Add more documentation about 'generate'

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3251 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall/releasenotes.txt

@@ -89,3 +89,30 @@ New Features:
     no errors, it then restores that script. It is equivalent to:
 
     if shorewall generate <temp file>; then restore <tempfile>; fi
+
+    The advantage of using reload over restart is that reload results in new
+    connections being dropped for a much shorter time. Here are the results of
+    tests that I conducted on my own firewall:
+
+    A) shorewall -q restart
+
+	real    0m17.540s
+	user    0m5.956s
+	sys     0m10.737s
+
+    B) shorewall -q restore foo # foo created using "shorewall generate"
+
+	real    0m3.505s
+	user    0m1.332s
+	sys     0m2.164s
+
+
+    C) shorewall -q restore # Restores from file generated by "shorewall save"
+
+	real    0m1.164s
+	user    0m0.556s
+	sys     0m0.608s
+
+    The time difference from B to C reflects the difference between
+    "iptables-restore" and multiple executions of "iptables". The system is a
+    1.4Ghz Celeron with 512MB RAM.