updated NEWS

author Andreas Steffen <andreas.steffen@strongswan.org>

Sat, 17 Jul 2010 15:25:01 +0000 (17:25 +0200)

committer Andreas Steffen <andreas.steffen@strongswan.org>

Sat, 17 Jul 2010 15:25:01 +0000 (17:25 +0200)
author Andreas Steffen <andreas.steffen@strongswan.org>
Sat, 17 Jul 2010 15:25:01 +0000 (17:25 +0200)
committer Andreas Steffen <andreas.steffen@strongswan.org>
Sat, 17 Jul 2010 15:25:01 +0000 (17:25 +0200)
diff --git a/NEWS b/NEWS

index 32b4e501c50c572f1dfd77d0c2460671550fafc0..08698f828a22d90e472b45b769f7eda5b4fcdfab 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -2,9 +2,12 @@ strongswan-4.4.1
  ----------------
  
  - Support of xfrm marks in IPsec SAs and IPsec policies introduced
-  with the Linux 2.6.34 kernel. For details see example scenarios
-  ikev2/nat-two-rw-mark and ikev2/net2net-psk-dscp.
+  with the Linux 2.6.34 kernel. For details see the example scenarios
+  ikev2/nat-two-rw-mark, ikev2/rw-nat-mark-in-out and ikev2/net2net-psk-dscp.
  
+- The PLUTO_MARK_IN and PLUTO_ESP_ENC environment variables can be used
+   in the updown scripts to set marks on inbound ESP or ESP_IN_UDP packets.
+ 
  - The openssl plugin now supports X.509 certificate and CRL functions.
  
  - OCSP/CRL checking in IKEv2 has been moved to the revocation plugin, enabled
author	Andreas Steffen <andreas.steffen@strongswan.org>
	Sat, 17 Jul 2010 15:25:01 +0000 (17:25 +0200)
committer	Andreas Steffen <andreas.steffen@strongswan.org>
	Sat, 17 Jul 2010 15:25:01 +0000 (17:25 +0200)