Gaia Restricted Shell

A Gaia device is usually managed using a restricted shell.

• Only the utilities needed to manage Check Point products are allowed.

  Where appropriate, these utilities were wrapped with code to disable some of the unnecessary options.

  The utilities are also made simpler to use.

• No special characters are supported. Only numbers, letters, space and tab. No piping is enabled.

• "Expert" mode, which requires an additional password, provides access to the regular Linux shell (bash).

Kernel Changes

These modifications were made to the 2.6.18 kernel:

• Patches for the newer ixgbe, ixgbevf, igb, e1000e, and e1000 network interface drivers, used by Intel Network Interface Cards.

• Fixes for the igb and ixgbe network interface drivers.

• Switch the default to asymmetric RSS hash for igb and ixgbe network interface drivers.

• Fixes for the ACENIC ethernet drivers to work around High Availability problems.

• Fixes for the sis900 driver.

• Patch for newer SCSI Host adapters drivers, used by Adaptec (ULTRA320 including AICs).

• Patches for Broadcom NIC drivers.

• Internal debugger patch (kdb).

• Add skb double free detection and skb leaking detection instrumentation code.

• Kernel crash dump patch.

• Increased speed of routing table lookup.

• Added VRF routing abilities for VSX Virtual Systems.

• Patch for KVM to support emulation.

• Support for BGP MD5 Signature Option (RFC 2385).

• Performance fixes for the virtio_net driver.

• Performance enhancement in the memory infrastructure for packet inspection in the user space.