===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/53.html,v
retrieving revision 1.48
retrieving revision 1.49
diff -u -r1.48 -r1.49
--- www/53.html 2013/02/27 13:34:35 1.48
+++ www/53.html 2013/02/28 13:36:44 1.49
@@ -137,7 +137,9 @@
A stratum can now be assigned to hardware sensors in ntpd(8).
authpf(8) now supports the use of per-group rules files.
ftp(1) client now supports basic HTTP authentication as per RFC 2617 and 3986 like "ftp http[s]://user:pass@host/file".
-
+ relayd(8) has various improvements including additional scheduling algorithms (least-states, for redirections, and random/source-hash, for relays).
+ The iked(8) IKEv2 daemon supports NAT-T. (The isakmpd daemon for IKEv1 has supported this for a long time).
+ iked(8) blocks IPv6 traffic unless there are v6 VPN flows; this is to prevent leakages as described in draft-gont-opsec-vpn-leakages.
@@ -148,7 +150,7 @@
HUP signals cause dhclient to restart; making it re-read the dhclient.conf(5) and resolv.conf.tail(5) files, and obtain a new lease.
INIT, USR1, USR2 signals cause dhclient to exit after attempting to remove routes and addresses it configured.
resolv.conf(5) is written only when the in-use default route was inserted by dhclient. Possible changes to the default route are detected and cause dhclient to write out resolv.conf when appropriate.
- inteface hardware address changes are detected and cause dhclient to restart.
+ interface hardware address changes are detected and cause dhclient to restart.
dhclient.conf directive 'ignore' and command line option '-i' added, allowing the suppression of specific options offered by server.
'-L' command line option added, allowing the creation of a complete record of the most recent offer and what we modified it to when binding the lease.
rejected offers no longer prevent dhclient from trying recorded leases and going daemon.
@@ -158,7 +160,7 @@
incoming and outgoing packet buffers are separate, eliminating possible transmission of inappropriate packets when re-trying DISCOVER and REQUEST.
resolv.conf.tail read only once, at startup.
both OFFER and ACK packets that lack required options are rejected.
- file names passed to '-L' and '-l' are contrained to be regular files.
+ file names passed to '-L' and '-l' are constrained to be regular files.
bind success reported after binding complete, not when it is started.
privileged process daemonizes, eliminating its controlling terminal.
STDIN/STDOUT/STDERR no longer redirected to /dev/null when '-d' specified.
@@ -166,7 +168,7 @@
leases which would cause routing problems because another interface is already configured with the same subnet are rejected.
premature and repeated DISCOVER and/or REQUEST messages at startup are avoided.
permanent ARP cache entries are no longer deleted during binding.
- allow empty lists of option names for 'ignore', 'request', and'require' dhclient.conf directives, so lists can be reset in interface declarations.
+ allow empty lists of option names for 'ignore', 'request', and 'require' dhclient.conf directives, so lists can be reset in interface declarations.
dhcpd(8) and dhclient recognize the same list of dhcp options.
hand-rolled IMSG implementation replaced with imsg_init(3) and related functions..
hand-rolled date string construction replaced with strftime(3) invocations.
@@ -190,7 +192,7 @@
smtpctl(8) trace supports runtime tracing of various components, including imsg exchanges, incoming and outgoing sessions, aliases expansion and much more,
smtpctl(8) monitor can now be used to monitor in real-time an instance of smtpd(8).
smtpctl(8) show queue now supports an "online" mode where the scheduler is queried instead of the disk-based queue to provide more accurate information.
- virtual domains support has been reworked to simplify and bring support for new features like global catch-alls and shared user mappings.
+ virtual domain support has been reworked to simplify and bring support for new features like global catch-alls and shared user mappings.
new table API replaces the map API: better handling of transient errors, improved performances and a much better interface.
the transfer process may now select the source IP address to use as well as the HELO hostname to advertise from a table.
each listener may advertise a different banner hostname.
@@ -199,10 +201,9 @@
incoming sessions can be tagged, allowing for rules to only match envelopes that have been reinjected in the daemon after being passed to a proxy tool.
intermediate bounces are now sent at configurable rates.
rules can now check for a sender email address or domain.
- experimental (yet functionnal) support for aldap and sqlite as table backends.
+ experimental (yet functional) support for aldap and sqlite as table backends.
-
Improvements:
- improved logging format to make it both easier to read and parse.
@@ -862,7 +863,7 @@
alt="OpenBSD">
www@openbsd.org
-$OpenBSD: 53.html,v 1.48 2013/02/27 13:34:35 gilles Exp $
+$OpenBSD: 53.html,v 1.49 2013/02/28 13:36:44 sthen Exp $