Version 4.1, March 6, 2008.

• Fixed bug in Loopback driver in the Ethernet emulation mode. This bug made traffic capture impossible if the queue packets buffers sizes are less than 100 bytes.
• Fixed bug in ResetOnTimeout. In some cases connections weren't reset by timeout.
• Fixed bug in TcpManager working in Invader Mode. This bug might cause "dead" connections without data, that may lead to resource leaks.
• Added checkings for correctness of adapter parameters returned by some VPN drivers. Lack of such checkings might cause User-Mode Exception on NDIS requests to such network adapter.
• Added correction of MAC address header size for some virtual network adapters working with NDIS standard violations.
• Error in static libraries for VC7 is fixed. On compilation the linker displayed messages that it can't find some PSSDK methods.

Version 4.0, December 11, 2007.

• Now BPF JIT compiler supports x64(AMD64, EM64T) systems, that significantly accelerates traffic processing on 64-bit machines.
• BPF instructions set is extended: BPF_HTONL, BPF_HTONS, BPF_MARK instructions are added (see BPF Instructions). Now you can create BPF filters which will mark each packet with desired value associated with it, that significantly simplifies further processing of filtered traffic (see also HNPacket.Mark property).
• Ethernet emulation mode for HNLBAdapter object is added. Now Loopback adapter allows to process both local and remote TCP/UDP traffic the same way as it is possible for traffic captured from a physical network device. All objects, properties, methods, and events available for HNAdapter object now are available for Loopback adapter too.
• The queue for packets sending for HNAdapter.SendQueue). This feature is the best alternative for HNAdapter.SyncSend and HNAdapter.SyncSendEx functions, and allows to arrange high-performance packets sending in very flexible and powerful way.
• Adjustable packets pool for HNAdapter and HNLBAdapter is added. Now, changing HNAdapter.PacketPool or HNLBAdapter.PacketPool properties you can optimize both your application performance and the memory required for it.
• LostCount statistic parameter indicating the quantity of packets lost by PSSDK internal drivers for HNAdapter and HNLBAdapter objects is added (see HNAdapter.Get_LostCount and HNLBAdapter.Get_LostCount functions). This parameter will help you to detect performance bottlenecks in your application.
• TimeStamping has been standardized. Now under Windows NT/2000/XP/2003/Vista both in standard mode and HighPrecisionTime mode packets are timestamped with the value equal to hundreds of nanoseconds since January 1, 1601.
• HNAdapterConfig.IsWireless property for HNAdapterConfig object is added. This property indicates that the network adapter actually is a wireless (802.11) device.
• Real-time packets sorting by ID in the HNQueue object significantly improved.
• BPF instructions parser implementation in the HNUserFilter object optimized.
• Winpcap to PSSDK migration module is improved and expanded. Now WinPcap-based applications recompiled with WinPcap Wrapper can capture Loopback traffic.
• The following bugs are fixed:

HNQueue component:

- Bug in the real-time packets sorting by ID, might cause blocking of the internal queue thread.

- Bug in the real-time packets sorting by ID, might cause application memory corruption.

HNAdapter component:

- Bug on the network adapter closing. In some cases might cause an exception under Windows NT/2000/XP/2003/Vista if application was using HNAdapter.AsyncSend and HNAdapter.AsyncSendEx functions.

HNTcpManager component:

- Bug in the TCP sessions reconstruction. In some cases might cause mixing data from different sessions.

HNUserFilter component:

- Bug in BPF instructions parser. In some cases might cause an exception while BPF program compilation.

Version 3.1.1, August 24, 2007.

• HNFileAdapter object is documented.
• Officially confirmed compatibility with Windows Server 2008 (codename "longhorn") (x86-32) CTP June 2007, en_windows_server_2008_ids3_enterprise_datacenter_standard_x86.iso from MSDN subscription.
• The following bugs are fixed:

HNQueue component:

- Bug in the Get_FreeItems and Get_FullItems functions implementation, which caused to lingering blocking of the thread which called them;

- Bug in the OnPacketsReceive event handler working in the real-time packets ordering by ID. Sometimes this bug caused an exception.

- Bug in the AllocItems function: under 9x systems synchronization objects weren't created.

HNAdapter component:

- In 9x systems it was possible to face a problem with synchronyzation of internal threads closing when HNAdapter object has been deleted, that might cause an exception.

HNFileAdapter component:

- Fixed bug in the OnFileClose event handler definition.

HNLBAdapter component:

- In some cases under Windows Vista application hangs on closing network adapter if there are opened TCP connections.

Version 3.1, July 4, 2007.

• OS supported:

Capture traffic from a network adapter:

- Win98, WinMe, WinNt, Win2k, WinXp, WinXp x64, Win2k3, Win2k3 x64, WinVista, WinVista x64;

Capture traffic from loopback adapter:

- WinNt, Win2k, WinXp, WinXp x64, Win2k3, Win2k3 x64, WinVista, WinVista x64;

Hardware platforms supported:

- x86-32 (also WOW64 mode)/EM64T and AMD64.

• The following functions which allow to install/uninstall PSSDK internal drivers statically (on Windows startup) are added to HNPSManager component:
  IsProtocolInstalled, InstallProtocol, UninstallProtocol, IsLoopBackInstalled, InstallLoopBack, UninstallLoopBack (only WinNt, Win2k, WinXp, WinXp x64, Win2k3, Win2k3 x64, WinVista, WinVista x64).
  For work with these functions PSSDK initialization is not required. Functions allow to create applications working for users with restricted (non-admin) rights.
• The following functions are added to the HNQueue component: Get_FreeItems, Get_FullItems, Return_FreeItems, Return_FullItems.
  These functions are intended for work with HNPacket objects, which was created inside HNQueue. Also OnPacketsReceive event handler and ReceiveManyAtOnce flag for work with this event handler are added. Added flag OrderingById for sorting packets in the OnPacketReceive and OnPacketsReceive event handlers.
• New parameter HNPacket is added to the event handlers OnClientData and OnServerData of the HNTcpManager object. Now the definitions of these event handlers look as follows:
  On(Client/Server)Data (Sender : TObject; hTcpSession: Pointer; hPacket: Pointer; pData: Pointer; DataLength: DWORD);
• The following functions are added to the HNLBAdapter component:
  HNLBAdapter.CaptureTcp, HNLBAdapter.CaptureUdp, HNLBAdapter.UseTcpPortFilters, HNLBAdapter.UseUdpPortFilters, AddFilterTcpPort, RemoveFilterTcpPort, RemoveAllTcpPortFilters, AddFilterUdpPort, RemoveFilterUdpPort, RemoveAllUdpPortFilters.
  These functions allow to create filters fo tracking particular TCP/UDP connections (not documented yet).
• The component HNFileAdapter for work with CAP files in libpcap/tcpdump format added (not documented yet).

Version 3.0, July 2, 2006.

• System resources necessary for synchronization of PSSDK internal driver and user application working under any Windows NT family OS (NT/2K/XP/2K3/Vista) have been significanly decreased.
• Support of native 64bit applications on the EM64T and AMD64 platforms (PSSDK Editions .NET/DLL/VC LIB).
• Support of 32bit applications on the EM64T and AMD64 platforms (WOW64 mode). In the WOW64 mode any 32bit application will work under 64bit Windows family OS(PSSDK Editions .NET/VCL/DLL/VC LIB/BCB LIB). This means that any application developed on 32bit PC and recompiled with PSSDK 3.x on the same machine, will work on 64bit systems.

  - DWORD type was changed to DWORD_PTR in all event handlers for Param and ThParam parameters.

  - Types of all parameters responsible for data buffers sizes were changed from INT to DWORD.

• Property HNAdapter.UseDontLoopBack is added for control of the flag that defines that the packets, sent by HNAdapter object will not be received by the OnPacketReceive event handler if the flag DontLoopBack is set in TRUE. This function is available in Windows 2000 and higher.
• Added HNAdapter.UseHighPrecisionTime property for managing flag defining of using High Precision Time for captured packets timestamping.
• Added functions SyncRequest, AsyncRequest, and OnAsyncRequest event handler. With help of these functions you can obtain additional information about network adapter, its statistics and vendor-specific control codes.
• ActiveX Edition is discontinued.

Version 2.3.4, June 30, 2006

• In HNLBAdapter added workaround for prevention conflicts with some antiviruses drivers.
• Fixed bug in BPF assembler compiler (incorrect signed integers processing).

Version 2.3, May 18, 2005

• WinPCap to PSSDK migration module added;
• HNTcpSession component added;
• HNLBAdapter component added;
• HNLBSession component added;
• HNLBHosts component added;
• Added event handlers OnThreadBegin and OnThreadEnd. Now internal thread of any component notifies about its creating and destroying (see HNLBAdapter, HNQueue, HNAdapter);
• HNAdapter.OnPacketReceive event handler is changed;
• HNPacket component is changed.

Version 2.2, August 16, 2004

• HNQueue component added;
• ReceiveQueue property added to HNAdapter object. This property is intended for working with HNQueue component;
• Added SyncSendEx and AsyncSendEx methods for working with HNPacket object;
• Added possibility in the HNUserFilter component to use FastBPF technology from the application level, also BPF compiler and decompiler added;
• HNAdapter.OnPacketReceive event handler changed;
• HNPacket component changed.

Version 2.1, April 27, 2004

• Windows 95/98/ME support added;
• FastBPF technology (BPF Just-In-Time compilation) is implemented. Now, when you set user-defined BPF filtering program by HNUserFilter object, HNUserFilter compiles BPF in a 32-bit optimized CPU code. Further traffic filtering is processed by this precompiled BPF program. FastBPF works approximately 6 times faster than classic BPF filtering by BPF virtual machine.
• Get_OpenTime method added to the HNAdapter object (the adapter opening time);
• Fixed bug in the RefreshAdapterList method of the HNPSManager object. Adapters list was not emptied before this method call.

Version 2.0, February 16, 2004

Network Investigation Suite is renamed to Packet Sniffer SDK;

• DLL Edition is released;
• Static library for Microsoft VC compatible compilers Edition is released;
• Static library for Borland compilers Edition is released;
• VCL Edition is released;
• ActiveX Edition is released;
• BPF (BSD Packet Filtering) is implemented at the internal driver level.

Version 1.13, March 28, 2003

• Now work under Win2000/WinXP Terminal Service is possible.
• Added field NET_ADAPTER_INFO.SysDeviceName into NET_ADAPTER_INFO structure to make adapter information storing more convenient (this name is unique).
• Fixed bug in OnAdapterStateChange event handler for Win9x occurs while unplugging of network cable.
• Fixed bug in the Trial version of NIS for Delphi.
• Fixed bug occuring after several RecvAdapters have been initialized on a form. Only last Adapter captured network trafic.

Version 1.12, January 15, 2003

• Multiprocessor systems (SMP) support added.

Version 1.11, December 11, 2002

• Full Dynamic load/unload of internal packet driver added.
• Fixed incorrect setting of IsOpen flag of NET_ADAPTER_INFO structure while opening the adapter.
• Fixed incorrect CRC calculation in Transport_CheckSum() function.

Version 1.0, October 15, 2002

• First public release of Net Investigation Suite.