diff --git a/ChangeLog.md b/ChangeLog.md
index 6a7b282..3e5a974 100644
--- a/ChangeLog.md
+++ b/ChangeLog.md
@@ -2,7 +2,7 @@
 
 <br>
 
-# wolfSentry Release 1.6.2 (December 29, 2023)
+# wolfSentry Release 1.6.2 (January 2, 2024)
 
 Release 1.6.2 of the wolfSentry embedded firewall/IDPS has enhancements,
 additions, and improvements including:
@@ -13,16 +13,24 @@ In scripts and Makefile, interpreters (`bash` and `awk`) now follow search `PATH
 
 Change type of length argument to `wolfsentry_action_res_assoc_by_name()` to `int`, to allow it to accept `WOLFSENTRY_LENGTH_NULL_TERMINATED` (negative number).
 
+Makefile option `STRIPPED` has been split into `STRIPPED` and `FUNCTION_SECTIONS`, the latter directing the compiler and linker to cull any unused object code (with function granularity) to minimize total size.
+
 ## Bug Fixes, Cleanups, and Debugging Aids
 
 In `handle_route_endpoint_clause()`, add casts to work around an implicit-promotion bug in gcc-7.5.
 
+In `wolfsentry_route_table_max_purgeable_idle_time_get()` and `_set()`, don't use atomic operations, as the context is already locked and the operand is an `int64_t`.  This avoids an inadvertent dependency on software __atomic_load_8() and __atomic_store_8() on 32 bit targets.
+
 Various fixes for benign `cppcheck` reports (`duplicateCondition`, `unsignedLessThanZero`, `unreadVariable`, `invalidPrintfArgType_uint`, `invalidPrintfArgType_sint`, `shadowFunction`, `constVariablePointer`, `preprocessorErrorDirective`).
 
 ## Self-Test Enhancements
 
 Add `replace_rule_transactionally()`, now used in `test_static_routes()` for a thorough workout.
 
+Enhance `freertos-arm32-build-test` target to do two builds, one with and one without `FUNCTION_SECTIONS`, for more thorough coverage.
+
+In `test_lwip()` (`tests/unittests.c`), pass a trivial JSON config to `activate_wolfsentry_lwip()`, to avoid compiler optimizing away `wolfsentry_config_json_oneshot()` and its dependencies.
+
 Split cppcheck-analyze recipe into cppcheck-library, cppcheck-force-library, cppcheck-extras, and cppcheck-force-extras, with increased coverage.  Only cppcheck-library and cppcheck-extras are included in the "check-all" dependency list.
 
 <br>
diff --git a/Makefile b/Makefile
index 72b559b..52b4efa 100644
--- a/Makefile
+++ b/Makefile
@@ -209,8 +209,12 @@ endif
 
 ifdef STRIPPED
     DEBUG :=
+    LDFLAGS += -Wl,--strip-all
+endif
+
+ifdef FUNCTION_SECTIONS
     CFLAGS += -ffunction-sections -fdata-sections
-    LDFLAGS += -Wl,--gc-sections -Wl,--strip-all
+    LDFLAGS += -Wl,--gc-sections
 endif
 
 .PHONY: all
diff --git a/Makefile.analyzers b/Makefile.analyzers
index 3db108c..80ed938 100644
--- a/Makefile.analyzers
+++ b/Makefile.analyzers
@@ -547,8 +547,14 @@ freertos-arm32-build-test:
 	@[ -d $(LWIP_TOP_FOR_TEST)/. ] || ( echo '$@: $(LWIP_TOP_FOR_TEST) not found.' >&2; exit 1)
 	@command -v arm-none-eabi-gcc >/dev/null || ( echo '$@: arm-none-eabi-gcc not found.' >&2; exit 1)
 	@rm -rf "$(BUILD_PARENT)/wolfsentry-freertos-arm32-test-builds"
-	@$(MAKE) $(EXTRA_MAKE_FLAGS) $(QUIET_FLAG) -f $(THIS_MAKEFILE) VERY_QUIET=1 BUILD_TOP="$(BUILD_PARENT)/wolfsentry-freertos-arm32-test-builds" HOST=arm-none-eabi RUNTIME=FreeRTOS-lwIP FREERTOS_TOP=$(FREERTOS_TOP_FOR_TEST) LWIP_TOP=$(LWIP_TOP_FOR_TEST) EXTRA_CFLAGS+='-mthumb -mcpu=cortex-m7 -specs=nano.specs -Wno-inline' NO_STDIO_STREAMS=1 '$(BUILD_PARENT)/wolfsentry-freertos-arm32-test-builds/tests/test_lwip' UNITTEST_LIST=test_lwip OPTIM='-Os' DEBUG= STRIPPED=1
-	@TEST_LWIP_SZ=$$(stat --format='%s' '$(BUILD_PARENT)/wolfsentry-freertos-arm32-test-builds/tests/test_lwip'); if [[ "$$TEST_LWIP_SZ" -gt 60000 ]]; then echo "$(BUILD_PARENT)/wolfsentry-freertos-arm32-test-builds/tests/test_lwip is unexpectedly large ($$TEST_LWIP_SZ bytes)."; exit 1; fi
+#	first build without FUNCTION_SECTIONS=1 to detect any bloat or unresolved symbols anywhere in the library.
+	@$(MAKE) $(EXTRA_MAKE_FLAGS) $(QUIET_FLAG) -f $(THIS_MAKEFILE) VERY_QUIET=1 BUILD_TOP="$(BUILD_PARENT)/wolfsentry-freertos-arm32-test-builds" HOST=arm-none-eabi RUNTIME=FreeRTOS-lwIP FREERTOS_TOP=$(FREERTOS_TOP_FOR_TEST) LWIP_TOP=$(LWIP_TOP_FOR_TEST) EXTRA_CFLAGS+='-mthumb -mcpu=cortex-m7 -specs=nano.specs -Wno-inline' NO_STDIO_STREAMS=1 '$(BUILD_PARENT)/wolfsentry-freertos-arm32-test-builds/tests/test_lwip' UNITTEST_LIST=test_lwip OPTIM='-Os' STRIPPED=1
+	@TEST_LWIP_SZ=$$(stat --format='%s' '$(BUILD_PARENT)/wolfsentry-freertos-arm32-test-builds/tests/test_lwip'); if [[ "$$TEST_LWIP_SZ" -gt 230000 ]]; then echo "$(BUILD_PARENT)/wolfsentry-freertos-arm32-test-builds/tests/test_lwip is unexpectedly large ($$TEST_LWIP_SZ bytes)."; exit 1; fi
+	@rm -rf '$(BUILD_PARENT)/'wolfsentry-freertos-arm32-test-builds/tests/{freertos,lwip}
+	@$(MAKE) $(EXTRA_MAKE_FLAGS) $(QUIET_FLAG) -f $(THIS_MAKEFILE) VERY_QUIET=1 BUILD_TOP="$(BUILD_PARENT)/wolfsentry-freertos-arm32-test-builds" HOST=arm-none-eabi RUNTIME=FreeRTOS-lwIP FREERTOS_TOP=$(FREERTOS_TOP_FOR_TEST) LWIP_TOP=$(LWIP_TOP_FOR_TEST) EXTRA_CFLAGS+='-mthumb -mcpu=cortex-m7' UNITTEST_LIST=test_lwip clean
+#	now rebuild with FUNCTION_SECTIONS=1, to test expected text size on a parsimonious link.
+	@$(MAKE) $(EXTRA_MAKE_FLAGS) $(QUIET_FLAG) -f $(THIS_MAKEFILE) VERY_QUIET=1 BUILD_TOP="$(BUILD_PARENT)/wolfsentry-freertos-arm32-test-builds" HOST=arm-none-eabi RUNTIME=FreeRTOS-lwIP FREERTOS_TOP=$(FREERTOS_TOP_FOR_TEST) LWIP_TOP=$(LWIP_TOP_FOR_TEST) EXTRA_CFLAGS+='-mthumb -mcpu=cortex-m7 -specs=nano.specs -Wno-inline' NO_STDIO_STREAMS=1 '$(BUILD_PARENT)/wolfsentry-freertos-arm32-test-builds/tests/test_lwip' UNITTEST_LIST=test_lwip OPTIM='-Os' STRIPPED=1 FUNCTION_SECTIONS=1
+	@TEST_LWIP_SZ=$$(stat --format='%s' '$(BUILD_PARENT)/wolfsentry-freertos-arm32-test-builds/tests/test_lwip'); if [[ "$$TEST_LWIP_SZ" -gt 100000 ]]; then echo "$(BUILD_PARENT)/wolfsentry-freertos-arm32-test-builds/tests/test_lwip is unexpectedly large ($$TEST_LWIP_SZ bytes)."; exit 1; fi
 	@rm -rf '$(BUILD_PARENT)/'wolfsentry-freertos-arm32-test-builds/tests/{freertos,lwip}
 	@$(MAKE) $(EXTRA_MAKE_FLAGS) $(QUIET_FLAG) -f $(THIS_MAKEFILE) VERY_QUIET=1 BUILD_TOP="$(BUILD_PARENT)/wolfsentry-freertos-arm32-test-builds" HOST=arm-none-eabi RUNTIME=FreeRTOS-lwIP FREERTOS_TOP=$(FREERTOS_TOP_FOR_TEST) LWIP_TOP=$(LWIP_TOP_FOR_TEST) EXTRA_CFLAGS+='-mthumb -mcpu=cortex-m7' UNITTEST_LIST=test_lwip clean
 	@echo "passed: freertos-arm32-build test."
diff --git a/README.md b/README.md
index 18ee0b5..521bbce 100644
--- a/README.md
+++ b/README.md
@@ -104,7 +104,9 @@ topic.
 
 | `make` Option | Macro Option | Description |
 | -------------- | ------------ | ----------- |
-| `V` | |  Verbose `make` output <br> e.g. `make V=1 -j test` |
+| `SHELL` | | Supplies an explicit/alternative path to `bash`. |
+| `AWK` | | Supplies an explicit/alternative path to Gnu `awk`. |
+| `V` | | Verbose `make` output <br> e.g. `make V=1 -j test` |
 | `USER_MAKE_CONF` | | User-defined make clauses to include at the top of the main Makefile <br> e.g. `make -j USER_MAKE_CONF=Makefile.settings` |
 | `EXTRA_CFLAGS` | | Additional arguments to be passed verbatim to the compiler |
 | `EXTRA_LDFLAGS` | | Additional arguments to be passed verbatim to the linker |
@@ -117,6 +119,7 @@ topic.
 | `C_WARNFLAGS` | | The warning flags to use (overriding the generally applicable defaults) |
 | `STATIC` | | Build statically linked unit tests |
 | `STRIPPED` | | Strip binaries of debugging symbols |
+| `FUNCTION_SECTIONS` | | Cull any unused object code (with function granularity) to minimize total size. |
 | `BUILD_DYNAMIC` | | Build dynamically linked library |
 | `VERY_QUIET` | | Inhibit all non-error output during build |
 | `TAR` | | Path to GNU tar binary for `make dist`, should be set to `gtar` for macOS |
diff --git a/doc/wolfSentry_refman.pdf b/doc/wolfSentry_refman.pdf
index 9f450f4..243499f 100644
Binary files a/doc/wolfSentry_refman.pdf and b/doc/wolfSentry_refman.pdf differ
diff --git a/src/routes.c b/src/routes.c
index d99f9df..87e4c85 100644
--- a/src/routes.c
+++ b/src/routes.c
@@ -2073,7 +2073,7 @@ WOLFSENTRY_API wolfsentry_errcode_t wolfsentry_route_table_max_purgeable_idle_ti
     wolfsentry_time_t *max_purgeable_idle_time)
 {
     WOLFSENTRY_HAVE_A_LOCK_OR_RETURN();
-    *max_purgeable_idle_time = WOLFSENTRY_ATOMIC_LOAD(table->max_purgeable_idle_time);
+    *max_purgeable_idle_time = table->max_purgeable_idle_time;
     WOLFSENTRY_RETURN_OK;
 }
 
@@ -2083,9 +2083,7 @@ WOLFSENTRY_API wolfsentry_errcode_t wolfsentry_route_table_max_purgeable_idle_ti
     wolfsentry_time_t max_purgeable_idle_time)
 {
     WOLFSENTRY_HAVE_MUTEX_OR_RETURN();
-
-    WOLFSENTRY_ATOMIC_STORE(table->max_purgeable_idle_time, max_purgeable_idle_time);
-
+    table->max_purgeable_idle_time = max_purgeable_idle_time;
     WOLFSENTRY_RETURN_OK;
 }
 
diff --git a/tests/unittests.c b/tests/unittests.c
index ba97368..449bcfa 100644
--- a/tests/unittests.c
+++ b/tests/unittests.c
@@ -758,8 +758,10 @@ static wolfsentry_errcode_t shutdown_wolfsentry_lwip(void)
 #ifdef FREERTOS
 
 static int test_lwip(const char *json_path) {
+    static const char *trivial_json = "{ \"wolfsentry-config-version\" : 1 }";
+
     (void)json_path;
-    WOLFSENTRY_EXIT_ON_FAILURE(activate_wolfsentry_lwip(NULL, 0));
+    WOLFSENTRY_EXIT_ON_FAILURE(activate_wolfsentry_lwip(trivial_json, -1));
     WOLFSENTRY_EXIT_ON_FAILURE(shutdown_wolfsentry_lwip());
     return 0;
 }