Native Node Artifact Versions and Changelog¶
This document lists available versions of the Native Wallarm Node 0.x in various form factors, helping you track releases and plan upgrades.
All-in-one installer¶
The all-in-one installer for the Native Node is used for TCP traffic mirror analysis and self-hosted node deployment with the MuleSoft, CloudFront, Cloudflare, Broadcom Layer7 API Gateway, Fastly connectors.
History of all-in-one installer updates simultaneously applies to it's x86_64 and ARM64 (beta) versions.
0.10.1 (2025-01-02)¶
-
Added support for the Fastly connector
-
Fixed potential request loss at mesh startup
-
Resolved the CVE-2024-45337 and CVE-2024-45338 vulnerabilities
-
Fixed an issue where some requests were processed unsuccessfully, potentially affecting API Sessions, Credential Stuffing, and API Abuse Prevention
0.10.0 (2024-12-19)¶
-
Added URL normalization before selecting route configurations and analyzing data with libproton in
tcp-capture
modeThis is controlled by the
middleware.url_normalize
parameter (true
by default). -
Introduced the
http_inspector.wallarm_process_time_limit
parameter to control request processing time locallyThe default is
1s
unless overridden by Wallarm Console settings. -
Prometheus metrics updates (available in the :9000 port):
- Removed obsolete metrics with static zero values.
- Enhanced
http_inspector_requests_processed
andhttp_inspector_threats_found
metrics withanything
allowed to be specified insource
label values. - Added the
http_inspector_adjusted_counters
metric for tracking request and attack counts.
0.9.1 (2024-12-10)¶
- Minor bug fixes
0.9.0 (2024-12-04)¶
- The default endpoint for JSON-formatted
/wallarm-status
metrics has changed to127.0.0.1:10246
(themetrics.legacy_status.listen_address
parameter value). This legacy service is critical for Node functionality but does not require direct interaction.
0.8.3 (2024-11-14)¶
- Added support for Mulesoft connector 3.0.x
0.8.2 (2024-11-11)¶
- Fixed some bugs in the
wallarm-status
service operation
0.8.1 (2024-11-06)¶
- Fixed regression in the
request_id
format introduced in 0.8.0
0.8.0 (2024-11-06)¶
-
Added support for the Broadcom Layer7 API Gateway connector
-
Added support for API Sessions
-
Improved limiting request processing time
-
Changed default values for the following parameters:
- The
connector.blocking
parameter now defaults totrue
, enabling the Native Node's general capability to block incoming requests without manual configuration during deployment. - The
route_config.wallarm_mode
parameter, which sets the traffic filtration mode, now defaults tomonitoring
, providing an optimal setup for initial deployments.
- The
-
Added URL normalization before selecting route configurations and analyzing data with libproton (controlled by the
controller.url_normalize
parameter which is set totrue
by default) -
Reduced memory usage during node registration
-
Some bug fixes
0.7.0 (2024-10-16)¶
-
Fixed an issue where some internal service connector headers were not being stripped before processing
-
Added support for the mesh feature in
connector-server
mode, enabling consistent request/response routing across multiple node replicasThis introdcues the new configuration parameters under
connector.mesh
to configure the mesh functionality.
0.6.0 (2024-10-10)¶
-
Added support for customizing sensitive data detection in API Discovery
-
Fixed memory leak on duplicate response headers in libproton
-
Fixed memory leak related to IP addresses that are not in IP lists but have known source
-
Updated artifact naming from "next" to "native"
https://meganode.wallarm.com/next/aionext-<VERSION>.<ARCH>.sh
→https://meganode.wallarm.com/native/aio-native-<VERSION>.<ARCH>.sh
0.5.2 (2024-09-17)¶
-
Fixed installation failure issue when no WAAP + API Security subscription is activated
-
Fixed delays in attack export
-
Fixed an issue with the C memory allocator that caused a performance slowdown
0.5.1 (2024-09-16)¶
- Added configurable access log output via
log.access_log
parameters
0.5.0 (2024-09-11)¶
- Minor technical improvements and optimizations
0.4.3 (2024-09-05)¶
- Fixed an issue causing ~0.1% of data source messages to be silently lost due to a typo
0.4.1 (2024-08-27)¶
- Added support for wildcard matching in the
route_config.routes.host
configuration parameter
0.4.0 (2024-08-22)¶
Helm chart¶
The Helm chart for the Native Node is used for self-hosted node deployments with the MuleSoft, CloudFront, Cloudflare, Broadcom Layer7 API Gateway, Fastly, Kong API Gateway, and Istio connectors.
0.10.1 (2025-01-02)¶
-
Added support for the Fastly connector
-
Fixed potential request loss at mesh startup
-
Resolved the CVE-2024-45337 and CVE-2024-45338 vulnerabilities
-
Fixed an issue where some requests were processed unsuccessfully, potentially affecting API Sessions, Credential Stuffing, and API Abuse Prevention
0.10.0 (2024-12-19)¶
-
Introduced more granular logging configuration options in the
config.connector.log
section, replacing the singleconfig.connector.log_level
parameter -
The default log level is now
info
(previouslydebug
)
0.9.1 (2024-12-10)¶
- Minor bug fixes
0.9.0 (2024-12-04)¶
-
Some fixes for consistent traffic distribution across all aggregation replicas.
-
The default endpoint for JSON-formatted
/wallarm-status
metrics has changed to127.0.0.1:10246
(themetrics.legacy_status.listen_address
parameter value). This legacy service is critical for Node functionality but does not require direct interaction. -
Minor fixes to increase reliability under diverse deployment conditions.
0.8.3 (2024-11-14)¶
- Added support for Mulesoft connector v3.0.x
0.8.2 (2024-11-11)¶
- Fixed some bugs in the
wallarm-status
service operation
0.8.1 (2024-11-07)¶
-
Added support for the Broadcom Layer7 API Gateway connector
-
Added support for API Sessions
-
Improved limiting request processing time
-
The
config.connector.mode
parameter, which sets the traffic filtration mode, now defaults tomonitoring
, providing an optimal setup for initial deployments -
Reduced memory usage during node registration
-
Some bug fixes
0.7.0 (2024-10-17)¶
-
Fixed an issue where some internal service connector headers were not being stripped before processing
-
Added support for customizing sensitive data detection in API Discovery
-
Fixed memory leak on duplicate response headers in libproton
-
Fixed memory leak related to IP addresses that are not in IP lists but have known source
-
Updated artifact naming from "next" to "native"
wallarm/wallarm-node-next
→wallarm/wallarm-node-native
-
Updated the
config.wallarm_node_address
parameter value in theKongClusterPlugin
Kubernetes resource used to activate the Wallarm Lua plugin:http://next-processing.wallarm-node.svc.cluster.local:5000
→http://native-processing.wallarm-node.svc.cluster.local:5000
0.5.3 (2024-10-01)¶
- Initial release
Docker image¶
The Docker image for the Native Node is used for self-hosted node deployment with the MuleSoft, CloudFront, Cloudflare, Broadcom Layer7 API Gateway, Fastly connectors.
0.10.1 (2025-01-02)¶
-
Added support for the Fastly connector
-
Fixed potential request loss at mesh startup
-
Resolved the CVE-2024-45337 and CVE-2024-45338 vulnerabilities
-
Fixed an issue where some requests were processed unsuccessfully, potentially affecting API Sessions, Credential Stuffing, and API Abuse Prevention
0.10.0 (2024-12-19)¶
-
Resolved the critical CVE-2024-45337 vulnerability and addressed several minor vulnerabilities
-
Added URL normalization before selecting route configurations and analyzing data with libproton in
tcp-capture
modeThis is controlled by the
middleware.url_normalize
parameter (true
by default). -
Introduced the
http_inspector.wallarm_process_time_limit
parameter to control request processing time locallyThe default is
1s
unless overridden by Wallarm Console settings. -
Prometheus metrics updates (available in the :9000 port):
- Removed obsolete metrics with static zero values.
- Enhanced
http_inspector_requests_processed
andhttp_inspector_threats_found
metrics withanything
allowed to be specified insource
label values. - Added the
http_inspector_adjusted_counters
metric for tracking request and attack counts.
0.9.1 (2024-12-10)¶
- Minor bug fixes
0.9.0 (2024-12-04)¶
-
Some fixes for consistent traffic distribution across all aggregation replicas.
-
The default endpoint for JSON-formatted
/wallarm-status
metrics has changed to127.0.0.1:10246
(themetrics.legacy_status.listen_address
parameter value). This legacy service is critical for Node functionality but does not require direct interaction. -
Minor fixes to increase reliability under diverse deployment conditions.
0.8.3 (2024-11-14)¶
- Added support for Mulesoft connector v3.0.x
0.8.2 (2024-11-11)¶
- Fixed some bugs in the
wallarm-status
service operation
0.8.1 (2024-11-06)¶
-
Added support for the Broadcom Layer7 API Gateway connector
-
Added support for API Sessions
-
Improved limiting request processing time
-
Changed default values for the following parameters:
- The
connector.blocking
parameter now defaults totrue
, enabling the Native Node's general capability to block incoming requests without manual configuration during deployment. - The
route_config.wallarm_mode
parameter, which sets the traffic filtration mode, now defaults tomonitoring
, providing an optimal setup for initial deployments.
- The
-
Added URL normalization before selecting route configurations and analyzing data with libproton (controlled by the
controller.url_normalize
parameter which is set totrue
by default) -
Reduced memory usage during node registration
-
Some bug fixes
0.7.0 (2024-10-16)¶
-
Fixed an issue where some internal service connector headers were not being stripped before processing
-
Added support for the mesh feature in
connector-server
mode, enabling consistent request/response routing across multiple node replicasThis introdcues the new configuration parameters under
connector.mesh
to configure the mesh functionality.
0.6.0 (2024-10-10)¶
- Initial release