first version of release notes

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5651 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

New/releasenotes.txt

@@ -0,0 +1,61 @@
+Shorewall 3.9.0
+
+This release includes a complete rewrite of the compiler in Perl. 
+
+The good news:
+
+a) The compiler is small.
+b) The compiler is very fast.
+c) The compiler generates a firewall script that uses iptables-restore;
+so the script is very fast.
+
+The bad news:
+
+There are a number of incompatibilities between 3.9.0 and earlier
+versions.
+
+a) This version requires the addrtype match capability in your kernel
+   and iptables. This capability is in current distributions.
+
+b) The BROADCAST column in the interfaces file is essentailly unused;
+   if you enter anything in this column but '-' or 'detect', you will
+   receive a warning.
+
+c) Because the compiler is now written in Perl, your compile-time
+   extension scripts for earlier version will no longer work.
+
+d) The 'refresh' command is now synonamous with 'restart'.
+
+e) Some run-time extension scripts are no longer supported because they
+   make no sense (iptables-restore instantiates the new configuration
+   atomically).
+
+	continue
+	initdone
+	continue
+	refresh
+	refreshed
+
+f) Currently, 3.9.0 has no support for ipsets. That will change with
+   future releases but one thing is certain -- Shorewall is out of the
+   ipset load/reload business. If the Netfilter ruleset is never cleared,
+   then there is no opportunity for Shorewall to load/reload your
+   ipsets.
+
+   So:
+	
+	i)   Your ipsets must be loaded before Shorewall starts.
+	
+	ii)  Your ipsets may not be reloaded until Shorewall is stopped or
+	     cleared.
+
+	iii) If you specify ipsets in your routestopped file then
+	     Shorewall must be cleared in order to reload your ipsets.
+
+
+
+
+
+
+
+