Version 5.0 Katyusha

New in version 5.0 Katyusha - Katyusha is a weapon of victoy in World War II - BM-13 mass rocket launcher that has the imposition of one blast wave on another increases the destructive effect several times. First usage of Katyusha took place on July 14, 1941, destroying the German echelons near Orsha. During the war, about 10,000 Katyushas were produced.

  1. Added Carrier Grade NAT

Version 5.1

  1. URL blocking with any starts (like *.domain.org/path). Added in black, white and RKN list.
  2. Added parameter emit_duplication, useful for out of line DPI schema blocking

Version 5.2:

  1. Fixed fragmented http requests detection
  2. Fixed CGNAT error that limit income trafic

Version 5.2.1:

  1. Fixed CGNAT check sum correction that not working correctly for several IP address combinations

Version 5.3:

  1. Added SNI support in wite and black list for HTTPS and QUIC
  2. Added SNI blocking in the ads block (now possible block ads in youtube)
  3. Added hostname HTTPS and QUIC into clickstream
  4. Added * for blocking with mask on start of URL (*.domail.com/path)

Version 5.4 (5.3-101):

  1. Fixed check order in URL blocking for white and black lists: 1-st step SNI check, if no SNI or host is not in SNI list then check on IP/CNAME list
  2. Fixed IPFIX export of hostname in HTTPS and QUIС
  3. Added automatic exluding of white IP from CGNAT service

Version 5.5.1:

  1. Improved hostname detaction in HTTPS
  2. Added IPFIX metadata exort acording SORM-3 (PPRF №538)

Version 5.6.1:

  1. Added POST requests to clickstream
  2. Fixed MAC address error in RST packets to the subscriber side when SNI blocking that for several routed blocked traffic

Version 5.7 и 5.7.1:

  1. Fixed CG-NAT errors (in 5.7.1 for multicluster systems)
  2. Added HTTP block by IP:PORT (for proxy blocking in general mode)

To check current installed version use command: 

yum info fastdpi

Rollback to 5.3: 

yum downgrade fastdpi-5.3

After upgrade or version change restar of service is required: 

service fastdpi restart

:!: Do not upgrade Linux core to prevent bunary incompatibility with Kernel ABI and DNA drivers. If you upgraded the Linux core then for temporary problem solution use the setting in gub to load previous Linux core (in file /etc/grub.conf set default=1).