| What's new | ||
|---|---|---|
 |  | |
| What's new | ||
|---|---|---|
| | | |
![[Important]](../images/important.png) | Important |
|---|---|
Remember from release 8.0:
|
New features of the release 8.10:
SystemAdded support for INTEL YL-3160L2 motherboard.
Added support for Intel HDA audio driver, specifically for chips ALC262, ALC887.
Supported M/B are D2594-A1, GA-J3455, GA-N3150, GA-N3160, B365-DS3H.
ListsExtended listitems limit from 50000 to 200000.
[15:16:03] ABILIS_CPX:d g ? listitems
General system parameters:
listitems: Number of CPX list items [4000..200000].
It must be multiple of 1000.
[15:16:09] ABILIS_CPX: Changed INP list elements from Cg,Cd to Number,Cd.
The change was needed because the former Cg field can be used now for different purposes in place of Cg,Rg,Sg,Sd.
Use of INP list has been slightly changed in CTIR fields
and xxx-CDI-PERMIT. See Cti Router section
for more details.
Cti routerCDI and CDO fields
in routings have been extended to support up to 30
digits.
The previous 20 digits limit was insufficient when dealing with "routing numbers" used in carrier interconnection.
All lists that can be used with "called numbers" have been extended to 30 digits too.
Slightly changed use of INP lists, either directly or via RU/MR lists.
When used in routing fields:
CDI - check CG (if RG absent) or RG
(if RG present) and CD of the call against Number and CD of
the list.
CGI, RGI,
SGI, SDI - check
respectively CG/RG/SG/SD and CD of the call against Number
and CD of the list.
For xxx-CDI-PERMIT:
check CG (if RG absent) or RG (if RG present) and CD of the call against Number and CD of the list.
Added transparent support of G.722 codec.
The G.722 codec is currently supported only when Abilis does not need to decode the stream, e.g. Sip-to-Sip connections; the complete support that includes voice messages, transcoding, mixer, etc... is planned for some future release.
When decoding is needed, e.g. connection to DISA, a runtime-codec-change to G.711 or any other codec available is performed, and if none is available or succeeds the call is dropped.
Extended music-on-hold with the possibility to feed audio stream from the on-board analog audio in.
[13:22:19] ABILIS_CPX:d p ctisys | mohMOH:YES MOH-SOURCE:AUTO-LINE-IN MOH-MSG:* MOH-LINE-IN-GAIN:0 MOH-DIR:C:\APP\CTI\MOH\ [13:22:28] ABILIS_CPX:d p ctisys router ?... MOH: Enable/disable Music on Hold service [NO, YES] MOH-SOURCE: Source of MOH audio [MSG, LINE-IN, AUTO-LINE-IN] - MSG: audio from music/message files. - LINE-IN: audio from LINE-IN jack. - AUTO-LINE-IN: audio from LINE-IN jack when jack is inserted, otherwise from music/message files. MOH-MSG: Name of the file holding the music/message to be played. - # : Do not play any music/message. - * : Play all music/message files in alphabetic order. - Max 20 chars. Spaces require double quotes (E.g. "Dft music"). MOH-DIR: Music on Hold service Working directory path. Full path with drive letter ['C'..'Z'] terminated by '\'. Max 128 chars. Spaces require double quotes (E.g. "C:\My dir\"). MOH-LINE-IN-GAIN: MOH line input gain adjustment [-30..+30 dB]. ...
CtiVr Voice RecorderSlightly changed use of INP lists, either directly or via RU/MR lists.
CDI - check CGI (if RGI absent)
or RGI (if RGI present) and CDI of the call against Number
and CD of the list.
CGI, RGI,
SGI, SDI - check
respectively CGI/RGI/SGI/SDI and CDI of the call against
Number and CD of the list.
CDO - check CGO (if RGO absent)
or RGO (if RGO present) and CDO of the call against Number
and CD of the list.
SGO, RGO,
SGO, SDO - check
respectively CGO/RGO/SGO/SDO and CDO of the call against
Number and CD of the list.
SIPProcessing of "called number" now tolerates up to 30 digits.
Although up to 20 digits numbers can be assigned to users (in SIP-NUMBER, SIP-CG-NUM, NUM, NUMx), SIP can process called numbers up to 30 digits. It possible to use wildcards for numbers longer than 20, SIP is able to match and forward the numbers in excess of 20.
Improved Click&Call service in several situations when runtime codec change is needed.
SIP CAPABILITIES are now cleared when when SIP-TYPE of a user that was PHONE is changed to other values. As before, the SIP CAPABILITIES are stored and updated for SIP-TYPE:PHONE only.
Changed 'mxps' range from [1472..65507 byte] to [2972..65507 byte].
AccountingExtended CDR records to hold called numbers of up to 30 digits.
TCPThe buffers used for TCP RECEIVE WINDOW and TCP SEND WINDOW are now created inside the drivers that use TCP.
With this new method the drivers can choose a window which is more adequate for their needs.
HTTP, FTP, SSH, TELNET drivers permits a runtime change, all the others only upon reboot.
UDPChanged 'reas-dg-size' range from [576..65535 byte] to [3000..65535 byte].
Changed 'reas-dg-num' range from [2..100] to [20..100].
VRRPExtended VRRP ROUTER table from 16 to 64 records.
DHCPImproved handling of address assignment procedure.
A receive queue has been added to better handle delays in
the address assignment when
ICMPCHK:YES.
AIPT2For ROLE:CLIENT
added option for
LOCPORT:AUTO.
If tunnel stays DOWN for 5 minutes a new pseudorandom local UDP port will be used.
This is a workaround for bugs in external devices that suddenly and inexplicably blocks a UDP port being used.
[15:33:23] ABILIS_CPX:d p ip-70 ? locport
Ip-70 (Abilis IP tunnel v.2) resource parameters:
LOCPORT: Local UDP port number [AUTO, 1..65535].
Packets are sent with this port as source port.
Packets are received with this port as destination port.
For ROLE:SERVER the range is restricted to [1..65535].
NATImproved
NAT-LOOBACK:YES
behaviour.
Destination translation with filters on source nets, and
complementary source translations with filters on destination
nets, where not included in the addresses suitable for
NAT-LOOBACK.
This behaviour was not correct and has been changed to include them regardless of the filters.
Improved NAT-IPSEC interaction.
For a proper NAT-IPSEC interaction it was commonly necessary to filter out from NAT, by means of lists, the networks handled by IPSEC.
It is no more necessary since NAT is now automatically aware of IPSEC networks, which are also visible with D NAT IPSEC and D NAT ALL commands. The usual D NAT command shows a note if some nets are skipped because of IPSEC.
Note that in order to be skipped the actual INNAT-ONAT side but be the same, otherwise the NAT pre-IPSEC is called anyway.
Below is an example of what was necessary before and what is now enough.
Before:
since the IpRes used for Internet connection is also used to establish IPSec connections, the IP addresses assigned to IPSec had to be filtered out in the NAT rules, like below (IPSec addresses 192.168.2.x, LAN addresses 192.168.0.0/24)
[13:06:13] ABILIS_CPX:d natUPNP maps not present Configured maps ------------------------------------------------------------------------------- PR: [DESCR:] INAT: ADD: SNET: DNET: ANET: ONAT: SPO: DPO: APO: PAT: SRES: DRES: PROT: TOUT: ------------------------------------------------------------------------------- 0 [Surf the internet] IN SRC 192.168.000.000/24 'NotIpsec' OUT-IP OUT * * AUTO YES ------------------------------------------------------------------------------- [13:06:15] ABILIS_CPX:d list:notipsecLIST:NotIpsec - RU - Ref-Numb:2 Items-Numb:1 -------------------------------------------------------------------------- NOT.ipsec [13:06:35] ABILIS_CPX:d list:ipsecLIST:ipsec - IR - Ref-Numb:1 Items-Numb:2 -------------------------------------------------------------------------- 192.168.002.000:192.168.002.255
Now:
the NAT rule suffice.
[13:06:13] ABILIS_CPX:d nat
*** SOME NETs skipped due to IPSEC policies ***
*** use D NAT IPSEC or D NAT ALL to see them ***
Configured maps
-------------------------------------------------------------------------------
PR: [DESCR:]
INAT: ADD: SNET: DNET: ANET:
ONAT: SPO: DPO: APO: PAT:
SRES: DRES: PROT: TOUT:
-------------------------------------------------------------------------------
0 [Surf the internet]
IN SRC 192.168.000.000/24 * OUT-IP
OUT * * AUTO YES
-------------------------------------------------------------------------------
IPSecAdded command D D IPSEC POLICY as alias of DEBUG RES:IPSEC LSN:4.
Modified installation of OUTBOUND policies.
Now the OUTBOUND policies of all defined IKE CLI are installed in HOLD state when the IKE HOST is down or the client did not really activate the SA.
In this way the NETs intended to be managed by IPSEC are always intercepted and complete interaction with NAT is possible.
Moreover if the IKE HOST is down, or the SA is not activated, the packets are dropped instead of being sent not ciphered (although typically discarded by the next hop router).
Here is an example with IKE HOST down but OUTBOUND policy installed.
[15:09:14] ABILIS_CPX:d d ikeRES:Ike ----------------------------------------------------------------------- Internet_Keys_Exchange_Protocol IKE-STATE:ACTIVE CUR-MAX-HOSTS:16 ISAKMP-SA:0 IPSEC-SA:0 IPSEC-STATE:ACTIVE CUR-HOSTS:0 ISAKMP-SA-EST:0 IPSEC-SA-EST:0 - Security Associations diagnostics --------------------------------------- Host Name Lifetime Dpd DH NATT LocIp-Port Type Expiry Action Hash Side SN RemIp-Port State Replace Pending Cipher -------------------------------------------------------------------- Host Name Lifetime Passive Esp Ah Cli LocNet/LocMask Type Expiry Perm EspAuth AhAuth SN RemNet/RemMask State Replace Tunnel EspCipher Pfs --------------------------------------------------------------------------- *** NO SECURITY ASSOCIATION *** [15:09:16] ABILIS_CPX:d d ipsec policyRES:IpSec --------------------------------------------------------------------- IP_Security_Protocol BufferLength:64512 Date/Time:19/10/2020 15:09:27 TraceTime:260602213 ------------------------------------------------------------------------------ ID NAME STATE NAT-SIDE SN-OWNER SRC-FILTER DST-FILTER POLICY SA-BUNDLE ------------------------------------------------------------------------------ Outbound policies: -------------------------------------------------------------------------- 0 HOLD INSIDE NOBODY 001.001.002.000/24:0 001.001.001.000/24:0 IPSEC NONE ------------------------------------------------------------------------------ Inbound policies: ------------------------------------------------------------------------------ [15:09:27] ABILIS_CPX:d nat*** SOME NET skipped due to IPSEC policies *** *** use D NAT IPSEC or D NAT ALL to see them *** Configured maps ------------------------------------------------------------------------------- PR: [DESCR:] INAT: ADD: SNET: DNET: ANET: ONAT: SPO: DPO: APO: PAT: SRES: DRES: PROT: TOUT: ------------------------------------------------------------------------------- *** NO NAT ALIAS ENTRIES CONFIGURED *** [15:09:29] ABILIS_CPX:d nat ipsecNET skipped due to IPSEC policies ------------------------------------------------------------------------------- SNET: DNET: INAT-ONAT: ------------------------------------------------------------------------------- 001.001.002.000/24 001.001.001.000/24 IN-IN -------------------------------------------------------------------------------
EthUsbAdded protection to prevent system reboot in case that USB packet is corrupted (HW error).
SNMPDHCP: added 'cxDhcpStNoBufIn' statistic
to cxDhcpStTable.
LDAP: Added cxLdapDgCliTable,
cxLdapDgCliSesTable, cxLdapStCliTable and cxLdapStCliSesTable
for Client diagnostics and statistics.
TCP: Added diagnostic variable
cxTcpStConLocPort2.
HTTP: Added diagnostic variables
cxHttpDgCurTcpRWin, cxHttpDgCurTcpSWin, cxHttpDgConLocPortPlain,
cxHttpDgConLocPortSsl. Obsoleted cxHttpDgConLocPort.
VRRP: Extended range of
cxVrrpDgRouterIndex and of cxVrrpStRouterIndex from [0..15] to
[0..63].
SIP channel diagnostics/statistics:
updated 'cxCtiSipDgChCalled' and 'cxCtiSipStChCalled' length in
MIB because they can be up to 30 characters long.
CTI connection diagnostics: updated
'cxCtiSysDgConCdi' and 'cxCtiSysDgConCdo' length in MIB because
they can be up to 30 characters long.
