C&C Software Sunday, March 18, 2018

C&C Home | Product Portfolio | Resellers | Contact Us

Buy Now

Test Drive

[Current version of WinGate is 9.1.2 - Release Notes]

WinGate Release Notes

WinGate 9 release notes

Version 9.1.2 (Build 5956) Released 18 December 2017

1. Fix: HTTP Error responses: Fix XML encoding of embedded data in response pages, prevents XSS attacks via WinGate block pages.

2. Fix: Directory browsing: Fix issues with links to icon files for directory browsing with https

3. Fix: AD Connector: Fix auto-reported crash relating to enumeration of inter-trusted domains missing certain DNS information.

4. Fix: AD Connector: Fix occasional encoding problem for some arguments in LDAP queries.

5. Fix: Help system: Fix auto-reported crash if hhctrl.ocx fails to load

6. Fix: Schema script: Fix auto-reported crash if script does not include enough operands for various operators

7. Fix: HTTP Basic Auth: Added charset auth param to challenge to indicate preference to receive user/pass in UTF-8

8. Fix: Route Table checking: Fix auto-reported crash when route table contains no routes via a gateway.

9. Fix: Service Bindings: Fix race condition causing crash when viewing bindings while they change (auto-reported).

10. Fix: Dashboards: Fix race condition causing crash when a dashboard is deleted and receives an update (auto-reported).

Version 9.1.1 (Build 5951) Released 9 October 2017

1. Fix: WINS: Fixed rare automatically-reported crash on receiving certain WINS broadcast packets

2. Fix: Activity: Copy URL to clipboard was not working for CONNECT server:port requests

3. Fix: WinGate: Fixed rare automatically-reported crash relating to checking interface table for changes

4. Fix: WinGate Management: Fixed rare automatically-reported crash relating to dialog showing progress of synchronising modules

5. Fix: Web Access Rules: Fix context menu for report header

6. Fix: Send/Recv: Report correct error code if pended completion called with error

7. Fix: Shutdown: Fix crash on shutdown relating to Logging updating shared data values

8. Fix: Minidumps: Fix crash in minidump generation in some cases when shutting down

9. New: Web Access Rules: Added ${USER} and ${IP} options to block pages.

Version 9.1.0 (Build 5945) Released 27 September 2017

1. New: Active Directory: Now works with multiple trusted forests / domains (Enterprise only).

2. New: Credential rules: New setting to prevent inheritance of Domain Computer credentials, means no longer need to battle with system services that auth when restricting user access to web sites.

3. New: Reverse Proxy: Can now set whether client cert is required on a per site basis for reverse proxy with SSL/TLS

4. New: User interface: Updated to latest version of Codejock user interface framework.

5. New: WinGate Updates: overhauled user interface.

6. New: Logos: new product icons / logos for WinGate, Kaspersky AV, Lumen, and the SMS connector.

7. Fix: Web Proxy: Fixed automatically-reported crash occuring when using the wrong number of arguments for some functions in script.

8. Fix: Web Activity: Fix logging of web activity items to timeline on first run when it's disabled.

9. Fix: Licensing: Crash in licensing panel if licenses changed while not showing panel.

10. Fix: Services: Automatically-reported crash in call to LookupPrivilege in some cases relating to checking for port conflicts when starting services.

11. Fix: DNS client: Automatically-reported crash in call to GetNetworkParams, now use DnsQueryConfig to enumerate system-known DNS servers.

12. Fix: Localization: Resolve issue localizing modules that are installed in different folders (not child folder of WinGate).

13. Fix: Localization: Resolve issue with writing missing resources to file

Version 9.0.8 (Build 5935) Released 21 August 2017

1. Fix: Various: Fixed several automatically-reported crashes in WinGate Management and WinGate engine.

2. Fix: Flow-chart policy: Fixed problem with list lookup relating to localised interface where the method sort order changes.

3. Fix: Notifications: Fixed automatically-reported crash relating to logging notification reports.

Version 9.0.7 (Build 5933) Released 14 July 2017

1. Fix: AD connector: Crash in SOCKS authentication related to testing for available auth methods.

2. Fix: Various: various localization issues with some strings

Version 9.0.6 (Build 5929) Released 8 June 2017

1. Fix: Services: Fixed problem with high rate of incoming connections.

2. Fix: WinGate Engine: fixed intermittent crash on engine shutdown.

3. Fix: Localization: Made numerous hard-coded strings available for localization.

4. Fix: Email UI: fixed display of email address handler restrictions.

5. Fix: WWW proxy: Fixed issue in web server when serving files with % in filename

6. New: Licenses: Now report notification incident when license count is exceeded

Version 9.0.5 (Build 5926) Released 5 April 2017

1. Fix: Locking: Reverted to FIFO lock acquisition strategy to resolve issues with stablity due to thread starvation on highly contended locks under load.

2. Fix: WWW proxy: Fixed parser problem if response headers contain mixed CR and CRLF line endings.

3. Fix: Credential Rules: fixed lookup failure when multiple IP-matching sub-ranges defined.

4. Fix: Web Access Rules: Fixed display problem in rules if username contained XML special characters (such as ampersand)

5. Fix: Web Access Rules: Fixed a problem if registry merging resulted in multiple conflicting rule entries.

6. Fix: WinGate Engine: Fixed a crash on shutdown whilst deleting services

7. Fix: WinGate Management: Fixed an automatically-reported crash issue when accessing context menus from some panels when the task panel is hidden.

8. Change: String handling: Performance improvements in several places where strings are copied.

9. Change: Web Access: Refactored locking to reduce contention and increase performance.

10. Change: Minidump reporting: collect more data on crashes, submit minidumps zipped.

Version 9.0.4 (Build 5915) Released 13 February 2017

1. Fix: TLS in services: fixed allowed cipher suite issue relating to deprecation of RC4 and 3-DES, causing older clients to fail to connect with TLS.

2. Fix: WinGate Engine: Fixed an automatically reported crash on shut down of WinGate engine

3. Fix: Categories: Fixed an automatically reported crash in the user interface when you add a category and clear the name,

4. Fix: Permissions: Fixed an automatically reported crash in the user interface which occured occasionally when changing selection

5. Fix: WinGate Management: Fixed an automatically reported crash in the user interface relating to requesting credentials from the user.

6. Fix: Telemetry: several fixes relating to missing prefixes.

Version 9.0.3 (Build 5911) Released 25 January 2017

1. Fix: WinGate Management: Fixed display issue with categories containing special characters

2. Fix: DHCP: fix issue where client changing networks requests old IP was given it instead of rejected.

3. Fix: Localization: Fixed a problem on Windows 7 with WinGate localization causing WinGate management to fail to start.

4. Change: TLS client certs: setting to request a client cert now requires it

5. Chenge: Telemetry: Various fixes, and added start timestamp to record duration covered by report

Version 9.0.2 (Build 5909) Released 13 January 2017

This is another maintenance release, fixing bugs reported by the Application Experience feature in WinGate 9.

1. Fix: WinGate Management: Fixed crash when creating a new service if the dialog OK button is clicked prior to the service showing in the dialog

2. Fix: Activation: fix crash where user deactivates a license where the product is not loaded (e.g. old PureSight license)

3. Fix: Installer: check for existence of KB2533623 on Windows 7, this is required for WinGate to load modules (normally installed by Windows update)

4. Fix: WinGate Updates: Fixed notification of new updates, now always notify on new updates.

5. Fix: Minidump generation: Fixed an problem relating to generation of minidumps without exception information.

6. Fix: Application Experience: Fixed an issue where in some cases install instance ID not available

Version 9.0.1 (Build 5906) Released 29 December 2016

This is an early maintenance release, fixing bugs reported by the Application Experience feature in WinGate 9.

1. Fix: WinGate Engine: Fixed engine crash when WinGate Management connects where there are no packages installed (can happen if you delete packages registry key after installing WinGate).

2. Fix: WinGate Management: fix crash where user hits F1 key on login, or language setting dialog box if they had previously connected to WinGate

3. Fix: DNS server: Fix crash on race condition if sessions were set to time out too short. Now timeouts aren't set in the proxy (they are a function of the DNS client).

4. Fix: WinGate Engine: Fixed crash in some cases in checking for changes to the system route table

5. Fix: Updates: Fixed an occasional crash where a status for a product is updated.

Version 9.0.0 (Build 5902) Released 20 December 2016


1. New: moved to native 64 bit only, dropped support for 32 bit windows.

2. New: no longer support XP or 2003 server, minimum recommended OS is Windows 7 x64 / 2008 R2 server.

3. Change: moved build environment to Visual Studio 2015, which requires deployment of VS2015 runtime.


4. Change: HTTP Proxy: streamlined parsing for improved parsing performance and reduced memory heap access

5. Change: HTTP Proxy: increased buffer size to reduce number of system calls

6. Change: HTTP Proxy: streamlined buffer manager to use fewer allocations and reduce contention around buffer pool

7. Change: HTTP Proxy: streamlined code path for serving files to reduce parsing workload.

8. Change: HTTP Cache: various performance improvements

9. Change: Events: various optimizations to event processing, including reduction of lock contention on processing events

10. Change: Network IO: moved to overlapped sending to reduce system calls when sending data

11. Change: Service: use IO completion ports to accept connections

12. Change: Performance: Improved pattern matching algorithm performance, affects data list lookups.

13. Change: Performance: improved performance of unicode <> UTF-8/ANSI conversion which is in widespread use throughout WinGate

14. Change: Locking: improve lock acquisition cost improves performance overall.

15. Change: String formatting: improved string formatting code to reduce memory allocations

16. Change: String encoding: improved speed of various string encoding functions.

17. Change: Performance: Various other changes to reduce memory heap access and copies.

18. Change: Data: reduced contention / locking around counters to improve performance of monitored data.

19. Change: TCP Mapping proxy: increased throughput performance of proxy

20. Change: SMTP delivery: increased send buffer size for improved delivery performance

21. Change: Timeline: various performance improvements to reduce load of large timeline databases.


22. New: HTTP Proxy: Now supports SNI on incoming connections. Useful for supporting multiple reverse proxy sites with different certificates.

23. New: HTTP Proxy: Now inspects initial packet checking for TLS record and SNI. This supports SNI for intercepted connections, and also allows https for diverted connections to the proxy (sometimes called SSL peek and bump).

24. New: Cache: Now supports caching partial responses. <> 25: Change: HTTP Proxy: numerous performance improvements as above

26. Change: HTTP Proxy: Now allow explicit control over whether to allow GET / HEAD requests to contain a message body.

27. Fix: Cache: better error reporting on cache volume problems (part of adding support for Ramdisk cache)

28. Fix: Web Access Rules: fix web access rule creation wizard navigation


29. New: SIP Proxy: allows you to track calls in timeline, and block calls made using SIP phones.

30. New: TCP Mapping: Added controls over TCP keepalive settings for client and server-side connections

31. New: WinGate Management: Added filtering of activity view. Can now set lists of IPs to display or hide traffic from.

32. New: Application Experience: Now collects information about usage of WinGate in order to assist us to prioritise features for development.

33. New: Application Experience: Automatically uploads any crash dump / minidump files and information to our servers for analysis and bug-fixing.

34. New: Logging: new log migration wizard allows moving log folders.

35. New: SQL statement: item can now copy database record field data from results into event data for use in event handlers

36. New: SQL statement: item can now be added directly onto event processing

37. New: SQL statement: policy item can now check whether rows were affected in INSERT/UPDATE/DELETE queries

38. New: Policy: Send Email item can now attach a file

39. New: Policy: New Log Entry item, can log to current service log file from within policy or event (pro or enterprise only)

40. New: Scheduler: added option to randomize the minutes value for when the event will next run. Used for update checker, IP to country updates (on new installs). Useful for load spreading of access to remote servers.

41. New: Config Utility: added -nomap option to allow exporting unmapped file paths

42. New: IPtoCountry: added logging and use of notifications to log update issues.

43. New: IPtoCountry: added IpToCountry as a globally accessible object from script, added "CountryForIp" function.

44> New: POP3 Server: Added SessionComplete event to POP3 server. Now can see how many messages remain in a folder and/or were deleted after a POP3 client disconnects

45. Change: WinGate Management: WinGate management connection no longer inherits credentials from any previous-established cached credentials for the IP it connects from.

46. Change: WinGate Management: Additional logging around login / logout and auth failure.

47. Change: WinGate Management: migrated to new version of Codejock user interface library.

48. Change: WinGate Management: User interface tweaks, to make tabs and quick access buttons more visible, and to distinguish it visually from WG8

49. Change: Notifications Panel: Can now close out multiple incidents at once

50. Change: Email: Mail file processing now binary safe. There was a problem with some embedded non-ASCII-based character sets being corrupted.

51. Change: Logging: session creation and termination is now logged at info level instead of debug.

51. Change: Resources Panel: removed the resources panel for various reasons, mainly due to performance cost, and lack of utility. At least we're honest.

53. Change: OpenSSL: updated to version 1.0.2j

54. Change: Scilexer: new scilexer for context-highlighting of code (script) windows.

55. Change: Licensing: Changed the way WinGate notifies the user about accessing license-restricted features in trial mode to reduce confusion about the purpose of the notification.

56. Change: Installer: migrate mail spool, web admin, certs, resources, custom responses folders to ProgramData

57. Fix: Authentication: some cases where auth failed were not being properly reported / auth failed event processed.

58. Fix: IpToCountry: better file validation of downloaded files.

59. Fix: Various: numerous other fixes.

WinGate 8 release notes

Version 8.5.9 (Build 4883) Released 16 May 2016

1. Fix: Socket notifications: performance improvement from fixed callback window creation.

2. Fix: WinGate Engine: Fixed memory leak in thread naming if policy is used to terminate connections from within ClientConnect event

3. Fix: Reverse Proxy: Fixed memory leak relating to extension to EXE mappings when web serving.

4. Fix: Email Panel: Fixed crash relating to tooltip.

5. Fix: JScript Item: Fixed bug relating to strings from schema objects being treated as booleans when compared.

6. Fix: JScript Item: Fixed bug in less than and greater than operators

7. Change: Pattern Matching: Performance improvement in pattern matching, affects data list content checking.

8. Change: WWW Proxy: now recognises the relatively new PATCH command (so doesn't block it by default)

Version 8.5.8 (Build 4881) Released 23 April 2016

1. Fix: Proxy: Serious load problem with many connections to proxy (log entry shows exception in TCPSession::InitInstance) caused by issue in MFC introduced in 8.4.0 (#22).

2. Fix: Web Activity: Parallelized callout to web classifiers (such as manual classifier) which were being serialized, causing performance bottleneck if classification is too expenive (e.g. very large lists of wild-card entries).

3. Fix: Remote Control: Problem with communications from WinGate Management becoming overloaded and unresponsive if too many packets being sent in the other direction. Could cause settings from WinGate Management to not be applied for example when loading large numbers of timeline records.

4. New: Data Lists: Added RemoveAll and ExportToFile functions to List object schema.

Version 8.5.7 (Build 4879) Released 6 April 2016

1. Fix: Installer: Problem with SHA256 signatures on installer prevented signature validation on XP

2. Fix: Installer: Setupfactory extension RegistryEx.lmd not loading on XP due to missing dependency

3. Change: Installer: Now uses dual signatures on installers to support new requirements for SHA256 and retain previous SHA1 support.

Version 8.5.6 (Build 4877) Released 29 March 2016

1. Fix: DNS Client: Memory leak when DNS requests cancelled prior to completion.

2. Fix: FTP Proxy: Problem logging some non-UTF-8 filenames etc in debug logging.

3. Fix: FTP Proxy: Problem with some UTF-8 filenames being corrupted, preventing download or change directory.

4. Fix: FTP Proxy: Fixed logging of multi-line responses such as FEAT responses.

5. Fix: Timeline: not showing name for Web Activity option on settings > general tab

6. Fix: File-based Data lists: file reading issue when final line not new-line terminated

7. Change: HTTPS inspection: Can now inspect on non-standard ports (use policy if you want finer control)

8. Change: Timeline: Manifest no longer dependent on SQLite ODBC driver file (which is no longer installed to packages folder)

9. Change: Installer: Check CRC on existing driver binary and skip driver upgrade if the binary is the same. Saves a reboot and interface cycling.

10. Change: Installer: Now restart WinGate service (if installer stopped it) and Engine Monitor (in all cases) where reboot is not required.

11. Change: Installer: Installer now signed using SHA256 hash algorithm.

Version 8.5.5 (Build 4858) Released 28 January 2016

1. Fix: DNS Client: Fixed case-sensitivity bug in hosts file entries

2. Fix: DNS Client: hosts file now supports multiple names per line, and multiple addresses per name.

3. Fix: Service Editing: Fix ignored ESC key in editing service when description field is selected.

4. New: DNS client: Add support for adding domain suffix to unqualified requests.

5. New: Active Directory: Result filtering can now select Organization Units as well as domains.

6. New: Upstream connections: proxies can now connect upstream using SOCKS4a, thereby avoiding DNS lookups.

Version 8.5.4 (Build 4852) Released 17 November 2015

1. Fix: WWW Proxy: Fixed issue with stripping of empty Basic auth request header.

2. Fix: TLS: Fix issue with superfluous initialisation of TLS algorithms when generating certificates

3. Fix: Events: Fix problem with editing event processors from events panel - was blocking communications with engine.

4. Fix: Schema: Fix schema / script-based access to Session.ServerIp, broken in 8.5.0

5. Fix: Schema: Fix parameter checking in various built-in functions which could crash WinGate if function called incorrectly.

6. Fix: FTP Proxy: Fix broken PORT command parsing, broken in version 8.5.2

8. New: WinGate Users and Groups: can now change own password via Web Admin service.

Version 8.5.3 (Build 4846) Released 13 October 2015

1. Fix: WWW Proxy: Fixed broken (in 8.5.0) authentication for server requests / reverse proxy / intercepted connections where the proxy is doing the authentication.

Version 8.4.1 (Build 4813) Released 21 July 2015

1. Fix: SSL / TLS: Increase timeout for SSL/TLS handshake to cover for slow clients and certificate revokation checks.

2. Fix: Localization: Was not loading localized strings for package modules

3. Fix: Installer: Problem setting permissions on ProgramData\Qbik folder could take too long if the HTTP cache volume was in there. Problem introduced in 8.4

4. Fix: WinGate Updates: crash in WinGateUpdates.exe relating to logging settings in registry

5. Change: Installer: Updated to SetupFactory 9.5

Version 8.3.2 (Build 4773) Released 8 April 2015

1. Fix: Logging: not persisting changes to logged fields in W3C usage logging introduced in 8.3.0

2. Fix: Policy: Bug introduced in 8.3.0: crash in WinGate management when closing the call policy item in a flow-chart policy

3. Fix: Dashboard: Bug introduced in 8.3.0: WinGate Management would become unresponsive if you delete a dashboard item.

4. Fix: HTTP Filters: occasional crash when a filter returns its own content to a request (e.g. block pages etc)

5. Fix: Web Access Control Rules: crash when dragging and dropping rules if you drop one below default rule

6. Fix: Web Access Control Rules: UI glitch when adding category or site to a rule would not show until dialog was reopened.

7. Fix: Web Access Control Rules: no longer do implicit auth (if user unknown and not matching) on re-authentication rules, only explicit (where it matches the Who tab).

8. Fix: Web Access Control Rules: fixed hit count on auth rules.

9. Fix: Schema script: crash when trying to use uninitialised variables as a result in some scripts or policy items.

10. Fix: Email UI: crash in WinGate Management caused by race condition between creation of email panel, and unsolicited queue updates

11. Fix: WinGate users and groups: NTLM 1 byte buffer overrun problem when logging at debug level

12. Change: Web Access Rules: Performance improvements to rule evaluation.

13. Change: Web Access Rules: Added performance tracking (time spent in each rule for hit and miss cases) so cost of a rule becomes visible.

14. Change: WWW Proxy: Diagnostic Logging now logs requests associated with auth handshaking.

15. Change: WWW Proxy: no longer count intermediate auth challenge handshake requests for session request limiting (limiting to 1 would break NTLM).

16. Change: Notifications: Added Last Change column to notifications panel, changed the way UI updates are handled.

Version 8.3.1 (Build 4769) Released 12 March 2015

1. Fix: SSL: Problem with changed start order of modules revealed a problem with initialisation of OpenSSL that could cause mail delivery to fail when using STARTTLS

2. Fix: POP3 Collection: Fixed issue causing problems connecting to pop3s servers on upgrade.

3. Fix: POP3 Collection: Was not honouring setting for SSL/TLS version in the case of STLS-negotiated SSL/TLS layer

4. Fix: SMTP Delivery: Was not honouring setting for SSL/TLS version in the case of STARTTLS-negotiated SSL/TLS layer

5. Fix: Uninstaller: would hang forever waiting for WinGate service to stop on a WinGate Management only installation

6. Change: Certificate Importing: Prevent importing certificates that do not have a private key.

7. Change: SSL/TLS: Added logging for diagnosing issues with SSL/TLS negotiation and certificates

Version 8.3.0 (Build 4764) Released 5 March 2015

1. Fix: DHCP: Fixed issue where permissions were not registered if User Database started late (e.g AD server not available on WinGate start), so DHCP panel not displayed.

2. Fix: User database: Fixed issue where permissions were not registered if User Database started late (e.g AD server not available on WinGate start), so Users and Groups panel not displayed.

3. Fix: Web Proxy: Fixed occasional buffer leak

4. Fix: Logging: Fixed crash in output buffering when writing very large fields

5. Fix: VPN: Fixed crash when using User object in event handler for VPN connection event.

6. Fix: IMAP: Fixed issue when command contains empty string literal.

7. Fix: Config utility: Problem with utility reporting that WinGate was not installed.

8. Fix: VPN: problem exporting and importing VPN config files. Was reported fixed in 8.0.2, but still had an issue on some OSes.

9. Fix: Policy: fixed a parse error in a default (sample) policy

10. Fix: Engine: Fix issue preventing windows from reporting correct windows version on Windows 8.1 and Windows 10

11. Fix: SSL: now loads entire chain of certificates (if included) from certificate PEM files

12. Fix: IP to Country: update to new format and URLs for access to IP assignment record data.

13. Fix: IMAP: Crash if length information in index file different to file length on disk.

14. Fix: File Copying: deprecated OS CopyFile calls as they are not reliable on 2k12. Now copy file by reading and writing file content. Affects mainly mail (local delivery and mailbox moving).

15. Fix: Mailboxes: bug with tooltips when working with more than 1 mail volume would hang WinGate Management.

16. Fix: Mailboxes: fixed issue where merging mailboxes would fail if a source file did not exist (now skips).

17. Fix: Web Admin: Fixed issue preventing Email tab from displaying

18. Fix: HTTP Cache: Couldn't save rule with only "do not cache" option selected

19. Fix: Web Access Control: Checkbox values in "what" tab of rule were not honoured (always checked).

20. Fix: Users and Groups: Allow access in event processing to Full Name, and Account Name of User object, when authenticated user is a domain computer account.

21. Fix: WinGate Update: issues relating to certificate revocation check failing which prevented update checks.

22. Fix: DHCP Panel: fixed occasional crash when updating lease information

23. Fix: Manual Classifier: improved speed of lookups.

24. Fix: POP3 Proxy and SMTP receiver: buffer overwrite problem when receiving large buffers from client.

25. Fix: Timeline: Crash when changing timeline settings if Database failed to initialise

26. Added: SSL/TLS: can now specify allowable SSL/TLS versions for back-end connections in reverse proxy, and/or client connections (mail delivery and POP3 collection).

27. Change: Mailboxes: now show number of folders and messages in mailbox panel

28. Change: SDK: changed interface registration to auto-binding

29. Change: Permissions: Added default administrative group to root object so that by default administrators can see everything regardless of who created it (e.g. policies/dashboards etc).

30. Change: Permissions: Added proper display handling for checking / unchecking full control option.

31. Change: IMAP: performance improvements in mailbox indices particularly for network-based mail volumes. Greatly speeds up expunges (mail filtering).

32. Change: Policy: Expression evaluator item dialog now resizable and uses larger courier font to assist editing script.

Version 8.2.5 (Build 4733) Released 5 September 2014
  1. Fix: Permissions: Fixed issue which prevented display of permissions panel in WinGate Management, introduced in 8.2.2.
  2. Fix: User database: memory leak relating to user objects.
  3. Fix: Settings utility: incorrectly reported that WinGate was not installed
  4. Fix: SQLite ODBC driver: fixed issue with converting floating point numbers using current locale.
  5. Change: User database: changed indexing for object handles to make it safe to test for handle validity.

  6. Version 8.2.1 (Build 4711) Released 28 April 2014

    1. Fix: Logging: crash when logging some strings containing mixed ANSI and unicode strings, e.g. embedded Japanese.

    2. Fix: Logging: fix timer-based flushing of outstanding buffered log data.

    3. Fix: FTP proxy: FTP commands are now treated correctly as case-insensitive.

    Version 8.2.0 (Build 4707) Released 23 April 2014

    1. Fix: WinGate Management: crash when closing WinGate management during failed connection attempt

    2. Change: Web Access Rules: can now drag / drop to re-order web access rules

    3. Change: Web Access Rules: can now specify a block page per rule

    4. Change: Web Access Rules: block pages now stored under AppData folder instead of under Program Files

    5. Change: Web Access Rules: now uses combo box to choose between All, All below, or all except below in each of "Who", "where" and "What" tabs

    6. Change: Web Access Rules: "where" and "what" can now check against global data lists

    7. Change: DNS: new strategy when dealing with SRVFAIL results from DNS servers. Now tries one other server if there is one.

    8. Change: Mail delivery: new special case handling for SRVFAIL responses to MX lookups, now fails over to A record processing.

    9. Change: Logging: Major performance improvements to logging, including reduction in data conversion, double-buffering, and file IO.

    10. Change: Logging: Added feature to allow buffering of log data before writing it to disk to further reduce file IO. Greatly improves performance of logging to a SAN

    11. Change: Logging: Added data counters to track lines logged and bytes logged.

    12. Change: Module loading: changed package manager logging to log module load failures

    13. Change: Module loading: explicitly report version problems with packages in UI

    14. Change: Module loading: overhauled synching dialog. Now wraps text, shows errors more clearly.

    15. Change: BGP Service: Added BGP server. This should be considered experimental.

    16. Change: Framework: updated to Codejock v 16.3.1 UI framework

    Version 8.1.0 (Build 4655) Released 28 February 2014

    1. Fix: POP3 Server: debug logging of POP3 commands could cause crash if command contained certain characters.

    2. Fix: WWW proxy: issue with reverse proxy checking for path exploits effectively blocking access to back-end URLs containing certain character sequences

    3. Fix: AD User Database: crash problem when authing to accounts where AD object is missing required fields. Now logs missing fields and fails auth.

    4. Fix: Timeline: Deadlock could occur in some cases when multiple WinGate Management accessing Timeline using MDB or Database concurrency set to 1.

    5. Fix: Manual classifier: was not honoring permission for modification of manual classifications.

    6. Fix: SMTP Delivery: occasional crash due to race condition when timing out SMTP delivery sessions.

    7. Fix: Web Admin: occasional crash when accessing email tab when using AD user database

    8. Change: Timeline: changed default database to SQLite from MDB. MDB just not up to the task for medium - large sites.

    9. Change: Web Activity: rules can now specify which proxies the rule applies to

    10. Change: HTTP Cache: rules can now specify which proxies the rule applies to

    11. Change: Dashboards: no longer limit number of dashboards by license.

    12. Change: import/export utility: can now import configuration from command line.

    13. Change: Data lists: selection dialog now shows current selection

    14. Change: Code Signing Cert: new (updated) Qbik Code Signing cert used for WinGate modules.

    Version 8.0.5 (Build 4634) Released 5 December 2013

    1. Fix: HTTP proxy: malformed request reported when POST request challenged for authentication.
    2. Fix: DNS client: crash relating to timing out delegated requests
    3. Fix: Timeline: was not showing all activity blocks in some cases.

    Version 8.0.4 (Build 4629) Released 4 November 2013

    1. Fix: HTTP proxy: problem with tunneled requests (https) when processing pended data on closing connection.

    2. Fix: Web Activity: fixed crash when trying to log database initialisation failure

    3. Fix: Notifications: fixed WinGate Management crash when notifications occur with notifications panel not visible.

    4. Fix: Timeline: Fix issue where UI would not update value of "enable activity tracking" properly

    5. Change: Data monitoring: Added option to reset derived values

    6. New: Configuration utility: Added utility to export / import configuration (handles 32/64 bit issues as well).

    Version 8.0.3 (Build 4625) Released 18 October 2013

    1. Fix: Mail delivery: problem with retrying if mail rejected temporarily after DATA command

    2. Fix: Mail delivery: problem with bounce messages.

    3. Fix: POP3 Server: buffer overflow vulnerability fixed.

    4. Fix: SMTP Client: Fixed crash which occured if session was timed out whilst negotiating SSL connection with STARTTLS.

    5. Fix: HTTP proxy: problem with SSL inspection if connecting through upstream proxy

    6. Fix: DNS client: fixed problem for delegate requests to different domains.

    7. Fix: Activity Screen: crash when right-clicking user icon on multiple user machine.

    8. Change: Licensing: connections to SMTP server no longer consume a license

    9. Change: Schema: Added InRange member function to IP Address object

    Version 8.0.2 (Build 4614) Released 23 September 2013

    1. Fix: WWW proxy: problem with chunked POST requests.

    2. Fix: WWW proxy: problem with FTP URLs.

    3. Fix: POP3 Proxy: crash problem when using Kaspersky AV for WinGate and client issues STLS command.

    4. Fix: Updates Installer: Fixed issue with improper handling of silent installs in some upgrade scenarios

    5. Fix: WINS service: crash when parsing NetBIOS broadcast packets containing no IP address records

    6. Fix: SMTP Client and POP3 client: issue when talking to older servers that don't support TLS

    7. Fix: VPN: problem exporting and importing VPN config files

    8. Fix: Notifications: memory leak when closing an incident that wasn't currently open.

    9. Fix: Dashboards: dialog resize bug in dialog for choosing data source for dashboard items.

    Version 8.0.1 (Build 4608) Released 20 August 2013

    1. Fix: HTTPS inspection: Crash when signer certificate created without encrypted private key

    2. Fix: HTTPS inspection: Problem selecting correct signing certificate (due to sorting in combo box).

    3. Fix: Timeline: Problem initialising timeline for some versions of MySQL ODBC driver

    4. Fix: Timeline: Problem saving new config if database not initialised.

    5. Fix: Timeline: problem in user interface causing WinGate Management to crash on exit.

    6. Fix: FTP Proxy: Debug logging problem with server responses

    7. Fix: Updates Installer: Updated to fixed WinGate 8 installer.

    Version 8.0.0 (Build 4601) 31 July 2013


    1. New: HTTPS inspection support added (Enterprise licenses only)

    2. New: HTTP cache: now uses in-memory / file-backed indexes - no more SQL. Result is much faster cache.

    3. New: Web Access Control: added rule result of "re-authenticate". This can be used to force change of user.

    4. New: Web Access control: added option to track different categories for same site separately or not

    5. New: can now intercept port 443 to proxy (normal non-https binding). If SSL inspection is enabled, it can be inspected, else it is tunneled.

    6. New: now reads mime types for file extensions from OS when serving.

    7. Change: buffer handling, removing double-buffering resulting in much improved throughput

    8. Change: now maintains connection to upstream proxy for SOCKS as well as Tunneled upstream connections.

    9. Change: usage logs time taken now in milliseconds

    10. Change: added option to disconnect in reject policy response

    11. Fix: fixed issue with occasional site hangs, and broken images

    12. Fix: Web serving: fixed problem improperly blocking URLs containing ':' character - affects reverse proxy as well.

    13. Fix: Web proxy: X-Forwarded-For was not being added for upstream connections via proxy, even if selected

    14. New: Web proxy: Added support for adding X-Forwarded-For for reverse proxy requests

    Email services

    15. New: Added support for client certificates and SASL EXTERNAL auth mechanism throughout services and clients.

    16, New: Added support to check user database for incoming email addresses to see whether to accept mail or not. Allows integration with Active directory email addresses.

    17. New: SMTP Delivery: can now override FQDN in known server

    18. New: pushes a notification if a mailbox is over quota when delivering or accepting mail.

    19. New: can now install multiple SMTP servers.

    20. New: SMTP Server: Added option to require authentication.

    21. New: SMTP Server: Added option to override default FQDN

    22. Change: Now Checks volume access, writability etc etc. Useful for network shared volumes

    23. Change: can now create volumes regardless of license. Whether you can use anything other than default volume is a matter of license. This allows you to create a new volume to migrate to without having an enterprise license.

    24. Change: now checks storage type of mail volumes disallowing invalid media, such as CDROM or RAMDisk

    25. Change: can now create a volume in a non-empty folder (which allows attaching a volume to a previous volume)

    26. Change: SMTP Delivery: now supports MX which resolves to multiple A records.

    27. Change: SMTP Server: extended schema of SMTP Session to allow setting of FQDN and whether to require auth in policy.

    28. Change: SMTP delivery: no longer (invalidly) tries backup MX servers if a recipient is permanently rejected

    29. Change: IMAP: now better handles temporarily unavailable mailboxes (e.g. those on network shares)

    30. Fix: resolved some issues with migration of ORDB servers from WG6

    31. Fix: fixed bug in POP3 Server when client using SSL / STLS in some cases session would hang

    32: Fix: fixed bug in IMAP search when no search sequence specified.

    33: Fix: Fixed bug saving mailbox settings.


    34. New: TCP mapping proxy: supports client certificates on incoming and outbound connections

    35. New: Certificates: can now import certificates from pfx file.

    36. New: Certificates: WinGate-generated self-signed certs now add Basic constraints and subject Key ID, necessary for signing other certs.

    37. New: Credential rules, now UI validates entering IP or MAC address - makes entering MAC addresses more lenient.

    38. New: Activity: added expand / collapse all

    39. New: Activity: pause activity updates now shuts off updates from server, thereby saving bandwidth.

    40. New: WinGate NAT: Added Disconnect event

    41. New: Notifications: added logging support. Now logs reports and events to file.

    42. Change: changed development environment to MS Visual Studio 2010

    43. Change: AD Connector: now control cache lifetime of objects retrieved from active directory. Objects will now be re-fetched after 1min, to reflect changes in account settings etc.

    44. Change: AD Connector: now displays email address of users and groups.

    45. Change: AD Connector: better handling if AD controller is unavailable when WinGate starts (reports errors to UI, retries initialisation).

    46. Change: DNS Client: Can now specify order of servers.

    47. Change: DNS Client: Changed deprecation strategy when servers unavailable, now just demote the server, rather than ceasing use of it altogether.

    48. Change: Credential rules: Now check for conflicts when creating a new rule.

    49: Change: SSL Support: updated OpenSSL to latest 0.9.8y version

    50. Change: Post-mortem logging now uses DebugHelp.dll to create minidump files, rather than our old custom post mortem log files. These are also now generated always instead of off by default.

    51. Change: Logging: changed log level for various informational events from debug to Info (e.g. proxy requests, and traffic). Means you no longer need to log all debug messages to get requests and traffic.

    52. Change: Dashboards: now supports undo/redo and Save / Cancel for editing.

    53. Change: Data lists: speed improvements to shared data list lookups used by Policy, and Manual classifier.

    54. Fix: Credential rules, fixed locking issue on updating credential rules.

    55. Fix: Timeline: now warns on MDB over size, and enforces auto-purging.

    56. Fix: Timeline: now deals with temporary inaccessibility of database.

    57. Fix: Data: fixed several locking issues

    58. Fix: Engine startup: problem on some systems with disabled Ras Manager service where WinGate would crash on startup after reboot.

    59. Fix: Lua Scripts: fixed issue when calling function with no parameters.

    60. Fix: Policy: fixed problem with imported policies relating to 32 bit values imported as signed vs unsigned data.

    61. Fix: AD UDB: issue where empty search results would return incorrect error to client code.

    62. Fix: Web Activity: deadlock editing web access control rules while under load.

    63. Fix: Timeline: fixed deadlock in timeline when using MDB and retrieving large datasets.

    64. Fix: Network Driver: fixed deadlock when disabling / enabling USB-based adapters. Version 7.3.1 (Build 3535) Released 16 May 2013

    1. Change: Debugging: now generates minidump files for better analysis of top level exceptions.

    2. Change: Updates: added support for hyperlinks to launch browser (e.g. for links to release notes)

    3. Change: Installer: Now adds rule to windows firewall for WinGate service.

    4. Fix: IMAP: Search without range or UID range specifier would fail

    5. Fix: Dialer: Failure to start RasMan service in time could cause WinGate engine to crash on startup.

    6. Fix: WWW proxy: problem downloading resources greater than 2GB

    7. Fix: Logging: Support for logging 64bit values to usage logs, changed log types for HTTP download size, mail message size etc to 64 bit capable

    8. Fix: HTTP Cache: problem relating to parsing of ETag could cause some server responses to not be correctly processed.

    9. Fix: WinGate Management: Help panel should no longer require adding site to Internet Explorer trusted sites.

    10. Fix: Data global lists: WinGate crash where lists linked to a file couldn't access the file Version 7.3.0 (Build 3506) Released 7 March 2013

    1. New: Reverse proxy: can now specify to make back-end connection with SSL and/or client certificate

    2. New: in web serving sites matching host-names can now specify to match on SSL or not.

    3. New: Service events: Added Binding object to events for TCP-based services (WWW, FTP, SMTP, POP3, IMAP, Remote Control etc). This allows setting local SSL settings per connection

    4. New: server requests, reverse proxy etc can now make SSL connections, with client certificates. These settings can also be changed in policy per request.

    5. New: Users and Groups. Now supports filtering by domain.

    6. New: TCP mapping proxy, published more members for session object, to specify connection control, (e.g. client cert, use SSL, bypass proxy etc).

    7. Change: Policy: policy flow-chart now shows icon of type of item in the worksheet.

    8. Change: POP3 collection and SMTP delivery now avoid DNS lookup if connecting through upstream proxy that connects by servername.

    9. Change: POP3 collection and SMTP delivery now support use of client certificates when connecting to a server

    10. Change: Connections: moved processing of ClientConnect event prior to establishment of SSL, based on binding, so policy can override this (e.g. choose cert per client IP etc)

    11. Change: Network connections: Added adapter ID to network adapter dialog in Network connections panel. Also ability to copy data to clipboard. This is useful so you can compare adapter ID with Binding member in policy.

    12. Fix: Persistence: Fixed buffer overflow bug in persistence classes.

    13. Fix: Notifications: Fixed deadlock in Notification component if logging fails due to access issues to log folder.

    14. Fix: Scripting: LuaScript and JScript policy items now verify that the function prototype matches the event data. This was necessary due to addition of Binding object to event data.

    15. Fix: fixed problem with reverse proxy for https sites where back-end connection was not SSL.

    16. Fix: fixed occasional deadlock when using Kaspersky AntiVirus for WinGate

    17. Fix: SSL Support: fixed issue closing SSL sockets.

    Version 7.2.10 (Build 3486) Released 5 February 2013

    1. Fix: WWW proxy. Now supports HTTP messages with content length > 4GB

    2. Fix: WWW proxy. Improved performance of WWW proxy as a web server, no longer sends headers and response line in separate packet to initial payload.

    3. Fix: TCP Mapping proxy. Fixed problem introduced in 7.2.9 where intercepted connections matched specific mappings, would cause connection to fail.

    4. Fix: HTTP Cache. Fixed problem with improper removal of cache entries when a server re-uses same ETag for multiple resources.

    5. Change: Browse for Folder dialog - usability improvements, can now select the folder you're viewing, rather than only sub-folders.

    6. Change: Activity: Pausing activity updates now stops updates at source, thereby reducing load and bandwidth requirements.

    7. Change: Activity: efficiency improvements when no WinGate Management is connected.

    Version 7.2.9 (Build 3480) Released 11 January 2013

    1. New: TCP Mapping proxy - now pushes an event on connection failure so you can notify / retry a failover server.

    2. Fix: Data Lists - problem inserting new string items would cause WinGate Management crash.

    3. Fix: Data items - problem with sample Restricted Sites list prevented editing.

    Version 7.2.8 (Build 3467) Released 27 November 2012

    1. New: DHCP, added WPAD option, so can do WPAD without enterprise license.

    2. New: SOCKS server now supports SOCKS 4a.

    3. Fix: POP3 proxy, issue with passwords containing % symbol

    4. Fix: WWW Proxy: issue with lost buffered client data when tunneling FTP through WWW proxy.

    5. Fix: Categories: issue with categories containing non-text characters (caused problems when trying to create web access rules with PureSight categories such as "Children's").

    6. Fix: Schema script runtime, fixed parsing problem with certain script constructs.

    7. Fix: WinGate Management, fixed issue relating to trying to update help pane topic when the help pane wasn't created.

    8. Fix: Permissions, buffer alignment problem when storing and reading permissions objects to registry

    9. Fix: WinGate Management, fixed lockup on services panel when changing service status Version 6.6.4 Build 1338 (Released 14 October 2009)

    1. Fixed an issue with the DHCP server where if an old lease referred to a scope that had been deleted, WinGate would not make an offer.
    2. Signed the Wgengmon and wgvpnmon applications so they can be loaded in 2k8 server without disabling UAC.
    3. Added full minidump capability for troubleshooting.
    4. Fixed an issue in the WWW proxy where serving files from disk with a space in the URL.
    5. Fixed an issue in the WWW proxy where accessing FTP servers which use UTF-8 filenames would cause problems.
    6. Fixed an issue in the WWW proxy with Basic authentication causing some sessions to hang.
    7. Fixed an issue in the WWW proxy relating to policy that checked server ip address.
    8. Fixed an issue in SMTP delivery - no longer try A record when MX record lookup times out.
    Version 6.6.0 Build 1277 (Released 27 May 2009)
    1. New WWW proxy, including changes relating to auth, scanning, caching, pipelining, and HTTP/1.1 support
    2. Fixed an issue relating to FIN/RST handling and timeout behaviour in Extended networking.
    3. Resolved dialup issues on 2k3 server.
    4. Fixed a bug in the IMAP server where it was case-sensitive to certain commands.
    5. Fixed a problem with ARP cache timeouts and refreshing.
    6. Reworked the VPN control connection mechanism to harden it against attack.
    7. Added tunnel keep-alive packets to keep tunnels active through NAT devices.
    8. Fixed a problem with editing schedule item actions in VPN-only UI.
    9. Fixed a problem editing access rights on hosted VPNs from a remote GateKeeper in VPN-only UI.
    10. Deprecated cache freshness overrides (number of days before checking...) in WWW cache.
    11. Added schedule option to resynch NT user database

    WinGate 6.5.0 Build 1197 (Released December 15, 2008)

    1. Added support for Windows Vista 32 bit
    2. Added support for Windows XP 64 bit edition
    3. Added rebuilding of IMAP mailbox index if index file is deleted.
    4. Added support for using Query String in banlist for HTTP policies
    5. Added data for policy - connection intercepted: whether or not the connection was intercepted
    6. Added diagnostic watchdog thread.
    7. Dropped support for Windows 95, Windows 98, Windows Millenium Edition (ME), and Windows NT 4.
    8. Removed relays.ordb.org from default configuration for ORDB settings in mail reception.
    9. Changed type for DHCP time offset option from unsigned to signed integer to allow for negative time offsets.
    10. Fixed recursion depth issue in DNS resolver which would fail DNS requests returning alias chains longer than 5 levels of indirection (affected download.microsoft.com).
    11. Fixed issue with NTLM login in various WinGate services due to token length issues, occasionally seen on ADs with Vista and 2003 server.
    12. Fixed an issue with persistence of website settings in WWW proxy (was not removing deleted host headers).
    13. Fixed an issue in the DHCP server that was causing lease information to be incorrectly stored. This caused clients to be forced to obtain new IP addresses if the WinGate server was rebooted.
    14. Fixed issue where a system message on startup could create deadlock when starting up with large NT User database.
    15. Fixed locking and memory leak issue in RIP manager.
    16. Fixed stability issue in the WWW proxy related to chunked data transfers
    17. Fixed protocol error in GateKeeper which could cause GateKeeper to stop displaying updates
    18. Fixed issue in gateway selection where destination is local. No longer perform gateway selection if destination is local
    19. Fixed issue in proxies connecting through an HTTP proxy using CONNECT command to non HTTP/1.0 upstream proxy
    20. Fixed slow memory leak in Nat control which could occur under high load on multi-CPU machines
    21. Fixed race condition in the ENS driver which could result in empty messages being sent to the Nat control (results in Error log in WinGate NAT log).

    WinGate 6.2.2 (Released July 12 2007)

    1. Fixed critical security vulnerability in the SMTP server, allowing remote attackers to crash the WinGate service. Thanks to Harmony Security for notifying.
    2. Fixed an issue with directory browsing in the WWW proxy service.
    3. Fixed an issue with timeouts of large FTP transfers through the FTP proxy.
    4. Fixed an issue with large FTP transfers through the WWW proxy where data scanning in use.

    WinGate 6.2.1 (Released February 7, 2007)

    WinGate 6.2 is a sizeable update to version 6.0. It includes several new features, notably an IMAP4 server, enhanced CGI support (it is now possible to run a self-contained webmail system with WinGate), email list server, several enhancements to extended networking, a revised plugin API, as well as a number of bug fixes
    1. No longer require the firewall to be enabled for ENS relays and Transparent proxy to work.
    2. Routing now works also between two External interfaces. Previously was only between two Internal interfaces
    3. Now report packets dropped due to checksum failures to engine (Firewall tab).
    4. Fixed several problems with CGI support for PHP.
    5. Fixed several problems with POP3 collection, including hanging on completion.
    6. Fixed problem with SSL connections losing socket notifications causing sessions to hang/time out. Affected mainly SMTP reception with STARTTLS enabled, POP3 collection with STLS enabled.
    7. Fixed problem with routing ICMP packets if pinging the WinGate machine itself was disabled.
    8. Fixed a bug where if no Central Configuration policies have been created or if Central Configuration is not available, the local exclusion list would not have been checked.
    9. Fixed a problem with Interleaved connections in the RTSP proxy.
    10. Several obsolete mapping services no longer created by Installer
    11. Fixed policy issue where selecting the "Everyone" user but not setting "Everyone" as ticked could deny access to services.
    12. Fixed a problem in the scheduler where some critical events could run repetitively
    13. Fixed a case where incorrect text would be logged against a quarantine entry if the reason length exceeded 10000 bytes
    14. Added logging support for plugins. This is supported by version 2 of Kaspersky AntiVirus for WinGate and version 2 of PureSight for WinGate.
    15. Only show computers in the network pane where these have a NetBIOS SERVER resource
    16. Fixed an issue in the User database GUI when using the remote database option. There was a functionality issue with the Synchronise userdatabase on engine start option.
    17. Fixed an issue with the autoupdate event in the WinGate scheduler
    18. Fixed an issue where deleting certificates from the Server Certificates manager wouldn't work.
    19. Installation Guide button was broken when installing WinGate. There is now a separate document for WinGate installation guide (WinGateInstall.chm)
    20. New functionality added to helpfile with updated DHTML features; including in-page image links and easier layouts
    21. Updated helpfile content improvements, including sections for Active Directory, System Messages, Imap server.
    22. New WinGate Installation guide, with network scenarios and step by step installation help.
    23. Several MTU-related driver bug fixes,including fixing Path MTU discovery for tunnel packets, fixing driver-generated ICMP errors for outbound packets over MTU on tunnels.
    24. Fixed an issue where if the DHCP service was disabled this wasnt reflected in GateKeeper.
    25. Fixed an issue with manual overrides of network interface MTU. It Now responds to changes (increases and decreases) of device MTU.
    26. Changed the way the driver analyses MSS and MTU for TCP connections. Simplified handling solves issues where the driver could learn an incorrect device MTU.
    27. Fixed a problem in license management, where duplicate product entries would result in duplicate licenses being displayed.
    28. Added an option for overriding interface metric. This allows administrators to prioritise routes in the ENS driver (i.e. to specify that one gateway takes precedence over another for NAT traffic).
    29. Restructures Plugin API. This means that old plugins will no longer work. New plugins are available.
    30. Added option in SMTP reception to scan and reject files prior to accepting responsibility for their delivery. This greatly reduces the number of quarantined items and email bounce messages related to email-borne viruses.
    31. Added IMAP4 server. Supports RFC3501 plus several extensions: UNSELECT, LITERAL+, ID, UIDPLUS, IDLE, STARTTLS, $Forwarded and $MDNSent.
    32. Email list support. Can now define mailing lists in WinGate email domains
    33. Added support for SASL LOGIN authentication for POP3 collection and SMTP delivery

    WinGate 6.0.4 build 1025 (released March 23 2005)

    1. Fixed the WGIC's dialup monitor so that users can now disconnect connect the dialup connection from a client PC running the WGIC.

    2. Fixed an issue with SMTP, that could cause the mail being sent to fail if the far end server sent a multi line response.

    3. We now show the Remote Control Service in the VPN only GUI.

    4. Fixed an issue whereby if a User and Group had the same name policies would fail to work correctly.

    5. Fixed a problem with regard to User auditing and a User's account balance.

    6. Added a check for sites that use different port numbers in on-page URL's.

    7. Fixed an issue with bounce messages and temporary errors.

    8. Improved the logic with regard to which panes Gatekeeper shows by default.

    9, Fixed a display issue with the right click options ("The time this machine connected at") on the Activity pane in GateKeeper.

    10. Improved security in the WinGate firewall by removing UDP ports 1024->4096 on a default installation

    11. Improved VPN handling of private IP ranges other the 192.168.xxx.xxx.

    12. Standalone WinGate VPN now has available the Extended Network option of black holing IP's.

    13. Fixed a problem with SMTP logging of APOP, AUTH etc.

    14. Changed VPN Connection method to prevent the broadcast of given messages to given nodes.

    15. Resolved an issue in SMTP with NULLs before CRLF.CRLF in end of message

    16. Fixed an issue with WinGate VPN which had been limiting the maximum number of RIP routes it could handle,

    17. Fixed a BSOD which could occur when WinGate was under high-load.

    18. Fixed an issue in the driver which resulted in connections being intercepted when WinGate was acting as a router.

    19. Fixed deadlock in the driver.

    20. Fixed a memory leak with the WGIC to do with hooking Windows System applications.

    21. Tidied up the way GateKeeper behaves when WinGate is unlicenced.

    22. Updated the installer to re-include the uninstall survey.

    23. Numerous Help file improvements.

    24. Fixed an issue with the WinGate Engine Monitor, and VPN Monitor not reflecting the current status of the WinGate service correctly on Terminal Server.

    25. Fixed an issue with POP Collection, which could cause a message to be overlooked for retrieval if the connection to the remote mail server was unexpectedly terminated.

    26. Fixed an issue with upgrading from previous versions of WinGate mail, which could lead to User's being permanently disabled for email access.

    27. Resolved an issue with FTP connections and the driver, which could cause large downloads to fail after a random amount of data had been received.

    28. Fixed a problem with the driver, whereby upon initial connection of a (WinGate) VPN after a machine reboot, no traffic would move across despite the connection looking like it had been correctly established.

    29. Improved the communications mechanism between the Driver and the Engine.

    30. Fixed a display issue which would still show UDP connections below port 1024 even though the option to do this had been de-selected.

    31. Fixed an issue with passing 0 length files through to a plugin which could lead to an inability to terminate that session.

    WinGate 6.0.3 build 1005 (released 16 September 2004)

    1. Fixed a problem with SMTP delivery, where it was possible that some mail received for a domain whilst mail was being delivered to that same domain would not be delivered.

    2. Fixed a problem with service bindings, where if one service (even if disabled) was using a port, and had a binding policy, no other services could use that port

    3. Fixed an ongoing problem with license use accounting on Multi-use IP configurations where clients are using proxy configuration (specifically where the first session to connect on a machine requires a license, then a license would leak. For WGIC control sessions and DNS requests, no license is required, therefore this problem mainly showed up in proxy configurations).

    4. Fixed a bug where VPN control connections would hang if the username was invalid where using the WinGate user database.

    5. Fixed a bug related to hash entry timeouts in the ENS introduced in build 1000 related to FIN-ACK attack handling.

    WinGate 6.0.2 build 1001 (released 11 September 2004)

    1. Fixed a problem in SMTP delivery introduced in build 1000 related to sending mail to servers that do not accept mail containing NULL characters.

    2. Fixed a problem with POP3 collection where a session would time out if the terminating CRLF.CRLF which indicates the end of a message was not all received in the same buffer.

    3. Fixed a problem on new installation where on first run (not subsequent runs) of the engine, no mail authentication methods are available.

    4. Made some modifications to mail installation to avoid conflicts with existing mail servers on the same machine.

    5. Changed default setting for gateway monitoring to off.

    WinGate 6.0.2 build 1000 (Released 10 September 2004)

    1. Fixed a bug whereby the windows services could still be hooked by the WGIC, even when it had been disabled.

    2. Fixed a problem with POP3 collection where it would hang parsing files of a specific size (8192 bytes exactly after received stamp).

    3. Changed the VPN behaviour so that Joiners details (whose properties are set to only allow tunnels to the Master (hoster)) are not published around the rest of the VPN.

    4. Certificates that are generated on the fly while creating a VPN are now available instantly, rather than having to exit the dialog and re-enter.

    5. Fixed a problem with GateKeeper crashing if the user edited policies whilst using a version 4 or previous license.

    6. Resolved a problem with Assumed users and Authenticated users existing in the same service, which could cause users to be denied access.

    7. Licence counts are now adhered to correctly.

    8. Fixed a memory leak in the WRP Central Configuration policies.

    9. Fixed a problem that would not allow the WGDM to be displayed unless you had an Enterprise license.

    10. Fixed an issue with GateKeeper disappearing a few seconds after logging in.

    11. Resolved a problem with 'Access Denied (403)' errors for some web-pages (especially with images) when using NTLM authentication.

    12. Fixed a bug which could cause holes in the firewall for the VPN to disappear each time the Engine was restarted.

    13. Improved history database startup when the file is corrupted.

    14. Improved handling of WG Engine Monitor and VPN Monitor when running in a Terminal Server environment.

    15. Changed the default behavior of adapter detection, so that now an adapter with a private IP and a default gateway will now show as Internal.

    16. Fixed the Right click option in the Network tab, for Local network, so that now the properties menu will display.

    17. Fixed problem with Path MTU discovery for connections made by WinGate where using specific gateways.

    18. Fixed bluescreen related to UDP broadcast relaying where there were more than 32 current VPN tunnels.

    19. Fixed a problem that stopped HTTP caching from working properly if plugins were in use.

    WinGate 6.0.1 build 995 (Released 12 August 2004)

    1. Fixed a problem activating version 6 keys

    2. Fixed a problem with migration of VPN certificates when upgrading from previous versions.

    WinGate 6.0.1 build 993 (Released 10 August 2004)

    1. Fixed a problem which stopped PureSight for WinGate from running with a licensed key.

    2. Fixed a problem with Web caching on sessions with multiple HTTP 1.1 requests

    3. Fixed a problem with VPN tunnels where more than one tunnel exists between the same two IP addresses

    4. Fixed a problem with WRP and WGIC when running without an Enterprise license.

    5. Fixed a problem which caused the WWW Proxy to serve the Java Client when a site was blocked by the ban list.

    6. Improved the license manager so it will handle PureSight for WinGate and Kaspersky AntiVirus for WinGate License keys.

    7. WGOptions now allows disabling DNS servers from being used, in order to resolve DNS loop issues.

    8. Changed order of installation sequence for activation, so this happens prior to removing previous WinGate version on upgrades (so the firewall is still active for the required internet connection).

    WinGate 6.0.0 build 984 (Released 29 July 2004)

    1. Fixed a problem with Blackholing IP addresses on some network adapters.

    2. Fixed a couple of problems with activation, including license names containing special characters.

    3. Fixed a buffer leak problem in the WinGate ENS with gateway pre-selection

Version:  6.0  -  February 2004

WinGate 6.0 is a major update to version 5.2.3, some of the features are listed below.
NOTE 1 WinGate 6.0 requires to be activated.
WinGate 6.0 will not operate without a valid activation. An activation client ships with WinGate, and is able to contact our servers and request an activation file.

You can activate previous versions of WinGate keys. Depending on when you purchased or if you have current upgrade protection, your key will automatically be upgraded to the latest version, granting you access to the features associated with that license type and version.

Otherwise, a previous version key will be regenerated (in the new format), which will restrict your access to features that were available in WinGate for the version of the key you are using.

NOTE 2 WinGate 6.0 Now has 3 types of license, Standard, Professional and Enterprise. Not all features are available for Standard and Professional, look through the product pages to see the differences.

The new features in WinGate 6.0 include:

1. A major rewrite of WinGate Mail with the following additional features:

a) New SMTP delivery engine, with support for TLS connections, SMTP authentication (CRAM-MD5, NTLM, and PLAIN). This can be configured on a server by server basis, so you can now set up trusted email networks.

b) Several new enhancements added to WinGate Mail specifically designed to combat spam. These include:
- IP vs email domain verification, based on MX and PTR->A record lookups.
- optional blocking of numeric sender domains for untrusted senders
- optional blocking of blank return-path for untrusted senders.
- attachment blocking.

c) POP3 collection has been added. You can now retrieve email from a number of POP3 accounts and deliver these to a defined email address or based on local domain configurations.

d) advanced mail routing, including per-email address restrictions (message size, attachment blocking, and copying mail)

2. Major improvements to the WinGate Client application (known as WGIC). The main benefit of the WGIC now is to be able to centrally control whether applications that use networking are allowed to be launched or access local or remote networks. New features include:

a) Support for centralised configuration management so administrators no longer need to configure settings on individual machines

b) Support for complete network-lockdown or even termination of an unauthorised application.

c) Support for authentication and application control only (no redirection).

d) Separate MSI-based installer allowing for remote deployment. This is available in your <WinGate>\Client installation folder

3. A major overhaul of the WWW Proxy. New features include:

a) HTTP authentication by NTLM or HTTP Basic methods for proxy connections, TR intercepted connections, and server requests.

b) Support for HTTP/1.1 including keep-alives and chunking (this results in a great improvement in performance) for proxy and server.

c) Improved Support for server-parsed CGI (e.g. PHP) in readiness for our Webmail product.

4. Added support for Terminal Services. Changes have been made to the engine to allow multiple user contexts per single IP address. This means WinGate users can now specify user-level access control and policies for their Terminal Services clients.

5. Several improvements to overall performance and resource/memory footprint make WinGate faster, consume less memory and CPU and more reliable than ever.

6. Added a new utility to GateKeeper, providing secure access via the GateKeeper connection to cmd.exe on the WinGate server. This allows you to run console applications to perform functions like modifying the system route table, testing network connectivity with ping or tracert from the server, viewing and killing processes, running batch files etc etc.

7. Bandwidth throttling functions in the ENS. Users can now throttle bandwith for client machines, services, by time of day, direction of traffic, source and destination IPs, port and protocol.

8. New dynamic binding system. Prior versions of WinGate bound services statically to fixed IP addresses. If these addresses changed then bindings could cease to function, or be removed. WinGate now dynamically binds all services to all available adapters based on a policy configurable by the user. This allows the user to set more intuitive bindings, which will reflect changes in the network as they happen. For instance if you plug in a USB network adapter, WinGate will determine if it is an internal or external adapter, and bind the IP addresses of this adapter to any service that is configured to dynamically bind to that type of adapter (i.e matches the service's binding policy).

9. Bind services to multiple port numbers. You can now bind services to multiple port numbers by setting binding policies which override the service port.

10. Accept SSL connections on services. Certain services (WWW Proxy, SMTP and POP3 Services) now allow you to accept SSL connections This means that you can set up secure web access, or secure mail using SSL (as well as using the previous TLS support). This provides Outlook mail users with a maximally-secure mail option. You can even use a different certificate per interface, to allow mail clients that use the internal adapter to validate a specifically generated certificate for that interface.

11. Support for IPSEC NAT-T added. Fixed a bug in UDP processing where lack of a UDP header checksum caused packets to be dropped. This had caused IPSEC NAT-T to break.

12. Centralised certificate management added. Many services now accept SSL connections. Certificates may now be generated and accessed from a central certificate manager.

13. Added gateway selection. Now you can direct traffic from your proxies through specific next hop gateways on your LAN, or through specific dialup adapters. Enhanced support for multiple dialups has also been incorporated.

14. DMZ support has been added, with an ARP responder to assist in subnetting where there are address restrictions.

15. Fixed a problem with the internal DNS resolver relating to following chains of CNAME records.

16. Fixed a problem with some RealTek network adapters.

17. Fixed a security problem in the WWW Proxy which would allow unauthorised read-access to files.

18. Several other bug fixes.

19. Major GUI overhaul in GateKeeper, including the following features:

a) Mail queue window added, you can now see details of all the queued domain jobs, view the messages that are queued remotely, and abort or force domain queue processing

b) Network window overhauled, including the addition of a Network Connections frame. This allows you to see the status of your network adapters just like the OS version, with notifications of when adapters are connected or unplugged. Even on Windows 95, and NT, which don't themselves support notification of LAN cable status, you can now see when a cable is unplugged, plus more useful information like IP addresses, MTU etc.

c) Adapter Properties dialog. Double click on an adapter in the Network connections window, and view its details, and a graphical view of the traffic going through the adapter.

d) Changes to the way service dialogs are displayed. The new "TreeSheet" allows the display of many more tabs without the normal problem of tab controls becoming cluttered with too many tabs.

e) Quarantine Preview. You can now preview items that are quarantined. This allows you to make a better decision about whether to release or delete the quarantined file.

20. New Help file, based on HTML help.

Version:  5.2.3  -  February 2004


Component Type Description
Driver Improvement Much improved handling of dial-ups in the driver. This includes dial-in connections, MS VPN connections,and WinGate VPN connections, and allowing multiple default gateways.
Engine Bug-Fix Fix to Socks Proxy handling of the UDP associate command, which previously we weren't honouring correctly.
Engine Bug-Fix Fixed bug with FTP through HTTP proxy when no scanning plugins installed. There was a problem with some older versions of IE downloading from ftp sites, whereby they would only get 75% of a download.
Engine Improvements Performance improvements to the NT user database integration with large user databases. Now handle large databases much better which improves synchronising speed.
Engine Improvement Also added the ability for auto creation of users on successful authenticated login against an NT user database.
Engine Bug-Fix Fixed 2 bugs with Policies. Firstly, with particular regard to blocking specific applications from accessing the WRP service. The second for the NAT when using a policy that is reliant on the Server's IP. These fixes are across all Services that have access to Policies.
Engine Bug-Fix Fixed an issue whereby user accounting stats could get lost across engine restarts.
Driver Bug-Fix Fixed a BSOD in the driver that could be triggered by some versions of Realtek network cards.
Driver Improvement The driver now supports 2 way video for MSN Messenger. Voice is still unsupported.
Driver Improvement Improved H323 support for applications such as Netmeeting etc.
Driver Bug-Fix Fixed an issue in the driver whereby we were blocking DHCP requests in the firewall under certain circumstances. This resulted in some installations losing access to their network card.

Version:  5.2.2  -  December 2003


Component Type Description
Engine Bug-Fix Fixed POP3 proxy. Recent changes to support scanning had introduced a problem where small messages (able to fit entirely into a single TCP packet) had been nagled to the POP3 server response. This would mainly affect users on slow links (i.e. dialups) downloading very small messages (less than 1400 bytes).
Engine Bug-Fix Fixed a bug introduced in 5.2 with "drip-feeding" clients where a client disconnects before the download completed. This would cause an engine hang.
Engine Bug-Fix Fixed the WWW proxy where downloads would occasionally be broken if scanning was disabled.
Driver Bug-Fix VPN fixes, now do not consider an ICMP redirect or ICMP-PMTU route to be valid when considering route clashes from remote VPN nodes. This would show up as route clashes on client nodes on a second and subsequent connection to the VPN server.
Driver Bug-Fix Fixed UDP relaying, where invalid port relay tables were being sent to the driver if certain ports existed in the UDP broadcast relay table, but were disabled. This fixes name resolution on the VPN.
Driver Bug-Fix Fixed relaying/NAT of fragmented UDP packets in the driver.
Engine Improvement Removed the distinction between plugins applied to sending vs receiving data (this was only usable for FTP). This improved the presentation of plugins within GateKeeper.
Engine Bug-Fix Fixed a bug with the update scheduling for plugins.

Version:  5.2  -  November 2003


Component Type Description
Driver Bug-Fix "Out Of Buffers" error fixed. This was due to a leak in the ENS of kernel memory, resulting in the OS running out of memory for new socket connections, with the error "out of buffers" being reported.
Engine Bug-Fix Fixed a memory leak with AV scanning.
Engine Improvement Improved SMTP's handling of mail delivery failures, where in some cases backup servers would not be used.
Engine Improvement Minor change to reception of email to solve message truncation or delivery timeouts where some messages included invalid (NULL) characters.
Engine Improvement Improved support for streaming media over HTTP where data scanning in use.
Driver Bug-Fix Added support to the driver for MMS (Microsoft Media Server protocol) which could have caused a potential BSOD if the far end media server was running on RTSP's port of 554.
Driver Improvement Support introduced for MSS reduction in the ENS driver. This setting (on by default) reduces the MSS value in TCP connections made through the ENS when the MTU of the next hop is smaller than the default value of 1500. This has significant implications for connections with reduced MTU (maximum packet size) such as PPTP connections, and PPPoE and PPPoA connections.
Driver Bug-Fix Fixed an issue where the 'Relay UDP broadcasts' option was not being adhered to correctly.
Driver Improvement Added support for SYN cookies. THese may be applied to redirected and allowed connections in the ENS, providing protection from SYN flood attacks.
Engine Improvement Several performance enhancements related to locking.
Engine Improvement Fixed a display problem on the main Plugin Dialog with relation to expired licences.
Engine Bug-Fix Fixed a problem with running GateKeeper over a remote link, where plugins were not accessible from the remote GateKeeper but the WinGate server had them available
GateKeeper Bug-Fix Improved handling of multiple content filtering products and their removal.
Engine Improvement Improved performance handling of scanning of large files, including better keep-alive mechanisms for email and web/FTP clients. In particular Outlook should not timeout whilst downloading and scanning large emails. Also WinGate's memory footprint greatly reduced for scanning large files.

Version:  5.1  -  November 2003


Component Type Description
Engine New Feature Two new plugins! PureSight for WinGate (a new content filtering plugin), and Kapersky Anti-Virus for WinGate (a new Anti-Virus solution).
Engine Improvement As a result of the above, added the ability to schedule, or manually run updates for plugin components. This is intended for any data files that a plugin requires, such as the AntiVirus databases.
Engine Bug-Fix Rolled back a change to DNS that was made in 5.0.8 (no. 14 below) so that DNS wont fail immediately if on dial up, but will instead wait until dialling has finished and will then retry the DNS request.
Driver Bug-Fix Fixed an issue in the driver which could cause the NAT to stop working if the Firewall was disabled.
Driver Bug-Fix Fix (again) for the XP dial up phantom adapter showing in the the route table. Also fixed up so that even if a phantom interface does appear NAT will continue to function through WinGate.
Driver Bug-Fix 6. Fixed a bug in the IP blackhole function, which would cause additional 'black holed' ip's to not get blocked.
Version: 5.0.1
Released: December 2002
General Release Notes

Improved ENS to handle ENS out of Buffers mode more gracefully. ENS functionality will be restored as soon as sufficient buffers have become available.

Fixed a potential memory leak under heavy load - this would result in threads and their associated memory being leaked

Allowed user control over reporting of short lived UDP Sessions. Heavily loaded systems should see a significant memory usage improvement.

Fixed a problem with the scanning for viruses in WWW traffic

Improved memory usage for the WWW cache

Cache handling for WWW improved to remove potential for a deadlock

Upgraded display of VPN tunnels while connected. Each node now displays it's view of the tunnel.

POP3 Server now supports handover to POP3 Proxy.

POP3 Proxy now has a dedicated Non-Proxy mode for handing over to the POP3 server.

The Mail Server now allows the user to send all queued email immediately and to reset the retry counts for all domains. This is accessed by right-clicking on the email server.

DNS Cache now has the ability to instigate a purge or a flush of the cache

FTP Proxy has two options added to improve handling of retries and blocking of virus infected files

Fixed a problem with the display of accessible / inaccessible machines in the Network Window

Updated Help Files

Version: 5.0.0 (Released: November 2002)


Version: 4.5.2 - Released: July 2002

  1. Resolved several issues which could have caused the WinGate service to stop responding.
  2. Fixed some issues with the ENS treatment of local traffic which may have been causing "ENS out of memory" errors.
  3. Fixed a problem with the WGIC which could cause it to ignore the "Local Only" setting for applications.
  4. Fixed a problem which could occasionally stop the DNS service running.
  5. Improved the strength of the WinGate firewall to resist IP fragmentation attacks.
  6. Bug Fix: Fixed a bug which could cause the WGIC Toggle to malfunction.
  7. Bug Fix: USB Orinoco wireless LAN adaptors no longer BSOD on Windows XP.
  8. Bug Fix: Corrected a problem which could cause dual-processor Windows NT systems to crash under high load.
  9. Bug Fix: Running the traceroute program through a WinGate gateway now works as intended.

Version: 4.5.1 (Released: March 2002)


  1. Dual processor Window NT machines may sometimes crash under high load when using the WinGate ENS.

  2. Lucent Orinoco USB wireless adapters could cause a crash on some Windows XP systems with WinGate installed


  1. EnterNet PPPoE connections are now supported by the WinGate ENS. If you are running Windows 2000, you should ensure your EnterNet software is set to 'Protocol Driver' in the Advanced Settings dialog.

  2. Bug Fix: Transparent Redirection to the WWW Proxy now works with Java Login.

  3. Bug Fix: Transparent Redirection to the WWW Proxy now works for Internet Explorer v2 and v3.

  4. Bug Fix: Transparent Redirection of ENS sessions now works on Windows XP.

  5. Bug Fix: Fixed a WinGate ENS problem which could cause crashes on some Windows NT systems.

  6. Bug Fix: The ENS no longer breaks dial-up connections on Windows XP.

  7. Bug Fix: GateKeeper will now go offline when the WinGate Engine stops.

  8. Bug Fix: Conflict between Norton Ghost Server and WinGate resolved.

  9. Bug Fix: WinGate now checks NT database for changes and will resync if necessary.

  10. Bug Fix: WinGate now authenticates properly with the Windows NT database using Windows XP.

  11. Bug Fix: Sockets error when accessing secure sites now rectified - access to secure sites now more reliable.

  12. Bug Fix: Cured a serious memory leak in the DNS service.

  13. Bug Fix: Incoming WinGate ENS redirections now work with all connection types.

  14. Bug Fix: The Traffic Monitor can now support more than 10 interfaces without problems.

  15. Bug Fix: Resolved a problem with the Java Login that could sometimes hang the WinGate Engine.

  16. Bug Fix: Remote administration with GateKeeper, or use of the Java Login, can no longer cause a crash on some Windows XP systems.

  17. Bug Fix: Fixed a problem with the WinGate Internet Client which could, in some cases, cause the SVCHOST process to use 100% of the CPU on Windows 2000.

  18. Bug Fix: Improved FTP application support within the WinGate ENS to improve compatibility when running an FTP server behind WinGate.

  19. Bug Fix: The WinGate ENS now supports NDIS 5.1 drivers on Windows XP. This includes support for Linksys wireless networking.

  20. WinGate Home now gives you the ability to configure the DNS service manually.

  21. Helpfile improvements.

  22. GateKeeper now remembers column size and layout.

Version: 4.5.0 (Released: January 2002)
  1. Windows XP Support
    WinGate 4.5.0 now includes support for Windows XP, including the WinGate ENS.

  2. Bug Fix: Transparent Redirect Activation
    The Transparent Redirection feature will now activate properly as soon as it is selected.

  3. Bug Fix: FTP Support with WinGate ENS
    Access to FTP servers using non-passive mode is now much more reliable.

  4. Bug Fix: Login with FTP Proxy
    A bug has been resolved which prevented login using the FTP proxy unless the far-end server user name was defined locally.

  5. Bug Fix: WGIC Toggle
    The WGIC Toggle will now function correctly on all operating systems.

Version: 4.5.0 Beta B (Released: October 2001)
  1. Web Browser Auto-Configuration
    WinGate will now support fully automatic proxy configuration for Microsoft Internet Explorer versions 5 and 6, and auto-configuration via URL for Netscape and older versions of IE.

  2. Transparent Redirection
    Proxies may now capture ENS and WGIC traffic, which allows the user to receive the advantages of a proxy, such as caching, advanced access control, and content filtering, with the freedom from configuration that comes with the ENS and the WGIC. Transparent redirections can be enabled on the "Sessions" tab of supported proxy services.

  3. Bug Fix: Windows 95 Now Supported (WG4.5 Beta A did not support Win95).

  4. Bug Fix: The firewall reporting panel now logs connection attempts which are denied by a default rule.

  5. Bug Fix: A memory leak in the ENS, which could cause it to disable itself after a period of operation, was resolved.

  6. Bug Fix: Fixed a bug which could prevent successful login to FTP servers when using the FTP proxy.

Version: 4.5.0 Beta A (Released: October 2001)
  1. New DNS Resolver
    The DNS service has been re-engineered to improve performance and allow the serving of local names.

  2. Switchable Trial licenses
    Trial license keys may now be switched between Home, Standard and Pro versions during the trial period.

  3. RTSP Proxy
    WinGate 4.5 adds a new RTSP proxy for Real Media and QuickTime streaming audio and video.

  4. Traffic Monitor
    The level of data traffic on each interface may now be displayed graphically in the new traffic monitor.

  5. PPPoE Support for ENS
    The WinGate ENS now supports WinPoET driver PPPoE connections. Users may still experience problems with NTS/EnterNet based software.

  6. Content Filter Plug-in
    A new content filtering plug-in is available for WinGate 4.5. At user request, it uses an advanced artificial intelligence to block pages related to either sex or gambling.

  7. Firewall Reporting
    The WinGate firewall now has much more advanced reporting features.

  8. Engine Monitor Changes The engine monitor, which sits in the system tray, now changes color to indicate when the engine is currently Stopped, Starting, Started, Stopping, or when there is an outstanding syslog message.

Version: 4.4.2 (Released: September 2001)
  1. DirecPC Support
    Includes a new version of DirecPC support, which allows WinGate to dynamically connect and disconnected from DirecPC as its availability changes. The "-force9x" command line option is still required to use DirecPC support on Windows NT4 or Windows 2000.

  2. Dialer
    Fixed a dialer problem which could cause dialing attempts to continue after the maximum number of retries.

  3. User Accounting
    Fixed a bug which could cause the time-on-line statistic in the user accounting page to be twice as long as it should be.

  4. DNS
    Improved the DNS request decompression code to conform more tightly to the DNS specification. (Note: we know of no problems occurring due to the old code).

Version: 4.4.1 (Released: August 2001)
  1. Session Timeouts
    Fixed a bug which could prevent sessions from timing out correctly, particularly UDP mappings.

  2. Dialer
    Fixed a bug which would prevent dialer access permissions from being correctly retained by WinGate.

  3. Help File Improvements
    Some text improvements have been made to the help files, and the context sensitive help buttons for service configuration tabs now take the user to a more appropriate place in the help documents.

  4. WWW Proxy
    Fixed a WWW proxy bug which would not allow the '@' sign to be used in FTP passwords, which could prevent anonymous FTP login to some servers.

  5. GateKeeper
    Fixed a bug which could hang GateKeeper if the user detached the control panel and closed it.

  6. Web Server
    Enhanced the built-in web server to prevent timeouts when transmitting large files.

Version: 4.4.0 (Released: July 2001)
  1. Rules Interpretation:
    We have fixed a bug which could result in the misinterpretation of rules which had been configured in an older Version of WinGate.

  2. Optimization of Installer:
    We have optimized the installer to reduce the download size by 1.4Mb.

  3. Right Clicking Functionality:
    We have fixed a bug which prevented you right-clicking on a machine name in the activity window of GateKeeper, and selecting properties.

Version: 4.4.0 Beta A (Released: June 2001)
  1. Enhancements to the Dialer Interface and Functionality:
    It is now possible to manually regulate your dial up connections, specifying the number of attempts to dial up each account and how often to go through the complete list of dial up connections.

    The ability to dial AOL using the dial on demand features of WinGate, as well as utilizing a DirecPC Internet connection through dial on demand (initiate the dialer from any computer on the network) is a benefit to many users.

  2. Auto Update Feature:
    The Auto Update Feature has been implemented to enable users to select if they wish to be automatically advised of new versions of Wingate. In previous versions, the update check was available, however, this was not configurable nor was this automated. With the Auto Update feature, users will be able to keep up to date with the most current version of WinGate and are able to choose a time interval in which they would like to check for updates.

  3. Automatic Upgrade Support
    WinGate now provides automatic support when upgrading your operating system from Windows 95, 98 or ME to Windows 2000. It will replace the ENS driver with the Windows 2000 version, and re-register all WinGate services without any intervention by the user. If there are any problems upgrading WinGate, an error message will be displayed with a helpful web link.

  4. RRAS with Windows 2000 Issues:
    With the previous versions of WinGate, the Internet Connection could be lost (even to the Server),if you were utilizing RRAS and WinGate's ENS feature. This issue has been resolved with WinGate 4.4 Beta A.

  5. Windows 98FE with BroadMedia Adapters (HPNA, WIRELESS)
    With the previous versions of WinGate, the Computer could be prone to Blue Screens if you were using an HPNA, or any other type of Broadmedia adapter, with Windows 98FE. This has been resolved with the latest Version WinGate 4.4 Beta A.

  6. Java Authentication Enhancement:
    Previous versions of WinGate experienced Java client authentication problems with some web browsers running Apple Mac operation systems. This has been resolved with the 4.4 Beta A release. The Java Client authentication screen appears as it would on any other operating system.

  7. Administrator's Account:
    The ability to remove the Administrator's account has been modified due to situations where this could create problems within access rights to WinGate. There will now be a warning message that appears to indicate that removing this could affect the functionality.

  8. Additional Time Allocated for Setting Password:
    The "Time Out" issue when trying to log into GateKeeper has been resolved. There was a time out setting that would expire at times before the username and password was inserted into the fields when logging into GateKeeper. The time has been extended to allow more time to finish the login process.

  9. Enhanced Log Format:
    The log format has been enhanced to accommodate multiple word log files. Previous versions of WinGate would only allow a single word for log files, whereas the 4.4 version of WinGate offers a more intuitive approach to retrieving log files.

  10. Copy to Clipboard:
    The option of right clicking on any system log message has been added as a matter of convenience. In the previous versions, the system log messages were not saved and could not be copied easily. This should assist in backing up any information that would be useful to you via the system log messages.

  11. Updated Logging Feature:
    Enhancements were made to allow WinGate to correctly log the IP addresses and computer name of a computer trying to log into WinGate. This will in turn increase the ability to report on users, increase security within the network, and will also allow the system administrator to account for all the computers.

  12. Configuration Change:
    The cosmetic error messages would appear when you clicked "OK" after applying changes within GateKeeper have been removed so as to not confuse or mislead the user.

  13. Remote Administration:
    Modifications were made to enable you to remotely administer a WinGate Server when running WinGate Client on your computer.

  14. Login Password:
    For your convenience, GateKeeper will now remember your login password provided the "Remember Login Details" option is selected.

  15. Tab Feature:
    Keyboard navigation has been improved. The tab button will now enable you toaccess all fields.

  16. Enhanced History Log Files:
    History log files were enhanced to show the GMT plus local offset time. This was an enhancement to improve the reporting abilities within a network, as previous versions of WinGate did not report the time correctly.

  17. Port Adjustment:
    When an adjustment is made within the redirect portion of the firewall, previous versions of WinGate would default the port to 0. This created an error message that you must enter an integer between 1-65535. This has been changed so that the port will default to 1, thus removing the error message and allowing you to click "OK" to close.

Version: 4.3.0 (Released: May 2001)
  • In some circumstances WinGate is reported as hanging by the service control manager when the machine is booting. This was caused by WG making reference to RASMAN before the RASMAN service had finished starting. Now fixed.
  • Freehand filters now work correctly

Version: 4.3.0 Beta B (Released: April 2001)
  • In Beta A there was a system resources leak for some network drivers & protocols, which led to the ENS shutting down after extended use
  • Malformed IP fragment packets were being sent when sessions were manually terminated
  • Handling of abrupt TCP connection termination much improved
  • ENS can now be installed with protocols other than TCP/IP eg NetBeui; IPX/SPX
  • In previous versions, if GateKeeper communication was unexpectedly terminated, WinGate would not terminate its session, and continue to attempt sending updates.
  • Fixed a problem that could cause GateKeeper to unexpectedly terminate.
  • Fixed a problem that could cause WinGate to stop responding.
  • The license expiry warning that was supposed to appear 30 days before expiry was actually appearing 8 days before expiry.
  • A leak associated with using the NT user database has been fixed.
  • Fixed leak caused by WinGate's use of SNMP.
  • A spurious syslog message relating to a previous version of ENS was appearing when network configuration changed.
  • Logging filter expressions did not handle deeply-nested parentheses
  • Changing interface details in GateKeeper caused an erroneous error message.
  • Changed configuration report to enure that license key information is not displayed by default.

Version: 4.3.0 Beta A (Released: February 2001)
New NAT - Advantages and improvements of the new NAT over the existing 4.2 NAT engine:
  1. Supports PPTP
  2. The 4.3 NAT does not install additional interfaces in the network properties on the WinGate server, thus is far less likely to conflict with Virtual Adapters and VPN's.
  3. 4.3 NAT Engine has no known hardware incompatibilities with it. While the 4.2 and earlier NAT engines would not work with some brands of network cards, the 4.3 NAT engine has no such issues known.
  4. Supports all current Operating Systems and service packs. The 4.2 and earlier NATs will only work on Win 9X and NT4, SP 4 or 5 systems. The 4.3 NAT engine supports Win 2K as well as all 9X and NT4 SP4 or later platforms.
  5. The 4.3 NAT Engine dynamically binds to network adapters so you can safely modify your TCP/IP network configurations without having to manually reconfigure WinGate's NAT service. (i.e. uninstall and reinstall NAT every time you modify your TCP/IP settings on the WinGate server.)

Version: 4.2.0 (Released: February 2001)
  • Added option to disallow simultaneous logins from one user id.
  • WinGate Engine automatically detects DUN connectoids not configured for WinGate Dialer Profile use and offers to guide them through doing this
  • Option added to allow easy back up of Registry
  • Modified the adding of user and service names so trialing or leading blanks are removed, preventing spurious near-duplicates
  • Changing from Wingate users to NT authentication and back to WinGate no longer removes any WinGate users who did not have an NT account
  • If ENS is not installed the NAT directory and ENS log are no longer created
  • Cancelling "Confirm WinGate password" dialog now returns to User properties dialog
  • Adding new service with same port number as one that is already running generates a warning/error
  • Move options/confirmation menu item and syslog options to menu hanging off GateKeeper Options/Advanced
  • Added warning that appears when WGIC puts an application in local-mode as a result attempting to listen attempt on a reserved port
  • Added help button on system policies, assumedusers, edit/new users, edit/new groups
  • In NT Authentication WinGate now creates a default administrator account if it does not find one
  • Scheduler has been fixed so that it will not disable NT user database accounts.
  • In the Activity Pane you can now display by Service eg POP3, FTP, HTTP etc
  • When under heavy load repaints used to be so fast that GateKeeper became unusable, and could jam or leak memory. This has been fixed
  • WinGate now installs on a Clean WinME Build
  • When doing an UDP ASSOCIATE request was getting used which was not handled correctly by the Proxy. Changed the SOCKS proxy so that if no port number is initially provided, it uses the port number of the first outgoing UDP packet the client sends.
  • Sending Null byte file to server port 2080 no longer causes 99% cpu and memory consumption issues
  • Users are now warned not to disable the guest account
  • Config Report option added to Advanced menu item which displays troubleshooting information
  • Better AOL Support
  • After a Machine name change Wingate now updates its DNS entry.
  • WRP history entries for http requests no longer have corrupt description
  • Warning Message boxes now have a disable option
  • A new menu item has been added to the WinGate Internet Client option that allows one to toggle the client on and off more easily.
  • GateKeeper Activity pane functionality improved to allow users to more easily ban websites, disable users etc
  • Ability to pause the activity pane and to view information by Service or User
  • Made serialization locking uniform throughout WinGate, and changed to a faster locking mechanism.

Version: 4.1.1 (Released: 15 December 2000)
  • A mechanism employed to make most efficient use of system resources made it possible (although unlikely) for parts of WinGate to hang. This mechanism has been changed to ensure that this can't happen. (Engine - Bug-fix)
  • On NT systems, the WinGate service was installed as able to interact with the user Desktop (in order that those using InterQuick could see it's system-tray icon). Unfortunately, this can mean that users logging in and out of Windows can disrupt WinGate, in some circumstances causing it to hang. Now the WinGate Service has this setting switched off by default. (Engine - Bug-fix)

Version: 4.1.0 (Released: October 2000)
  • User management and authentication with NT / 2000. (Engine - New Feature)
  • Ability to import users from NT / 2000 and text files (tab delimited format) (Engine - New Feature)
  • New SMTP Proxy to provide Spam protection functions (Engine - New Feature)
  • Support for cable modems & direct router connections (ability to define any interface as public or private). (Engine - New Feature)
  • Universal WinGate Engine executable file (no longer separate file for NT and 9x systems) (Engine - New Feature)
  • Autosave option added to allow configuration changes to be saved without manually clicking the "Save" button in GateKeeper. (GateKeeper - New Feature)
  • The task scheduler will execute any tasks rounded to the nearest minute eg if you scheduled a task for 5:30:58 then it will fire at 5:31:00 (this applies for rounding both up and down). In previous versions seconds were ignored. (Engine - Bug Fix)
  • The WWW cache tended to leave some cache files behind sometimes. These files did not have entries in the cache index and were therefore useless. Any file in the cache directory without an index entry is now deleted during a purge. (Engine - Bug Fix)
  • Logging is now done under a sub directory with the name of the service/user. When logging is rolled over, the old files are renamed to a date:timestamp (Engine - improvement)
  • You can now change the path of the history database for both logging and viewing. Changing this path to a root directory is not permitted. ( Logging COM Object - Improvement)
  • When a WinGate Service is bound to an external interface, GateKeeper will prompt the user to open a "hole" in the ENS Firewall (corresponding to the same port bound to by the service). Any "holes" opened automatically will assume defaultproperties, and will close when that service is deleted, stopped or unbound. (ENS GateKeeper - Improvment)
  • When user accounting information is changed, the change is now broadcast to GateKeeper immediately. (Engine - Bug-fix)
  • Addressed bug where sometimes this would not close once all Internet applications had been closed on the client computer. ( WinGate Dialup Monitor - Bug-Fix)
  • WinGate now retains the administrator password after a trial license key has expired. ( GateKeeper - Improvement)
  • Improved memory management (large reduction in number of handles used). (Engine & GateKeeper- Improvement)
  • No longer get a range of system log messages after the engine starts for the first time (following an installation on an NT/2000 system). (Engine - Improvement)
  • WGIC reports "owner" application in most message boxes (so if the server not responding you at least know what app keeps triggering the report) (WGIC - Improvement)
  • ENS icon/menu hidden for users that are not members of the administrator group. (ENS - Improvement)
  • TCP proxy services used to be vulnerable to self-looping eg POP3. This stops (a) inadvertent loop creation, eg proxy 1 listens on port 2000, redirects to 2001, proxy 2 listens on 2001, redirects to 2000, (b) malicious DoS attacks, eg sending "bob@" to POP3. (Engine - Improvement)
  • Context menus will be available when a user or group is selected and the user right-clicks the mouse (on the User tab of the GateKeeper control panel). (GateKeeper - Improvement)
  • A user "right" has been added to policies - "power user" (granted to administrator group by default). Allows a user to access advanced GateKeeper options (these options are not significant enough to be a separate right by themselves). (Engine - Improvement)
  • New scheduler task been added - the ability to enable or disable a user account. (Engine - Improvement)
  • WinGate scheduler properly implements the default log rollovers (configured by the installer) (Engine - Bug fix)
  • WinGate Engine can use a domain controller for the NT user database & base authentication upon domain credentials. Find out more about this feature here. (Engine - Improvement)
  • Net bios network broadcasts are made differently in Windows ME than previous 9x platforms. This change caused the dialer to go online unnecessarily when the WinGate Internet Client was installed. (Engine - Bug-fix)
  • When logged-in to Windows ME and running the WinGate Internet Client, there was a problem with passing the current login credentials for automatic authentication. This has been resolved. (Engine - Bug-fix)
  • NT authentication was not working with an NT4 Server (WinGate) and Windows 2000 Professional (Client) setup. The problem occurred when passing the users current login credentials (Engine - Bug-fix)
  • When using NT accounts with WinGate, GateKeeper will not allow a WinGate administrator to add, remove or edit user/group details (except for password). (Engine - Bug-fix)
  • FTP would fail under sometimes when using ENS. This only occurred when using the FTP PORT command repeatedly and resulted in failure of the subsequent data transfer. (Engine - Bug-fix)
  • Fixed handling for some IPPROTO socket options (EverQuest now works properly when using the client) (WGIC - Bug-fix)
  • Changes made to ensure that only a single log file will be created and updated for each service in a 24-hour period (rollover occurs at midnight). (Engine - Bug-fix)
  • "Start Menu\Program\WinGate\Start WinGate Engine" link now works as expected. (Engine - Bug-fix)
  • Log File Service no longer vulnerable to serving restricted data when a user requested another root. This vulnerability was most dangerous when the service was bound to an external interface (by default it is not). (Engine - Bug-fix)
  • WRP service no longer vulnerable to a buffer overrun when receiving a malformed URL (containing escape characters). (Engine - Bug-fix)
  • Improved memory management in the WWW Proxy cache has decreased overall memory usage and increased speed. (Engine - Bug-fix)
  • Improved general memory management for WinGate services. This has fixed memory leaks that could occur with service logging and session termination. (Engine - Bug-fix)
  • Set the RAS Manager Service to start automatically on Windows2000 (by default it does not). This fixed the problem where the WinGate Engine could stall on initial startup for up to a minute (while the RAS Manager Service was starting up). (Engine - Bug-fix)
  • Scheduler was rolling over service logs every hour when they are supposed to rollover daily (at midnight). Bug only present in Home and Standard licenses. (Engine - Bug-fix)
  • Installer now checks for the presence of WinSock2 (a standard API for TCP/IP) for both WinGate Server and Internet Client installs. (Installer - Improvement)
  • InterQuick installer is fully-functional for 4.1 installations. (IQ Installer - Bug-fix)
  • Help system updated to cover all new 4.1 features and additions. Popup help has been implemented for screenshots. Several broken links addressed (eg "banning"). (Help System - Improvement)

Version: 4.0.1 (Released: 6 June 2000)
  • Extended Networking Support (ENS) offers three new options for WinGate. A firewall to secure the WinGate server, NAT to make internet sharing even easier, and Bridging to allow users to share drives. Learn more about this new feature in the help file.
  • Supports InterQuick Plugin for WinGate - InterQuick combines the best features of web accelerators, content filters, advertisement blockers and scheduling, resulting in increased Internet performance and control from any Internet connection. Learn more about this new feature in the help file.
  • Updated logging support provides users with greater monitoring and control. User can now filter data displayed in the history view.
  • Ability to clone the properties of existing WinGate Users and Services though a context-sensitive right click menu in GateKeeper. Improves efficiency.
  • Qbik has a new company web site viewable at http://www.qbik.com.
  • New HTML interface for improved clarity and detail.
  • New topics on all new features; New topic on how to authenticate WinGate users; New topic on configuring system vs service policies; New "look and feel" plus greatly improved keyword indexing of help topics.
  • Option added in installer to obtain/purchase key online through Web browser.
  • ENS system service allows you to set Firewall security. (GateKeeper - New Feature)
  • Support for persistent system log messages added. (GateKeeper - Improvement)
  • Behavior of Up/Down buttons in IP assumption list window changed so that the selection now remains on the same item. (GateKeeper - Improvement)
  • Time online is updated at the end of the session if no session with longer duration exists (improves accuracy). (GateKeeper - Improvement)
  • General improvements to time-based policies: a. Invalid time values can not be entered; b. Finish times must be later than start times; c. Improved general implementation of time filters. (GateKeeper - Improvement)
  • Politer handling for invalid licence key entry. (GateKeeper - Improvement)
  • Added option for version checking from server using Web browser. ( GateKeeper - New Feature)
  • Peculiar Characters no longer appearing on User Names in Win2K. (GateKeeper - Bug-Fix)
  • UDP Mapping issue resolved - Starcraft no longer fails with Client on UDP. (Internet - Client Improvement)
  • WinGate Client(WGIC) will now run on the WinGate Server. (Internet - Client Improvement)
  • Internal changes to LSP have fixed problems with CE Services, MDConfig and FTP uploads. (Internet - Client Improvement)
  • Option added to WinGate Internet Client to provide for "non-standard" connect modes (this option is available under the Applications Mode dialog and is provided for a small number of applications that have been found to be using non-standard calls to Winsock - see WGIC help for further detail). (Internet - Client Improvement)
  • Start Menu Shortcut added for the WinGate Internet Client applet. (Internet - Client Improvement)
  • Problem where if no servers found LSP not disabled properly fixed (useful for mobile users). (Internet Client - Bug-Fix)
  • Problem where programs launched with RUNDLL32.EXE with some command line options not recognised fixed. (Internet Client - Bug-Fix)
  • Repaired problems with using Netscape to access yahoo mail with the WinGate Internet Client. (Internet Client - Bug-Fix)
  • Repaired infrequently observed problems accessing certain sites using Internet Explorer 4.0 and 5.0. (Internet Client - Bug-Fix)
  • Client shows dialer information on Windows 2000. (Internet Client - Bug-Fix)
  • Better approach to synchronising port numbers between Client and Engine. This was causing trouble for some Java applets. (Engine and Internet Client Improvement)
  • Automated restart of engine on key change. (Engine - Improvement)
  • Added F1 Help support for new features. (Engine - Improvement)
  • ISDN Multilink Support Completed. (Engine - Improvement)
  • Network configuration change message will now not detect false changes with some RAS Dialups. (Engine - Improvement)
  • Added SQUID proxy support. (Engine - Improvement)
  • Support now provided for Wireless LANs. (Engine - Improvement)
  • SNMP now used to check for dialer activity. Dialler now only hangs up on total modem inactivity rather than WinGate Activity. Prevents clients being hung up. (Engine - Improvement)
  • Added option to dialer config to disable remote disconnect of dialer from client. (Engine - Improvement)
  • Svchost.exe no longer takes up 100% of CPU. (Engine - Bug-Fix)
  • Engine Bug-Fix Help Button added to all service dialogs. (Engine - Bug-Fix)
  • Engine Bug-Fix WinGate DHCP now reads all DHCP option fields supported by Mac. (Engine - Bug-Fix)
  • Engine Bug-Fix Bad password problem fixed in WinGate Home. (Engine - Bug-Fix)
  • Engine Bug-Fix Engine startup no longer hangs on invalid licence. It simply politely exits. (Engine - Bug-Fix)
  • 2 Engine Monitors no longer appear at end of Upgrade. (Installer - Bug-Fix)
  • Service Properties/Bindings changes no longer lost on an upgrade. (Installer - Bug-Fix)
  • Detection of ICS (Microsoft Internet Connection Sharing) during ENS install implemented. (Installer - Improvement)
  • Installer now checks to ensure Winsock 2 (required for both client and server with ENS) is installed on each machine. (Installer - Improvement)
  • Dialer monitoring changed to prevent excessive CPU usage. (Dialer Monitor - Bug-Fix)
  • Problem where disconnect button only works after first server update if server is NT fixed. (Dialer Monitor - Bug-Fix)
  • Improved advance proxy installation by greying out server entry until checkbox checked in Installer. (WinGate Server - Improvement)
  • Added a reboot on the install if WinGate had been Installed, then uninstalled with no reboot after the uninstall. (WinGate Server - Improvement)
  • Failure to properly migrate settings when upgrading from WinGate 2 to later version (ie 3.04/5) corrected. (WinGate Server - Bug Fix)
  • Icons for installed components fixed up. (WinGate Server - Bug Fix)
  • Supports USB hardware with Windows 98. (NAT Driver- Bug Fix)
  • Improved applet problems on Mac. (WinGate Java Applet - Bug-Fix)

Download | Support | Contact Us | Terms And Conditions | Privacy Policy