Release Notes: IBM Aspera FASP Proxy 1.4.0
Product Release: June 20, 2016
Release Notes Updated: July 12, 2016
This release of IBM Aspera FASP Proxy provides the new features, fixes, and other changes listed below.
- For use with Aspera Drive, reverse proxy now supports the use of async.
- Reverse proxy TCP-port based rules. The rule property host_ip accepts an optional port number. The format is ipaddr:port. If no port is specified, ports 22 and 33001 are assumed.
ISSUES FIXED IN THIS RELEASE
#34694 - asuserdata -s does not display the <balancing> tag.
#35731 - With reverse proxy, if one transfer user has a bad SSH key setup, a connection attempt by that user will mark the backend node as failed, at which point all transfers are prevented for all users. The SSH key bug keeps the backend server as a bad server for two minutes, after which it retries that server again. Now, if the SSH key is wrong, reverse proxy no longer marks the backend server as failed.
target prot opt source destination DNAT udp -- 10.0.201.174 anywhere udp dpt:33001 /* d9829c...14545 */ to:10.0.113.54:33001With this fix, the DNAT rule would now be:
target prot opt source destination DNAT udp -- 10.0.201.174 10.0.113.53 udp dpt:33001 /* 09ba60...66de9 */ to:10.0.113.54:33001
#35902 - When reverse proxy has multiple IP interfaces, the TCP/UDP packets may fail to go to the same backend ES server. For example, this can happen when there is a source-IP-address-based load balancer between the reverse proxy and backend servers. With this fix: (1) the outgoing TCP connection now binds to the same NIC as the incoming request (the request that matches the host_ip specified in aspera.conf); and (2) the SNAT destination rule is now set to the destination IP address of the backend server.
Linux 64-bit: RedHat 6, CentOS 6, Fedora 15-20, Ubuntu 12-14, Debian 6 & 7, SLES 11, Kernel 2.6 or higher, and libc version GLIB 2.5+.
PREVIOUS RELEASE NOTES
Aspera Proxy 1.3.0 Release Notes
Aspera Proxy 1.2.2 Release Notes
Aspera Proxy 1.2.1 Release Notes
Aspera Proxy 1.1.1 Release Notes
Aspera Proxy 1.1.0 Release Notes
Aspera Proxy 1.0.3 Release Notes
Aspera Proxy 1.0,2 Release Notes
Aspera Proxy 1.0.1 Release Notes
Aspera Proxy 1.0.0 Release Notes
Aspera Proxy 0.9.1 Release Notes
md5: 3a3428a04b612a788c5cea2dc09a2579 sha1: af90c58453480294997f0728a46324d0c76446a2
md5: 4325ea1d6a23665f45acb4b17cab0843 sha1: bad4c15167a433060e4eb9908551211df90d3269
#19185 - A log file is created with proxy user permission, preventing a subsequent user from writing in it.
#34615 - Forward proxy is creating rules for UDP from SCP GUI connection, which it is not supposed to do.
#24270 - Transfers cannot be made to a server with a docroot on Azure if routed through an Aspera Proxy server.
#24012 - Rules created in reverse proxy for host_domain are not respected.
#21288 - On some Linux platforms (for example, SUSE) the iptables-restore command is not located in /sbin but /usr/sbin. Workaround: Create a symlink in /sbin for /usr/sbin/iptables-restore.
#19205 - Proxy does not support HTTP fallback.
#19185 - If you specify a directory for <log_dir>, the log file is created with 0640 permissions. As a result, not all transfers will be logged. Workaround: Once the log file has been created, change its permissions to 0660.
For on-line support resources for Aspera products, including raising new support tickets, please visit the Aspera Support Portal. Note that you may have an existing account if you contacted the Aspera support team in the past. Before creating a new account, first try setting a password for the email that you use to interact with us. You may also call one of our regional support centers.