User Manual
OrpheAgent Release Note
Version 1.3
OrpheAgent 1.0.3
Release Date: October 17, 2025
New Features
- Hole Punch Event WebSocket: Added WebSocket endpoint for real-time hole punching events. Handles WebSocket connections to provide live notifications about NAT traversal attempts, including address exchange, hole punch attempts, and connection status updates between peers.
- Data Plane P2P Control Commands: Enhanced
orphe-agent dp-p2pcommand with newupanddownactions for toggling the Data Plane on/off. - SNAT Support for Data Plane: Added
-s, --snatflag toorphe-agent dp-p2pcommand to enable Source NAT (SNAT) for data plane traffic. - LuCI Data Plane P2P Configuration Page: Added a new Data Plane P2P settings page in LuCI with equivalent functionality to the
orphe-agent dp-p2pcommand. The Data Plane Tunnel Mode configuration has been moved from the Config page to this new dedicated page.
Bug Fixes
- Fixed
orphe-agent downCommand Hang: Resolved issue where theorphe-agent downcommand would freeze/hang during execution. - Fixed OrpheAgent Toggle in LuCI: Resolved issue where enabling/disabling OrpheAgent through the LuCI interface would fail.
Enhancements
- Simplified Peer Discovery and Traversal: Streamlined the operation flow of both Decentralized Peer Discovery and Traversal mechanism and Centralized Relay-Assisted Traversal mechanism for improved performance and reliability.
- Removed Development Mode APIs: Removed
GET /api/v1/develop/modeandPOST /api/v1/develop/modeendpoints to prevent users from modifying the current mode through API calls, ensuring better system stability and security.
OrpheAgent 1.0.2
Release Date: October 3, 2025
New Features
- Data Plane P2P Management: Added new
dataplane-p2pcommand for configuring data plane peer-to-peer settings with actions to save, show, and clean configurations
Bug Fixes
- Provision Key Assignment: Fixed provision key assignment logic to ensure ProvisionKey is only assigned from existing configuration if not provided in input, preventing accidental overwriting with empty values and maintaining configuration integrity
- Control Plane P2P Flags: Fixed issue where
--udp-hole-punch,--mdns, and--relayflags incontrolplane-p2pcommand were not taking effect
Enhancements
- Command Naming Consistency: Renamed command from
control-plane-p2ptocontrolplane-p2pfor consistency - Data Plane Configuration Refactoring: Removed
dataplane-tun-modefromconfigcommand and added--tun-modeflag todataplane-p2pcommand - Thread Safety Improvements: Updated DHT datastore initialization to use
syncds.MutexWrapfor improved thread safety in both control plane and data plane P2P discover modules - Configuration Validation: Added checks for existing configuration ports before saving new settings with proper error logging when ports are unavailable
- Relay Discovery Improvements: If the number of relay nodes available for connection is zero, the Relay Discovery mechanism will be retried. Additionally, after successful provisioning, the settings for the Control Plane secure option will no longer be overwritten
- Documentation: Updated README.md with comprehensive Data Plane P2P Management and Config section including command usage, options, and examples
- OrpheConsole Improvements prevent enabling dataplane in orphe-console mode
OrpheAgent 1.0.1
Release Date: September 26, 2025
New Feature
- Firewall Management System: Introduced a comprehensive Firewall Management function that:
- Performs periodic comparisons between nftables and iptables rule states
- Automatically detects and repairs inconsistencies
- Ensures firewall configuration stability and reliability
- Provision Command for CLI: Added a new
provisioncommand to the CLI that:- Configures discovery settings including Multicast, MDNS, and Relay discovery mechanisms
- Supports three actions: save (configure settings), show (display current configuration), and clean (restore defaults)
- Provides granular control over device discovery protocols with boolean flags for each mechanism
- Includes automatic restart prompts to apply configuration changes seamlessly
Fix Bug
- Thread Safety Enhancement: Added mutex lock to the dataplane set status function to prevent panic conditions when multiple threads execute the function simultaneously
- Relay Address Validation: Implemented error handling for self-owned relay address format issues to prevent system panics
- Traffic Graph Corrections: Fixed negative value issues in Traffic Graph displays
- Status Command Fixes: Resolved status and traffic statistics anomalies in the
orphe-agent statuscommand
Enhancement
- Jump to Service Optimization: Streamlined Jump to Service functionality for both Cloud and On-Premises versions to improve performance and resource utilization
- Enhanced Dataplane IP Rule Priority: Elevated the priority of Dataplane IP rules to ensure proper rule application and prevent conflicts
- Improved Provision Mechanism: Strengthened the Relay Discovery process within the Provision mechanism, enhancing device discovery efficiency and stability
- Bootstrap Node Updates: Updated bootstrap node multi-address configuration for improved connectivity
- OrpheLink Connection State Protection: Added firewall rule to prevent end devices with OrpheAgent from connecting to OrpheLink, ensuring accurate OrpheLink connection state detection mechanism
