Home Page,
Help Page,
Support,
Download the HOSTS
and the HELP files
![[Back]](http://v2.nat32.com/back.gif)
+----------------------------------------------------------------+
| NAT32 VERSION 2.2 BUILD 22234 16. November, 2015 |
+----------------------------------------------------------------+
| |
| NAT32 Version 2.2 IP Router for Windows 7, 8 and 10. |
| |
| (C) 2015 NAT Software, Australia |
| |
+----------------------------------------------------------------+
| |
| ***************** IMPORTANT NOTICE ***************** |
| * * |
| * Windows XP versions are still available on request. * |
| * * |
| ******************************************************** |
+----------------------------------------------------------------+
NAT32 Version 2.2 is a Windows application that provides Internet
Connection Sharing and Routing, DHCP and DNS Services, Wireless
Access Point services and Connection Aggregation for multiple LAN,
WAN, WLAN, WWAN, VPN and Bluetooth connections.
NAT32 Version 2.2 runs on ALL current 32-bit and 64-bit platforms,
including most Server and Embedded editions and is ideally suited
for use as a supplementary router in home and office networks.
A flexible DNS Analyser protects all machines against undesirable
Internet content such as malware, tracking and advertising.
+----------------------------------------------------------------+
| |
| LICENCE |
| |
| NAT32 Version 2.2 is available as a free evaluation version |
| for home and educational use. The evaluation version is fully |
| functional and includes the needed device driver otherwise |
| obtainable from: |
| |
| http://www.ntkernel.com |
| |
| The driver has its own installer and appears in the System as |
| the NDISRD Service. |
| |
| The registered version includes a licensed copy of the driver |
| that can be automatically installed when NAT32 first runs. |
| The driver appears in the System as the NETBOX Service. |
| |
| Redistribution of either version without prior written consent |
| from the NAT32 Author is STRICTLY FORBIDDEN. |
| |
+----------------------------------------------------------------+
+----------------------------------------------------------------+
| |
| BE SURE to download the help2.zip file from: |
| |
| http://www.nat32.com/download2/help2.zip |
| |
| and then unzip it into your NAT32v2 directory. |
| This file contains not only help files, but also |
| script files for many of NAT32's advanced features. |
| |
| BE SURE to download the hosts.zip file from: |
| |
| http://www.nat32.com/download2/hosts.zip |
| |
| and then unzip it into your NAT32v2 directory. |
| This file contains the HOSTS.INI file needed to |
| block known malware and tracking sites. |
| |
+----------------------------------------------------------------+
What's New in each release (by most recent day of the month)
------------------------------------------------------------
November, 2015 ***** [CURRENT BUILD 22234] *****
***** [CURRENT DRIVER 3.2.4] *****
***** [New HELP2.ZIP file] *****
16 NEW FEATURE: Environment variable "userid" added. When 1,
admin checks require unique User IDs. When 0, the same
User ID can be used for multiple machines.
13 NEW FEATURE: The dhcpd command now accepts a 5th argument
that specifies the level of DNS checking to be applied to
requests from the specified host.
Allowed values are:
"all" (all checks done)
"hosts" (only host checks done)
"none" (no checks done).
12 DNSD privilege mechanism enhanced. The DNSD command now
understands the checking levels: all, hosts, none.
Command "set" now accepts "" or 0 for IP string vars.
Shell now allows empty args (e.g. "").
Function copy_routes() now uses the Windows metric when
adding RIP-advertised routes.
8 File nat32.js modified.
File script/app: Lines can begin with a # (Comment)
The dnsd command now allows a security level to be set
for a specified host IP address. Levels are as follows:
0 Do ALL name checks (the default)
1 Do hosts.ini checks only
9 Do NO checks at all
Global flag "dnsc" added. Values are as above and apply
to all clients that have no entry in the DNS Client table.
October, 2015 ***** [CURRENT BUILD 22232] *****
***** [CURRENT DRIVER 3.2.4] *****
22 Minor Changes:
Function p32open() was calling getnam() instead of
getpname() in error messages.
Minor error in unixutil() line #90 corrected.
Minor error in in x_log.c line #19 corrected.
The DHCPD now honors a specified offset only for DISCOVERs
with no code 50 IP address.
Default DHCPD lease duration is again 7 days.
BUGFIX: The buffer size used by the browser devices has
been increased to 8*64K (webinit.c line #35).
The same increase was done in edit.c line #521.
13 Minor Updates:
Minor changes in wupnpd.
NEW FEATURE: Command htest now accepts an argument
specifying how many times a name should be looked up.
This gives more accurate time estimates for the lookup.
NEW FEATURE: The arping command now resolves Vendor IDs
for MAC addresses, if a file mac.txt or mac.ini exists.
The supplied mac.ini file is based on the manuf file
distributed with Wireshark.
--------------------------------------------
***** IMPORTANT NOTE for OpenVPN users *****
--------------------------------------------
Some versions of the TAP-WIN32 driver on some platforms
were causing NAT32 exit to fail if the adapter was set to
report its Media Status as Always Connected rather than as
Application Controlled.
6 Minor Updates:
A black-list entry containing a ^ character must be in
quotes.
Udptime server fixed.
Udpdtime server added (UDP Daytime Service).
Default DHCPD lease duration is now 1 day (86400 sec).
Monitor dialog box modified to allow clearing of the
entire list.
Various web pages updated.
September, 2015 ***** [CURRENT BUILD 22232] *****
***** [CURRENT DRIVER 3.2.3] *****
29 NEW FEATURE: The DNSRD now treats black-listed names that
start with ^ differently. A strcmp() is done instead of a
strstr() in this case.
BUGFIX: The rasin thread now discards incoming packets if
the number of buffers in the pool reaches 10.
28 NEW FEATURE: The DNSRD now checks for long DNS labels and
blocks names with a starting label longer than dnsl bytes.
The dnsl variable is initially 40 bytes and has a maximum
value of 63.
26 BUGFIX: DHCPD modified to mark a declined entry as
unavailable for 60 sec rather than just 10 sec. This fixed
the duplicate address problem.
24 BUGFIX: DHCPD modified to offer a different address each
time a particular address is declined.
20 MODIFIED: Connections can now be dialed via a web page.
RasDial() is now used rather than RasDialDlg().
MODIFIED: DHCPD now always broadcasts OFFERs and ACKs.
This was needed because some clients do not set flags
correctly.
MODIFIED: Function log() now prints more diagnostic
information if a log file can't be opened.
18 BUGFIX: WINIO modified to fix resizing bugs.
17 DHCPD modified as follows:
Unicast behaviour changed, NACK behaviour changed.
Function request() no longer calls arp_send() to check
the requested IP.
12 NEW FEATURE: The DNS lookup functions now check the WHOST
table. The DHCPD now adds an entry to that table after
sending an ACK to a REQUEST. This fix is particularly
useful for LINUX-based devices.
9 Various string functions modified to ensure VS2015
compatibility. Note the sprintfx.cpp and vsprntfd.c
modifications.
8 BUGFIX: The DHCPD now adds an ARP entry before sending an
OFFER, ACK or NACK. This allows devices that do
not set the BROADCAST flag in DISCOVER and REQUEST
packets to work correctly.
BUGFIX: Function inetin() now passes mapped packets to
NAT32 regardless of source, if a mapping exists.
7 BUGFIX: Portmap send_ack() error fixed.
An ARP request for IP destination instead of
IP nexthop was being sent.
BUGFIX: Honeypot serve_real_content() fixed.
The request length is now checked.
BUGFIX: See all the 5.9.2015 notes relating to udpsend(),
ipsend, and their callers.
4 NEW FEATURE: The httpd_proxy environment variable now
allows (1) or diallows (0) HTTPD proxy behaviour.
3 BUGFIX: DHCPD was sometimes not responding to request.
2 A new WinPkFilter Driver Version 3.2.4 is now available.
August, 2015 ***** [CURRENT BUILD 22232] *****
***** [CURRENT DRIVER 3.2.3] *****
31 MODIFICATION: The dhcp command has been renamed to dhcpd.
30 Error in nav.css fixed.
28 BUGFIX: TCL: Several minor file I/O errors corrected.
26 NEW FEATURE: arping command added.
Usage: arping ifn [IP | MAC]
The command is used to obtain a list of all machines on a
network (arping ifn) or to "ping" a machine by IP address
or MAC address.
CRON now re-syncs when the machine resumes from sleep.
23 NEW FEATURE: mechanism for overriding DHCP offers from
external DHCP servers modified.
21 NEW FEATURE: Command 'dhcp ifn test' gathers responses for
2 seconds. It thus detects all DHCP servers that have sent
an offer during that interval.
File 'crontab' detects external DHCP servers every minute.
NOTE: If the DHCPD is set to static mode on an interface,
then stations not in the reserved list will never be
initialised if no external DHCP server is active.
19 NEW FEATURE: mechanism for overriding DHCP offers from
external servers improved.
16 BUGFIX: several minor DHCPD bugs fixed.
15 NEW FEATURE: Honeypot now honors FILE and CMD requests.
14 BUGFIX: Port 137 lookups for "wpad" now honored.
13 BUGFIX: UDP echo command was sending to broadcast address
if name resolution failed.
NEW FEATURE: RDP and SMB traffic is now mapped directly to
the MSTCP by the driver. This greatly increases performance
for local traffic.
12 NEW FEATURE: The winset command can now be used to start
the Windows Firewall Control Panel applet.
11 CHANGE: The ICF code now no longer defaults to ON.
10 NEW FEATURE: The honeypots, DHCP server and HTTP servers
are now started via startup.txt only.
9 NEW FEATURE: The DHCPD now supports configuration of MSTCP
interfaces. A new dialog box asks the user for an IP address
and Mask to be used on the interface. In order to support
DHCP renew requests, the DHCPD reports the fixed IP address
x.x.x.232 so that such requests actually make it down to
the NDIS layer. That IP address is pingable from other
machines.
8 BUGFIX: Error in ReadPostData() corrected. This error was
causing NAT32 to exit if WUPNPD received a command.
7 WSUPNPD exception handling added.
6 BUGFIX: WUPNPD buffer size increased.
4 BUGFIX: HTTPW now uses a larger reply buffer for DNS
lookups.
3 BUGFIX: HTTPD POST Request now works correctly.
July, 2015 ***** [CURRENT BUILD 22230] *****
***** [CURRENT DRIVER 3.2.3] *****
31 BUGFIX: various buffer issues in the HTTPD fixed.
BUGFIX: additional sanity checks added to the TCP code.
BUGFIX: honeypot_ssl was not closing connections because
read() calls were blocking.
BUGFIX: Function tcpwrite() was sometimes writing too much
data.
25 BUGFIX: termination when additional shells are running.
BUGFIX: tcpsend() error when no data needs to be sent.
BUGFIX: buffer length error in mwrite() and monitord().
22 Several bugfixes and improvements, including:
Winsock WUPNPD improved (see upnpd.htm).
New command setu added (see upnpd.htm).
WUPNPD now started on Secondary interface in startup.txt
NAT32.EXE flags modified. Flag "h" now indicates
"No HOSTS checking"
Flag "p" now indicates "give network I/O priority".
FritzBox and FritzRepeater script files modified.
Default stack size increased.
15 BUGFIX: Fixed potential GPF in pmain.c
Various other minor issues fixed.
12 BUGFIX: TCP keepalive now works correctly.
6 Minor changes in how winio.c handles change between web
mode and standard mode.
4 Many changes made, particularly in memory allocation in
several functions.
Most (but not all) printf variants now use xmalloc().
The minimum stack size is now 16K rather than 4K.
The WinPkFilter 3.2.3 is now installed per default.
BUGFIX: The NSERVER string is now no longer sometimes
falsely set.
June, 2015 ***** [CURRENT BUILD 22228] *****
***** [CURRENT DRIVER 3.2.x] *****
15 This is the last build that will run on Windows XP.
BUGFIX: Function wlogin() modified to close startup.txt
once it's execution has completed.
Several commands modified to interpret "all" as all
interfaces.
9 BUGFIX: File change.txt now sets interface selection
algorithm to 'main'.
NEW COMMAND: netcheck displays important network settings.
8 IMPROVEMENT: DNS resolver now checks Windows notion of a
name server address before resorting to OpenDNS.
BUGFIX: Shutdown command now clears no_sleep before
calling ExitWindowsEx().
BUGFIX: Exit flag is now set when a network input thread
is forcefully terminated (e.g. via a netstop command).
6 BUGFIX: IPPROC minor DNS modification.
5 BUGFIX: The NETOUT thread was sometimes terminating
prematurely. This happened whenever its semaphore was
signalled and the ouput queue had been emptied in the
interim. Changes in netout(), netwriteq() and slowtimer().
4 Major changes to how DNS is used and detected. Nsdetect
is no longer used, as it allows any private machine to
change DNS Server settings within NAT32. The mechanism
is still in place but no longer turned on in startup.txt.
3 Several web page improvements and enhancements.
Winio() now displays web pages by running x_web() and
x_webf() in a thread rather than via a function call.
May, 2015 ***** [CURRENT BUILD 22228] *****
***** [CURRENT DRIVER 3.2.x] *****
29 SoftAP.exe major change: Stop button now forces a stop.
SoftAP.exe minor changes: debug output removed, status info
now updates correctly.
25 Admin.exe modified to start child processes without
inherited handles. This means that such processes will no
longer prevent NAT32 from terminating if they are still
active at the time.
Support for a second Windows ICS magic address added.
24 NEW FEATURE: Throttling added. See setf.htm for details.
BUGFIX: WiFi and Virtual WiFi adapters now recognised
correctly on Windows 8 and higher.
23 NEW COMMAND: arpoff ip | name [ifn]
This command modifies the state of the specified ARP entry
to "refuse". Thereafter, traffic to the address will have
an invalid Ethernet destination address causing such
traffic to be ignored by the receiver. This action can be
reversed with an arpon command with the same syntax.
This feature is useful for blocking traffic at the MAC
level rather than at the IP level.
22 Startup.txt modified as follows:
1. The setis command is now: setis main
2. The no_sleep variable is now set to 1
3. Command: "setnsi p" was added to ensure that the main
DNS server is used per default.
When running as a service, a 20-sec startup delay has been
removed.
Various kprintf functions were modified so that they work
correctly when NAT32 runs as a service. If kprintf2 is
ever called, the caller blocks until Ok or Cancel is clicked
on the xlog.htm page.
CAUTION: kprintf2 is called from the kecho command. If that
command is ever used, BE SURE to display the log buffer in
a browser so that Ok or Cancel can be clicked.
A new certificate for the WinPkFilter driver was added. The
original certificate had expired.
21 MINOR CHANGE: ARP cache size increased.
NEW FEATURE: WiFi and Virtual WiFi detection added. New
help pages explain the feature.
RIP modified so that rip udates are never sent on interfaces
that are configured, but not in use.
19 MAJOR CHANGE: The code that handles adapter configuration
changes and DHCPD changes has been extensively modified.
The file 'change.txt' has also been modified and the old
version should no longer be used.
BUGFIX: All netin functions have been modified to correct
a DHCP Renew problem.
NEW FEATURE: The SoftAP.exe program has been enhanced.
18 Kernel modification: The thread wrapper now checks for an
unreleased Critical Section and releases it if necessary.
17 BUGFIX: dstat command modified (ARP CS issue)
BUGFIX: eth2ip command modified (ifn arg added)
15 MINOR CHANGE: Service configuration improved.
14 MAJOR CHANGE: A problem was occurring on networks that are
connected to the Internet via routers that have multiple
private IP addresses. NAT32's inetin() thread was dropping
incoming packets that had a MAC source address that did
not match that of the configured gateway.
13 NEW COMMAND: "dstat ea" converts the specified Ethernet
Address to an IP address and name (if known).
The Monitor window is now preserved across restarts. This
means that decho the and mecho commands (which both call
dprintf to display output in the monitor windos) can now
be used at any time.
Various help texts in dialog boxes updated.
10 Unsolicited incomimg ICMP traffic is now passed to NAT32
for processing rather than to the MSTCP. This means that
pings will work even if the Windows Firewall is blocking
ICMP traffic.
BUGFIX: Problem with shell exit after a restart fixed.
9 BUGFIX: wpad dns now works correctly.
Softap.exe notification handling improved.
Several htm pages updated.
8 BUGFIX: Function sets() line #47.
7 BUGFIX: Function inetin() now routes packets received from
the MSTCP that are addressed to a different local network.
Packets from the MSTCP for addresses on the same network
are written directly.
BUGFIX: The DHCPD reset command was setting the nserver to
1.2.3.4 instead on nif[ifn].ni_ip.
4 Command config no longer writes to logfile unless a debug
argument is specified.
3 The GPF Dialog box now works correctly for all options.
A gpf command is available for testing the GPF handler.
Full details are in file gpf.htm.
2 NEW COMMAND: The wpad command can now be used to configure
the wpad features and to turn wpad support on or off.
Full details are in file wpad.htm.
1 NEW FEATURE: The DNSRD now resolves names containing
wpad.domain to NAT32's IP address. This causes a web
client to send a GET request for file wpad.dat to NAT32,
which then responds with the contents of file proxy.pac
that is located in the NAT32v2 HTM directory. A sample
proxy.pac file is included, but it should be edited as
needed. The sample proxy.pac redirects all traffic to
the NAT32 HTTPD at port 8080.
April, 2015 ***** [CURRENT BUILD 22225] *****
***** [CURRENT DRIVER 3.2.2] *****
30 Various HTML pages updated.
The "su" command now always executes admin.exe, even on
systems without UAC enabled.
26 Build 22225 created from the Build 22224 codebase.
Minimum platform requirement is Windows 7 (Server 2008 R2).