InJoy Beta Program
InJoy Dialer/Firewall 3.0
Overview
Thank you for participating in the InJoy beta cycle. This is a public
beta of our new cross platform software. Beta testers can legally use
this software until payable versions are available. At that time,
the beta key and the beta software may not longer be used.
Feedback
The focus of the current beta phase, is to make sure that the core-product
is robust and intuitive to use. We are especially interested in feedback
regarding product stability and bugs in general.
To give feedback and ask questions, please subscribe to our public
"product mailing list". Subscribe here
Latest News
Follow the latest developments below:
- July 6, 2002 - July-6 build now available on OS/2, Windows and Linux
- Added (finalized) support of Linux Red Hat 7.2 and 7.3.
- Added a couple of window themes to the Firewall GUI. "Micro" for a very small sized GUI and "Informative" for full info.
- Added autostarting of "newip.cmd" (.sh on linux) when the InJoy Firewall
detects a new DHCP served IP address.
- Added on-the-fly toggle of InJoy Firewall packet tracing (press 't' in gateway.exe to toggle).
- Added autostarting of the InJoy Firewall at system startup (on Linux, OS/2 and as a service on Windows).
- Added --silent-debug paramter to force Pluto logging to disk only.
- Added "IKE-Server-Parameters" to the IPSec configuration, allowing parameters for auto-started Pluto.
- Added Cisco 2600 series IPSec/IKE support.
- Added CRC checking to "root out" malformed packets. Solves a rare problem of broken downloads and web sessions.
- Added flags to the IPSec configuration allowing it to generate less logging in ipsec.log.
- Added incremental Pluto renegotiations, for super efficient renegotiation.
- Added rule to dynamically blacklist (only) ICMP packets from people that keep pinging your server. Enabled at level-8.
- Fixed problem in InJoy Dialer on OS/2, where IP stack would report "No buffer space available" when the old default route was not deleted before adding in a new one. Took roughly 2500 connections to reproduce.
- Fixed very rare trap in IPFRAG, caused by a malformed packet. Code hardened to the point of perfection, so do not be alarmed to see malformed packet in the log of dropped packets. If you see a LOT of malformed packet, then turn on debugging (e.g. gateway -d in the InJoy Firewall) and you will see what exactly the problem with the malformed packets are.
- Fixed bugs in the Windows device driver (both Dialer and Firewall).
- Fixed killing of autostarted applications (after host disconnect) in the InJoy Dialer.
- Fixed colliding IKE negotiations in Pluto. Was problematic with certain Cisco models.
- Fixed hang problem with FXWRAP driver and Windows Hibernation.
- Changed the InJoy Firewall driver to pass DHCP traffic in secure mode.
- Changed Dialer to interpret 9999 redial retries to unlimited redialing.
- Changed Pluto to log less by default, in order to keep ever-expanding log files tight.
- Changed InJoy Dialer to support "null" as phone number for improved InJoy managed NULL-modem dialing and hanging up.
- Changed the InJoy Dialer to be more robust with setjoy/API triggered dialing in combination with DoD and manual dialing.
- Changed InJoy Firewall to have MSS-Adjust enabled by default. MSS is auto-changed to 1400 to bypass most MTU related problems (TCP only).
- Changed InJoy Dialer to support new settings "lock-mtu" and MSS-adjust.
- Changed FXWRAP on OS/2 to be a protocol driver. It is now copied to
ibmcom/protocol instead of ibmcom/macs. Changing the network configuration
through MPTN should still ONLY be done when FXWRAP is not installed.
Important Notice: The SafeMail feature works as a transparent proxy
between remote work-stations and your SMTP server. SafeMail makes all
incoming SMTP connections appear to be coming from the IP address of
the InJoy PC. This is a problem if you use "IP based relay-control" in the
SMTP server. In conclusion, if you are running an SMTP server configured
for Relay Control, then either turn off SafeMail or (re-)configure
the SMTP Server to authenticate remote users in another way. We will
provide a work-around for this problem in the near future.
Download
- InJoy Firewall 3.0
- InJoy Dialer 3.0
- Pluto IKE Server (for VPN support)
Registration Keys
The keys work on all supported platforms and unlock ALL product features.
NAT and IPSec is supported for 10 internal users.
- InJoy Firewall
- name: injoy-firewall-beta
- code: 1dcbcccbcaafd44db3556660e06278c10c22414099590e0053e004604b4aa36318
- InJoy Dialer
- name: injoy-dialer-beta
- code: 1ecbcccbcaafd44d392bc8c0c0c5f082991148828032b31c005d2f04dd8c8a3cbd
Installation
This software does not support over-installation. Unzip the beta
product into an empty directory and run install. Refer to the readme.os
for specific information for the Operating System you are using.
Pluto can be unzipped directly on top of your InJoy installation.
Version 3.0 Features
- General
- Multiplatform support (OS/2, Windows, Linux)
- Stand alone log viewer
- DHCP Server support
- DNS Forwarding
- Packet tracing directly from the desktop folder
- IPFORMAT tool to dump packet traces
- Lots of new usability options.
- InJoy Dialer Specific
- PPP Dial-in support
- Faster load time
- User interface change for more logical access to advanced features
- Long awaited support for very long phone numbers
- Dial On Demand option to call only on new TCP connection or DNS lookups
- Internal net checking for NAT (keeping the NAT table optimized)
- InJoy Firewall Specific
- Native [Remote] GUI (InJoy Firewall only)
- VPN Tunnel creation wizard
- Secure mode driver option (no traffic passed if firewall isn't running).
- Firewall rule creation wizard
- MSS-Adjust to use a fixed Maximum Segment Size with TCP.
- PPTP Support
- PPPoE Support
- More statistics and new monitor windows
- New modern color and font schemes
- Quick blacklisting and whitelisting
- Firewall Security
- Dynamic Firewall
- Observation rules with actions based on match count
- Blacklisting on-the-fly (smart rules)
- 10+ predefined security levels (user configurable)
- Port Scanning detection
- Intrusion and e-virus protection
- (D)DoS (Denial of Service) Protection
- Safemail feature (log, deny or rename e-mail attachments)
- Time based rule checking. Supports any combination of week days, day numbers and time intervals.
- URL logging and Filtering
- Security alerts, with packet dumps (raw, formatted)
- Preconfigured logging of connections, dropped connections, dropped packets, URL visits
- Real-Time TCP Connection monitoring
- Forensics: Binary packet logging
- More packet analysis attributes
- Bidirectional rules
- Pre and post firewall processing
- Whitelist rules
- On-the-fly updates
- IPSec VPN
- New simpler configuration format
- Improved third-party interoperability
- X-authentication with server side user database
- Auto-assignment of static internal IP address to VPN clients
- User-id and Password prompting
- Manual Keying, with no IKE server
- Auto-starting of IKE Server (Pluto)
- Preshared key moved to ipsec.cnf
- Support of MY_IP keyword for local IP address
- IPCOMP (DEFLATE, LZS) supported
- New external tool with SA status and reconnect support
- Interoperable among platforms
- On-the-fly updates
- PPPoE
- Maximum Segment Size adjustment, for less MTU issues.
- Auto-starting support (pppoe_c.cmd at connect, pppoe_d.cmd at disconnect)
- Lock MTU support
- MTU discovery ICMP packet to notify internal clients that
they should correct their MTU (for e.g. Mac clients).
Documentation
This beta should be considered "documentation free".
The documentation for the beta is being worked on and while some documents are included
in the distribution archive, they are not to be considered final.
Disclaimer
Even though this software already runs in multiple production
environments and has been tested in hundreds of test setups, then it
is beta software and F/X cannot warrant flawless operation.