review history: --------------------------------------------------------------------- version 1.6.12, 01-Jun-2007 First release --------------------------------------------------------------------- version 1.6.13, 18-Jun-2007 Fixed: Memory leak in BmfSrv.exe. After some time used memory can to grow. Fixed: If connection is reset and peer continues to connect again with the same addresses IP1:port1 <-> IP2:port2, then connection is dropped after several seconds. Added: After enabling NAT the console checks if routing is enabled and if Windows Firewall/Connection Sharing is enabled. This prevents to create non-functional NAT configuration. --------------------------------------------------------------------- version 1.6.14, 18-Jun-2007 Fixed: Not possible to start GUI if installed on W2K3+SP2. This error was relating only to 30-trial version. It does not exist on full unlimited version. After this fix BMF GUI cannot start on W2K3+SP1, Service Pack2 must be installed on W2K3. --------------------------------------------------------------------- version 1.6.15, 01-Jul-2007 Changed: Enhanced stability in updating system. --------------------------------------------------------------------- version 1.7.7, 01-Oct-2007 Fixed: Dropped regular TCP connections if TCP state firewall is set on wireless LAN. This bug is also reason for higher number of dropped regular TCP packets. Fixed: Creating configuration with UDP mapped ports to open ports on public NAT interface. Fixed: Removed several bugs in Console which was reason to Console hang or freezing. Changed: On filter with DNS state rule is now possible to assign bandwidth and place it below firewall. Added: Searching strings in TCP and UDP packet body. Added: HTTP protocol with searching strings in URL. Fixed: If "Connection per client" is equal to zero, BMF changes it to maximum. Zero value can be present if older configuration with FIREWALL is converted to contemporary configuration version. Changed: Added spin controls to most of edit boxes to enhance comfortability of GUI and to better check of possible ranges in settings. Changed: In console Hidding/displaying lists of strings for TCP/UDP and removing lists from simple mode. Added: Displaying drop reason in log if packet dropped by DNS. Changed: Removed unnecessary binaries from package, removed older examples and added new examples. --------------------------------------------------------------------- version 1.7.8, 17-Oct-2007 Fixed: If there is created dropping filter with rule containing prohibiting of connection direction then automatically added FIREWALL filter is not immediately visible in tree view. It it visible only in right pane and after reading configuration it appears in tree view. Changed: Removed "Prohibit connection directly to public IP" setting from TCP, UDP, ICMP. Now it is possible to set prohibiting connection direction to public IP only with help of dropping filters placed above FIREWALL filter. For users who uses one of these settings is needed to add dropping filter with rule containing connection direction for required state protocol. --------------------------------------------------------------------- version 1.7.9, 21-Oct-2007 Changed: Updated manual. --------------------------------------------------------------------- version 1.8.1, 27-Oct-2007 Added: In UDP rules placed below FIREWALL can be overriden default UDP timeout. This timeout applies on every UDP connection caught by such rule. It is useful for example for rule which catches command channel for SIP protocol thus avoiding high UDP default timeout for other UDP connection. --------------------------------------------------------------------- version 1.9.2, 08-Nov-2007 Changed: Format of configuration file. Changed: Displaying of rules. Removed "Opposite" button and double controls. In rule is specified half-duplex or full-duplex mode: Inner->Outer, Inne<-Outer or Inner<->Outer. Rule can be defined more simply now. Changed: TCP/UDP ports are now defined in lists which can contain single ports and port ranges and there can be defined up to 128 items instead of 9. Changed: Removed simple/advanced mode setting. Added: New icons and other GUI enhancements relating to new way for setting rules. Added: In UDP rules placed below FIREWALL can be overriden default UDP timeout. This timeout applies on every UDP connection caught by such rule. It is useful for example for rule which catches command channel for SIP protocol thus avoiding high UDP default timeout for other UDP connection. --------------------------------------------------------------------- version 1.9.3, 10-Nov-2007 Fixed: Errors in GUI. Fixed: Cannot import older configuration file with cfg version less than 8. Changed: Adjusted displaying of IP protocol from old style: single/range/list to new list of single IP/ranges od IP. Changed: Updated manual. Added: Menu commands for importing examples in "Configuration" menu. --------------------------------------------------------------------- version 1.9.4, 27-Nov-2007 Changed: Connection direction setting in TCP/UDP/ICMP can be used not only in dropping filters but also in permitting filters for managing bandwidth. Added: Support for P2P protocols. --------------------------------------------------------------------- version 1.9.5, 28-Nov-2007 Fixed: Bug in GUI which prohibits to override default UDP timeout for rule. --------------------------------------------------------------------- version 1.9.8, 05-Dec-2007 Added: Context menu in tree view and in list views. It provides better confortability in creating configuration. --------------------------------------------------------------------- version 1.9.9, 17-Dec-2007 Fixed: Problem to add new IP addresses into IP address list. Fixed: Not all protocol items in created rule can be focused by TAB key. Changed: If used HTTP rule with URL does not catch TCP handshaking and closing of TCP connection, it catches only HTTP request. HTTP rule with URL now catches TCP handshaking and closing of TCP connection so now it is usable also in paranoid firewall configuration. Changed: For every log category there exist separate log file. This prevent overwritting older events by new events of different category. Changed: Removed Log Settings subdialog from Options dialog and adding log properties into context menu and View menu. --------------------------------------------------------------------- version 1.9.10, 22-Dec-2007 Fixed: If only UDP protocol is added into rule then filtering by port is not functional. Fixed: Not possible to apply configuration if in tree view is selected: Interface, Rules or FIREWALL. If selected other items, applying is possible. --------------------------------------------------------------------- version 1.9.11, 24-Dec-2007 Fixed: Exchanged buttons for deleting Packets log and Bandwidth log. Fixed: Errors in GUI. Changed: Searching strings in TCP/UDP packet body was done for all packets even packets with zero data size so in this case searching was evaluated like unsuccessful. Now there is not applied searching to TCP segments or UDP datagrams with zero data size. This is relating to TCP segments in time of opening/closing connection or empty ACK TCP segments. Added: TCP idle connection timeout can be overriden in rule with TCP protocol. --------------------------------------------------------------------- version 1.10.1, 27-Dec-2007 Fixed: Exchanged buttons for deleting Packets log and Bandwidth log. Fixed: Errors in GUI. Changed: P2P on TCP and HTTP rules placed in dropping filter causes dropping TCP connection. This feature was removed. Changed: Searching strings in TCP/UDP packet body was done for all packets even for packets with zero data size and in this case searching was evaluated like unsuccessful. Now searching is not applied if TCP segments or UDP datagrams has zero data size. This is relating to opening/closing TCP connection or empty TCP ACK segments. Added: There was added combo box into rule for reseting or dropping TCP connection by user choice. This combo box is visible only if type of parent filter is dropping. If some packet is caught by such rule then it's TCP connection is reset or dropped. It is also valid for prohibiting TCP connection direction. User can now to select if TCP SYN packet is only dropped or TCP RST packet is sent back to client. Added: TCP idle connection timeout can be overriden in rule with TCP protocol. --------------------------------------------------------------------- version 2.1.3, 25-Mar-2008 Added: Support for Windows Vista 32-bit. Added: DHCP Server. --------------------------------------------------------------------- version 2.1.4, 13-Apr-2008 Fixed: Problem with automatic creating configuration files by DHCP service on W2K,WXP,W2K3. Fixed: GUI error in DHCP user interface. Added: GUI enhancements in DHCP user interface. --------------------------------------------------------------------- version 2.1.6, 10-May-2008 Fixed: After new record in error log DHCP stops and it's icons changed to disabled state. Changed: DHCP leases displays static leases - reservations by MAC address. Added: 64-bit version. --------------------------------------------------------------------- version 2.1.7, 26-May-2008 Fixed: Bug in GUI when displayed Rule then background is not correctly redrawed. Changed: When defining new subnet in DHCP then console prompts to set DHCP server address by DHCP server option local-address. Thhis helps to avoid problems when DHCP server has public IP address and sends DHCP packets to private network through filtered public interface. --------------------------------------------------------------------- version 2.1.9, 28-Jul-2008 Fixed: Problem to restart DHCP server. Fixed: Log is not functional in BMF version for 64-bit systems. There appears error message: "Log file is damaged". Changed: When network interface was disabled it's icon with configuration subtree was consequently removed from console tree. Now interface icon only changes to disabled state and it stays in the tree thus allowing to continue editing configuration also on disabled interface. Added: Remote administration. --------------------------------------------------------------------- version 2.1.10, 01-Aug-2008 Fixed: Some problems with remote administration.