Released on September 25, 2024.
REALTEKG - Added new debug lsn:286 to verify writing to GBCR registers (troubles on 8125 chip).
INTELG3 - Added support of new subtype of i225 chip, SubVendor/SubDevice 0x1BAA/0xC001.
Added alert on VRRP router state change.
Using configuration parameter 'ALERT', the system administrator can activate the generation of an alert (mail/SMS/...), when VRRP Router state changes from MASTER to BACKUP and vcv.
[16:04:25] ABILIS_CPX:D P RES:VRRP RES:Vrrp ---------------------------------------------------------------------- Run DESCR:Virtual_Router_Redundancy_Protocol LOG:DS ACT:YES mxps:256 TOS:0-N ALERT:NO [12:43:10] ABILIS_CPX:D P RES:VRRP ? ALERT Vrrp resource parameters: ALERT: Send and alert when a VRRP router state changes from MASTER to BACKUP and from BACKUP to MASTER [NO, 1..255] [12:43:17] ABILIS_CPX:
Improved D DEV layout when POTSBOX is present under BSE: now the layout shows the referenced device (only for BSE-1 ELTI-1 ST:UP).
[16:04:25] ABILIS_CPX:D DEV --------------- Active Watchdog and MFxx Resources (read only): --------------- Dev Run Physical Res SlotId Addr Irq ------------------------------------------------------------------------------- MF Yes Mf . . . . . . . . . . . . . . . . . . . . . - 378 5 ------------------ Active PCI Devices and Physical Resources: ----------------- Dev Run Physical Res or CTI Port SlotId Addr Irq ------------------------------------------------------------------------------- AUDIO-1 No Audio-1 . . . . . . . . . . . . . . . . . . NONE - ( -) ASY-1 Yes Async-1 . . . . . . . . . . . . . . . . . . - 3F8 4 ETH-1 Yes Eth-1 . . . . . . . . . . . . . . . . . . . 32 PCIe ( 16) ETH-2 Yes Eth-2 . . . . . . . . . . . . . . . . . . . 64 PCIe ( 17) VPOTS-4 Yes 149..164 . . . . . . . . . . . . . . . . . . - - ( -) BSE-1 Yes 31..38, 101..140 . . . . . . . . . . . . . . 128 PCI ( 18) POTSBOX-1 Yes 103..134 . . . . . . . . . . . . . . . . . . - - ( -) ... [12:43:17] ABILIS_CPX:
Improved D P of IP resources over PPP: when CellKey is referenced, now the layout shows parameters of the CTI port belonging to the CellKey.
[16:04:25] ABILIS_CPX:D P RES:IP-4 RES:Ip-4 - IP over PPP (PPP) -------------------------------------------------- Run DESCR:wan of LTE (T-Mobile) OPSTATE:UP STATE-DETECT:NORMAL CAT:AUTO (WAN) LOG:NO ALERT:NO LOWRES:CELLKEY-1 (Ctip-501) IPADD:RETRIEVE NEIGH:RETRIEVE REDIS:EXT HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:OUTSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:250 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO ... CTIP:501 DESCR: Act card:CELL32-1<1>,CELLKEY-1<1> USER:# Run OPSTATE:UP LOG:DS TYPE:NET-PUBLIC signalling:CELL HOLD:NO VOICE-ROAMING:DISABLED NUM:* ADDRBOOK-NUM:NUM CDO:# NET-MODE:AUTO NET-SEL:AUTO NET: PDN-MODE:AUTO PDN-ROAMING:DISABLED PDN-APN:internet.t-mobile.cz HOLD-ENABLE-LIST:# DIAL-IN-LIST:# [12:43:17] ABILIS_CPX:
Fixed the calculation of CPU consumption.
Removed core task replaced by Idle Task 0 and X directly in RTK.
Fixed bug that prevented setting of ALERT and ALERT-ST of Digital Input lines of RVS devices from the command line interface and from the web interface.
Fixed bug that prevented setting parameters of X.25 resources from the command line interface.
Fixed bug that prevented setting of IKE Host parameter CERT-PEER from the command line interface.
Fixed not properly parsed fw version, for Mikrotik fw version 7.13.
Fixed bug that caused device to not connect properly to modem when LAN in stand-alone (no IPRES LAN is using IP).
This bug was introduced after some modifications in MULTICORE service, and it is present starting from release 9.0.2.
Fixed bug in Voice Mail audio messages selection from the web interface.
This bug prevented selection of messages for "Welcome!" phase, setting always the "Goodbye!" message.
Fixed bug that caused D DHCPC LOG command to show potential garbage at the end of the log.
None
Released on August 1, 2024.
Restyled Networking and Automation graphs.
Figure: Networking - VPN matrix
Restyled IP Shaping maintenance pages (Networking menu).
Figure: Networking - IP shaping
Restyled IP over AIPT2 maintenance (Networking menu).
Figure: Settings - IP over AIPT2
Restyled DHCP maintenance pages (Networking menu).
Figure: Networking - DHCP
Added DNS Filtering pages (Administration menu).
Figure: DNS filtering - DNS Blacklist
Added special SlotId handling for B365M with 9 Ethernets in configuration (2 4Eth PCIe card installed), applied just when Abilis configuration contains all Eth-x with slotid:NONE (i.e. brand-new configuration).
Added support for wildcard FQDN (i.e. in the format '*.subdomain') in routings.
[16:04:25] ABILIS_CPX:D IPR Destination routes and conditional source routes: +-+-+-+-+--------------------+--------------------+-----------------+----+---+ |B|P|S|H| NET:/MASK: | MASK: or | GW: |IP: |AD:| | | | | | | SRNET:/SRMASK: | | | | +-+-+-+-+--------------------+--------------------+-----------------+----+---+ |*|S| | | 000.000.000.000/32 | 255.255.255.255 | 192.168.000.251 | 2| 1| |*|S| | | 012.023.012.012/32 | 255.255.255.255 | |NONE| 1| ... +--------[a.b.c]-------------+--------------------+-----------------+----+---+ | |S| | | FQDN-NOT-RESOLVED | 255.255.255.255 | |NONE| 1| +--------[*.b.c]-------------+--------------------+-----------------+----+---+ | |S| | | FQDN-NOT-RESOLVED | 255.255.255.255 | |NONE| 1| +--------[*.meteo.it]--------+--------------------+-----------------+----+---+ |*|S| | | 104.022.002.199+2 | 255.255.255.255 | |NONE| 1| |*|S| | | 000.000.000.000/0 | 000.000.000.000 | 192.168.000.251 | 2| 1| | |C| | | | OUT-IP | | 201| | | |C| | | | OUT-IP | |D 5| | +-+-+-+-+--------------------+--------------------+-----------------+----+---+ [16:04:25] ABILIS_CPX:D IPRE Destination routes and conditional source routes: +-+-+-+-+--------------------+--------------------+-----------------+----+---+ |B|P|S|H| NET:/MASK: | MASK: or | GW: |IP: |AD:| |[DESCR:] | SRNET:/SRMASK: | | | | +-+-+-+-+--------------------+--------------------+-----------------+----+---+ +- dft -+--------------------+--------------------+-----------------+----+---+ |*|S| | | 000.000.000.000/32 | 255.255.255.255 | 192.168.000.251 | 2| 1| +- TEST 12 ------------------+--------------------+-----------------+----+---+ |*|S| | | 012.023.012.012/32 | 255.255.255.255 | |NONE| 1| ... +--------[a.b.c]-------------+--------------------+-----------------+----+---+ | |S| | | FQDN-NOT-RESOLVED | 255.255.255.255 | |NONE| 1| +--------[*.b.c]-------------+--------------------+-----------------+----+---+ | |S| | | FQDN-NOT-RESOLVED | 255.255.255.255 | |NONE| 1| +--------[*.meteo.it]--------+--------------------+-----------------+----+---+ |*|S| | | 104.022.002.199/32 | 255.255.255.255 | |NONE| 1| |*|S| | | 104.022.003.199/32 | 255.255.255.255 | |NONE| 1| |*|S| | | 172.067.004.005/32 | 255.255.255.255 | |NONE| 1| +- dft -+--------------------+--------------------+-----------------+----+---+ |*|S| | | 000.000.000.000/0 | 000.000.000.000 | 192.168.000.251 | 2| 1| | |C| | | | OUT-IP | | 201| | | |C| | | | OUT-IP | |D 5| | +-+-+-+-+--------------------+--------------------+-----------------+----+---+
Removed "RELAY-LOG-REQUESTERS" parameter.
Added "RELAY-TTL-MAX", "relay-log-size" and "RELAY-LOG-EXCLUDE" parameters.
[15:53:22] ABILIS_CPX:D P RES:DNS RES:Dns ----------------------------------------------------------------------- Run DESCR:Domain_Name_System LOG:NO ACT:YES udp-locport:53 SRCADD:OUT-IP TOS:0-N wdir:C:\APP\DNS\ - Resolver ------------------------------------------------------------- SERVERS:STATIC PRIMARY:192.168.000.251 SECONDARY:008.008.008.008 TOUT:5 CACHE:YES cache-size:5000 - Relay/Server --------------------------------------------------------- RELAY:YES relay-size:1000 RELAY-TOUT:10 RELAY-TTL-MAX:# RELAY-WHITELIST:YES RELAY-WHITELIST-CLIENTS:DNSWhiteClients RELAY-BLACKLIST:YES RELAY-BLACKLIST-BYPASS:DNSBlackBypass relay-log-size:5000 RELAY-LOG-EXCLUDE:DNSLogExclude SERVER:YES IPSRC:127.000.000.001 IPSRCLIST:PrivateIpAdd [15:58:46] ABILIS_CPX:
The "RELAY-WHITELIST-CLIENTS" parameter is now read-only and set by default to the IP list "DNSWhiteClients", which is the default list of requestors enabled to White List.
The "RELAY-BLACKLIST-BYPASS" parameter is now read-only and set by default to the IP list "DNSBlackBypass", which is the default list of requestors exempt from Black List.
The newly added "RELAY-LOG-EXCLUDE" parameter is now read-only and set by default to the IP list "DNSLogExclude", which is the default list of requestors exempt from resolved FQDN log.
Improved resolved FQDN log: added the resolving time stamp and the same FQDN is logged more then once when it belongs to different requestors.
The size of the resolved FQDN log can be set by means of the newly added "relay-log-size". It can be maintained by commands 'C/D DNS RESOLVED'.
[15:46:57] ABILIS_CPX:D DNS RESOLVED Resolved domains (160/5000): Date |Time |Requester IP |FQDN ------+------+---------------+------------------------------------------------- 120620 154018 192.168.040.100 update.googleapis.com 120620 154018 192.168.040.110 update.googleapis.com 120620 154014 192.168.020.100 beacons-handoff.gcp.gvt2.com 120620 141541 192.168.080.120 d386b0avixguc2.cloudfront.net 120620 141541 192.168.020.100 pg.cdn.viber.com 120620 141312 192.168.080.001 accounts.youtube.com 120620 140708 192.168.020.100 part-0044.t-0009.fb-t-msedge.net 120620 140349 192.168.020.105 beacons3.gvt2.com 120620 140320 192.168.020.100 encrypted-tbn1.gstatic.com 120620 140301 192.168.020.170 encrypted-tbn2.gstatic.com 120620 140301 192.168.070.150 encrypted-tbn3.gstatic.com 120620 140300 192.168.070.150 id.google.com ... [15:46:57] ABILIS_CPX:
Changed range of the maximum time tolerated for a monitored host to stay down.
The "TOLERATED-DOWN-PERIOD" parameter value now must be greater than or equal to "POLL-INTERVAL" value set in the IpMon resource.
Added Lan hosts database.
In addition to the list of "allowed" IP addresses, which is maintainable by means of 'A/C/D/S IPMON' commands, now the driver maintains a list of IP addresses detected over time on the Lan.
The list of detected hosts is saved in IPMON working directory in HOSTS.DAT file and periodically refreshed. It can be maintained by commands 'C/D IPMON LANHOSTS'.
[15:24:58] ABILIS_CPX:D IPMON LAHOSTS Lan hosts: 32/2000 Update interval: 15 min Life time: 30 days -----+--------+-----------------+-------------------+------+-------------------- ID | RES | IPADD | MAC | ST | LAST UPDATE -----+--------+-----------------+-------------------+------+-------------------- 1 | Ip-1 | 169.254.255.125 | 08-00-27-E5-F8-7F | dn | 2023-10-31 17:19:29 2 | Ip-1 | 192.168.001.001 | 20-90-27-E0-6F-6D | dn | 2023-07-14 14:30:06 3 | Ip-1 | 192.168.001.025 | 38-D5-47-1B-09-44 | dn | 2023-08-08 15:24:55 4 | Ip-1 | 192.168.001.077 | 08-00-27-E5-F8-7F | dn | 2023-08-08 15:24:55 5 | Ip-2 | 178.168.028.027 | 10-FE-ED-E2-BC-E9 | UP | 2024-06-12 15:20:37 6 | Ip-2 | 178.168.028.028 | 0C-80-63-6A-31-E9 | dn | 2024-06-12 15:00:18 7 | Ip-2 | 178.168.028.029 | 60-32-B1-02-44-DE | dn | 2024-06-12 15:00:18 8 | Ip-2 | 178.168.028.032 | 4C-FB-45-DA-A4-52 | dn | 2024-06-12 15:00:19 ... 29 | Ip-7 | 010.168.020.109 | 52-16-DD-C6-31-88 | dn | 2023-10-12 11:50:45 30 | Ip-8 | 192.168.168.167 | 18-FD-74-CD-82-0E | UP | 2024-06-12 15:21:39 31 | Ip-8 | 192.168.168.170 | 00-90-9E-9D-7B-97 | UP | 2024-06-12 15:21:39 32 | Ip-52 | 172.016.016.001 | 20-2E-15-00-05-F8 | dn | 2023-07-18 10:42:20 -----+--------+-----------------+-------------------+------+-------------------- [15:24:58] ABILIS_CPX:
Moreover, when a new host appears on the Lan, which is not listed among the "allowed" ones, a warning could be sent (mail, SMS, etc.) to the Lan administrator. The alerting feature can be activated by means of the new parameter "NEW-HOST-ALERT".
[15:24:58] ABILIS_CPX:D P RES:IPMON RES:IpMon --------------------------------------------------------------------- Run DESCR:Monitor_of_IP_addresses LOG:NO ALERT:NO ACT:YES wdir:C:\APP\IPMON\ POLL-INTERVAL:180 RETRY-COUNTER:4 RETRY-INTERVAL:3 - Lan hosts ------------------------------------------------------------ max-hosts:2000 HOSTS-UDP-INTERVAL:15 HOSTS-LIFETIME:30 NEW-HOST-ALERT:NO [15:25:17] ABILIS_CPX:
Added protection against time zone jump during runtime.
Added protection against time jump longer than 12 hours to the future during runtime.
Added storage of timestamps during snapshot into the system log.
Added support of new value of User's SIP-REMOTE-NAT:LEGACY value.
Added 'START SIP LOG' command (it displays SIP log in real-time).
Added loop protection based on delivery of 'Abilis-Uuid' on USER.
Added loop protection based on delivery of 'Abilis-Uuid' on NET-PRIV.
Extended the range of "LOCAL-SOURCES" parameter, by adding 'AIPT2' value, for AIPT2 debug log delivering to remote SYSLOG console.
Added "cxDrop" group, for DROP resource diagnostics and statistics. Updated Abilis MIB and Html document.
Added new list type UIP: user's IP address.
They can hold pairs of Abilis user name and IP address or Subnet address or FQDN.
[18:00:37] ABILIS_CPX:D LIST:SipPermit LIST:SipPermit - UIP - Ref-Numb:1 Items-Numb:4 SIP users permitted IP addresses ---------------------------------------------------------------------------- User Net/mask or FQDN tommaso 192.168.000.022 admin ap.antek.it (077.241.002.071) admin gui.antek.it (077.241.005.105) KaterinaAndC 192.168.000.000/16 [18:00:39] ABILIS_CPX:A LIST:SipPermit ? ... UIP item: Sequence of two values separated by ',' (comma) e.g. 'user,net/mask' or 'user,fqdn', where: - 'user' is a string of max 20 characters corresponding to the name of an existing Abilis user. - 'net/mask' is IP address and mask in the format x.x.x.x/nn The mask is optional, when omitted it is assumed to be equal to 32. - 'fqdn' is FQDN name of max 64 characters in the range ['0'..'9', 'a'..'z', '-', '.']. FQDN name is forced to lower case. The FQDN name is automatically resolved and the corresponding IP address is shown in brackets. [18:05:07] ABILIS_CPX:
This type of list is suitable in the "SIP-IP-PERMIT" parameter of Abilis Users.
Added new list type TIN: Timeout ISDN Numbers.
They can hold ISDN numbers valid up to a given expiry date and time.
[17:41:06] ABILIS_CPX:D LIST:TemporaryNum LIST:TemporaryNum - TIN - Ref-Numb:0 Items-Numb:3 My numbers with due dates -------------------------------------------------------------------------- Number Timeout 3312020202 01/01/2025 01:00 3334753777 24/12/2024 23:59 4455678901 15/07/2024 09:00 [17:42:52] ABILIS_CPX:A LIST:TemporaryNum ? ... TIN item: Sequence of two values separated by ',' (comma) e.g. 'num,tout', where: - 'num' is the ISDN number, i.e. a string of max 30 characters in the range [C, 0..9, ^, ?, _, *, #] optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] attributes. - 'tout' is the number expiration date and time in the format 'dd/mm/yyyy-hh:mm'. See also HELP ISDN ATTRIBUTES and HELP ISDN VALUES. Case insensitive match. [17:43:03] ABILIS_CPX:
Added support for wildcard FQDN (i.e. in the format '*.subdomain') in FQDN lists.
Also wildcard FQDN are automatically resolved by the system and all found IP addresses are then listed.
[17:54:55] ABILIS_CPX:D LIST:MyFqdn LIST:MyFqdn - FQDN - Ref-Numb:0 Items-Numb:3 -------------------------------------------------------------------------- *.ilmeteo.it (104.022.060.141) *.ilmeteo.it (104.022.061.141) *.ilmeteo.it (172.067.015.175) *.tin.it (156.054.069.009) a.b.c (-) google.com (142.251.209.046) [17:55:01] ABILIS_CPX:
Changed range of CXGEN 'listitems' parameter from [4000..200000] to [5000..200000].
Improved the delta between the Number of CPX list items and the Maximum number of Sip numbers. Starting from now the Number of CPX list items must be greater or equal to the Maximum number of Sip numbers plus 2000. In the previous releases the delta was equal to 1000.
Added warning in System log when the Number of used CPX list items reaches 90% of availability and when it reaches the 100% of availability. E.g.
12/06/2024 15:22:10 [00706] W: List items number WARNING, 90% used (4501/5000)
and
14/06/2024 10:51:00 [00708] W: List items number OVERFLOW (5000/5000)
When the items number goes back below the 85% of the availability, the information is registered in the system log. E.g.
14/06/2024 00:05:36 [00707] W: List items number NORMAL, 85% used (4200/5000)
Simplified DHCP subnets and hosts configuration integrating profiles in Lan with "MODE:SERVER".
10:54:14] ABILIS_CPX:d dhcp DHCP summary: Service: ACTIVE (state of the DHCP driver [DOWN, ACTIVE, INACT]) Subnets: 1 (number of configured subnets [0..128]) Hosts: 0 (number of hosts configured for static leases [0..500]) Leases: 55 (current number of leases in the Db in memory [100..1000]) [10:54:31] ABILIS_CPX:d dhcp lan ----+--------------------------------+--------------------------------+-------- LAN:|NET: |MASK: |MODE: ----+--------------------------------+--------------------------------+-------- 1 Ip-2 (192.168.000.000) Ip-2 (255.255.255.000) SERVER [10:54:34] ABILIS_CPX:d dhcp lan:1 Parameter: | Value: -------------+----------------------------------------------------------------- LAN: 1 NAME: NET: Ip-2 (192.168.000.000/24) MASK: Ip-2 (255.255.255.000) MAC-FILTER: # MODE: SERVER POOL1: # POOL2: # POOL3: # POOL4: # POOL5: # DEF-LEASE: 36000 MAX-LEASE: 36000 ARPCHK: NO TTL: 0 KEEPALIVE: 0 NB-SCOPE-ID: NB-NODE-TYPE: UNK DOMAIN: GW1: # GW2: # GW3: # DNS1: # DNS2: # SMTP: # POP3: # NNTP: # WWW: # FINGER: # IRC: # NTP: # TIME: # WINS1: # WINS2: # TFTP: BOOTFILE: ------------------------------------------------------------------------------- [10:54:41] ABILIS_CPX:
Extended "FEC" parameter range by adding the 'HIGH' value, which is equivalent to "10:3" value.
Simplified paths configuration: the number of paths is now fixed to 6 and each path can be individually enabled by mean of 'VALIDx:' flag [NO, YES].
... NUMPATHS: Number of paths enabled and configurable [6] <Read Only> ---------- IP Tunnel Paths ---------------------------------------------------- x: Path index [1..6] to be used as suffix in path parameters, e.g. s p ip-10 locip1:* remip1:*. The load balancing is performed among the mutipaths. VALIDx: To add a path 'x' to the resource use VALIDx:YES To remove the path 'x' from the resource use VALIDx:NO ...
Fixed processing of codecs in received '200 OK' response SDP, if it starts with TelEvents (101) one.
Fixed processing of codecs in received SDP, if it starts with TelEvents (101) one.
Fixed processing of filtered D SE listing. When filters was used in the command, it sometimes worked sometimes not, due to an inaccurate exchange of information between the driver and the command parser.
Added protection to avoid that SSL opening APIs (connect or accept) stays blocked forever due to an unexpected event.
The problem occurred mainly with HTTPS sessions and caused some sessions to stay in 'fake' CONNECTED state forever.
It may occurs with DROP driver too, which by consequence stopped updating the 'DROP' lists.
Fixed bug that caused PPP over POECLI to not call again after a call failure.
Added some missing checks on pointers that could be NULL and that could cause exceptions when the client is activated (CLI-ACT:YES).
Fixed not deleted SMS files, even after successful delivery.
The bug caused that the sms file was kept and the sms message was re-sent.
Added starting from release 9.0.0, it originated by modifications done during EthLte support addition.
Fixed DROP driver not updating the 'DROP' list.
Added starting from release 9.0.1, it was caused by invalid source address loading from the configuration. The invalid source address sent in the call request, prevented the call to be accepted and the connection establishment with the remote host.
All bug fixes up to 8.11.15 are included in 9.0.2.
The output of D CPU command shows wrong CPU load. It is not reliable.
Released on February 2, 2024.
Added support for INTEL i210 Ethernet chip (standalone PCIe card), sub-type for INTELG2 driver (i211).
INTELG2 - Improved TX path handling.
INTELG2 - Added support for INTEL i210 Ethernet chip (standalone PCIe card), sub-type for i211 driver (i211).
INTELG3 - Improved TX DMA handling.
Modified the multi-core architecture to improve the overall performance even more than before.
Added operative state parameter 'OSx' to every AIPT2 path.
It can be used to administratively activate/deactivate the single path.
[10:48:01] ABILIS_CPX:s p ip-250 ? OSx Ip771 (Abilis IP tunnel v.2) resource parameters: OSx: Operative state [DOWN or DN or D, UP or U] [10:50:55] ABILIS_CPX:d p ip-250 RES:Ip771 - Abilis IP tunnel v.2 (AIPT2) ------------------------------------- Run DESCR:To_Hungary LOCATION: OPSTATE:UP STATE-DETECT:NORMAL CAT:AUTO (VPN) ... - IP Tunnel Paths -------------------------------------------------------- x MPx: OUTSPx: OUTx: LOCIPx: REMIPx: OSx: DEPx: BCK-CHKx: GWx: SPL-OVHx: ----+----+-------+---------+---------------+------------------------------ 1 |A AUTO Ip-242 OUT-IP 164.093.182.125 2 |A AUTO Ip-240 081.068.184.047 164.093.182.125 3 |A AUTO Ip-2 192.168.000.252 164.093.182.125 # 192.168.000.234 AUTO 4 |A AUTO Ip-9 OUT-IP 164.093.182.125 dn # 192.168.007.004 AUTO ... [10:53:03] ABILIS_CPX:d d ip-250 RES:Ip771 - Abilis IP tunnel v.2 (AIPT2) ------------------------------------- To_Hungary STATE:UP LINK-STATE:LINKREADY ... - IP Tunnel Paths ------------------------------------------------------ x OS ST MP OUTSP OUT LOCIP REMIP SPL-OVH [GW] -+---+---+---+-------+------+---------------------+---------------------+------- 1 UP UP A 14210 Ip-242 077.054.094.043 164.093.182.125:5005 AUTO 2 UP UP A 14277 Ip-240 081.068.184.047 164.093.182.125:5005 AUTO 3 UP UP A 17895 Ip-2 192.168.000.252 164.093.182.125:5005 RAW-IP,ETH 192.168.000.234 4 dn - A - AUTO - ... [10:53:03] ABILIS_CPX:
Added new parameter 'ACL-FIREWALL' in IP Router, which allows to enable/disable the use of firewall functionality, i.e. the use of rules (PR:0 and PR:1) referencing 'Firewall' list.
[17:01:34] ABILIS_CPX:d p res:iprtr ? acl-firewall Iprtr resource parameters: ACL-FIREWALL: Enable/disable Access lists using 'Firewall' list [NO, YES] When NO, Access list with PR:0 and PR:1 are ignored. When YES, Access list with PR:0 and PR:1 are used. [17:01:36] ABILIS_CPX:d p res:iprtr RES:Iprtr --------------------------------------------------------------------- Run ... - IP Access List ------------------------------------------------------- ACL:YES ACLBYPASS:# ACL-FIREWALL:YES COS:DISABLED COSDFT:NORMAL COSBALANCE:NO NORMRATE:50 LOWRATE:50 ... [17:01:36] ABILIS_CPX:
The parameter is displayed in IPACL layout too and when it is set to 'NO' a warning is shown, informing that rules referencing the 'Firewall' list are not in use.
[17:04:55] ABILIS_CPX:d ipacl IPRTR parameters: ACL:YES ACLBYPASS:# ACL-FIREWALL:NO COS:DISABLED COSDFT:NORMAL Tot-IPACL-Number:2 ------------------------------------------------------------------------------- PR: [DESCR:] TYPE: SA: PROT: ICMP-TYPE: IPCOS: DA: SPO:/PO: DPO: TOS-O: TOS-I: SRES: DRES: RES-O: TI: ALERT: ------------------------------------------------------------------------------- 0 *** Disabled (ACL-FIREWALL:NO) *** [Deny forwarding from hosts matching Firewall rule] DENY 'Firewall' * * DFT * * ------------------------------------------------------------------------------- 1 *** Disabled (ACL-FIREWALL:NO) *** [Deny forwarding to hosts matching Firewall rule] DENY * * * DFT 'Firewall' * * * * * AUTO * 250 ------------------------------------------------------------------------------- ... [17:04:56] ABILIS_CPX:
Added "D DHCP RES" command, showing a summary of LAN resources and static DHCP subnets.
The purpose of this summary view is to highlight the relationship between the LAN ports and the DHCP subnets (RELAY/SERVER) eventually associated with them.
[11:44:32] ABILIS_CPX:D DHCP RES LAN resources: ------+------------------------------+------------------+------+---+---+---- RES |DESCR |IPADD/MASK |DHCP | S |LAN|PROF ------+------------------------------+------------------+------+---+---+---- Ip-1 lan of Office 192.168.004.254/24 SERVER * 1 1 Ip-2 lan of VDSL 192.168.168.170/28 - Static DHCP subnets: ---+--------------------------------+------+---------------------------+---- LAN|NAME |MODE |NET |PROF ---+--------------------------------+------+---------------------------+---- 1 Office SERVER 192.168.004.000/24 1 [11:44:37] ABILIS_CPX:
Added "D DHCPC LOG" and "C DHCPC LOG" commands, for DHCP Client log displaying and clearing.
[16:09:55] ABILIS_CPX:d dhcpc log 02/02 11:28:08 [I,1] BOUND timeout, start RENEWING 02/02 11:28:08 [I,1] prepare REQUEST-RENEW 02/02 11:28:08 [I,1] SD: IP=10.60.60.153 02/02 11:28:08 [I,1] send attempt: 1 02/02 11:28:08 [I,1] state change: BOUND -> RENEWING 02/02 11:28:08 [I,1] received packet: IP=10.60.60.153, MAC=78-9A-18-8C-16-E2 02/02 11:28:08 [I,1] received ACK 02/02 11:28:08 [I,1] assigned: IP=10.60.60.154, MASK=255.255.255.252 02/02 11:28:08 [I,1] first GW/DNS: GW=10.60.60.153, DNS=83.158.240.241 02/02 11:28:08 [I,1] second GW/DNS: GW=0.0.0.0, DNS=83.158.240.240 02/02 11:28:08 [I,1] lease T1/T2: 30/52 02/02 11:28:08 [I,1] state change: RENEWING -> BOUND 02/02 11:28:38 [I,1] BOUND timeout, start RENEWING 02/02 11:28:38 [I,1] prepare REQUEST-RENEW 02/02 11:28:38 [I,1] SD: IP=10.60.60.153 02/02 11:28:38 [I,1] send attempt: 1 02/02 11:28:38 [I,1] state change: BOUND -> RENEWING ...
Updated Abilis MIB and Html document.
AIPT2: added 'cxAipt2DgPathLocPort', 'cxAipt2DgPathRemPort' and 'cxAipt2DgPathOpState' diagnostics for paths.
Obsoleted cxEthMod group and traps.
Added new groups cxEthDev, cxEMod and cxELte and added new traps for EthMod and EthLte resources.
Disabled the FACTORY.CFG configuration file loading at boot by means of OK/SW6 button. The FACTORY.CFG configuration file usage is now allowed only by means of command "CONF RESET", which restores factory configuration and restarts the system.
[16:55:05] ABILIS_CPX:CONF RESET ? CONF RESET Restore factory configuration and restart the system. [16:55:13] ABILIS_CPX:
Fixed bug in Subnets configuration, that appears when "MODE" parameter value changes from SERVER to RELAY and vcv.
Some parameters were not reset to their default (e.g. POOLs), causing the generation of fake conflict messages (e.g. between NET and POOLs).
Fixed bug that could occurs when deleting a user.
Sometimes when a user was deleted, some CTI Routings 'OUT' parameter was cleared (i.e. reset to '#'), even if the user was not referenced there.
All bug fixes up to 8.11.14 are included in 9.0.1.
None
Released on January 5, 2024.
A new GUI, with completely redesigned web pages, is available.
Figure: Abilis home page
Each user can log in using his own password, accessing the specific level of access that the system administrator has reserved for him, for more effective system management, to use the completely renewed services and new tools available starting from this version.
The new GUI is supplied with a complete and detailed online manual.
Figure: Abilis online manual
WIO
Added Wireless input/output devices, with which it is possible to arrange Wireless Sensor Networks (WSN).
The project aims to provide analog and digital I/O wireless devices to create low speed, long range point-to-multipoint wireless networks, to let a thousand (or more) of tiny client-stations to interact reliably and securely with a central server-controller.
A large number of wireless sensor nodes can manage and monitor the environment in a certain area; they can be connected to one or more WIO devices, the concentrator stations which act as control unit and that are connected via Internet to Abilis.
Abilis deals with the processing, analysis and archiving of data and of the consequent leadership of any action that may become necessary.
Videorecorder
Redesigned and improved Videorecorder page.
Figure: Abilis Videorecorder page sample
Program tables
They allow the control of I/O devices through programs in the form of sheets, automatically compiled into LUA scripts.
Available from new web interface only. Explained fully in the online manual.
Figure: Automation sheets sample
Improved multiprocessing, allowing a more effective exploitation of the additional cores and consequently increasing the efficiency of the processes performed on the main core.
This improvement is mainly used by commissioning the execution of LUA scripts on the extra cores, greatly improving efficiency of processes.
Added support for M/B with CPU Intel J4125 with BIOS ReleaseDate 09/26/2023 detected on the miniPC with 4Eth Intel i225 MB.
Added support of new Slotid-NONE reordering for Eth-x devices for miniPC with 4 Eth I225.
Added support for 2 types of INTEL i225 (V,LM) Ethernet chips present on 4 Eth miniPC and standalone PCIe card.
INTELG3 - Added driver for Intel i225 Ethernet chip present on miniPC with 4 Ethernet chips (i225V) and also standalone PCIe card (i225LM).
REALTEKG - Rtl8125 (2.5Gbps) uses now specific amount of TX/RX DMA buffers, specifically TX DMA amount increased from 50 to 256 buffers.
REALTEKG - Fixed VLAN handling for RTL8111D, Rx Vlan de-tagging doesn't work for this chip, necessary to handle de-tagging by SW in the driver (made just for this chip).
HTTP section
Removed parameter 'HTTP' and replaced with parameter 'HTTP-LEVEL'. With this parameter the administrator can not only enable users to access to the Abilis web interface, but also he will assign them the level of access privileges [NO, USER, ADVANCED, MANAGER, ADMINISTRATOR, SUPER].
[12:18:10] ABILIS_CPX:d user:MyUser ? http-level User's parameters: HTTP-LEVEL: Enable/disable HTTP for this user and select the access level to the web interface [NO (disabled), USER, ADVANCED, MANAGER, ADMIN, SUPER] The 'SUPER' level is reserved for the user 'super' and cannot be assigned to any other user. For user 'super' the level is 'SUPER' and cannot be changed. For user 'admin' the level is 'ADMIN' and cannot be changed. User 'guest' is always not enabled. [12:18:21] ABILIS_CPX:
A new set of parameters specific for the new web interface are now present:
Group label (parameter 'HTTP-GUI-GROUP') can be used by the administrator to group users for administrative purposes.
Permissions to functional areas (parameter 'HTTP-GUI-NETWORK', 'HTTP-GUI-PHONE', 'HTTP-GUI-AUTO', 'HTTP-GUI-VIDEO' and 'HTTP-GUI-TOOLS') are used by the administrator to enable/disable the user to the corresponding functional area of the web interface.
[12:18:10] ABILIS_CPX:d user:MyUser http ? User's parameters: ... HTTP-GUI-GROUP: Group label used in web pages for administrative purposes. Max 32 ASCII characters. Spaces require double quotes (E.g. "my group"). HTTP-GUI-NETWORK: Enable/disable the user to "Network" functional area of the web interface [NO, YES] User 'super' is always enabled. User 'admin' is always enabled. User 'guest' is always disabled. HTTP-GUI-PHONE: Enable/disable the user to "Phone" functional area of the web interface [NO, YES] User 'super' is always enabled. User 'admin' is always enabled. User 'guest' is always disabled. HTTP-GUI-AUTO: Enable/disable the user to "Auto" functional area of the web interface [NO, YES] User 'super' is always enabled. User 'admin' is always enabled. User 'guest' is always disabled. HTTP-GUI-VIDEO: Enable/disable the user to "Video" functional area of the web interface [NO, YES] User 'super' is always enabled. User 'admin' is always enabled. User 'guest' is always disabled. HTTP-GUI-TOOLS: Enable/disable the user to "Tools" functional area of the web interface [NO, YES] User 'super' is always enabled. User 'admin' is always enabled. User 'guest' is always disabled. [12:18:21] ABILIS_CPX:
Added Two Factor Authentication for connections from the public network via SSH and via HTTPS.
[15:12:18] ABILIS_CPX:d user:MyUser ? User's parameters: ... 2FA-AUTH: Enabled Two Factor Authentication for this user [NO, MAIL, SMS] - NO: the Two Factor Authentication is disabled - MAIL: the Two Factor Authentication is active and the verification code is sent by e-mail to the address set in "2FA-MAIL-TO". - SMS: the Two Factor Authentication is active and the verification code is sent by SMS to the number set in "2FA-SMS-TO". Two Factor Authentication is applied when the user logs in to the web interface or to the Control Port via SSH and LOGIN-MODE:USERS. Not allowed for User 'guest'. 2FA-PRIVATE-IP: Enabled Two Factor Authentication for private IP [NO, YES] By default Two Factor Authentication is applied when the user logs in from the Public network. Not allowed for User 'guest'. 2FA-HTTP-PROT: Select HTTP protocol for which Two Factor Authentication is applied [PLAIN, SSL]. Values can be joined using ',' (comma). By default Two Factor Authentication is applied when the user logs in to the web interface via HTTPS. Not allowed for User 'guest'. 2FA-MAIL-TO: E-mail address to which the mail with the verification code for the user authentication is sent when 2FA-AUTH:MAIL. Empty or max 128 chars. Space not allowed. Not allowed for User 'guest'. WARNING: when 2FA-AUTH:MAIL, if 2FA-MAIL-TO is empty, the user cannot be autheticated. 2FA-SMS-TO: Phone number to which the SMS with the verification code for the user authentication is sent when 2FA-AUTH:SMS. Empty or max 20 digits, optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] attributes. See also HELP ISDN ATTRIBUTES. Not allowed for User 'guest'. WARNING: when 2FA-AUTH:SMS, if 2FA-SMS-TO is empty, the user cannot be autheticated. [15:12:28] ABILIS_CPX:
A verification code is sent to the configured phone number by SMS or to the configured e-mail address and the user can log in only entering the received verification code.
Abilis IP Tunnel v.2 has been improved by addition of several components like an internal controller for redundancy and Forward Error Correction (FEC) adjustment, a burst generator for path maximum bandwidth evaluation and added possibility to select preferential traffic flow using preference classification.
AIPT2 tunnels support new redundancy mode with Forward Error Correction (FEC) technology (Similar to RAID technology).
Added parameters 'REDMODE', 'REDCOPY' and 'FEC'
[18:20:13] ABILIS_CPX:D P RES:Ip AIPT2 ? REDMODE REDCOPY FEC Ip (Abilis IP tunnel v.2) resource parameters: REDMODE: Redundancy mode [LEGACY, AUTO]. REDCOPY: Redundancy number of copies to send [0..10, PATH, AUTO]. <Only for REDMODE:AUTO> FEC: Enable/disable Forward Error Correction. NO, AUTO, DFT or two values in the range [1..29] separated by colon 'N:P', which represent the ratio between data packets (N) and parity packets (P). It must be N+P <= 30. (E.g. AUTO or 5:1 or 3:3) [18:20:28] ABILIS_CPX:
FEC works by inserting extra packets (named parity packets) into the data flow which have the function of supporting the reconstruction of the normal data flow in the event of packet loss.
Instead of duplicating packets, it allows better probability of reconstructing packets at the destination, with lower throughput usage.
Example:
Say that a, b, c, d, e are a group of packets to be sent. They can be considered as numbers.
A new special packet p (parity packet) is added to the group, where p=a+b+c+d+e
Any one packet of the new group can be lost in the Internet, it is sufficient to reverse the computation to avoid data loss.
If c is lost, then c = p - (a+b+d+e)
With previous redundancy system 10 packets would have been sent, with new FEC only 6 packets are sent, with same reconstruction probability.
Advantages:
- reduced throughput
- reduced average latency
The feature is activated by means of the "FEC" parameter, which allows the user to explicitly select the ratio between data packets and parity packets.
Legacy "Redundancy Copy" system is considered deprecated by the introduction of FEC.
Added added possibility to select preferential traffic flow, which is classified in VoIP, VPN, STREAMING and SURFING main categories.
It can be done by means of a new set of parameters (only for ROLE:CLIENT):
[18:39:17] ABILIS_CPX:D P RES:Ip AIPT2 ? Ip (Abilis IP tunnel v.2) resource parameters: ... ---------- Controller preferences (Only for ROLE:CLIENT) ---------------------- CONTROL: Controller activation and traffic selection [NONE, VoIP, VPN, STREAMING, SURFING] SA: Source IP Addresses Range: a single IP address [0.0.0.1-255.255.255.255] or two IP addresses separated by ':' (colon) or * (Any IP address) or the name of an IP/IR/FQDN/RU/MR list between single quotes. (E.g. 150.200.192.192 or 192.168.0.0:192.168.0.100 or * or 'List') DA: Destination IP Addresses Range: a single IP address [0.0.0.1-255.255.255.255] or two IP addresses separated by ':' (colon) or * (Any IP address) or the name of an IP/IR/FQDN/RU/MR list between single quotes. (E.g. 150.200.192.192 or 192.168.0.0:192.168.0.100 or * or 'List') PROT: Internet Protocol: Internet protocol mnemonic or decimal value [0..255] or * (Any Internet protocol) or "tcpudp" or the name of an IPT/RU/MR list between single quotes. (E.g. icmp or 1 or * or tcpudp or 'List') PO: Source or destination Ports Range: a single port mnemonic or decimal value [0..65535] or two port values separated by ':' (colon) or * (Any port) or the name of a TUP/RU/MR list between single quotes. (E.g. 23 or SSH or 1:1200 or 'List') <Mandatory for PROT:*|TCP|UDP|TCPUDP|'List'> SPO: Source Ports Range: a single port mnemonic or decimal value [0..65535] or two port values separated by ':' (colon) or * (Any port) or the name of a TUP/RU/MR list between single quotes. (E.g. 23 or SSH or 1:1200 or 'List') <Mandatory for PROT:*|TCP|UDP|TCPUDP|'List'> DPO: Destination Ports Range: a single port mnemonic or decimal value [0..65535] or two port values separated by ':' (colon) or * (Any port) or the name of a TUP/RU/MR list between single quotes. (E.g. 23 or SSH or 1:1200 or 'List') <Mandatory for PROT:*|TCP|UDP|TCPUDP|'List'> [18:39:39] ABILIS_CPX:
VoIP: it selects the 2 best paths (with fewer Missing packets, then less jitter, and more throughput availability, and also with better RTT) and sends duplicated traffic on these 2 paths.
VPN: here RTT matters more, it is sent on the path with the better RTT and then more throughput availability, and then Jitter and Missing are also considered. When a path, even if it was the best, saturates, its rating already decreases, and packets begin to be sent on other available paths, which, for example, may have a higher rating in the meantime.
STREAMING: here throughput availability on various paths matters more, it is sent on the path with the most throughput availability, and then Missing also has a secondary weight, while other RTT and Jitter are not taken into account.
SURFING: here missing on various paths matters more, it is sent on the path with fewer Missing, and then throughput availability is also considered with less weight, while other RTT and Jitter are not taken into account.
These indices are continuously updated, every 5 seconds, and if the results of various paths change (as I wrote above, for example, for VPN if a path saturates, or starts experiencing losses, or increases RTT, or jitter), the packet distribution also changes.
Further changes concern the removal of 'PATHSMODE' parameter; a new range of parameter 'OUTSPx' and the addition of 'BCK-CHKx' parameter for ROLE:CLIENT.
[18:39:17] ABILIS_CPX:D P RES:Ip AIPT2 ? BCK-CHKx OUTSPx Ip (Abilis IP tunnel v.2) resource parameters: BCK-CHKx: Time when BACKUP path is tested for quality [# or hh:mm]. When #, the BACKUP path check is not performed. <Only for ROLE:CLIENT and DEPx: <> #> OUTSPx: Speedlimit, in kbit/sec applied to the path. The resource speedlimit OUTSP, if enabled, determines the overall tunnel speedlimit. AUTO (auto detection) or [0 (no transmission), 64..1000000 Kbit/sec] [18:39:39] ABILIS_CPX:
The User Based Routing feature, which allows you to use a unique global number for any interface, simplifies the creation of routings, defining the numbering plan and configuring unified user preferences.
CTISYS
The User Based Routing feature can be enabled in CTISYS, by means of 'ubr' parameter:
[16:09:55] ABILIS_CPX:d p ctisys ? ubr ... CtiSys resource parameters: ubr: Enable/disable User Based Routing (UBR) [NO, YES]. The value in brackets is the one currently in use. [16:10:09] ABILIS_CPX:
The change in the 'ubr' parameter value is not applied run-time but requires saving the configuration and rebooting the system.
USER global number
When User Based Routing feature is enabled, only one number can be assigned to any user and it will be the main number used for routing purposes for every enabled interface.
[16:14:57] CPX_220:d user:katerina ? number User's parameters: NUMBER: Main phone number assigned to the user when User Based Routing (UBR) is active, used for routing purposes for every enabled interface. For outgoing calls it is used by CTI routings with OUT:<USER-I> or <USER-O> to select the user from the called number. Empty or max 20 digits, optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] attributes. See also HELP ISDN ATTRIBUTES and HELP ISDN VALUES. <Only for CtiSys ubr:YES> [16:16:18] CPX_220:d user:katerina ... [16:00:10] CPX_ANTEK-PBX:d user:Katerina Parameter: | Value: --------------------+---------------------------------------------------------- USER: Katerina REAL-NAME: Irina Keterina ID: 22 <Read Only> PWD: *** ACT: YES ... NUMBER: 55540
The assigned number is automatically inherited by all interfaces enabled for the user:
[16:24:20] ABILIS_CPX:d vo numbers Total-numbers:1/4000 Net-numbers:1 User-numbers:0 --------------------------+----------------------------+----------------------- NET-NUM: | USER-NUM: |USER: * = Current |* = Current | | A = AbilisPhone | | n = Contact order | --------------------------+----------------------------+----------------------- * (5540) | |Katerina ------------------------------------------------------------------------------- [16:24:24] ABILIS_CPX:d sip numbers Total:1/3000 Sip-Number:1 Static:0 NUMx: [SIP-NUMBER:] USER: PROVENIENCE: ------------------------------------------------------------------------ [5540] Katerina SIP-NUMBER [16:24:28] ABILIS_CPX:
Unified user preferences
When User Based Routing feature is enabled, only one set of user preferences is offered and it is valid for every enabled interface.
[21:16:57] ABILIS-CPX:d pref user:katerina Parameter: | Value: --------------------+---------------------------------------------------------- USER: Katerina ID: 6 <Read Only> LAST-CHANGE: 05/01/2024 21:04:37 <Read Only> PWD: *** ... -------------------- CLIP: TRANSP ACTION: ADVANCED (No rules) CF-RULE: ALWAYS CF-TOUT: 15 CF-DLY: 10 CF-FORK-TYPE: STD CF-CDO: # CF-CGO: * VM: NO VM-RULE: NOANS,OTHERS VM-TOUT: 15 PC-OFFER: 4 PC-ACCEPT: 4 CALL-WAITING: NO MAIL-FAIL: NO MAIL-FWD: NO MAIL-SEIZED: NO -------------------- ... [21:16:57] ABILIS-CPX:
CTI users group
Users can also be grouped and calls can be routed to the group by means of CTI Users Groups:
[15:32:50] ABILIS_CPX:d ctigu ? ... CTI users group parameter(s): DESCR: Entry description. Max 70 chars. Spaces require double quotes (E.g. "str1 str2"). Note: it is displayed only when not empty. NUMBER: Main number assigned to this group. For outgoing calls it is used by CTI routings with OUT:<CTIGU-I> or <CTIGU-O> to select the group from the called number. Empty or max 20 digits, optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] attributes. See also HELP ISDN ATTRIBUTES and HELP ISDN VALUES. S: Scan method for calls [R, P, M] R=Round Robin, P=Position Priority, M=Multicast R: Rule to proceed with next user [IN, ST, EU, UN, 'listname'] IN = Internal (any cause with locations 0xF0..0xFF) ST = Standard (any cause with locations 0xF0..0xFF + causes 0x92, 0xA2-0xAF, 0xC1-0xCF, 0xD1-0xDF with other locations) EU = End-User (any cause except 0x91 and 0x93 with any location) UN = Unconditional (any cause with any location) 'listname' = an ICAUSE/RU/MR list. MC: Maximal number of simultaneous calls [1..255, MAX] P: Enable/disable call pickup [YES, NO] P1:..P32: Output user. # or up to 32 characters corresponding to an existing Abilis user. - Output only ---------------------------------------------------------------- The parameters of this section replace the correspondent parameters of the routing when the group is configured in OUT: field of the routing, and when they are enabled. A parameter is enabled by setting a valid value (e.g. T301:10) and is disabled by setting an empty value (e.g. T301: ). T301: See routing help for range. Set "T301:" to disable and hide. [15:37:09] ABILIS_CPX:d ctigu ------------------------------------------------------------------------------- ID: [DESCR:] NUMBER: S: R: MC: P: P1 P2 ... ... P32 [Pxx: T301:] ------------------------------------------------------------------------------- 4 P UN MAX NO Grace Simon Derek . ------------------------------------------------------------------------------- 21 P UN MAX NO Donatella Irina UFFICIO . ------------------------------------------------------------------------------- [15:39:55] ABILIS_CPX:
Users groups are intended to be used in CTI Routings, only when UBR (User Based Routing) feature is active. See CTIR section for more details.
CTI Routings
CTI routings has been extended in order to allow users groups referencing in 'GI' field and to allow referencing users and users groups in the 'OUT' field.
In 'OUT' fields there is the possibility to use special values '<USER-I>' and '<USER-O>' for selecting user according to CDI/CDO and to use special values '<CTIGU-I>' and '<CTIGU-O>' for selecting users group according to CDI/CDO:
[16:41:02] ABILIS_CPX:s ctir pr:0 ? GI OUT A CTIR[E] PR:xxx [par:val] Add a CTI routing PR: CTI routing priority [0..255] <Mandatory> CTI routing parameters: GI: Input group [#, G*, G0..G64, GU*, GU0..GU32] OUT: Output group/port/cluster/user [#, G0..G64, GU0..GU32, PBX, <USER-I>, <USER-O>, <CTIGU-I>, <CTIGU-O>, 1..600, Sl, Iax, Sip, Disa, Vo, Vm, Mix, <AUTO-I>, <AUTO-O>, cluster-name, @user-name]. Where: - <USER-I>/<USER-O>, select user according to CDI/CDO - <CTIGU-I>/<CTIGU-O>, select users group according to CDI/CDO - <AUTO-I>/<AUTO-O>, select cluster according to CDI/CDO The cluster-name must correspond to an existing CTI cluster. The user-name must correspond to an existing Abilis user and it must be preceeded by the '@' character. [16:43:51] ABILIS_CPX:a ctir pr:0 poi:sip out:@katerina COMMAND EXECUTED [16:43:52] ABILIS_CPX:d ctir pr:0 - Not Saved (SAVE CONF) ------------------------------------------------------- Last change: 05/01/2024 16:43:52 ---+------+------------------+----------+--------------------+-------------------- PR |[DESCR] |BCI |POI |SR |GI |OUT |CDI |CDO ACT|NEXT |LAST |EEC |T301 |CGI |CGO EDT|SP |SC |DJ |MJ |FMDJ|FMMJ |SDI |SDO |SPOUT |SCOUT|DJOUT|MJOUT |LCS |LCST |SGI |SGO | |BCO |RGI |RGO |FMRLY |FAXSP|MODSP|FMLVL |ECM |UDT |IG |OG |SG |DL |DH |CODERS |CODERSOUT |TI1 .. TI5 ---------------------------------------------------------------------------------- 0 VOICE Sip # # @katerina 00 * ---------------------------------------------------------------------------------- [16:43:59] ABILIS_CPX:
It is also possible to use new type of lists: list of Users numbers (UNUM) and list of Users Groups numbers (GUNUM).
Two lists are automatically created and maintained in the system collecting all users numbers and all users groups numbers, respectively named 'NumUser' and 'NumGroup'.
[16:49:28] ABILIS_CPX:d ctir Last change: 05/01/2024 16:39:28 ---+------+------------------+----------+--------------------+-------------------- PR |[DESCR] |BCI |POI |SR |GI |OUT |CDI |CDO ACT|NEXT |LAST |EEC |T301 |CGI |CGO EDT|SP |SC |DJ |MJ |FMDJ|FMMJ |SDI |SDO |SPOUT |SCOUT|DJOUT|MJOUT |LCS |LCST |SGI |SGO | |BCO |RGI |RGO |FMRLY |FAXSP|MODSP|FMLVL |ECM |UDT |IG |OG |SG |DL |DH |CODERS |CODERSOUT |TI1 .. TI5 ---------------------------------------------------------------------------------- 0 VOICE * * G0 <CTIGU-I> 'NumGroup' * NO ANY NO Dft * * 64000 Sys Sys Sys Sys Sys * * ---------------------------------------------------------------------------------- 1 VOICE * * G0 <USER-I> 'NumUser' * NO ANY NO Dft * * 64000 Sys Sys Sys Sys Sys * * ---------------------------------------------------------------------------------- [16:41:10] ABILIS_CPX:
Firewall functionality has been added via IP Access Lists, with periodic updating of the list of malicious hosts from accredited sites.
Two IPACL rules are present by default in position 0 and position 1 respectively. They are read-only entries, non-deletable, neither movable nor editable. They are used to validate source and destination addresses respectively, by means of the 'Firewall' list.
[12:10:17] ABILIS_CPX:d ipacl IPRTR resource parameters: ACL:YES ACLBYPASS:# COS:ENABLED COSDFT:NORMAL Tot-IPACL-Number:2 ------------------------------------------------------------------------------- PR: [DESCR:] TYPE: SA: PROT: ICMP-TYPE: IPCOS: DA: SPO:/PO: DPO: TOS-O: TOS-I: SRES: DRES: RES-O: TI: ALERT: ------------------------------------------------------------------------------- 0 [Deny forwarding from hosts matching Firewall rule] DENY 'Firewall' * * DFT * * ------------------------------------------------------------------------------- 1 [Deny forwarding to hosts matching Firewall rule] DENY * * * DFT 'Firewall' * ------------------------------------------------------------------------------- [12:10:43] ABILIS_CPX:
The 'Firewall' list is a rule which is used mainly to verify whether an IP address is present or not in a list of malicious hosts (DROP list). The 'DROP' list is periodically updated from list of dangerous IP addresses, made available by the accredited Spamhaus international organization.
[12:16:32] ABILIS_CPX:d list:firewall LIST:Firewall - RU - Ref-Numb:2 Items-Numb:1 Firewall_rules_(ReadOnly) -------------------------------------------------------------------------- DROP.OR.BlackIP.AND.NOT.WhiteIP [12:16:33] ABILIS_CPX:d list:DROP LIST:DROP - IR - Ref-Numb:1 Items-Numb:984 DROP_List_from_spamhaus.org_(ReadOnly) -------------------------------------------------------------------------- 001.010.016.000:001.010.031.255 001.019.000.000:001.019.255.255 001.032.128.000:001.032.191.255 002.056.010.000:002.056.010.255 ... [12:16:43] ABILIS_CPX:
The periodic updating of the 'DROP' list is performed by a new driver called DROP: which is just responsible for downloading the information and updating the contents of the 'DROP' list.
[12:17:39] ABILIS_CPX:d p res:drop RES:Drop ---------------------------------------------------------------------- Run DESCR:DROP_list_maintenance_service LOG:DS ACT:YES droplog:DFT wdir:C:\APP\DROP\ FILE-URL:https://www.spamhaus.org/drop/drop.txt [12:17:43] ABILIS_CPX:
Simplified and improved IP Shaping service.
New configuration: removed IP Shaping Flows and IP Shaping Rules tables and reviewed service configuration:
[16:31:47] ABILIS_CPX:d p res:ipsh RES:IpSh ---------------------------------------------------------------------- Run DESCR:IP_Shaping_service LOG:NO ACT:YES maxip:200 PERIOD:120 TOPIP:6 WHITE-LIST:IPshWhiteList MAX-SHIFT-JUMPS:5 SHIFT-STEP:15 TRAFFIC-IN-THR:1000 TRAFFIC-OUT-THR:5000 VARIANCE-THR:50 ALERT:NO [16:42:15] ABILIS_CPX:d p res:ipsh ? IpSh resource parameters: DESCR: Resource description. Max 79 chars. Case sensitive. Spaces require double quotes (E.g. "str1 str2"). Using <empty> string, the description is set to its default value, i.e. "type-nnn", where 'type' is the resource type and 'nnn' is the resource index. LOG: State changes log and alarm generation [NO, D, S, A, L, T, ALL] [+E] (D: Debug Log; S: System Log; A: Alarm view; L: Local audible alarm; T: SNMP traps; +E: Extended Log of state changes, see ref. manual) ACT: Operation activation [NO, YES] maxip: Maximum number of IP addresses analyzed per each IP resource [100..1000] PERIOD: Period of time window for TOP IP analysis. Values are averaged over this sliding window [5..120 sec] TOPIP: Highest number of TOP-IP host subject to traffic shaping [5..20] WHITE-LIST: IP hosts of the LAN which bypass the IP shaping control. # or IP/IR/FQDN/RU/MR list name. MAX-SHIFT-JUMPS: Max amount of jumps over the regular service-pace [5..20] SHIFT-STEP: Amount of seconds with variance below (or above) the threshold required to step the SHIFT-JUMP up (or down) of one unit [1...30] TRAFFIC-IN-THR: Level of incoming throughput under which TOP-IPs are not managed, because they produce negligible traffic [0..1000000 KBit/sec] TRAFFIC-OUT-THR: Level of outgoing throughput under which TOP-IPs are not managed, because they produce negligible traffic [0..1000000 KBit/sec] VARIANCE-THR: Variance threshold: above or equal threshold the traffic is interactive, below it is stream [0..100] ALERT: Release an alert in case of alarm condition [NO, 1..255] [16:43:17] ABILIS_CPX:
TRFA IP traps: added monitor starting day and time for Day/Week/Month monitor interval (parameters 'START-DAY' and 'START-TIME').
[14:11:54] ABILIS_CPX:d trfa ip trap ---+----+---------------------------------------------------------------------- [Res DESCR] ID: ACT: RES: VAR: INT: START-DAY: START-TIME: VAL: ALERT: ---+----+---------------------------------------------------------------------- 0 YES [Backup_LTE/UMTS] Ip-13 CHR-TOT Day 00:00 200 (Mbytes) NO 1 YES Ip-13 CHR-TOT Week MO 00:00 1000 (Mbytes) NO 2 YES Ip-13 CHR-TOT Month 1 00:00 5000 (Mbytes) NO ---+----+---------------------------------------------------------------------- [14:12:00] ABILIS_CPX:d trfa ip trap ? ... TRFA IP Trap entry parameters: ACT: Enabled/disabled entry [NO, YES] RES: IP resource in the format "Ip-nnn", where 'nnn' can be [1..999] VAR: Monitored variable [THR-IN, THR-OUT, THR-TOT, CHR-IN, CHR-OUT, CHR-TOT] INT: Monitored interval. For THR-IN, THR-OUT, THR-TOT: 5Min, 30Min, 2Hr. For CHR-IN, CHR-OUT, CHR-TOT: Day, Week, Month. START-DAY: Monitor starting day. <Only for INT:Week|Month> For INT:Week : [MO, TU, WE, TH, FR, SA, SU] For INT:Month : [1..31] START-TIME: Monitor starting time [hh:mm]. <Only for INT:Day|Week|Month> VAL: Variable threshold value [0..4294967295]. For THR-IN, THR-OUT, THR-TOT variables the unit is Kbit/sec. For CHR-IN, CHR-OUT, CHR-TOT variables the unit is Mbyte ALERT: Sends an alert when the threshold is reached [NO, 1..255] [14:15:53] ABILIS_CPX:
Extended the range of 'R-ID' parameter, adding the possibility to select directly an IP resource:
[15:51:36] ABILIS_CPX:s p res:iprtr ? R-ID Iprtr resource parameters: R-ID: Router-id (IP address) [AUTO, 1-126.x.x.x, 128-223.x.x.x, Ip-nnn] [15:51:46] ABILIS_CPX:s p res:iprtr r-id:ip-1 COMMAND EXECUTED [15:51:48] ABILIS_CPX:d p res:iprtr RES:Iprtr --------------------------------------------------------------------- Run DESCR:IP_Router_general_properties - General -------------------------------------------------------------- R-ID:Ip-1 192.168.000.220 NAT:NO maxroute:500 DFTTTL:64 ps:2048 DEF-LOCAL-AD:0 DEF-STATIC-AD:1 DEF-OSPF-AD:110 DEF-RIP-AD:120 - IP Access List ------------------------------------------------------- ACL:NO ACLBYPASS:# COS:ENABLED COSDFT:NORMAL COSBALANCE:NO NORMRATE:50 LOWRATE:50 - Ppp-Dns -------------------------------------------------------------- PPP-DNS-PRI:000.000.000.000 PPP-DNS-SEC:000.000.000.000 [15:51:50] ABILIS_CPX:
The resulting IP address, will be shown beside the selected IP resource.
IP resources category
For any subtype, renamed parameter 'TYPE' to parameter 'CAT'.
This parameter classifies the resource, mainly in web pages for administrative purposes, graphs, statistics. But it can effect also IP resource state detection procedure (see below).
The range of parameter 'CAT' is [AUTO, LAN, WAN, SDWAN, VPN].
When 'AUTO', the category is automatically assigned by IPRTR between [LAN or WAN or SDWAN or VPN or N/A or empty], with the below rule:
LAN: LAN/LAN-PT resources with no default route
VPN: AIPT2 resources with no default route
WAN or SDWAN: any resource with default route (SDWAN for AIPT2)
N/A: none of the above cases
empty: not running resources
The automatically assigned value is shown in parentheses, in both configuration and resource diagnostics.
IP resources state detect and PING procedure
For subtype LAN/LAN-PT, extended range of STATE-DETECT by adding 'AUTO' value.
It allows the PING procedure to be automatically activated for WANs.
[16:25:40] ABILIS_CPX:d p res:ip-1 ? state-detect Ip-1 (IP over LAN) resource parameters: STATE-DETECT: IP resource state detection method [NORMAL, PING, AUTO]: - NORMAL: the state depends on lower interface only. - PING: the state depends on lower interface state and on result of the PING procedure - AUTO: the state depends on IP resource category. When CAT:WAN, PING procedure is used, otherwise NORMAL. [16:28:04] ABILIS_CPX:
Contextually, changed default value of parameter'P-DST1' from # to '8.8.8.8' and of parameter 'P-DST2' from # to '8.8.4.4'.
For any subtype, renamed 'DHCP' to 'AUTO' in the range of parameter 'P-GW' and changed default value of parameter 'P-GW' from '#' to 'AUTO'.
For any subtype, added new parameter 'PING-ACT-DLY', with which it is possible to configure a minutes delay from boot before the PING procedure is activated.
[16:22:21] ABILIS_CPX:d p ip-2 ? P-ACT-DLY Ip-2 (IP over LAN) resource parameters: P-ACT-DLY: Delay from boot before use of PING detection is activated [0..15 min] <Only for STATE-DETECT <> NORMAL> [16:22:45] ABILIS_CPX:
Added Fully Qualified Domain Name (FQDN) use in IP routings (parameters 'NET' and 'SRNET').
[11:27:51] ABILIS_CPX:d ipr Destination routes and conditional source routes: +-+-+-+-+--------------------+--------------------+-----------------+----+---+ |B|P|S|H| NET:/MASK: | MASK: or | GW: |IP: |AD:| | | | | | | SRNET:/SRMASK: | | | | +-+-+-+-+--------------------+--------------------+-----------------+----+---+ |*|C| |*| 127.000.000.001/32 | 255.255.255.255 | |LOOP| 0| +--------[www.antek.lan]-----+--------------------+-----------------+----+---+ |*|S| | | 192.168.000.048/32 | 255.255.255.255 | |NONE| 1| |*|C| | | 192.168.000.220/32 | 255.255.255.255 | |R-ID| 0| +--------[www.antek.mail]----+--------------------+-----------------+----+---+ | |S| | | FQDN-NOT-RESOLVED | 255.255.255.255 | |NONE| 1| |*|C| | | 192.168.000.000/24 | 255.255.255.000 | | 1| 0| |*|S| | | 192.168.008.000/24 | 255.255.255.000 | 192.168.000.251 | 1| 1| |*|S| | | 192.168.009.000/24 | 255.255.255.000 | 192.168.000.251 | 1| 1| |*|S| | | 000.000.000.000/0 | 000.000.000.000 | 192.168.000.251 | 1| 1| | |C| | | | OUT-IP | | 301| | | |C| | | | OUT-IP | |D703| | +-+-+-+-+--------------------+--------------------+-----------------+----+---+ [11:27:55] ABILIS_CPX:
The FQDN name (max 64 characters in the range ['0'..'9', 'a'..'z', '-', '.']) is automatically resolved and the corresponding IP address is shown in square brackets.
Added the possibility to monitor host using SNMP.
A new parameter 'CHECK' has been added to each IPMON record, allowing to select between ARP and SNMP monitoring:
[11:58:13] ABILIS_CPX:A IPMON IP:192.168.0.220 ? CHECK ... IP Monitor IP address parameters: CHECK: Enable presence check [NO, ARP, SNMP]. - NO: the state of the host is not monitored. - ARP: the state of the host is periodically monitored by ARP. - SNMP: the state of the host is periodically monitored by SNMP. By default NO. [11:58:41] ABILIS_CPX:D IPMON IP: CHECK: ALERT: DESCR: ------------------------------------------------------------------------------- 192.168.000.220 SNMP NO Caterina PC 192.168.001.006 SNMP NO paolino-test 192.168.053.038 ARP NO My-Host 192.168.053.056 NO 62 Freezer-A 192.168.153.102 ARP 60 web-cam n.1 192.168.153.103 ARP 60 web-cam n.2 [11:37:31] ABILIS_CPX:
Monitoring an host using SNMP is implemented by getting from the monitored host a specific SNMP variable. When no answer to GET request is received the host is considered to be DOWN.
There are specific SNMP properties to be configured, mainly the protocol version, the community string and the SNMP variable to retrieve from the monitored host.
[11:41:15] ABILIS_CPX:d ipmon ip:192.168.0.220 Parameter: | Value: -----------------------+------------------------------------------------------- IP: 192.168.000.220 DESCR: Caterina PC CHECK: SNMP ALERT: NO TOLERATED-DOWN-PERIOD: 0 PORT: 161 VERSION: 1 COMMUNITY: public OID: 1.3.6.1.2.1.1.3.0 VAR-CHECK: NONE VAR-VALUE: RETRY-COUNTER: 4 ROLE: PASSIVE ------------------------------------------------------------------------------- [11:41:19] ABILIS_CPX:
In addition to the simple missed answer, it is possible to configure a matching condition on the value of the monitored variable. The mismatch of the condition is treated as no answer.
[11:41:15] ABILIS_CPX:d ipmon ip:192.168.0.220 ? ... IP Monitor IP address parameters: IP: Monitored IP address [1-126.x.x.x, 127.0.0.1, 128-223.x.x.x] DESCR: IP address description. Max 32 chars. Spaces require double quotes (E.g. "str1 str2"). CHECK: Check mode [ARP, SNMP] ALERT: Send an alert on host state change [NO, 1..255] TOLERATED-DOWN-PERIOD: Max time tolerated for a host to stay down [0..65535 s] ---------- Only for CHECK:SNMP ------------------------------------------------ PORT: SNMP port [1..65535] VERSION: SNMP protocol version [1, 2, 3] COMMUNITY: SNMP Community name. Max 32 ASCII characters. Space not allowed. OID: Watched variable OID. String of numbers separated by '.' (dot). Max 80 characters. VAR-CHECK: Verification that must be done on watched variable value. [NONE, EqualTo, NotEqualto, GreaterThan, LessThan, GreaterOrEqualThan, LessOrEqualThan] The mismatch of the condition is treated as no answer. VAR-VALUE: Value used in watched variable verification. Max 50 characters. <Only for VAR-CHECK <> NONE> RETRY-COUNTER: Maximal retries on missing answer [0..30] ROLE: Role [PASSIVE, ACTIVE] - PASSIVE: Host can only answer to GET requests. - ACTIVE: Host can send unsollicited traps. [11:41:19] ABILIS_CPX:
The basic functionality of an SNMP Manager has been added to the SNMP driver, i.e. the abilities to send GET requests, to process GET responses and to receive Traps.
These features have been made available to IPMON driver, for host monitoring via SNMP.
[18:18:24] ABILIS_CPX:d p res:snmp RES:Snmp ---------------------------------------------------------------------- Run DESCR:Simple_Network_Management_Protocol ... - Manager -------------------------------------------------------------- SRCADD:OUT-IP trap-udp-locport:162 TRAPIPSRC:* TRAPIPSRCLIST:# [18:18:28] ABILIS_CPX:d p res:snmp ? Snmp resource parameters: ... ---------- Manager ------------------------------------------------------------ SRCADD: Source IP address for outgoing requests [R-ID, OUT-IP, 1-126.x.x.x, 127.0.0.1, 128-223.x.x.x] trap-udp-locport: Local UDP port for incoming traps [162] <Read Only> TRAPIPSRC: Incoming traps: accepted source IP address [*, 1-126.x.x.x, 127.0.0.1, 128-223.x.x.x] TRAPIPSRCLIST: Incoming traps: list of further accepted source IP addresses [#, IP/IR/RU/MR listname] [18:20:55] ABILIS_CPX:
Added list of users numbers (UNUM).
[11:50:24] ABILIS_CPX:d list:NumUser ? ... List type: UNUM: Users Number: - Number: max 20 digits [0..9] optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] attributes. - User: max 32 characters corresponding to the name of an existing Abilis user. See also HELP ISDN ATTRIBUTES and HELP ISDN VALUES. Case insensitive match. [11:50:39] ABILIS_CPX:a list:NumUser ? ... Possible Item values for UNUM list Type: UNUM item: Sequence of two values separated by ',' (comma) e.g. 'num,user', where: - 'num' is the number i.e. a sequence of max 20 digits [0..9] optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] attributes - 'user' is a string of max 20 characters corresponding to the name of an existing Abilis user. (E.g. 4567,my_user). Case insensitive match. See also HELP ISDN ATTRIBUTES and HELP ISDN VALUES. [11:52:50] ABILIS_CPX:d list:NumUser LIST:NumUser - UNUM - Ref-Numb:1 Items-Numb:59 Automatically_generated_Users_Global_Numbers_list_(ReadOnly) -------------------------------------------------------------------------- Number User 55541616513 Edgar 555999 Robert 13 ThomasWayne 14 BruceWayne ... [11:52:50] ABILIS_CPX:
These lists are be used in CTI Routings, mainly for UBR (User Based Routing) feature. See CTIR section for more details.
Added list of users groups numbers (GUNUM).
[11:50:24] ABILIS_CPX:d list:NumGroup ? ... List type: GUNUM: Users Group Number: - Number: max 20 digits [0..9] optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] attributes. - CtiGu: identifier of an existing CTI Users group. See also HELP ISDN ATTRIBUTES and HELP ISDN VALUES. [11:50:39] ABILIS_CPX:a list:NumGroup ? ... Possible Item values for GUNUM list Type: GUNUM item: Sequence of two values separated by ',' (comma) e.g. 'num,ctigu', where: - 'num' is the number i.e. a sequence of max 20 digits [0..9] optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] attributes - 'ctigu' is the identifier of an existing CTI Users group [0..32]. (E.g. 4567,5). See also HELP ISDN ATTRIBUTES and HELP ISDN VALUES. [11:52:50] ABILIS_CPX:d list:NumGroup LIST:NumGroup - GUNUM - Ref-Numb:0 Items-Numb:0 Automatically_generated_Users_Groups_Numbers_list_(ReadOnly) -------------------------------------------------------------------------- Number CtiGu 5551 technicians 5552 colleagues 5554 clients ... [11:52:50] ABILIS_CPX:
These lists are be used in CTI Routings, mainly for UBR (User Based Routing) feature. See CTIR section for more details.
Added lists for IP addresses Replacements (IPR).
[10:51:00] ABILIS_CPX:d list:ToDns ? ... List type: IPR: IP addresses Replacement: - Source IP address: in DDN [000.000.000.000..255.255.255.255] - Alias IP address: in DDN [000.000.000.000..255.255.255.255]. [10:55:25] ABILIS_CPX:a list:ToDns ? ... IPR item: Sequence of two values separated by ',' (comma) e.g. 'sip,aip', where: - 'sip' is the source IP address in DDN in the range [000.000.000.000..255.255.255.255]. - 'aip' is the alias IP address in DDN in the range [000.000.000.000..255.255.255.255]. [10:59:54] ABILIS_CPX:d list:ToDns d list:ToDns LIST:ToDNS - IPR - Ref-Numb:5 Items-Numb:5 ToDNS_IP_Replacement_List -------------------------------------------------------------------------- Source IP address Alias IP address (Translated) 192.168.000.003 008.008.008.008 192.168.000.007 008.008.008.008 192.168.000.060 008.008.004.004 192.168.000.061 008.008.004.004 192.168.000.062 008.008.004.004 [10:00:02] ABILIS_CPX:
These lists can be used in SNET parameter of NAT Alias records. See NAT section for more details.
Added lists of Fully Qualified Domain Name (FQDN).
[17:05:08] ABILIS_CPX:d list:IPshWhiteFQDN - Not Saved (SAVE CONF) ------------------------------------------------------- LIST:IPshWhiteFQDN - FQDN - Ref-Numb:1 Items-Numb:4 IPsh_WhiteList_FQDN -------------------------------------------------------------------------- eva.kent.it (077.241.005.105) toodle.com (142.251.209.000) del.lan (192.168.100.247) a.b.c (-) [17:05:28] ABILIS_CPX:
They are lists of FQDN name of max 64 characters in the range ['0'..'9', 'a'..'z', '-', '.']. The FQDN name is automatically resolved and the corresponding IP address is shown in round brackets beside the name.
They can be used in in IP Access lists, IP Shaping and AIPT2 services.
Added optional textual field to items of ISDN Number Replacement lists (INR).
The additional filed can be used to assign a textual description to the item. Max 32 characters are allowed. It can be omitted. By default it is empty.
[15:48:08] ABILIS_CPX:d list:celltoint - Not Saved (SAVE CONF) ------------------------------------------------------- LIST:CellToInt - INR - Ref-Numb:0 Items-Numb:4 From_cell_to_internal_num ---------------------------------------------------------------------------------- Number Chk CD CG Descr 3332032987 CGI 003 * William 3379875555 CGI 000 * Porter's lodge 3383223111 CGI 001 * Samira 3384532322 CGI 002 * Luigino [15:48:14] ABILIS_CPX:
The new field does not affect the match of the item.
Added the use of the IPR list for the 'SNET' parameter in NAT Alias.
[15:48:08] ABILIS_CPX:d nat pr:0 ? SNET ... NAT alias entry parameters: SNET: Source Network IP address [0.0.0.0, 1-126.x.x.x, 127.0.0.1, 128-223.x.x.x] and mask length [0-32] or * or the name of an IP/IR/FQDN/RU/MR list for network IP addresses between single quotes or the name of a IPR list between double single quotes or "Ip-nnn", where 'nnn' is an IP resource index in [1..999]. (E.g. * or 192.168.0.1/32 or 'ListName' or Ip-23), * is allowed only for ADD not equal to SRC. IPR lists can be used only when ADD:DST.
IPR lists contain a list of "source IP address, alias IP address" pairs to use.
When in the 'SNET' parameter we have an IPR, if the source address matches one entry of the list, the alias IP is taken directly from the matching pair, ignoring 'DNET' and 'ANET' parameters, which are hidden in the layout.
[15:48:08] ABILIS_CPX:d nat Configured maps ------------------------------------------------------------------------------- PR: [DESCR:] INAT: ADD: SNET: DNET: ANET: ONAT: SPO: DPO: APO: PAT: SRES: DRES: PROT: TOUT: ------------------------------------------------------------------------------- 0 [DNS requests redirection] IN DST 'ToDNS' OUT * dns(53) * YES * * UDP SYS ------------------------------------------------------------------------------- 1 IN SRC Ip-1 * OUT-IP OUT * * AUTO YES ------------------------------------------------------------------------------- [11:21:03] ABILIS_CPX:
Added default rule PR:0, which is read-only and cannot be deleted, moved or edited.
------------------------------------------------------------------------------- PR: [DESCR:] INAT: ADD: SNET: DNET: ANET: ONAT: SPO: DPO: APO: PAT: SRES: DRES: PROT: TOUT: ------------------------------------------------------------------------------- 0 [DNS requests redirection] IN DST 'ToDNS' OUT * dns(53) * YES * * UDP SYS -------------------------------------------------------------------------------
This entry refers to a predefined list 'ToDNS', which is also automatically added by default to the configuration and it has the purpose of allow DNS requests redirection to different servers on the base of the IP address of the requester.
The predefined list 'ToDNS' is empty by default. The compilation of the list is the responsibility of the user if he intends to use this type of translation.
The service was already introduced in version 8.11.0, but from this version it has been enhanced:
more actions can be taken in response to the notification of an alarm condition;
alerts that repeat within the indicated interval can be filtered;
an alert can recall another allowing to create a chain of alerts.
[14:43:38] ABILIS_CPX:d alert Alerts defaults ("DFT" values): Parameter: | Value: ----------------+-------------------------------------------------------------- wdir: C:\APP\ALERT\ MAIL-FROM: SYS (abilis@cpx_220_) SMS-FROM: CP-PI --- Mail defaults --------------------------------------------- MAIL-TO: SYS (report@antek.it) MAIL-TO-LIST: SYS (#) MAIL-BODY: SMS-LIKE --- SMS defaults ---------------------------------------------- SMS-CDO: SYS (5553223122) --- Disa Voice call defaults ---------------------------------- DISA-USER: Alert DISA-SERVICE: Alert DISA-CDO: SYS (5553223122) DISA-CGO: SYS (#) DISA-MESSAGE: alert ------------------------------------------------------------------------------- Alerts records: ---+----+----------------------------------------+------------+---------------- CH:|ACT:|DESCR: |FILTER: |FILTER-INTERVAL: |LOG:|ACTION: |FURTHER-ALERT: ---+----+----------------------------------------+----------------------------- 1 |YES |used_for_ipmon |NONE |180 |NO |MAIL,DISA-CB,TURN-ON-DOUT |NO ------------------------------------------------------------------------------- 250|YES |used_for_firewall |INTERVAL |180 |NO |MAIL,SMS |NO ------------------------------------------------------------------------------- [14:43:41] ABILIS_CPX:D ALERT CH:A ? D ALERT CH:val Display Alert record CH: Alert record index [A, 1..255] <Mandatory> Alert record parameters: ACT: Enable/disable this entry [NO, YES] DESCR: Entry description. Max 70 chars. Spaces require double quotes (E.g. "str1 str2"). FILTER: Filter to be applied to received notificatations: [NONE, INTERVAL], where: - NONE: Received notifications are not filtered. - INTERVAL: Filter based on the interval given in 'FILTER-INTERVAL'. If the same notification repeats within the indicated interval it is ignored. FILTER-INTERVAL: Time interval within which if the same notification repeats within the indicated interval it is ignored. [1..3600 sec]. LOG: Record alert in system's log [NO, YES] FURTHER-ALERT: Call a further alert [NO, 1..255] ACTION: Action [NONE, MAIL, SMS, DISA-CB, TURN-ON-DOUT, LUA-SCRIPT] Values can be joined using ',' (comma). ---------- Only for ACTION:MAIL ----------------------------------------------- MAIL-TO: E-mail recipients. DFT or empty or max 128 ASCII chars. Space not allowed. MAIL-TO-LIST: E-mail recipients list. DFT or # or the name of a TXT list between single quotes (e.g. 'mylist'). MAIL-BODY: E-mail body type [DFT, STANDARD, SMS-LIKE] MAIL-USER-TEXT: User text for the E-mail body. Empty or max 310 ASCII chars. Spaces require double quotes. ---------- Only for ACTION:SMS ------------------------------------------------ SMS-CDO: Outgoing called number for SMS. DFT or # or max 20 digits optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] attributes or the name of an IN list between single quotes (e.g. 'mylist') See also HELP ISDN ATTRIBUTES. SMS-USER-TEXT: User text for the SMS message. Empty or max 160 ASCII chars. Spaces require double quotes. ---------- Only for ACTION:DISA-CB -------------------------------------------- DISA-USER: Name of an existing DISA user for DISA CallBack. DFT or # or max 16 ASCII characters. Space not allowed. If the user is not configured, the (!) mark is displayed beside the name. DISA-SERVICE: Name of an existing DISA service for DISA CallBack. DFT or # or max 16 ASCII characters. Space not allowed. If the service is not configured, the (!) mark is displayed beside the name. DISA-CDO: Outgoing called number for DISA CallBack. DFT or # or max 20 digits optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] attributes. See also HELP ISDN ATTRIBUTES. DISA-CGO: Outgoing calling number for DISA CallBack. DFT or # or max 20 digits optionally preceded by TON [u, i, n, o, s, h, k] and/or NP [x, e, d, t, l, p] and/or PI [a, r, m, q] and/or SI [y, v, w, z] attributes. See also HELP ISDN ATTRIBUTES. DISA-MESSAGE: Name of the file holding the voice message to be played. DFT or # or max 20 chars valid for long file names. ---------- Only for ACTION:TURN-ON-DOUT --------------------------------------- TURN-ON-IO: The digital output that is set ON. # or a string in the format: - for Rio/Rvs: string in the format 'type-nn,line-mm', where: - type-nnn is the resource type [Rio, Rvs] and number, for Rio [1..16] and for Rvs [1..4] - line-mm is the line type [DO] and number, for Rio [1..16] and for Rvs [1..4]; - for Wio: string in the format 'type-n.xxx,line-mm', where: - type-n.xxx is the resource type and number [1..7], followed by the wireless-slave number [1..1000] - line-m is the line type [DO] and number [1..4]. (e.g. 'Rio-1,DO-5' or 'Rvs-3,DO-1' or 'Wio-1.5,DO-3') ---------- Only for ACTION:LUA-SCRIPT ----------------------------------------- LUA-SCRIPT: Name of the default LUA script to be started. # or max 32 chars valid for long file names. [14:43:41] ABILIS_CPX:
Added support of 'keyboard-interactive' authentication method.
The 'keyboard-interactive' authentication is used when LOGIN-MODE:USERS and the source IP address belongs to Public network and and Two-Factor Authentication (2FA) is required for the user who is logging in. Otherwise 'password method' authentication method is used.
[16:08:55] ABILIS_CPX:d p res:ssh ? s-auth Ssh resource parameters: S-AUTH: Supported authentication methods [PWD,KBI] <ReadOnly> KBI (i.e. keyboard-interactive method) is used when LOGIN-MODE:USERS and the source IP address blongs to Public network and Two-Factor Authentication is required for the user who is logging in; otherwise PWD (i.e. password method) is used. [16:09:20] ABILIS_CPX:
Added SMS relay by e-mail sending to SMTP server with SMS Gateway capability.
The range of parameter 'POO' of SMS outgoing routings has been extended with 'SMTP' value and the new parameter 'SMTP-SERVER' has been added for configuring the target SMTP server:
[18:46:02] ABILIS_CPX:d sms out ----+-------+-------------------------+-----+---------+-------+-------+-------- PR: |ACT: |CD: |POO: |LIFETIME:|DELAY: |SPLIT: |UNICODE: |SOURCE:|SENDER-ID: |SMTP-SERVER: ----+-------+-------------------------+-----+---------+-------+-------+-------- 0 YES * G6 1800 300 SYS SYS SMTP * ------------------------------------------------------------------------------- 1 YES * SMTP FILE 192.168.20.254 ------------------------------------------------------------------------------- [18:56:55] ABILIS_CPX:d sms out ? poo smtp-server ... SMS routings for outgoing messages parameters: POO: Output CTI Port or group [NONE, 1..600, G1..G32, SMTP] where 'SMTP' is allowed only for SOURCE<>SMTP and it means that the SMS message will be sent by e-mail to the SMTP server configured in SMTP-SERVER parameter. SMTP-SERVER: SMTP server for SMS Relay by e-mail. # or SYS or FQDN of max 64 chars in the range ['0'..'9', 'a'..'z', '-', '.'] or IP address in DDN. <Only for POO:SMTP> [18:56:55] ABILIS_CPX:
The parameter 'SMTP-SERVER' is present in SMS resource too, which is used when the SMTP server is set to 'SYS' in outgoing routing:
[19:05:34] ABILIS_CPX:d p res:sms RES:CtiSms -------------------------------------------------------------------- Run DESCR:Short_Message_Service LOG:NO ACT:YES MAX-SMS-SPLIT:1 ALLOW-UNICODE:NO DFT-IN:NO DFT-MAIL-TO: wdir:C:\APP\SMS\ SMTP-SEVER:192.168.20.254 [19:06:10] ABILIS_CPX:d p res:sms ? smtp-server CtiSms resource parameters: SMTP-SERVER: SMTP server for SMS Relay by e-mail. # or FQDN of max 64 chars in the range ['0'..'9', 'a'..'z', '-', '.'] or IP address in DDN. [19:06:13] ABILIS_CPX:
Added support of Vendor class identifier option (Option 60).
The vendor class identifier option identifies the vendor type and configuration of a DHCP client and can be requested in some contexts by the DHCP server in order to profile the client and provide it with appropriate answer.
For IP resources over LAN or LAN-PT, whose IP address is automatically retrieved by means of DHCP (parameter 'IPADD' set 'DHCP'), it is now possible to configure this option in a simple character string of up to 64 characters, parameter 'DHCP-VENDOR-ID':
[12:22:27] ABILIS_CPX:d p res:ip-2 RES:Ip-2 - IP over LAN (LAN) -------------------------------------------------- Run DESCR:Ip-2 OPSTATE:UP LOG:DS STATE-DETECT:NORMAL CAT:AUTO (LAN) LANRES:NONE IPADD:DHCP DHCP-GW:YES DHCP-GW-AD:2 DHCP-DNS:YES DHCP-VENDOR-ID: REDIS:EXT HIDE:NO RP:NONE IPSEC:NO VRRP:NO ... [12:22:32] ABILIS_CPX:s p res:ip-2 ? dhcp-vendor-id Ip-2 (IP over LAN) resource parameters: DHCP-VENDOR-ID: Vendor class identifier option (Option 60). Max 64 ASCII characters. Spaces require double quotes (E.g. "str1 str2"). <Only for IPADD:DHCP> [12:22:50] ABILIS_CPX:
The new ETHDEV driver is a more advanced version of the previous ETHMOD driver, now capable of supporting both Ethernet modems and LTE modems connected to Abilis via ETH/ETHUSB interface.
The architecture has been extended but rearranged and simplified even if we have multiple separate entities:
the EthDev resource, which is the modem supervisor (only one instance is allowed).
[16:11:28] ABILIS_CPX:d p res:EthDev RES:EthDev -------------------------------------------------------------------- Run DESCR:EthMod_and_EthLte_devices _Supervisor LOG:DS ALERT:NO ACT:YES ethdevlog:DFT ethdevlogsize:20 [16:11:35] ABILIS_CPX:
the EthMod and EthLte resources, they each representing one modem only, Ethernet or LTE respectively (max 16 of them are allowed).
Therefore now each modem is an independent device, that can stand alone configured and referenced.
[16:11:28] ABILIS_CPX:d p res:EthMod-1 RES:EthMod-1 ------------------------------------------------------------------ Run DESCR:Ethernet_Modem_1 LOWRES:Eth-2 MAC:52-54-4D-00-01-2B VPI:8 VCI:35 RES:Eth-2 --------------------------------------------------------------------- Run DESCR:Eth-2 LOG:DS ALERT:NO MODE:AUTO max-vlans:6 MAC-ADDR:FACTORY (B4-2E-99-28-5B-A4) ip-rxbuf:25 arp-rxbuf:5 pppoed-rxbuf:5 pppoes-rxbuf:25 [16:11:42] ABILIS_CPX:d p res:EthLte-1 RES:EthLte-1 ------------------------------------------------------------------ Run DESCR:LTE_Mikrotik_1 LOWRES:EthUsb-1 MAC:18-FD-74-CD-82-0E NET-MODE:DFT ROAMING:NO PDN-APN:DFT RES:EthUsb-1 ------------------------------------------------------------------ Run DESCR:EthUsb-1 LOG:DS ALERT:NO MODE:AUTO max-vlans:2 MAC-ADDR:00-90-9E-9D-7E-44 ip-rxbuf:25 arp-rxbuf:5 pppoed-rxbuf:5 pppoes-rxbuf:25 [16:11:49] ABILIS_CPX:
All the support, which is usually available for a resource/device, is provided for Ethernet and LTE modems (diagnostics, statistics, logging, and so on).
Moreover a summary of the configured modems and of their current state is available also in a dedicated section of the "D DEV" command:
[16:11:42] ABILIS_CPX:d dev ... --------------- Active EthMod/EthLte Resources and Devices: ------------------- Res LowRes Descr ModSt MAC ------------------------------------------------------------------------------- EthMod-1 Eth-2 Ethernet_Modem_1 dn 52-54-4D-00-01-2B EthLte-1 EthUsb-1 LTE_Mikrotik_1 UP 18-FD-74-CD-82-0E ... [16:11:49] ABILIS_CPX:
Version 9.0.0 requires new licence, with 'MAXVER' minimum value set to '9'.
[11:38:33] ABILID_CPX:licence display permissions ACTIVE PERMISSIONS: -------------|-----------|----------------------------------------------------- Name |Value |Description -------------|-----------|----------------------------------------------------- ABILISID |1801013 |Abilis CPX serial number EXPIRY |NONE |Licence expiration date YYYYMMDD MAXVER |9 |Licence is valid up this Abilis major version -------------|-----------|----------------------------------------------------- ...
Starting from this version FTP and SMTP services will be free. Therefore 'SMTP' and 'FTPSRV' permissions becomes obsolete.
Starting from this version LCS, DISA, IAX, SIP, SMS services will be included in 'SOFTPBX' permission. Therefore individual service 'LCS', 'CTIDISA', 'CTIIAX', 'CTISIP' and 'CTISMS' permissions become obsolete.
Added 'SIPUSERS' permission, for the number of allowed SIP users [0, 1..10000]. It requires 'SOFTPBX' permission too.
Added 'AIPT2' permission, for the number of allowed AIPT/AIPT2 resources [0, 1..999]. The 'AIPT' permission becomes obsolete.
Added 'NPV' permission, for the number of allowed NPV Links [0, 1..1000]. The 'NPVEXT' permission becomes obsolete.
GPIO and MFIO devices are no longer supported.
IP Load Balancing service has been completely removed.
Removed e-mails sending for banned IP addresses.
The 'IPBAN Mail' section of the configuration is no longer present and 'ACTION' parameter range is restricted from '[NONE, BAN, MAIL]' to '[NONE, BAN]'.
[18:49:38] ABILIS_CPX:d ipban max-items:3000 ALERT:NO WDIR:C:\APP\IPBAN\ - IPBAN service defaults ------------------------------------------------------ ACTION:BAN MAX-FAIL:5 FIND-TIME:1440 BAN-TIME:14400 WHITE-LIST:PrivateIpAdd - IPBAN individual services --------------------------------------------------- ---------+------------+-----------+------------+-----------+------------------- RES: | ACTION: | MAX-FAIL: | FIND-TIME: | BAN-TIME: | WHITE-LIST: ---------+------------+-----------+------------+-----------+------------------- Ssh | DFT | DFT | DFT | DFT | DFT ---------+------------+-----------+------------+-----------+------------------- Telnet | DFT | DFT | DFT | DFT | DFT ---------+------------+-----------+------------+-----------+------------------- CtiSip | DFT | DFT | DFT | DFT | DFT ---------+------------+-----------+------------+-----------+------------------- CtiIax | DFT | DFT | DFT | DFT | DFT ---------+------------+-----------+------------+-----------+------------------- CtiVo | DFT | DFT | DFT | DFT | DFT ---------+------------+-----------+------------+-----------+------------------- Http | DFT | DFT | DFT | DFT | DFT ---------+------------+-----------+------------+-----------+------------------- Ftp | DFT | DFT | DFT | DFT | DFT ---------+------------+-----------+------------+-----------+------------------- Smtp | DFT | DFT | DFT | DFT | DFT ---------+------------+-----------+------------+-----------+------------------- Pop3 | DFT | DFT | DFT | DFT | DFT ---------+------------+-----------+------------+-----------+------------------- [18:49:41] ABILIS_CPX:
Removed alerted IP addresses management and related commands 'D IPBAN ALERTED [[RES:]val]' and 'C IPBAN ALERTED [RES:]val IP:val'.
Fixed maximal length of buffers used for full path file names. The buffers used in the previous versions were shorter then the real possible full path file names, causing the name to be truncated and by consequence the proper voice message was not played.
All bug fixes up to 8.11.13 are included in 9.0.0.
None
Copyright © Abilis