From: Mike Ryan
Deerfield.com is pleased to announce the beta release of VisNetic Firewall 2.2.
New Features and Fixes in v2.2
- IP Groups - one rule can match more than one IP or IP range.
In the program menu, under Rules, an entry is added near the bottom called "IP Address Groups". When this item is chosen, a window appears for adding, editing and removing IP Groups. An "IP Group" is a set of IP addresses or address ranges that will be used together by rules.
- Port Groups - one rule can match more than one port or port range
This feature is very similar to the "IP Groups" feature, but applies to TCP and UDP ports. You can now define Port Groups (see the Rules menu, near the bottom) and on the Filtering page when editing a rule, there is a new entry at the bottom of the "Ports must match:" list called "Group". Choose that and the list of available port groups will appear.
- MAC rules now support "trusted" status.
TCP, UDP and ICMP rules can now be restricted to apply to systems that you "trust" (they use MAC addresses that you specify in MAC rules). You can now make a new kind of MAC address rule where the action, if the MAC address matches, is simply to elevate this packet to "trusted" status. Normal protocol filtering (using TCP, UDP and ICMP rules) continues. If a rule matches but is restricted to "trusted" MAC addresses, then the packet will match if and only if it received "trusted" status by a MAC rule. All other packets will not match and the search through the rules will continue for a matching rule.
- Improved Log Display information
The log display (when you double-click on a log entry) is improved to show the protocol fields and the contents of the packet that triggered the log entry. This display screen also gives you the option to save the packet information you see to a file (in the Log directory, the file name is based on the timestamp).
- Block All option on the Configuration Screen
On the Configuration screen (for each adapter), the "Block All"option has been added so you can choose to block all traffic for that adapter (others can "Filter" or "Allow All")
- The System Tray popup menu has been changed
The "Settings" item has been replaced by the options "Allow All","Filter" and "Block All", to give immediate control over the firewall state. These controls are exactly the same as with View/Settings/When Running controls.
- Tarpits. A "tarpit" is a trap for troublesome outsiders. Your system accepts connections but never replies and ignores disconnect requests. This can leave spammers, worms and port scanners stuck for hours, even days. Now, entries in the Ban List can be set to be tarpits. Also, block rules can become tarpits:
When "Ban" and "Tarpit" are chosen, the rule creates a tarpit for all IPs that try to connect and match this rule. It tarpits all ports for these IPs
When "Tarpit" is chosen but not "Ban", the rule creates a tarpit only for matching connections. It tarpits all IPs for just the selected port range.
- Command-line addition of Ban List entries- To help link other programs (email, etc) to the firewall for banning IPs, the following command line can be used:
DFW.EXE -ban (address) [-expiry {dwn}] [-tarpit] [-reason "(text)"]
where
(address) is the IP or IP range, in one of the following formats:
#.#.#.# - a single IP address
#.#.#.#-#.#.#.# - an IP address range
#.#.#.#/#.#.#.# - a masked IP address
#.#.#.#/N - a network range (N is typically 8, 16 or 24)
Expiry sets when the entry expires (d=1 day, w=1 week, n=never)
Tarpit sets this ban entry as a tarpit
Reason sets the "Reason" text field (a reminder of the cause of the ban)
The (address) is mandatory, "-expiry", "-tarpit" and "-reason" are optional. If "-expiry" is not supplied, the setting shown on Ban List/Properties is used. The default for "-tarpit" is off. The default for "-reason" is "Added from command line".
The ban takes effect immediately.
NOTE - take care when adding ranges. Currently, the firewall checks individual IPs to be sure they aren't already in the Ban List, but ranges are not checked well and overlap can result.
- The number of entries in the Ban List is displayed in the Status Bar.
- When a workstation license is found on a server system, the popup message used to simply say, "Bad License". Now it explains that a server license is required on a server windows platform.
- Tarpit entries that are more than 30 minutes old are considered expired and are not displayed.
- Port scan detection was creating false alarms when detecting ACK scans. For now, ACK scan detection is removed.
- Block rules were sometimes displayed with the "-->" or "<--" arrows when they should be displayed as "<->", since they block connections in both directions.
VisNetic Firewall 2.2.12 Beta may be downloaded at:
ftp://ftp.deerfield.com/pub/beta/visnetic_firewall/vfwsetup2.2.12_beta.exe Remote Admin:
ftp://ftp.deerfield.com/pub/beta/visnetic_firewall/vfwadminsetup2.2.12_beta.exe We would like to release VisNetic Firewall 2.2 by mid-January so your testing assistance would be appreciated.
Thanks
Mike Ryan
Deerfield.com
kak raz naoborot..... tut nado 4tonit tipa ZoneAlarma stavit 
Вопросы о родстве рассосались. 
