025-07-08)

  • Introduced the proxy_headers configuration to configure trusted networks and extract real client IP and host headers

    This replaces http_inspector.real_ip_header used in earlier versions in the tcp-capture mode.

  • Added the metrics.namespace configuration option to customize the prefix of Prometheus metrics exposed by the go-node binary

  • Added connector.per_connection_limits to control keep-alive connection limits

  • Minor internal file structure change

  • Fixed wstore ports binding: now bound to 127.0.0.1 instead of 0.0.0.0

  • Fixed the CVE-2025-22874 vulnerability

  • Fixed the CVE-2025-47273 vulnerability

0.14.1 (2025-05-07)

  • Added support for the IBM API Connect connector

  • Fixed the CVE-2025-22871 vulnerability

  • Added support for external health check endpoint

    This is controlled by the new connector.external_health_check configuration section.

  • Fixed a recurring intermittent bug that could cause occasional corruption of request and response bodies

  • Fixed incorrect display of Native Node versions in Wallarm Console → Nodes

0.14.0 (2025-04-16)

  • Wallarm Node now uses wstore, a Wallarm-developed service, instead of Tarantool for local postanalytics processing

  • The collectd service, previously installed on all filtering nodes, has been removed along with its related plugins

    Metrics are now collected and sent using Wallarm's built-in mechanisms, reducing dependencies on external tools.

Amazon Machine Image (AMI)

0.14.0 (2025-05-07)

  • Initial release