ImageStream Linux Version 4.2.11-58 is now available as a general availability (GA)
release for all ImageStream routers except the Envoy.
This software release is provided at no charge to all ImageStream customers.
Version 4.2.11-58 is a maintenance release that is recommended for all customers
who wish to run the latest GA release on routers other than the Envoy.
This release note documents commands and features added between version 4.2.10-11
and version 4.2.11-58.
The following bugs have been fixed in Version 4.2.11:
Up to 4 GB RAM now Supported
Previous versions of ImageStream Linux supported a maximum of 1 GB RAM.
Version 4.2.11 now supports up to 4 GB of RAM.
Version 4.2.11 fixes stability and scalability problems with L2TP. CPU usage has been
decreased dramatically resulting in the ability to support thousands more connections
on the Gateway platform.
PCI 530-DE Transmit FIFO Underrun Handling Changes
The PCI 530-DE driver will now dynamically increase the transmit FIFO size when
underrun errors occur.
PCI 440 T1/E1/SSI Fixes
Version 4.2.11 adds support for the PCI 440 T1/E1 and SSI cards. Later releases fixed various bugs
related to the drivers and firmware for the cards.
Detailed revision history:
440: Added a global 5 second delay in sand_probe() for to allow cards with old
firmaware to initialize. This workaround is needed on systems with a mix of old
and new cards.
configmgr: Remove the sethorizon option for brctl from distributions other than
4.4.0-pre which don't support it.
440: Update to June 30 drivers which fixes a stuck transmitter bug and an
initialization problem on cards with older firmware.
Add Nvidia NForce 10/100/1000 Ethernet driver for the Gateway Express
Fix an openvpn server mode script logic bug that logged the username of authentication
requests to a temporary file even when debugging was disabled (default).
Added netcat, ping6 and traceroute6 utilities.
Updated sshd binary in OpenSSH_4.4p1_2. Disabled lastlog support.
Updated sensors binary in sensors_2.6.3_20. Disabled reporting of min/max and alarms.
The hardware clock is now copied to the system clock during system startup.
The system clock is now copied to the hardware clock before reboot or halt.
Fixed a bug with MLFR introduced in revision 25. We stopped adding MLFR
headers to LMI packets and protocol wasn't coming up!
Fixed a setnprobe bug that would cause the script to crash and nprobes to shut down
when more than one interface was configured.
530-TEJ, 440-TEJ: Fix timeslot display for E1 mode. It was displaying one too high (timeslot+1).
Also fixed the handling of timeslots separated by a ',' in E1 mode. It was adding one
to any timeslot separated by a comma making it impossible to specify non-contiguous
timeslot mappings for E1.
Intics: Fixed the "Protocol xxx is buggy" messages that occur when a port is in
promiscuous mode. Yes this has been fixed in the past but recently broke when I
made a change to support the newest 2.6 kernel with a completely different skb
structure which didn't have the skb->nh field. I set the mac pointer but
not the network pointer for locally generated packets like HDLC keepalives, PPP LCP packets
and Frame Relay queries.
Commit the latest 440 firmware changes into the 4.2.11 release.
Revert back e1000 driver from 7.3.20 to 6.3.9 to solve a tx timeout problem on
Gateways with a particular P4 SBC. We updated to 7.3.20 in release 44 for ICH8 support which
we don't use currently.
Remove dead gateway detection for all routes except default gateway.
Revert back to old 440 firmware - SSI cards do not always init properly - stats locked.
Reduce the bridge command line length to 1900 from 2048 to fix a customer
config which was hanging while adding ports to bridge groups. Bash version 2.04
does not like commands > 2k.
Added USB mass storage support and boot support from USB flash drives.
Added the latest e1000 driver from the 184.108.40.206 kernel.
Fix kernel pppol2tp problem with openl2tpd being signaled for every packet transmitted.
Added ucarp 1.3
Added powercode install script and menu option.
Add sip connection tracking support.
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p udp --dport 5060 -j ACCEPT
iptables -A FORWARD -p udp --dport 5060 -j ACCEPT
# Nat as usual -- nothing special needed in the nat rule.
iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -j SNAT --to 220.127.116.11
Added a packet mirroring chain.
Use this chain on the receive chains and it will make a copy of the packet and
retransmit on the specified interface. Use the rx_ddp chain to mirror the packet
without the L2 protocol header. The rx_edp chain will mirror it with the L2 protocol