From d9b095bdeaa1cdc9d83bdafe5fe393964a93e9df Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Sat, 21 May 2011 12:07:23 -0700
Subject: [PATCH] Document new features

---
 Shorewall/releasenotes.txt | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt
index b1d25acaf..5f5d9e7e1 100644
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@@ -113,6 +113,18 @@ All bug fixes from 4.4.19.1 - 4.4.19.4.
 				               MACLIST_TABLE=mangle
         TCP_FLAGS_DISPOSITION         A_DROP or A_REJECT
 
+    e)  An 'audit' option has been added to the
+        /etc/shorewall/blacklist file which causes the packets matching
+        the entryto be audited. 'audit' may not be specified together
+        with 'accept'.
+
+    f)  With the exception of 'Limit', the builtin actions
+        (dropBroadcast, rejNonSyn, etc.) now support
+        an 'audit' parameter which causes all ACCEPT, DROP and REJECTs
+        performed by the action to be audited. This allows creation of
+        audited versions of the Shorewall-provided default actions
+        (action.Drop and action.Reject).
+
 ----------------------------------------------------------------------------
              I V.  R E L E A S E  4 . 4  H I G H L I G H T S
 ----------------------------------------------------------------------------