X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=NEWS;h=4ad664792edcc24f0b95ef753917f0435c97250b;hb=d3fe100dfc120244d316e083ce87b1eb130fe4fd;hp=60cf744e04edcf090abda86ddb185346b07c23b1;hpb=794f2398b8fe84bf398bb10d6eeca6fe6737f65f;p=secnet.git

diff --git a/NEWS b/NEWS
index 60cf744..4ad6647 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,32 @@ Netlink device that implements an Ethernet bridge.
 Modular transform code: choice of block ciphers, modes, sequence
 numbers / timestamps, etc. similar to IWJ's udptunnel
 
+Path-MTU discovery for each tunnel, and fragmentation/DF support in
+netlink code.
+
+* New in version 0.1.12
+
+IMPORTANT: fix calculation of 'now' in secnet.c; necessary for correct
+operation.
+
+(Only interesting for people building and modifying secnet by hand:
+the Makefile now works out most dependencies automatically.)
+
+The netlink code no longer produces an internal routing table sorted
+by netmask length.  Instead, netlink instances have a 'priority'; the
+table of routes is sorted by priority.  Devices like laptops that have
+tunnels that must sometimes 'mask' parts of other tunnels should be
+given higher priorities.  If a priority is not specified it is assumed
+to be zero.
+
+Example usage:
+site laptop { ...
+	link netlink {
+		route "192.168.73.74/31";
+		priority 10;
+	};
+};
+
 * New in version 0.1.11
 
 Lists of IP addresses in the configuration file can now include