Abilis CPX 2000, update 9.0.0
Released on January 5, 2024.
Enhancements
- WEB
-
-
A new GUI, with completely redesigned web pages, is available.
Figure: Abilis home page
Each user can log in using his own password, accessing the specific level of access that the system administrator has reserved for him, for more effective system management, to use the completely renewed services and new tools available starting from this version.
The new GUI is supplied with a complete and detailed online manual.
Figure: Abilis online manual
-
- Automation
-
-
WIO
Added Wireless input/output devices, with which it is possible to arrange Wireless Sensor Networks (WSN).
The project aims to provide analog and digital I/O wireless devices to create low speed, long range point-to-multipoint wireless networks, to let a thousand (or more) of tiny client-stations to interact reliably and securely with a central server-controller.
A large number of wireless sensor nodes can manage and monitor the environment in a certain area; they can be connected to one or more WIO devices, the concentrator stations which act as control unit and that are connected via Internet to Abilis.
Abilis deals with the processing, analysis and archiving of data and of the consequent leadership of any action that may become necessary.
-
Videorecorder
Redesigned and improved Videorecorder page.
Figure: Abilis Videorecorder page sample
-
Program tables
They allow the control of I/O devices through programs in the form of sheets, automatically compiled into LUA scripts.
Available from new web interface only. Explained fully in the online manual.
Figure: Automation sheets sample
-
- MULTICORE
-
-
Improved multiprocessing, allowing a more effective exploitation of the additional cores and consequently increasing the efficiency of the processes performed on the main core.
This improvement is mainly used by commissioning the execution of LUA scripts on the extra cores, greatly improving efficiency of processes.
-
Added support for M/B with CPU Intel J4125 with BIOS ReleaseDate 09/26/2023 detected on the miniPC with 4Eth Intel i225 MB.
-
- PCISRV
-
-
Added support of new Slotid-NONE reordering for Eth-x devices for miniPC with 4 Eth I225.
Added support for 2 types of INTEL i225 (V,LM) Ethernet chips present on 4 Eth miniPC and standalone PCIe card.
-
- ETH
-
-
INTELG3 - Added driver for Intel i225 Ethernet chip present on miniPC with 4 Ethernet chips (i225V) and also standalone PCIe card (i225LM).
REALTEKG - Rtl8125 (2.5Gbps) uses now specific amount of TX/RX DMA buffers, specifically TX DMA amount increased from 50 to 256 buffers.
REALTEKG - Fixed VLAN handling for RTL8111D, Rx Vlan de-tagging doesn't work for this chip, necessary to handle de-tagging by SW in the driver (made just for this chip).
-
- USERs
-
-
HTTP section
Removed parameter 'HTTP' and replaced with parameter 'HTTP-LEVEL'. With this parameter the administrator can not only enable users to access to the Abilis web interface, but also he will assign them the level of access privileges [NO, USER, ADVANCED, MANAGER, ADMINISTRATOR, SUPER].
[12:18:10] ABILIS_CPX:d user:MyUser ? http-level User's parameters: HTTP-LEVEL: Enable/disable HTTP for this user and select the access level to the web interface [NO (disabled), USER, ADVANCED, MANAGER, ADMIN, SUPER] The 'SUPER' level is reserved for the user 'super' and cannot be assigned to any other user. For user 'super' the level is 'SUPER' and cannot be changed. For user 'admin' the level is 'ADMIN' and cannot be changed. User 'guest' is always not enabled. [12:18:21] ABILIS_CPX:A new set of parameters specific for the new web interface are now present:
-
Group label (parameter 'HTTP-GUI-GROUP') can be used by the administrator to group users for administrative purposes.
-
Permissions to functional areas (parameter 'HTTP-GUI-NETWORK', 'HTTP-GUI-PHONE', 'HTTP-GUI-AUTO', 'HTTP-GUI-VIDEO' and 'HTTP-GUI-TOOLS') are used by the administrator to enable/disable the user to the corresponding functional area of the web interface.
[12:18:10] ABILIS_CPX:d user:MyUser http ? User's parameters: ... HTTP-GUI-GROUP: Group label used in web pages for administrative purposes. Max 32 ASCII characters. Spaces require double quotes (E.g. "my group"). HTTP-GUI-NETWORK: Enable/disable the user to "Network" functional area of the web interface [NO, YES] User 'super' is always enabled. User 'admin' is always enabled. User 'guest' is always disabled. HTTP-GUI-PHONE: Enable/disable the user to "Phone" functional area of the web interface [NO, YES] User 'super' is always enabled. User 'admin' is always enabled. User 'guest' is always disabled. HTTP-GUI-AUTO: Enable/disable the user to "Auto" functional area of the web interface [NO, YES] User 'super' is always enabled. User 'admin' is always enabled. User 'guest' is always disabled. HTTP-GUI-VIDEO: Enable/disable the user to "Video" functional area of the web interface [NO, YES] User 'super' is always enabled. User 'admin' is always enabled. User 'guest' is always disabled. HTTP-GUI-TOOLS: Enable/disable the user to "Tools" functional area of the web interface [NO, YES] User 'super' is always enabled. User 'admin' is always enabled. User 'guest' is always disabled. [12:18:21] ABILIS_CPX: -
-
Added Two Factor Authentication for connections from the public network via SSH and via HTTPS.
[15:12:18] ABILIS_CPX:d user:MyUser ? User's parameters: ... 2FA-AUTH: Enabled Two Factor Authentication for this user [NO, MAIL, SMS] - NO: the Two Factor Authentication is disabled - MAIL: the Two Factor Authentication is active and the verification code is sent by e-mail to the address set in "2FA-MAIL-TO". - SMS: the Two Factor Authentication is active and the verification code is sent by SMS to the number set in "2FA-SMS-TO". Two Factor Authentication is applied when the user logs in to the web interface or to the Control Port via SSH and LOGIN-MODE:USERS. Not allowed for User 'guest'. 2FA-PRIVATE-IP: Enabled Two Factor Authentication for private IP [NO, YES] By default Two Factor Authentication is applied when the user logs in from the Public network. Not allowed for User 'guest'. 2FA-HTTP-PROT: Select HTTP protocol for which Two Factor Authentication is applied [PLAIN, SSL]. Values can be joined using ',' (comma). By default Two Factor Authentication is applied when the user logs in to the web interface via HTTPS. Not allowed for User 'guest'. 2FA-MAIL-TO: E-mail address to which the mail with the verification code for the user authentication is sent when 2FA-AUTH:MAIL. Empty or max 128 chars. Space not allowed. Not allowed for User 'guest'. WARNING: when 2FA-AUTH:MAIL, if 2FA-MAIL-TO is empty, the user cannot be autheticated. 2FA-SMS-TO: Phone number to which the SMS with the verification code for the user authentication is sent when 2FA-AUTH:SMS. Empty or max 20 digits, optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] attributes. See also HELP ISDN ATTRIBUTES. Not allowed for User 'guest'. WARNING: when 2FA-AUTH:SMS, if 2FA-SMS-TO is empty, the user cannot be autheticated. [15:12:28] ABILIS_CPX:A verification code is sent to the configured phone number by SMS or to the configured e-mail address and the user can log in only entering the received verification code.
-
- AIPT2
-
-
Abilis IP Tunnel v.2 has been improved by addition of several components like an internal controller for redundancy and Forward Error Correction (FEC) adjustment, a burst generator for path maximum bandwidth evaluation and added possibility to select preferential traffic flow using preference classification.
-
AIPT2 tunnels support new redundancy mode with Forward Error Correction (FEC) technology (Similar to RAID technology).
Added parameters 'REDMODE', 'REDCOPY' and 'FEC'
[18:20:13] ABILIS_CPX:D P RES:Ip AIPT2 ? REDMODE REDCOPY FEC Ip (Abilis IP tunnel v.2) resource parameters: REDMODE: Redundancy mode [LEGACY, AUTO]. REDCOPY: Redundancy number of copies to send [0..10, PATH, AUTO]. <Only for REDMODE:AUTO> FEC: Enable/disable Forward Error Correction. NO, AUTO, DFT or two values in the range [1..29] separated by colon 'N:P', which represent the ratio between data packets (N) and parity packets (P). It must be N+P <= 30. (E.g. AUTO or 5:1 or 3:3) [18:20:28] ABILIS_CPX:FEC works by inserting extra packets (named parity packets) into the data flow which have the function of supporting the reconstruction of the normal data flow in the event of packet loss.
Instead of duplicating packets, it allows better probability of reconstructing packets at the destination, with lower throughput usage.
Example:
Say that a, b, c, d, e are a group of packets to be sent. They can be considered as numbers.
A new special packet p (parity packet) is added to the group, where p=a+b+c+d+e
Any one packet of the new group can be lost in the Internet, it is sufficient to reverse the computation to avoid data loss.
If c is lost, then c = p - (a+b+d+e)
With previous redundancy system 10 packets would have been sent, with new FEC only 6 packets are sent, with same reconstruction probability.
Advantages:
- reduced throughput
- reduced average latency
The feature is activated by means of the "FEC" parameter, which allows the user to explicitly select the ratio between data packets and parity packets.
Legacy "Redundancy Copy" system is considered deprecated by the introduction of FEC.
-
Added added possibility to select preferential traffic flow, which is classified in VoIP, VPN, STREAMING and SURFING main categories.
It can be done by means of a new set of parameters (only for ROLE:CLIENT):
[18:39:17] ABILIS_CPX:D P RES:Ip AIPT2 ? Ip (Abilis IP tunnel v.2) resource parameters: ... ---------- Controller preferences (Only for ROLE:CLIENT) ---------------------- CONTROL: Controller activation and traffic selection [NONE, VoIP, VPN, STREAMING, SURFING] SA: Source IP Addresses Range: a single IP address [0.0.0.1-255.255.255.255] or two IP addresses separated by ':' (colon) or * (Any IP address) or the name of an IP/IR/FQDN/RU/MR list between single quotes. (E.g. 150.200.192.192 or 192.168.0.0:192.168.0.100 or * or 'List') DA: Destination IP Addresses Range: a single IP address [0.0.0.1-255.255.255.255] or two IP addresses separated by ':' (colon) or * (Any IP address) or the name of an IP/IR/FQDN/RU/MR list between single quotes. (E.g. 150.200.192.192 or 192.168.0.0:192.168.0.100 or * or 'List') PROT: Internet Protocol: Internet protocol mnemonic or decimal value [0..255] or * (Any Internet protocol) or "tcpudp" or the name of an IPT/RU/MR list between single quotes. (E.g. icmp or 1 or * or tcpudp or 'List') PO: Source or destination Ports Range: a single port mnemonic or decimal value [0..65535] or two port values separated by ':' (colon) or * (Any port) or the name of a TUP/RU/MR list between single quotes. (E.g. 23 or SSH or 1:1200 or 'List') <Mandatory for PROT:*|TCP|UDP|TCPUDP|'List'> SPO: Source Ports Range: a single port mnemonic or decimal value [0..65535] or two port values separated by ':' (colon) or * (Any port) or the name of a TUP/RU/MR list between single quotes. (E.g. 23 or SSH or 1:1200 or 'List') <Mandatory for PROT:*|TCP|UDP|TCPUDP|'List'> DPO: Destination Ports Range: a single port mnemonic or decimal value [0..65535] or two port values separated by ':' (colon) or * (Any port) or the name of a TUP/RU/MR list between single quotes. (E.g. 23 or SSH or 1:1200 or 'List') <Mandatory for PROT:*|TCP|UDP|TCPUDP|'List'> [18:39:39] ABILIS_CPX:-
VoIP: it selects the 2 best paths (with fewer Missing packets, then less jitter, and more throughput availability, and also with better RTT) and sends duplicated traffic on these 2 paths.
-
VPN: here RTT matters more, it is sent on the path with the better RTT and then more throughput availability, and then Jitter and Missing are also considered. When a path, even if it was the best, saturates, its rating already decreases, and packets begin to be sent on other available paths, which, for example, may have a higher rating in the meantime.
-
STREAMING: here throughput availability on various paths matters more, it is sent on the path with the most throughput availability, and then Missing also has a secondary weight, while other RTT and Jitter are not taken into account.
-
SURFING: here missing on various paths matters more, it is sent on the path with fewer Missing, and then throughput availability is also considered with less weight, while other RTT and Jitter are not taken into account.
These indices are continuously updated, every 5 seconds, and if the results of various paths change (as I wrote above, for example, for VPN if a path saturates, or starts experiencing losses, or increases RTT, or jitter), the packet distribution also changes.
-
-
Further changes concern the removal of 'PATHSMODE' parameter; a new range of parameter 'OUTSPx' and the addition of 'BCK-CHKx' parameter for ROLE:CLIENT.
[18:39:17] ABILIS_CPX:D P RES:Ip AIPT2 ? BCK-CHKx OUTSPx Ip (Abilis IP tunnel v.2) resource parameters: BCK-CHKx: Time when BACKUP path is tested for quality [# or hh:mm]. When #, the BACKUP path check is not performed. <Only for ROLE:CLIENT and DEPx: <> #> OUTSPx: Speedlimit, in kbit/sec applied to the path. The resource speedlimit OUTSP, if enabled, determines the overall tunnel speedlimit. AUTO (auto detection) or [0 (no transmission), 64..1000000 Kbit/sec] [18:39:39] ABILIS_CPX:
-
-
- User Based Routings
-
-
The User Based Routing feature, which allows you to use a unique global number for any interface, simplifies the creation of routings, defining the numbering plan and configuring unified user preferences.
-
CTISYS
The User Based Routing feature can be enabled in CTISYS, by means of 'ubr' parameter:
[16:09:55] ABILIS_CPX:d p ctisys ? ubr ... CtiSys resource parameters: ubr: Enable/disable User Based Routing (UBR) [NO, YES]. The value in brackets is the one currently in use. [16:10:09] ABILIS_CPX:The change in the 'ubr' parameter value is not applied run-time but requires saving the configuration and rebooting the system.
-
USER global number
When User Based Routing feature is enabled, only one number can be assigned to any user and it will be the main number used for routing purposes for every enabled interface.
[16:14:57] CPX_220:d user:katerina ? number User's parameters: NUMBER: Main phone number assigned to the user when User Based Routing (UBR) is active, used for routing purposes for every enabled interface. For outgoing calls it is used by CTI routings with OUT:<USER-I> or <USER-O> to select the user from the called number. Empty or max 20 digits, optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] attributes. See also HELP ISDN ATTRIBUTES and HELP ISDN VALUES. <Only for CtiSys ubr:YES> [16:16:18] CPX_220:d user:katerina ... [16:00:10] CPX_ANTEK-PBX:d user:Katerina Parameter: | Value: --------------------+---------------------------------------------------------- USER: Katerina REAL-NAME: Irina Keterina ID: 22 <Read Only> PWD: *** ACT: YES ... NUMBER: 55540The assigned number is automatically inherited by all interfaces enabled for the user:
[16:24:20] ABILIS_CPX:d vo numbers Total-numbers:1/4000 Net-numbers:1 User-numbers:0 --------------------------+----------------------------+----------------------- NET-NUM: | USER-NUM: |USER: * = Current |* = Current | | A = AbilisPhone | | n = Contact order | --------------------------+----------------------------+----------------------- * (5540) | |Katerina ------------------------------------------------------------------------------- [16:24:24] ABILIS_CPX:d sip numbers Total:1/3000 Sip-Number:1 Static:0 NUMx: [SIP-NUMBER:] USER: PROVENIENCE: ------------------------------------------------------------------------ [5540] Katerina SIP-NUMBER [16:24:28] ABILIS_CPX: -
Unified user preferences
When User Based Routing feature is enabled, only one set of user preferences is offered and it is valid for every enabled interface.
[21:16:57] ABILIS-CPX:d pref user:katerina Parameter: | Value: --------------------+---------------------------------------------------------- USER: Katerina ID: 6 <Read Only> LAST-CHANGE: 05/01/2024 21:04:37 <Read Only> PWD: *** ... -------------------- CLIP: TRANSP ACTION: ADVANCED (No rules) CF-RULE: ALWAYS CF-TOUT: 15 CF-DLY: 10 CF-FORK-TYPE: STD CF-CDO: # CF-CGO: * VM: NO VM-RULE: NOANS,OTHERS VM-TOUT: 15 PC-OFFER: 4 PC-ACCEPT: 4 CALL-WAITING: NO MAIL-FAIL: NO MAIL-FWD: NO MAIL-SEIZED: NO -------------------- ... [21:16:57] ABILIS-CPX:
-
CTI users group
Users can also be grouped and calls can be routed to the group by means of CTI Users Groups:
[15:32:50] ABILIS_CPX:d ctigu ? ... CTI users group parameter(s): DESCR: Entry description. Max 70 chars. Spaces require double quotes (E.g. "str1 str2"). Note: it is displayed only when not empty. NUMBER: Main number assigned to this group. For outgoing calls it is used by CTI routings with OUT:<CTIGU-I> or <CTIGU-O> to select the group from the called number. Empty or max 20 digits, optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] attributes. See also HELP ISDN ATTRIBUTES and HELP ISDN VALUES. S: Scan method for calls [R, P, M] R=Round Robin, P=Position Priority, M=Multicast R: Rule to proceed with next user [IN, ST, EU, UN, 'listname'] IN = Internal (any cause with locations 0xF0..0xFF) ST = Standard (any cause with locations 0xF0..0xFF + causes 0x92, 0xA2-0xAF, 0xC1-0xCF, 0xD1-0xDF with other locations) EU = End-User (any cause except 0x91 and 0x93 with any location) UN = Unconditional (any cause with any location) 'listname' = an ICAUSE/RU/MR list. MC: Maximal number of simultaneous calls [1..255, MAX] P: Enable/disable call pickup [YES, NO] P1:..P32: Output user. # or up to 32 characters corresponding to an existing Abilis user. - Output only ---------------------------------------------------------------- The parameters of this section replace the correspondent parameters of the routing when the group is configured in OUT: field of the routing, and when they are enabled. A parameter is enabled by setting a valid value (e.g. T301:10) and is disabled by setting an empty value (e.g. T301: ). T301: See routing help for range. Set "T301:" to disable and hide. [15:37:09] ABILIS_CPX:d ctigu ------------------------------------------------------------------------------- ID: [DESCR:] NUMBER: S: R: MC: P: P1 P2 ... ... P32 [Pxx: T301:] ------------------------------------------------------------------------------- 4 P UN MAX NO Grace Simon Derek . ------------------------------------------------------------------------------- 21 P UN MAX NO Donatella Irina UFFICIO . ------------------------------------------------------------------------------- [15:39:55] ABILIS_CPX:Users groups are intended to be used in CTI Routings, only when UBR (User Based Routing) feature is active. See CTIR section for more details.
-
CTI Routings
CTI routings has been extended in order to allow users groups referencing in 'GI' field and to allow referencing users and users groups in the 'OUT' field.
In 'OUT' fields there is the possibility to use special values '<USER-I>' and '<USER-O>' for selecting user according to CDI/CDO and to use special values '<CTIGU-I>' and '<CTIGU-O>' for selecting users group according to CDI/CDO:
[16:41:02] ABILIS_CPX:s ctir pr:0 ? GI OUT A CTIR[E] PR:xxx [par:val] Add a CTI routing PR: CTI routing priority [0..255] <Mandatory> CTI routing parameters: GI: Input group [#, G*, G0..G64, GU*, GU0..GU32] OUT: Output group/port/cluster/user [#, G0..G64, GU0..GU32, PBX, <USER-I>, <USER-O>, <CTIGU-I>, <CTIGU-O>, 1..600, Sl, Iax, Sip, Disa, Vo, Vm, Mix, <AUTO-I>, <AUTO-O>, cluster-name, @user-name]. Where: - <USER-I>/<USER-O>, select user according to CDI/CDO - <CTIGU-I>/<CTIGU-O>, select users group according to CDI/CDO - <AUTO-I>/<AUTO-O>, select cluster according to CDI/CDO The cluster-name must correspond to an existing CTI cluster. The user-name must correspond to an existing Abilis user and it must be preceeded by the '@' character. [16:43:51] ABILIS_CPX:a ctir pr:0 poi:sip out:@katerina COMMAND EXECUTED [16:43:52] ABILIS_CPX:d ctir pr:0 - Not Saved (SAVE CONF) ------------------------------------------------------- Last change: 05/01/2024 16:43:52 ---+------+------------------+----------+--------------------+-------------------- PR |[DESCR] |BCI |POI |SR |GI |OUT |CDI |CDO ACT|NEXT |LAST |EEC |T301 |CGI |CGO EDT|SP |SC |DJ |MJ |FMDJ|FMMJ |SDI |SDO |SPOUT |SCOUT|DJOUT|MJOUT |LCS |LCST |SGI |SGO | |BCO |RGI |RGO |FMRLY |FAXSP|MODSP|FMLVL |ECM |UDT |IG |OG |SG |DL |DH |CODERS |CODERSOUT |TI1 .. TI5 ---------------------------------------------------------------------------------- 0 VOICE Sip # # @katerina 00 * ---------------------------------------------------------------------------------- [16:43:59] ABILIS_CPX:It is also possible to use new type of lists: list of Users numbers (UNUM) and list of Users Groups numbers (GUNUM).
Two lists are automatically created and maintained in the system collecting all users numbers and all users groups numbers, respectively named 'NumUser' and 'NumGroup'.
[16:49:28] ABILIS_CPX:d ctir Last change: 05/01/2024 16:39:28 ---+------+------------------+----------+--------------------+-------------------- PR |[DESCR] |BCI |POI |SR |GI |OUT |CDI |CDO ACT|NEXT |LAST |EEC |T301 |CGI |CGO EDT|SP |SC |DJ |MJ |FMDJ|FMMJ |SDI |SDO |SPOUT |SCOUT|DJOUT|MJOUT |LCS |LCST |SGI |SGO | |BCO |RGI |RGO |FMRLY |FAXSP|MODSP|FMLVL |ECM |UDT |IG |OG |SG |DL |DH |CODERS |CODERSOUT |TI1 .. TI5 ---------------------------------------------------------------------------------- 0 VOICE * * G0 <CTIGU-I> 'NumGroup' * NO ANY NO Dft * * 64000 Sys Sys Sys Sys Sys * * ---------------------------------------------------------------------------------- 1 VOICE * * G0 <USER-I> 'NumUser' * NO ANY NO Dft * * 64000 Sys Sys Sys Sys Sys * * ---------------------------------------------------------------------------------- [16:41:10] ABILIS_CPX:
-
-
- IPACL
-
-
Firewall functionality has been added via IP Access Lists, with periodic updating of the list of malicious hosts from accredited sites.
-
Two IPACL rules are present by default in position 0 and position 1 respectively. They are read-only entries, non-deletable, neither movable nor editable. They are used to validate source and destination addresses respectively, by means of the 'Firewall' list.
[12:10:17] ABILIS_CPX:d ipacl IPRTR resource parameters: ACL:YES ACLBYPASS:# COS:ENABLED COSDFT:NORMAL Tot-IPACL-Number:2 ------------------------------------------------------------------------------- PR: [DESCR:] TYPE: SA: PROT: ICMP-TYPE: IPCOS: DA: SPO:/PO: DPO: TOS-O: TOS-I: SRES: DRES: RES-O: TI: ALERT: ------------------------------------------------------------------------------- 0 [Deny forwarding from hosts matching Firewall rule] DENY 'Firewall' * * DFT * * ------------------------------------------------------------------------------- 1 [Deny forwarding to hosts matching Firewall rule] DENY * * * DFT 'Firewall' * ------------------------------------------------------------------------------- [12:10:43] ABILIS_CPX:The 'Firewall' list is a rule which is used mainly to verify whether an IP address is present or not in a list of malicious hosts (DROP list). The 'DROP' list is periodically updated from list of dangerous IP addresses, made available by the accredited Spamhaus international organization.
[12:16:32] ABILIS_CPX:d list:firewall LIST:Firewall - RU - Ref-Numb:2 Items-Numb:1 Firewall_rules_(ReadOnly) -------------------------------------------------------------------------- DROP.OR.BlackIP.AND.NOT.WhiteIP [12:16:33] ABILIS_CPX:d list:DROP LIST:DROP - IR - Ref-Numb:1 Items-Numb:984 DROP_List_from_spamhaus.org_(ReadOnly) -------------------------------------------------------------------------- 001.010.016.000:001.010.031.255 001.019.000.000:001.019.255.255 001.032.128.000:001.032.191.255 002.056.010.000:002.056.010.255 ... [12:16:43] ABILIS_CPX:The periodic updating of the 'DROP' list is performed by a new driver called DROP: which is just responsible for downloading the information and updating the contents of the 'DROP' list.
[12:17:39] ABILIS_CPX:d p res:drop RES:Drop ---------------------------------------------------------------------- Run DESCR:DROP_list_maintenance_service LOG:DS ACT:YES droplog:DFT wdir:C:\APP\DROP\ FILE-URL:https://www.spamhaus.org/drop/drop.txt [12:17:43] ABILIS_CPX:
-
-
- IPSH
-
-
Simplified and improved IP Shaping service.
New configuration: removed IP Shaping Flows and IP Shaping Rules tables and reviewed service configuration:
[16:31:47] ABILIS_CPX:d p res:ipsh RES:IpSh ---------------------------------------------------------------------- Run DESCR:IP_Shaping_service LOG:NO ACT:YES maxip:200 PERIOD:120 TOPIP:6 WHITE-LIST:IPshWhiteList MAX-SHIFT-JUMPS:5 SHIFT-STEP:15 TRAFFIC-IN-THR:1000 TRAFFIC-OUT-THR:5000 VARIANCE-THR:50 ALERT:NO [16:42:15] ABILIS_CPX:d p res:ipsh ? IpSh resource parameters: DESCR: Resource description. Max 79 chars. Case sensitive. Spaces require double quotes (E.g. "str1 str2"). Using <empty> string, the description is set to its default value, i.e. "type-nnn", where 'type' is the resource type and 'nnn' is the resource index. LOG: State changes log and alarm generation [NO, D, S, A, L, T, ALL] [+E] (D: Debug Log; S: System Log; A: Alarm view; L: Local audible alarm; T: SNMP traps; +E: Extended Log of state changes, see ref. manual) ACT: Operation activation [NO, YES] maxip: Maximum number of IP addresses analyzed per each IP resource [100..1000] PERIOD: Period of time window for TOP IP analysis. Values are averaged over this sliding window [5..120 sec] TOPIP: Highest number of TOP-IP host subject to traffic shaping [5..20] WHITE-LIST: IP hosts of the LAN which bypass the IP shaping control. # or IP/IR/FQDN/RU/MR list name. MAX-SHIFT-JUMPS: Max amount of jumps over the regular service-pace [5..20] SHIFT-STEP: Amount of seconds with variance below (or above) the threshold required to step the SHIFT-JUMP up (or down) of one unit [1...30] TRAFFIC-IN-THR: Level of incoming throughput under which TOP-IPs are not managed, because they produce negligible traffic [0..1000000 KBit/sec] TRAFFIC-OUT-THR: Level of outgoing throughput under which TOP-IPs are not managed, because they produce negligible traffic [0..1000000 KBit/sec] VARIANCE-THR: Variance threshold: above or equal threshold the traffic is interactive, below it is stream [0..100] ALERT: Release an alert in case of alarm condition [NO, 1..255] [16:43:17] ABILIS_CPX:
-
- TRFA
-
-
TRFA IP traps: added monitor starting day and time for Day/Week/Month monitor interval (parameters 'START-DAY' and 'START-TIME').
[14:11:54] ABILIS_CPX:d trfa ip trap ---+----+---------------------------------------------------------------------- [Res DESCR] ID: ACT: RES: VAR: INT: START-DAY: START-TIME: VAL: ALERT: ---+----+---------------------------------------------------------------------- 0 YES [Backup_LTE/UMTS] Ip-13 CHR-TOT Day 00:00 200 (Mbytes) NO 1 YES Ip-13 CHR-TOT Week MO 00:00 1000 (Mbytes) NO 2 YES Ip-13 CHR-TOT Month 1 00:00 5000 (Mbytes) NO ---+----+---------------------------------------------------------------------- [14:12:00] ABILIS_CPX:d trfa ip trap ? ... TRFA IP Trap entry parameters: ACT: Enabled/disabled entry [NO, YES] RES: IP resource in the format "Ip-nnn", where 'nnn' can be [1..999] VAR: Monitored variable [THR-IN, THR-OUT, THR-TOT, CHR-IN, CHR-OUT, CHR-TOT] INT: Monitored interval. For THR-IN, THR-OUT, THR-TOT: 5Min, 30Min, 2Hr. For CHR-IN, CHR-OUT, CHR-TOT: Day, Week, Month. START-DAY: Monitor starting day. <Only for INT:Week|Month> For INT:Week : [MO, TU, WE, TH, FR, SA, SU] For INT:Month : [1..31] START-TIME: Monitor starting time [hh:mm]. <Only for INT:Day|Week|Month> VAL: Variable threshold value [0..4294967295]. For THR-IN, THR-OUT, THR-TOT variables the unit is Kbit/sec. For CHR-IN, CHR-OUT, CHR-TOT variables the unit is Mbyte ALERT: Sends an alert when the threshold is reached [NO, 1..255] [14:15:53] ABILIS_CPX:
-
- IPRTR
-
-
Extended the range of 'R-ID' parameter, adding the possibility to select directly an IP resource:
[15:51:36] ABILIS_CPX:s p res:iprtr ? R-ID Iprtr resource parameters: R-ID: Router-id (IP address) [AUTO, 1-126.x.x.x, 128-223.x.x.x, Ip-nnn] [15:51:46] ABILIS_CPX:s p res:iprtr r-id:ip-1 COMMAND EXECUTED [15:51:48] ABILIS_CPX:d p res:iprtr RES:Iprtr --------------------------------------------------------------------- Run DESCR:IP_Router_general_properties - General -------------------------------------------------------------- R-ID:Ip-1 192.168.000.220 NAT:NO maxroute:500 DFTTTL:64 ps:2048 DEF-LOCAL-AD:0 DEF-STATIC-AD:1 DEF-OSPF-AD:110 DEF-RIP-AD:120 - IP Access List ------------------------------------------------------- ACL:NO ACLBYPASS:# COS:ENABLED COSDFT:NORMAL COSBALANCE:NO NORMRATE:50 LOWRATE:50 - Ppp-Dns -------------------------------------------------------------- PPP-DNS-PRI:000.000.000.000 PPP-DNS-SEC:000.000.000.000 [15:51:50] ABILIS_CPX:The resulting IP address, will be shown beside the selected IP resource.
-
- IP resources
-
-
IP resources category
For any subtype, renamed parameter 'TYPE' to parameter 'CAT'.
This parameter classifies the resource, mainly in web pages for administrative purposes, graphs, statistics. But it can effect also IP resource state detection procedure (see below).
The range of parameter 'CAT' is [AUTO, LAN, WAN, SDWAN, VPN].
When 'AUTO', the category is automatically assigned by IPRTR between [LAN or WAN or SDWAN or VPN or N/A or empty], with the below rule:
-
LAN: LAN/LAN-PT resources with no default route
-
VPN: AIPT2 resources with no default route
-
WAN or SDWAN: any resource with default route (SDWAN for AIPT2)
-
N/A: none of the above cases
-
empty: not running resources
The automatically assigned value is shown in parentheses, in both configuration and resource diagnostics.
-
-
IP resources state detect and PING procedure
For subtype LAN/LAN-PT, extended range of STATE-DETECT by adding 'AUTO' value.
It allows the PING procedure to be automatically activated for WANs.
[16:25:40] ABILIS_CPX:d p res:ip-1 ? state-detect Ip-1 (IP over LAN) resource parameters: STATE-DETECT: IP resource state detection method [NORMAL, PING, AUTO]: - NORMAL: the state depends on lower interface only. - PING: the state depends on lower interface state and on result of the PING procedure - AUTO: the state depends on IP resource category. When CAT:WAN, PING procedure is used, otherwise NORMAL. [16:28:04] ABILIS_CPX:Contextually, changed default value of parameter'P-DST1' from # to '8.8.8.8' and of parameter 'P-DST2' from # to '8.8.4.4'.
For any subtype, renamed 'DHCP' to 'AUTO' in the range of parameter 'P-GW' and changed default value of parameter 'P-GW' from '#' to 'AUTO'.
For any subtype, added new parameter 'PING-ACT-DLY', with which it is possible to configure a minutes delay from boot before the PING procedure is activated.
[16:22:21] ABILIS_CPX:d p ip-2 ? P-ACT-DLY Ip-2 (IP over LAN) resource parameters: P-ACT-DLY: Delay from boot before use of PING detection is activated [0..15 min] <Only for STATE-DETECT <> NORMAL> [16:22:45] ABILIS_CPX:
-
- IP Routings
-
-
Added Fully Qualified Domain Name (FQDN) use in IP routings (parameters 'NET' and 'SRNET').
[11:27:51] ABILIS_CPX:d ipr Destination routes and conditional source routes: +-+-+-+-+--------------------+--------------------+-----------------+----+---+ |B|P|S|H| NET:/MASK: | MASK: or | GW: |IP: |AD:| | | | | | | SRNET:/SRMASK: | | | | +-+-+-+-+--------------------+--------------------+-----------------+----+---+ |*|C| |*| 127.000.000.001/32 | 255.255.255.255 | |LOOP| 0| +--------[www.antek.lan]-----+--------------------+-----------------+----+---+ |*|S| | | 192.168.000.048/32 | 255.255.255.255 | |NONE| 1| |*|C| | | 192.168.000.220/32 | 255.255.255.255 | |R-ID| 0| +--------[www.antek.mail]----+--------------------+-----------------+----+---+ | |S| | | FQDN-NOT-RESOLVED | 255.255.255.255 | |NONE| 1| |*|C| | | 192.168.000.000/24 | 255.255.255.000 | | 1| 0| |*|S| | | 192.168.008.000/24 | 255.255.255.000 | 192.168.000.251 | 1| 1| |*|S| | | 192.168.009.000/24 | 255.255.255.000 | 192.168.000.251 | 1| 1| |*|S| | | 000.000.000.000/0 | 000.000.000.000 | 192.168.000.251 | 1| 1| | |C| | | | OUT-IP | | 301| | | |C| | | | OUT-IP | |D703| | +-+-+-+-+--------------------+--------------------+-----------------+----+---+ [11:27:55] ABILIS_CPX:
The FQDN name (max 64 characters in the range ['0'..'9', 'a'..'z', '-', '.']) is automatically resolved and the corresponding IP address is shown in square brackets.
-
- IPMON
-
-
Added the possibility to monitor host using SNMP.
A new parameter 'CHECK' has been added to each IPMON record, allowing to select between ARP and SNMP monitoring:
[11:58:13] ABILIS_CPX:A IPMON IP:192.168.0.220 ? CHECK ... IP Monitor IP address parameters: CHECK: Enable presence check [NO, ARP, SNMP]. - NO: the state of the host is not monitored. - ARP: the state of the host is periodically monitored by ARP. - SNMP: the state of the host is periodically monitored by SNMP. By default NO. [11:58:41] ABILIS_CPX:D IPMON IP: CHECK: ALERT: DESCR: ------------------------------------------------------------------------------- 192.168.000.220 SNMP NO Caterina PC 192.168.001.006 SNMP NO paolino-test 192.168.053.038 ARP NO My-Host 192.168.053.056 NO 62 Freezer-A 192.168.153.102 ARP 60 web-cam n.1 192.168.153.103 ARP 60 web-cam n.2 [11:37:31] ABILIS_CPX:Monitoring an host using SNMP is implemented by getting from the monitored host a specific SNMP variable. When no answer to GET request is received the host is considered to be DOWN.
There are specific SNMP properties to be configured, mainly the protocol version, the community string and the SNMP variable to retrieve from the monitored host.
[11:41:15] ABILIS_CPX:d ipmon ip:192.168.0.220 Parameter: | Value: -----------------------+------------------------------------------------------- IP: 192.168.000.220 DESCR: Caterina PC CHECK: SNMP ALERT: NO TOLERATED-DOWN-PERIOD: 0 PORT: 161 VERSION: 1 COMMUNITY: public OID: 1.3.6.1.2.1.1.3.0 VAR-CHECK: NONE VAR-VALUE: RETRY-COUNTER: 4 ROLE: PASSIVE ------------------------------------------------------------------------------- [11:41:19] ABILIS_CPX:
In addition to the simple missed answer, it is possible to configure a matching condition on the value of the monitored variable. The mismatch of the condition is treated as no answer.
[11:41:15] ABILIS_CPX:d ipmon ip:192.168.0.220 ? ... IP Monitor IP address parameters: IP: Monitored IP address [1-126.x.x.x, 127.0.0.1, 128-223.x.x.x] DESCR: IP address description. Max 32 chars. Spaces require double quotes (E.g. "str1 str2"). CHECK: Check mode [ARP, SNMP] ALERT: Send an alert on host state change [NO, 1..255] TOLERATED-DOWN-PERIOD: Max time tolerated for a host to stay down [0..65535 s] ---------- Only for CHECK:SNMP ------------------------------------------------ PORT: SNMP port [1..65535] VERSION: SNMP protocol version [1, 2, 3] COMMUNITY: SNMP Community name. Max 32 ASCII characters. Space not allowed. OID: Watched variable OID. String of numbers separated by '.' (dot). Max 80 characters. VAR-CHECK: Verification that must be done on watched variable value. [NONE, EqualTo, NotEqualto, GreaterThan, LessThan, GreaterOrEqualThan, LessOrEqualThan] The mismatch of the condition is treated as no answer. VAR-VALUE: Value used in watched variable verification. Max 50 characters. <Only for VAR-CHECK <> NONE> RETRY-COUNTER: Maximal retries on missing answer [0..30] ROLE: Role [PASSIVE, ACTIVE] - PASSIVE: Host can only answer to GET requests. - ACTIVE: Host can send unsollicited traps. [11:41:19] ABILIS_CPX:
-
- SNMP
-
-
The basic functionality of an SNMP Manager has been added to the SNMP driver, i.e. the abilities to send GET requests, to process GET responses and to receive Traps.
These features have been made available to IPMON driver, for host monitoring via SNMP.
[18:18:24] ABILIS_CPX:d p res:snmp RES:Snmp ---------------------------------------------------------------------- Run DESCR:Simple_Network_Management_Protocol ... - Manager -------------------------------------------------------------- SRCADD:OUT-IP trap-udp-locport:162 TRAPIPSRC:* TRAPIPSRCLIST:# [18:18:28] ABILIS_CPX:d p res:snmp ? Snmp resource parameters: ... ---------- Manager ------------------------------------------------------------ SRCADD: Source IP address for outgoing requests [R-ID, OUT-IP, 1-126.x.x.x, 127.0.0.1, 128-223.x.x.x] trap-udp-locport: Local UDP port for incoming traps [162] <Read Only> TRAPIPSRC: Incoming traps: accepted source IP address [*, 1-126.x.x.x, 127.0.0.1, 128-223.x.x.x] TRAPIPSRCLIST: Incoming traps: list of further accepted source IP addresses [#, IP/IR/RU/MR listname] [18:20:55] ABILIS_CPX:
-
- Lists
-
-
Added list of users numbers (UNUM).
[11:50:24] ABILIS_CPX:d list:NumUser ? ... List type: UNUM: Users Number: - Number: max 20 digits [0..9] optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] attributes. - User: max 32 characters corresponding to the name of an existing Abilis user. See also HELP ISDN ATTRIBUTES and HELP ISDN VALUES. Case insensitive match. [11:50:39] ABILIS_CPX:a list:NumUser ? ... Possible Item values for UNUM list Type: UNUM item: Sequence of two values separated by ',' (comma) e.g. 'num,user', where: - 'num' is the number i.e. a sequence of max 20 digits [0..9] optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] attributes - 'user' is a string of max 20 characters corresponding to the name of an existing Abilis user. (E.g. 4567,my_user). Case insensitive match. See also HELP ISDN ATTRIBUTES and HELP ISDN VALUES. [11:52:50] ABILIS_CPX:d list:NumUser LIST:NumUser - UNUM - Ref-Numb:1 Items-Numb:59 Automatically_generated_Users_Global_Numbers_list_(ReadOnly) -------------------------------------------------------------------------- Number User 55541616513 Edgar 555999 Robert 13 ThomasWayne 14 BruceWayne ... [11:52:50] ABILIS_CPX:These lists are be used in CTI Routings, mainly for UBR (User Based Routing) feature. See CTIR section for more details.
-
Added list of users groups numbers (GUNUM).
[11:50:24] ABILIS_CPX:d list:NumGroup ? ... List type: GUNUM: Users Group Number: - Number: max 20 digits [0..9] optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] attributes. - CtiGu: identifier of an existing CTI Users group. See also HELP ISDN ATTRIBUTES and HELP ISDN VALUES. [11:50:39] ABILIS_CPX:a list:NumGroup ? ... Possible Item values for GUNUM list Type: GUNUM item: Sequence of two values separated by ',' (comma) e.g. 'num,ctigu', where: - 'num' is the number i.e. a sequence of max 20 digits [0..9] optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] attributes - 'ctigu' is the identifier of an existing CTI Users group [0..32]. (E.g. 4567,5). See also HELP ISDN ATTRIBUTES and HELP ISDN VALUES. [11:52:50] ABILIS_CPX:d list:NumGroup LIST:NumGroup - GUNUM - Ref-Numb:0 Items-Numb:0 Automatically_generated_Users_Groups_Numbers_list_(ReadOnly) -------------------------------------------------------------------------- Number CtiGu 5551 technicians 5552 colleagues 5554 clients ... [11:52:50] ABILIS_CPX:These lists are be used in CTI Routings, mainly for UBR (User Based Routing) feature. See CTIR section for more details.
-
Added lists for IP addresses Replacements (IPR).
[10:51:00] ABILIS_CPX:d list:ToDns ? ... List type: IPR: IP addresses Replacement: - Source IP address: in DDN [000.000.000.000..255.255.255.255] - Alias IP address: in DDN [000.000.000.000..255.255.255.255]. [10:55:25] ABILIS_CPX:a list:ToDns ? ... IPR item: Sequence of two values separated by ',' (comma) e.g. 'sip,aip', where: - 'sip' is the source IP address in DDN in the range [000.000.000.000..255.255.255.255]. - 'aip' is the alias IP address in DDN in the range [000.000.000.000..255.255.255.255]. [10:59:54] ABILIS_CPX:d list:ToDns d list:ToDns LIST:ToDNS - IPR - Ref-Numb:5 Items-Numb:5 ToDNS_IP_Replacement_List -------------------------------------------------------------------------- Source IP address Alias IP address (Translated) 192.168.000.003 008.008.008.008 192.168.000.007 008.008.008.008 192.168.000.060 008.008.004.004 192.168.000.061 008.008.004.004 192.168.000.062 008.008.004.004 [10:00:02] ABILIS_CPX:These lists can be used in SNET parameter of NAT Alias records. See NAT section for more details.
-
Added lists of Fully Qualified Domain Name (FQDN).
[17:05:08] ABILIS_CPX:d list:IPshWhiteFQDN - Not Saved (SAVE CONF) ------------------------------------------------------- LIST:IPshWhiteFQDN - FQDN - Ref-Numb:1 Items-Numb:4 IPsh_WhiteList_FQDN -------------------------------------------------------------------------- eva.kent.it (077.241.005.105) toodle.com (142.251.209.000) del.lan (192.168.100.247) a.b.c (-) [17:05:28] ABILIS_CPX:They are lists of FQDN name of max 64 characters in the range ['0'..'9', 'a'..'z', '-', '.']. The FQDN name is automatically resolved and the corresponding IP address is shown in round brackets beside the name.
They can be used in in IP Access lists, IP Shaping and AIPT2 services.
-
Added optional textual field to items of ISDN Number Replacement lists (INR).
The additional filed can be used to assign a textual description to the item. Max 32 characters are allowed. It can be omitted. By default it is empty.
[15:48:08] ABILIS_CPX:d list:celltoint - Not Saved (SAVE CONF) ------------------------------------------------------- LIST:CellToInt - INR - Ref-Numb:0 Items-Numb:4 From_cell_to_internal_num ---------------------------------------------------------------------------------- Number Chk CD CG Descr 3332032987 CGI 003 * William 3379875555 CGI 000 * Porter's lodge 3383223111 CGI 001 * Samira 3384532322 CGI 002 * Luigino [15:48:14] ABILIS_CPX:The new field does not affect the match of the item.
-
- NAT
-
-
Added the use of the IPR list for the 'SNET' parameter in NAT Alias.
[15:48:08] ABILIS_CPX:d nat pr:0 ? SNET ... NAT alias entry parameters: SNET: Source Network IP address [0.0.0.0, 1-126.x.x.x, 127.0.0.1, 128-223.x.x.x] and mask length [0-32] or * or the name of an IP/IR/FQDN/RU/MR list for network IP addresses between single quotes or the name of a IPR list between double single quotes or "Ip-nnn", where 'nnn' is an IP resource index in [1..999]. (E.g. * or 192.168.0.1/32 or 'ListName' or Ip-23), * is allowed only for ADD not equal to SRC. IPR lists can be used only when ADD:DST.IPR lists contain a list of "source IP address, alias IP address" pairs to use.
When in the 'SNET' parameter we have an IPR, if the source address matches one entry of the list, the alias IP is taken directly from the matching pair, ignoring 'DNET' and 'ANET' parameters, which are hidden in the layout.
[15:48:08] ABILIS_CPX:d nat Configured maps ------------------------------------------------------------------------------- PR: [DESCR:] INAT: ADD: SNET: DNET: ANET: ONAT: SPO: DPO: APO: PAT: SRES: DRES: PROT: TOUT: ------------------------------------------------------------------------------- 0 [DNS requests redirection] IN DST 'ToDNS' OUT * dns(53) * YES * * UDP SYS ------------------------------------------------------------------------------- 1 IN SRC Ip-1 * OUT-IP OUT * * AUTO YES ------------------------------------------------------------------------------- [11:21:03] ABILIS_CPX: -
Added default rule PR:0, which is read-only and cannot be deleted, moved or edited.
------------------------------------------------------------------------------- PR: [DESCR:] INAT: ADD: SNET: DNET: ANET: ONAT: SPO: DPO: APO: PAT: SRES: DRES: PROT: TOUT: ------------------------------------------------------------------------------- 0 [DNS requests redirection] IN DST 'ToDNS' OUT * dns(53) * YES * * UDP SYS -------------------------------------------------------------------------------This entry refers to a predefined list 'ToDNS', which is also automatically added by default to the configuration and it has the purpose of allow DNS requests redirection to different servers on the base of the IP address of the requester.
The predefined list 'ToDNS' is empty by default. The compilation of the list is the responsibility of the user if he intends to use this type of translation.
-
- ALERT
-
-
The service was already introduced in version 8.11.0, but from this version it has been enhanced:
-
more actions can be taken in response to the notification of an alarm condition;
-
alerts that repeat within the indicated interval can be filtered;
-
an alert can recall another allowing to create a chain of alerts.
[14:43:38] ABILIS_CPX:d alert Alerts defaults ("DFT" values): Parameter: | Value: ----------------+-------------------------------------------------------------- wdir: C:\APP\ALERT\ MAIL-FROM: SYS (abilis@cpx_220_) SMS-FROM: CP-PI --- Mail defaults --------------------------------------------- MAIL-TO: SYS (report@antek.it) MAIL-TO-LIST: SYS (#) MAIL-BODY: SMS-LIKE --- SMS defaults ---------------------------------------------- SMS-CDO: SYS (5553223122) --- Disa Voice call defaults ---------------------------------- DISA-USER: Alert DISA-SERVICE: Alert DISA-CDO: SYS (5553223122) DISA-CGO: SYS (#) DISA-MESSAGE: alert ------------------------------------------------------------------------------- Alerts records: ---+----+----------------------------------------+------------+---------------- CH:|ACT:|DESCR: |FILTER: |FILTER-INTERVAL: |LOG:|ACTION: |FURTHER-ALERT: ---+----+----------------------------------------+----------------------------- 1 |YES |used_for_ipmon |NONE |180 |NO |MAIL,DISA-CB,TURN-ON-DOUT |NO ------------------------------------------------------------------------------- 250|YES |used_for_firewall |INTERVAL |180 |NO |MAIL,SMS |NO ------------------------------------------------------------------------------- [14:43:41] ABILIS_CPX:D ALERT CH:A ? D ALERT CH:val Display Alert record CH: Alert record index [A, 1..255] <Mandatory> Alert record parameters: ACT: Enable/disable this entry [NO, YES] DESCR: Entry description. Max 70 chars. Spaces require double quotes (E.g. "str1 str2"). FILTER: Filter to be applied to received notificatations: [NONE, INTERVAL], where: - NONE: Received notifications are not filtered. - INTERVAL: Filter based on the interval given in 'FILTER-INTERVAL'. If the same notification repeats within the indicated interval it is ignored. FILTER-INTERVAL: Time interval within which if the same notification repeats within the indicated interval it is ignored. [1..3600 sec]. LOG: Record alert in system's log [NO, YES] FURTHER-ALERT: Call a further alert [NO, 1..255] ACTION: Action [NONE, MAIL, SMS, DISA-CB, TURN-ON-DOUT, LUA-SCRIPT] Values can be joined using ',' (comma). ---------- Only for ACTION:MAIL ----------------------------------------------- MAIL-TO: E-mail recipients. DFT or empty or max 128 ASCII chars. Space not allowed. MAIL-TO-LIST: E-mail recipients list. DFT or # or the name of a TXT list between single quotes (e.g. 'mylist'). MAIL-BODY: E-mail body type [DFT, STANDARD, SMS-LIKE] MAIL-USER-TEXT: User text for the E-mail body. Empty or max 310 ASCII chars. Spaces require double quotes. ---------- Only for ACTION:SMS ------------------------------------------------ SMS-CDO: Outgoing called number for SMS. DFT or # or max 20 digits optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] attributes or the name of an IN list between single quotes (e.g. 'mylist') See also HELP ISDN ATTRIBUTES. SMS-USER-TEXT: User text for the SMS message. Empty or max 160 ASCII chars. Spaces require double quotes. ---------- Only for ACTION:DISA-CB -------------------------------------------- DISA-USER: Name of an existing DISA user for DISA CallBack. DFT or # or max 16 ASCII characters. Space not allowed. If the user is not configured, the (!) mark is displayed beside the name. DISA-SERVICE: Name of an existing DISA service for DISA CallBack. DFT or # or max 16 ASCII characters. Space not allowed. If the service is not configured, the (!) mark is displayed beside the name. DISA-CDO: Outgoing called number for DISA CallBack. DFT or # or max 20 digits optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] attributes. See also HELP ISDN ATTRIBUTES. DISA-CGO: Outgoing calling number for DISA CallBack. DFT or # or max 20 digits optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] and/or PI [a, r, m, q] and/or SI [y, v, w, z] attributes. See also HELP ISDN ATTRIBUTES. DISA-MESSAGE: Name of the file holding the voice message to be played. DFT or # or max 20 chars valid for long file names. ---------- Only for ACTION:TURN-ON-DOUT --------------------------------------- TURN-ON-IO: The digital output that is set ON. # or a string in the format: - for Rio/Rvs: string in the format 'type-nn,line-mm', where: - type-nnn is the resource type [Rio, Rvs] and number, for Rio [1..16] and for Rvs [1..4] - line-mm is the line type [DO] and number, for Rio [1..16] and for Rvs [1..4]; - for Wio: string in the format 'type-n.xxx,line-mm', where: - type-n.xxx is the resource type and number [1..7], followed by the wireless-slave number [1..1000] - line-m is the line type [DO] and number [1..4]. (e.g. 'Rio-1,DO-5' or 'Rvs-3,DO-1' or 'Wio-1.5,DO-3') ---------- Only for ACTION:LUA-SCRIPT ----------------------------------------- LUA-SCRIPT: Name of the default LUA script to be started. # or max 32 chars valid for long file names. [14:43:41] ABILIS_CPX: -
-
- SSH
-
-
Added support of 'keyboard-interactive' authentication method.
The 'keyboard-interactive' authentication is used when LOGIN-MODE:USERS and the source IP address belongs to Public network and and Two-Factor Authentication (2FA) is required for the user who is logging in. Otherwise 'password method' authentication method is used.
[16:08:55] ABILIS_CPX:d p res:ssh ? s-auth Ssh resource parameters: S-AUTH: Supported authentication methods [PWD,KBI] <ReadOnly> KBI (i.e. keyboard-interactive method) is used when LOGIN-MODE:USERS and the source IP address blongs to Public network and Two-Factor Authentication is required for the user who is logging in; otherwise PWD (i.e. password method) is used. [16:09:20] ABILIS_CPX:
-
- SMS
-
-
Added SMS relay by e-mail sending to SMTP server with SMS Gateway capability.
The range of parameter 'POO' of SMS outgoing routings has been extended with 'SMTP' value and the new parameter 'SMTP-SERVER' has been added for configuring the target SMTP server:
[18:46:02] ABILIS_CPX:d sms out ----+-------+-------------------------+-----+---------+-------+-------+-------- PR: |ACT: |CD: |POO: |LIFETIME:|DELAY: |SPLIT: |UNICODE: |SOURCE:|SENDER-ID: |SMTP-SERVER: ----+-------+-------------------------+-----+---------+-------+-------+-------- 0 YES * G6 1800 300 SYS SYS SMTP * ------------------------------------------------------------------------------- 1 YES * SMTP FILE 192.168.20.254 ------------------------------------------------------------------------------- [18:56:55] ABILIS_CPX:d sms out ? poo smtp-server ... SMS routings for outgoing messages parameters: POO: Output CTI Port or group [NONE, 1..600, G1..G32, SMTP] where 'SMTP' is allowed only for SOURCE<>SMTP and it means that the SMS message will be sent by e-mail to the SMTP server configured in SMTP-SERVER parameter. SMTP-SERVER: SMTP server for SMS Relay by e-mail. # or SYS or FQDN of max 64 chars in the range ['0'..'9', 'a'..'z', '-', '.'] or IP address in DDN. <Only for POO:SMTP> [18:56:55] ABILIS_CPX:The parameter 'SMTP-SERVER' is present in SMS resource too, which is used when the SMTP server is set to 'SYS' in outgoing routing:
[19:05:34] ABILIS_CPX:d p res:sms RES:CtiSms -------------------------------------------------------------------- Run DESCR:Short_Message_Service LOG:NO ACT:YES MAX-SMS-SPLIT:1 ALLOW-UNICODE:NO DFT-IN:NO DFT-MAIL-TO: wdir:C:\APP\SMS\ SMTP-SEVER:192.168.20.254 [19:06:10] ABILIS_CPX:d p res:sms ? smtp-server CtiSms resource parameters: SMTP-SERVER: SMTP server for SMS Relay by e-mail. # or FQDN of max 64 chars in the range ['0'..'9', 'a'..'z', '-', '.'] or IP address in DDN. [19:06:13] ABILIS_CPX:
-
- DHCP Client
-
-
Added support of Vendor class identifier option (Option 60).
The vendor class identifier option identifies the vendor type and configuration of a DHCP client and can be requested in some contexts by the DHCP server in order to profile the client and provide it with appropriate answer.
For IP resources over LAN or LAN-PT, whose IP address is automatically retrieved by means of DHCP (parameter 'IPADD' set 'DHCP'), it is now possible to configure this option in a simple character string of up to 64 characters, parameter 'DHCP-VENDOR-ID':
[12:22:27] ABILIS_CPX:d p res:ip-2 RES:Ip-2 - IP over LAN (LAN) -------------------------------------------------- Run DESCR:Ip-2 OPSTATE:UP LOG:DS STATE-DETECT:NORMAL CAT:AUTO (LAN) LANRES:NONE IPADD:DHCP DHCP-GW:YES DHCP-GW-AD:2 DHCP-DNS:YES DHCP-VENDOR-ID: REDIS:EXT HIDE:NO RP:NONE IPSEC:NO VRRP:NO ... [12:22:32] ABILIS_CPX:s p res:ip-2 ? dhcp-vendor-id Ip-2 (IP over LAN) resource parameters: DHCP-VENDOR-ID: Vendor class identifier option (Option 60). Max 64 ASCII characters. Spaces require double quotes (E.g. "str1 str2"). <Only for IPADD:DHCP> [12:22:50] ABILIS_CPX:
-
- ETHDEV
-
-
The new ETHDEV driver is a more advanced version of the previous ETHMOD driver, now capable of supporting both Ethernet modems and LTE modems connected to Abilis via ETH/ETHUSB interface.
The architecture has been extended but rearranged and simplified even if we have multiple separate entities:
-
the EthDev resource, which is the modem supervisor (only one instance is allowed).
[16:11:28] ABILIS_CPX:d p res:EthDev RES:EthDev -------------------------------------------------------------------- Run DESCR:EthMod_and_EthLte_devices _Supervisor LOG:DS ALERT:NO ACT:YES ethdevlog:DFT ethdevlogsize:20 [16:11:35] ABILIS_CPX: -
the EthMod and EthLte resources, they each representing one modem only, Ethernet or LTE respectively (max 16 of them are allowed).
Therefore now each modem is an independent device, that can stand alone configured and referenced.
[16:11:28] ABILIS_CPX:d p res:EthMod-1 RES:EthMod-1 ------------------------------------------------------------------ Run DESCR:Ethernet_Modem_1 LOWRES:Eth-2 MAC:52-54-4D-00-01-2B VPI:8 VCI:35 RES:Eth-2 --------------------------------------------------------------------- Run DESCR:Eth-2 LOG:DS ALERT:NO MODE:AUTO max-vlans:6 MAC-ADDR:FACTORY (B4-2E-99-28-5B-A4) ip-rxbuf:25 arp-rxbuf:5 pppoed-rxbuf:5 pppoes-rxbuf:25 [16:11:42] ABILIS_CPX:d p res:EthLte-1 RES:EthLte-1 ------------------------------------------------------------------ Run DESCR:LTE_Mikrotik_1 LOWRES:EthUsb-1 MAC:18-FD-74-CD-82-0E NET-MODE:DFT ROAMING:NO PDN-APN:DFT RES:EthUsb-1 ------------------------------------------------------------------ Run DESCR:EthUsb-1 LOG:DS ALERT:NO MODE:AUTO max-vlans:2 MAC-ADDR:00-90-9E-9D-7E-44 ip-rxbuf:25 arp-rxbuf:5 pppoed-rxbuf:5 pppoes-rxbuf:25 [16:11:49] ABILIS_CPX:All the support, which is usually available for a resource/device, is provided for Ethernet and LTE modems (diagnostics, statistics, logging, and so on).
Moreover a summary of the configured modems and of their current state is available also in a dedicated section of the "D DEV" command:
[16:11:42] ABILIS_CPX:d dev ... --------------- Active EthMod/EthLte Resources and Devices: ------------------- Res LowRes Descr ModSt MAC ------------------------------------------------------------------------------- EthMod-1 Eth-2 Ethernet_Modem_1 dn 52-54-4D-00-01-2B EthLte-1 EthUsb-1 LTE_Mikrotik_1 UP 18-FD-74-CD-82-0E ... [16:11:49] ABILIS_CPX:
-
-
- LICENCE
-
-
Version 9.0.0 requires new licence, with 'MAXVER' minimum value set to '9'.
[11:38:33] ABILID_CPX:licence display permissions ACTIVE PERMISSIONS: -------------|-----------|----------------------------------------------------- Name |Value |Description -------------|-----------|----------------------------------------------------- ABILISID |1801013 |Abilis CPX serial number EXPIRY |NONE |Licence expiration date YYYYMMDD MAXVER |9 |Licence is valid up this Abilis major version -------------|-----------|----------------------------------------------------- ...
-
Starting from this version FTP and SMTP services will be free. Therefore 'SMTP' and 'FTPSRV' permissions becomes obsolete.
-
Starting from this version LCS, DISA, IAX, SIP, SMS services will be included in 'SOFTPBX' permission. Therefore individual service 'LCS', 'CTIDISA', 'CTIIAX', 'CTISIP' and 'CTISMS' permissions become obsolete.
-
Added 'SIPUSERS' permission, for the number of allowed SIP users [0, 1..10000]. It requires 'SOFTPBX' permission too.
-
Added 'AIPT2' permission, for the number of allowed AIPT/AIPT2 resources [0, 1..999]. The 'AIPT' permission becomes obsolete.
-
Added 'NPV' permission, for the number of allowed NPV Links [0, 1..1000]. The 'NPVEXT' permission becomes obsolete.
-
No longer supported features
- GPIO and MFIO
-
-
GPIO and MFIO devices are no longer supported.
-
- IPLB
-
-
IP Load Balancing service has been completely removed.
-
- IPBAN
-
-
Removed e-mails sending for banned IP addresses.
The 'IPBAN Mail' section of the configuration is no longer present and 'ACTION' parameter range is restricted from '[NONE, BAN, MAIL]' to '[NONE, BAN]'.
[18:49:38] ABILIS_CPX:d ipban max-items:3000 ALERT:NO WDIR:C:\APP\IPBAN\ - IPBAN service defaults ------------------------------------------------------ ACTION:BAN MAX-FAIL:5 FIND-TIME:1440 BAN-TIME:14400 WHITE-LIST:PrivateIpAdd - IPBAN individual services --------------------------------------------------- ---------+------------+-----------+------------+-----------+------------------- RES: | ACTION: | MAX-FAIL: | FIND-TIME: | BAN-TIME: | WHITE-LIST: ---------+------------+-----------+------------+-----------+------------------- Ssh | DFT | DFT | DFT | DFT | DFT ---------+------------+-----------+------------+-----------+------------------- Telnet | DFT | DFT | DFT | DFT | DFT ---------+------------+-----------+------------+-----------+------------------- CtiSip | DFT | DFT | DFT | DFT | DFT ---------+------------+-----------+------------+-----------+------------------- CtiIax | DFT | DFT | DFT | DFT | DFT ---------+------------+-----------+------------+-----------+------------------- CtiVo | DFT | DFT | DFT | DFT | DFT ---------+------------+-----------+------------+-----------+------------------- Http | DFT | DFT | DFT | DFT | DFT ---------+------------+-----------+------------+-----------+------------------- Ftp | DFT | DFT | DFT | DFT | DFT ---------+------------+-----------+------------+-----------+------------------- Smtp | DFT | DFT | DFT | DFT | DFT ---------+------------+-----------+------------+-----------+------------------- Pop3 | DFT | DFT | DFT | DFT | DFT ---------+------------+-----------+------------+-----------+------------------- [18:49:41] ABILIS_CPX:
Removed alerted IP addresses management and related commands 'D IPBAN ALERTED [[RES:]val]' and 'C IPBAN ALERTED [RES:]val IP:val'.
-
Bug fixes
- VM/MIX/MOH
-
-
Fixed maximal length of buffers used for full path file names. The buffers used in the previous versions were shorter then the real possible full path file names, causing the name to be truncated and by consequence the proper voice message was not played.
-
- All drivers
-
-
All bug fixes up to 8.11.13 are included in 9.0.0.
-
Known bugs
-
-
None
-