review history: --------------------------------------------------------------------- version 1.6.12, 01-Jun-2007 First release --------------------------------------------------------------------- version 1.6.13, 18-Jun-2007 Fixed: Memory leak in BmfSrv.exe. After some time used memory can to grow. Fixed: If connection is reset and peer continues to connect again with the same addresses IP1:port1 <-> IP2:port2, then connection is dropped after several seconds. Added: After enabling NAT the console checks if routing is enabled and if Windows Firewall/Connection Sharing is enabled. This prevents to create non-functional NAT configuration. --------------------------------------------------------------------- version 1.6.14, 18-Jun-2007 Fixed: Not possible to start GUI if installed on W2K3+SP2. This error was relating only to 30-trial version. It does not exist on full unlimited version. After this fix BMF GUI cannot start on W2K3+SP1, Service Pack2 must be installed on W2K3. --------------------------------------------------------------------- version 1.6.15, 01-Jul-2007 Changed: Enhanced stability in updating system. --------------------------------------------------------------------- version 1.7.7, 01-Oct-2007 Fixed: Dropped regular TCP connections if TCP state firewall is set on wireless LAN. This bug is also reason for higher number of dropped regular TCP packets. Fixed: Creating configuration with UDP mapped ports to open ports on public NAT interface. Fixed: Removed several bugs in Console which was reason to Console hang or freezing. Changed: On filter with DNS state rule is now possible to assign bandwidth and place it below firewall. Added: Searching strings in TCP and UDP packet body. Added: HTTP protocol with searching strings in URL. Fixed: If "Connection per client" is equal to zero, BMF changes it to maximum. Zero value can be present if older configuration with FIREWALL is converted to contemporary configuration version. Changed: Added spin controls to most of edit boxes to enhance comfortability of GUI and to better check of possible ranges in settings. Changed: In console Hidding/displaying lists of strings for TCP/UDP and removing lists from simple mode. Added: Displaying drop reason in log if packet dropped by DNS. Changed: Removed unnecessary binaries from package, removed older examples and added new examples. --------------------------------------------------------------------- version 1.7.8, 17-Oct-2007 Fixed: If there is created dropping filter with rule containing prohibiting of connection direction then automatically added FIREWALL filter is not immediately visible in tree view. It it visible only in right pane and after reading configuration it appears in tree view. Changed: Removed "Prohibit connection directly to public IP" setting from TCP, UDP, ICMP. Now it is possible to set prohibiting connection direction to public IP only with help of dropping filters placed above FIREWALL filter. For users who uses one of these settings is needed to add dropping filter with rule containing connection direction for required state protocol. --------------------------------------------------------------------- version 1.7.9, 21-Oct-2007 Changed: Updated manual. --------------------------------------------------------------------- version 1.8.1, 27-Oct-2007 Added: In UDP rules placed below FIREWALL can be overriden default UDP timeout. This timeout applies on every UDP connection caught by such rule. It is useful for example for rule which catches command channel for SIP protocol thus avoiding high UDP default timeout for other UDP connection. --------------------------------------------------------------------- version 1.9.2, 08-Nov-2007 Changed: Format of configuration file. Changed: Displaying of rules. Removed "Opposite" button and double controls. In rule is specified half-duplex or full-duplex mode: Inner->Outer, Inne<-Outer or Inner<->Outer. Rule can be defined more simply now. Changed: TCP/UDP ports are now defined in lists which can contain single ports and port ranges and there can be defined up to 128 items instead of 9. Changed: Removed simple/advanced mode setting. Added: New icons and other GUI enhancements relating to new way for setting rules. Added: In UDP rules placed below FIREWALL can be overriden default UDP timeout. This timeout applies on every UDP connection caught by such rule. It is useful for example for rule which catches command channel for SIP protocol thus avoiding high UDP default timeout for other UDP connection. --------------------------------------------------------------------- version 1.9.3, 10-Nov-2007 Fixed: Errors in GUI. Fixed: Cannot import older configuration file with cfg version less than 8. Changed: Adjusted displaying of IP protocol from old style: single/range/list to new list of single IP/ranges od IP. Changed: Updated manual. Added: Menu commands for importing examples in "Configuration" menu. --------------------------------------------------------------------- version 1.9.4, 27-Nov-2007 Changed: Connection direction setting in TCP/UDP/ICMP can be used not only in dropping filters but also in permitting filters for managing bandwidth. Added: Support for P2P protocols. --------------------------------------------------------------------- version 1.9.5, 28-Nov-2007 Fixed: Bug in GUI which prohibits to override default UDP timeout for rule. --------------------------------------------------------------------- version 1.9.8, 05-Dec-2007 Added: Context menu in tree view and in list views. It provides better confortability in creating configuration. --------------------------------------------------------------------- version 1.9.9, 17-Dec-2007 Fixed: Problem to add new IP addresses into IP address list. Fixed: Not all protocol items in created rule can be focused by TAB key. Changed: If used HTTP rule with URL does not catch TCP handshaking and closing of TCP connection, it catches only HTTP request. HTTP rule with URL now catches TCP handshaking and closing of TCP connection so now it is usable also in paranoid firewall configuration. Changed: For every log category there exist separate log file. This prevent overwritting older events by new events of different category. Changed: Removed Log Settings subdialog from Options dialog and adding log properties into context menu and View menu. --------------------------------------------------------------------- version 1.9.10, 22-Dec-2007 Fixed: If only UDP protocol is added into rule then filtering by port is not functional. Fixed: Not possible to apply configuration if in tree view is selected: Interface, Rules or FIREWALL. If selected other items, applying is possible. --------------------------------------------------------------------- version 1.9.11, 24-Dec-2007 Fixed: Exchanged buttons for deleting Packets log and Bandwidth log. Fixed: Errors in GUI. Changed: Searching strings in TCP/UDP packet body was done for all packets even packets with zero data size so in this case searching was evaluated like unsuccessful. Now there is not applied searching to TCP segments or UDP datagrams with zero data size. This is relating to TCP segments in time of opening/closing connection or empty ACK TCP segments. Added: TCP idle connection timeout can be overriden in rule with TCP protocol. --------------------------------------------------------------------- version 1.10.1, 27-Dec-2007 Fixed: Exchanged buttons for deleting Packets log and Bandwidth log. Fixed: Errors in GUI. Changed: P2P on TCP and HTTP rules placed in dropping filter causes dropping TCP connection. This feature was removed. Changed: Searching strings in TCP/UDP packet body was done for all packets even for packets with zero data size and in this case searching was evaluated like unsuccessful. Now searching is not applied if TCP segments or UDP datagrams has zero data size. This is relating to opening/closing TCP connection or empty TCP ACK segments. Added: There was added combo box into rule for reseting or dropping TCP connection by user choice. This combo box is visible only if type of parent filter is dropping. If some packet is caught by such rule then it's TCP connection is reset or dropped. It is also valid for prohibiting TCP connection direction. User can now to select if TCP SYN packet is only dropped or TCP RST packet is sent back to client. Added: TCP idle connection timeout can be overriden in rule with TCP protocol. --------------------------------------------------------------------- version 2.1.3, 25-Mar-2008 Added: Support for Windows Vista 32-bit. Added: DHCP Server. --------------------------------------------------------------------- version 2.1.4, 13-Apr-2008 Fixed: Problem with automatic creating configuration files by DHCP service on W2K,WXP,W2K3. Fixed: GUI error in DHCP user interface. Added: GUI enhancements in DHCP user interface. --------------------------------------------------------------------- version 2.1.6, 10-May-2008 Fixed: After new record in error log DHCP stops and it's icons changed to disabled state. Changed: DHCP leases displays static leases - reservations by MAC address. Added: 64-bit version. --------------------------------------------------------------------- version 2.1.7, 26-May-2008 Fixed: Bug in GUI when displayed Rule then background is not correctly redrawed. Changed: When defining new subnet in DHCP then console prompts to set DHCP server address by DHCP server option local-address. Thhis helps to avoid problems when DHCP server has public IP address and sends DHCP packets to private network through filtered public interface. --------------------------------------------------------------------- version 2.1.9, 28-Jul-2008 Fixed: Problem to restart DHCP server. Fixed: Log is not functional in BMF version for 64-bit systems. There appears error message: "Log file is damaged". Changed: When network interface was disabled it's icon with configuration subtree was consequently removed from console tree. Now interface icon only changes to disabled state and it stays in the tree thus allowing to continue editing configuration also on disabled interface. Added: Remote administration. --------------------------------------------------------------------- version 2.1.10, 01-Aug-2008 Fixed: Some problems with remote administration. --------------------------------------------------------------------- version 2.2.1, 1-Sep-2008 Fixed: Problem with reordering columns. Other GUI errors. Added: Filtering and sorting mode, summary for analyzing logs, current network traffic and Tcp/Udp connections. Added: Connections log for logging opening/closing TCP/UDP connections FTP command/data channel and HTTP URL requests. Added: Management console remembers sizes of panes and last active item after restarting. Added: Support for BMF SDK. --------------------------------------------------------------------- version 2.2.2, 10-Sep-2008 Fixed: Critical error on W2K3 64-bit. Blue screen may appear after starting Bmf Console and when used HTTP rules or searching strings in packets. Fixed: Several problems relating to remote administration. Bmf service or Console may crash when some actions are executed from remote administration console or when network interfaces of some types are changing enable/disable state. Fixed: Connections log may display malformed text in URP host column for UDP connections and other GUI non-critical bugs. Changed: Speed optimization of some actions in remote administration mode. Changed: DHCP icon states enabled/disabled are now functional also when several users starts/stops DHCP server. Added: Support for Windows Server 2008. --------------------------------------------------------------------- version 2.3.1, 19-Sep-2008 Fixed: Problems to set large amount of HTTP URL addresses (approximatelly more than 100). Added: Enhancements in filtering by HTTP URL: Import/export of HTTP URL list from/to text file, moving of URL up/down, support for character '%' for example "www.server.com/%61%62%63" is equal to "www.server.com/abc". --------------------------------------------------------------------- version 2.3.2, 22-Sep-2008 Changed: Security enhancements in driver. This fix is relating to case when some other network driver is buggy or it communicates with other drivers by non-standard way. --------------------------------------------------------------------- version 2.4.1, 22-Oct-2008 Changed: Reset counters is now possible only with FUP and not in log settings. Changed: Every reset counters by FUP is stored into Bandwidth log. Added: Filtering logs by date range. Added: Displaying gprahps in Bandwidth log. --------------------------------------------------------------------- version 2.4.2, 10-Nov-2008 Fixed: Incorrectly displayed MAC address in logs. Added: Support for sending FUP notification mails through Exim mail server and MS Exchange. Added: Changing properties on multiple filter selections. Added: Columns "Inner" and "Outer" in Connections log and "Placement" in Security log. Added: Copying of right-clicked log cell into clipboard. Added: Creating new filter with rule containing MAC or IP address from log cell after right-click on MAC or IP address in log. --------------------------------------------------------------------- version 2.4.3, 12-Nov-2008 Fixed: Problems to set filter properties in "Filter Properties" dialog in case of multiselection. Fixed: Filter added from log cell context menu may contain target IP on not right side. Changed: Only Outer MAC addresses are available for creating new filter from log cell context menu. In case of inner MAC, menu item is disabled. --------------------------------------------------------------------- version 2.5.1, 20-Nov-2008 Fixed: Dropped sent packets are not recorded in Packets log. Added: Multiple NATs. Every NAT have it's own public IP address, private subnets, mapped and reserved TCP/UDP ports. --------------------------------------------------------------------- version 2.6.1, 12-Dec-2008 Fixed: Dialog "Connect to remote host" contains too small edit box for IP address. Changed: GUI changes in FIREWALL and more comfortable GUI settings for multiple NATs. Added: IP address and TCP port redirection. This feature provides redirecting of TCP connections. --------------------------------------------------------------------- version 2.6.2, 19-Dec-2008 Fixed: Several errors in BmfCons.exe relating to multiple NAT configuration. --------------------------------------------------------------------- version 2.6.3, 05-Jan-2009 Fixed: Problems with some GUI controls when DPI settings changed in Display Properties dialog. Fixed: Problem with copying graph into clipboard and other GUI errors. Changed: Significant maximal network speed enhancement mainly in case of high number of TCP connections. --------------------------------------------------------------------- version 2.7.1, 08-Apr-2009 Fixed: On Vista x64 and W2K8 x64 is due to default MSI feature automatically trigerred installation repair when GUI is started by another administrator account than account which was product installed under. Fixed: In case when large filtered log is displayed, processing cannot be stopped by close button on progress bar and user must wait to the end of command processing. Fixed: When logging of opening/closing connection is set in some filter other than FIREWALL, client IP and server IP are displayed reversal. Fixed: Sumary graphs have not calculated first bandwidth value from table. Fixed: Configuration examples cannot be imported. Fixed: GUI bugs. Changed: Log filtering and sorting is quicker from 50% to 90%. Changed: Log filter supports filtering with conditions < > = for all number columns and wildcards filtering for all text columns. Changed: Checking of operating system service pack number on product installation and GUI startup. Added: Support for filtering by Windows usernames, computernames, groupnames, OU names in MS Active Directory domains, Linux Samba NT domains and stand-alone servers. --------------------------------------------------------------------- version 2.7.2, 22-May-2009 Fixed: GUI bugs. Fixed: Active Directory (AdDatab) service may unexpectedly stop. Fixed: Bad values for "Protocol Name" columns in Packets log. Added: Syntax checking for Active Directory names. Added: Speed optimization for x64 version of driver for multicore processors. BMF was appreciated by Intel (R) with logos: Runs Great on Intel Core Duo Runs Great on Intel Core Quad Runs Great on Intel Xeon --------------------------------------------------------------------- version 2.7.3, 21-Aug-2009 Fixed: If enabled ICMP protocol types then it has enabled automatically also NEGATION and not possible o disable it. Fixed: When used theme other than Windows Standard or Windows Vista Basic then some IP address fields cannot accept more than two digits. Fixed: GUI bugs. Added: Automatic adding of ARP,RARP filter if needed. Added: Native and more powerful driver for Vista/2008. --------------------------------------------------------------------- version 2.7.4, 15-Sep-2009 Fixed: Vista/W2K8 x86 and x64 driver did not support dialup interfaces and optical interfaces. --------------------------------------------------------------------- version 2.8.1, 20-Nov-2009 Added: Support for Windows 7 and Windows Server 2008 R2. Added: Setting directory path for all logs. Added: Archiving of logs with possible periods: hourly, daily, weekly or monthly. --------------------------------------------------------------------- version 2.8.2, 23-Dec-2009 Fixed: Problem to redirect inbound TCP connection to local machine when target port is changed. --------------------------------------------------------------------- version 2.8.3, 12-Feb-2010 Fixed: When log filter is switched off, log viewer sometimes does not display all events in log. Fixed: Auto update does not starts automatically. Added: URL logging for HTTP rules in packet mode. Added: Support for "CONNECT" HTTP method used for HTTPS connections through web proxy server. --------------------------------------------------------------------- version 2.9.1, 16-Mar-2010 Added: Scheduler for filters. Activating or deactivating filters by selected days, hours and minutes. Fixed: Firewall may send invalid TCP RST with bad acknowledge number in some cases. --------------------------------------------------------------------- version 2.9.2, 28-May-2010 Added: New column in Filters view. Displaying of state active/inactive by scheduler state for every filter. Added: Autoupdate of product's manual.