Update release notes with additional trace information.

Signed-off-by: Tom Eastep <teastep@shorewall.net>

Shorewall/releasenotes.txt

@@ -258,12 +258,36 @@ None.
                                       table, where 'x' is one of the
                                       following:
 
-	A - Append
-	R - Replaced
-	I - Inserted
-	T - Shell source text -- converted into rules at run-time.
-	D - Deleted Rule
-	X - Deleted Chain
+        N - Create a chain.
+	A - Append a rule to a chain.
+	R - Replace a rule in a chain.
+	I - Inserted a rule into a chain.
+	T - Shell source text appended/inserted into a chain --
+            converted into rules at run-time.
+	D - Deleted Rule from a chain
+	X - Deleted a chain
+
+    Netfilter trace records indicate the table and chain being
+    changed. If the change involves a particular rule, then the rule
+    number is also included. 
+
+    Example (append the first rule to the filter FORWARD chain):
+
+	NF-(A)-> filter:FORWARD:1 
+
+    If the trace record involves the chain itself, then no rule number
+    is present.
+
+    Example (Delete the mangle tcpost chain):
+
+	NF-(X)-> mangle:tcpost
+
+    The compiler keeps the rules for each chain in a Perl array. When
+    deleting a rule, the corresponding array entry is set to
+    'undef'. So when a rule is deleted, the rule numbers of the
+    remaining rules do not change. If the last rule in an array is
+    deleted, then the array itself is truncated back to the last valid
+    rule and subsequent append operations grow the array from there.
 
 ----------------------------------------------------------------------------
 V I.  P R O B L E M S  C O R R E C T E D  A N D  N E W   F E A T U R E S