A new option has been added to the CLI to strip the URI Argument (the question mark and beyond) from the requested URI before it is processed. It is configurable per web server accelerator. The syntax is "<get|set> accelerator <name> discardUriArgument = <yes|no>". This option is not provided in transparent, or forward proxy and since the argument is discarded prior to any other processing, the query header does not get recorded in log files. |
Abend : CPU hog: PROXY.NLM|atEndOfSegment$TransmitEntityData+5C |
Abend : EIP in ACFILTER.NLM at code start +0000CC87h caused by missing data in SYS:\ETC\IZER\REWRITER.CFG |
Abend during purgecache when using Websense. |
Abend in ACFilter.NLM. Race condition caused by use of multiple timers in the filter evaluation routine. |
Abend in SCacheShrink when invalid next block pointer is encountered. |
Abend in SetSrvIP.NLM |
Added support for SN in certificate DN (DGI fix). |
Additional fix relating to CPU Hog abend. |
CD image contains new DOS partition image to prevent boot failures (problem especially prevalent on larger drives). |
CPU Hog abend in TransmitLoop workToDo. |
Debug enhancement - abend log text corruption fixup. |
Debug enhancment - event log filtering. |
Duplex and speed settings do not work for Compaq/HP PCNTNW.LAN driver. |
Easy DOS attack - sending bogus 30k requests to transparent proxy (when non-terminating headers are received) |
Enhanced crash recovery code checking for invalid stack addresses, detection of multiple abends and logging of connection and request states. Added more diagnostic information to debug.log (crash log file). |
Enhanced debug logging disabled by default, since large quantity of debug information added to abend logs may overwhelm disk space. See NOVL95861 for details on specific settings. |
Enhancement: new option to push log files with ".tmp" extension and when finished pushing rename to the appropriate name. |
Enhancement: new option to set per accelerator settings for objnocacheforquestionmark, objnocacheforcgi and filtercookies. |
Fix for ASN1 vulnerability. |
Fixed a bug in the enhancement for per accelerator setting of objnocacheforquestionmark, objnocacheforcgi and filtercookies. The problem was that the global setting always applied. |
Fixed abend in filter framework during site download. |
Fixed alternate hostname sometimes not working with multihoming. |
Fixed an abend related to the SSL CONNECT fix in previous build. |
Fixed Autovol abend on single drive systems (in 2.3.0.2.22a CD. Not in OTWUG). |
Fixed CD image install to create 4 GB log volume instead of 2 GB log volume. |
Fixed double request sent to SSLized (Secure Excelerator) origin server. |
Fixed LDAP athentication failure when logging is enabled (this issue was introduced in early 2.3.0.2.x builds). |
Fixed origin server status being reset during apply when more than one are configured for a service. (I.e. if the origin web server is down then after doing an apply that status is forgotten). |
FTP LogPush failing when FTP server had a welcome message that ended with multiple CR-LF characters. |
FTP over HTTP can't retrieve files from Cisco's web site over FTP. 404 Not Found error is returned to the browser. Excelerator using relative file path to attempt download of file (no leading /). FTP server returns 550 No such file or directory for these particular files unless an an absolute (leading slash) path is used. |
Host based multi-homing code not always referencing the proper accelerator service on the first request. |
HTML page displayed when accessing FTP over HTTP forward proxy doesn't include <HTML> </HTML> <BODY> </BODY> tags. This causes problems with some browsers. |
Importing NAS configuration file can truncate SNMP alert email addresses. |
Improved scaling of live MMS streams. |
Larger packets for NTLM authentication to handle users which are members of very large numbers of groups. |
Long URI requests (i.e. over 8KB) caused memory corruption and an abend when filter logging was enabled. |
Loopback address 127.0.0.1 showing up in the list of configured DNS servers. |
Made purgelist case insensitive. |
Memory allocation failure during DynArray expand (EIP in NWUTIL.NLM at code start +0000D42Bh). |
Memory leak could cause loss of about 10K of memory each time an "Apply" was executed. |
Mutual Authentication profile not working due to the peer(server mode) failing to send a root list. |
NILE/SSL Netware OS updates |
Proxy now only tracks objects with extensions less than 6 characters. (prevents running out of memory condition). |
Real Media Agents (RealPlayer and RealOne Player) are now handled similar to NSPlayer when authentication is enabled for transparent services. |
Reduced the minimum receive buffers so that Debug version will initialize on 256MB systems. |
Removed 3 minute time out for remembering that an origin server for a reverse proxy is down (This improves the load balance efficiencey). |
Removed debug trap from debug version of Excelerator when a client connects to the mini ftp server and issues "mget *.<extension>" command. Note that mget is not fully supported. It has been changed to treat mget *.<extension> similar to how mget ./*.<extension> works which is to simply prompt to download every file in the directory. |
Resetting to factory settings doesn't clear out the access control policy settings for forward and transparent proxy. |
Resolved following GUI problems: 1. Connection broken. 2. WCCP IP address field too small. |
Sending an HTTP POST to the miniwebserver could cause a crash. PPOXY.NLM would abend in function PLD_EnsurePathDosCompatible. |
Server Gated Cryptography not working properly |
SSL CONNECT redirect does not contain proxy port |
Trap: NWUTIL.NLM|_AddEventData when using logging in conjunction with a large filter override list. |
Turned off "proxy may send data with the ACK of a SYN-ACK" by default. This is in response to support calls. Extremely low probability of negative side-effects. |
Under certain circumstances, Secure Excelerator sends 2 requests to the origin web server instead of one. This results in 500 internal server error when requesting dynamically generated content. |
Unusually long file extensions (i.e. 15 characters) may cause a memory allocation failure. |
VeriSign 128-bit Secure Site Pro SSL (Global Server) cert not working with 40/56-bit browsers. |
View user not able to download proxy log files from Excelerator GUI. |
Volauth.exe periodically stopping (requring service restart) and reporting "Error(2016) - Groups overflow error." |
volauth.exe updated to handle larger packets for NTLM authentication. |
When changing the IP address or subnet mask of an interface with NAT enabled, NAT would disable itself and need to be re-enabled. |
When enabled as a router, with NAT enabled, routing could stop working when changing the public IP address. |