Updated documentation

Changelog.txt

@@ -17,10 +17,19 @@ Asuswrt-Merlin Changelog
    - CHANGED: Those providing a signed SSL certificate for httpd can now 
               provide chain certificate.  The three PEMs must be in
               that order: client, intermediate, CA.  (Patch by sasoiliev)
+   - CHANGED: The setting to enable the neighbour solication filter rule
+              for Comcast's request flooding was changed to "ipv6_ns_drop",
+              and now defaults to "0" as this hack causes issues with
+              other ISPs.
+   - CHANGED: Backported dnsmasq patch that reverts a fix for Windows 8
+              clients as it could cause issues with other clients.
    - FIXED: DNSFilter would fail if you had it set to "Router", and didn't
             have a DNS IP entered on the WAN page.
    - FIXED: MSS clamping wasn't applied to traffic in both direction, moved
             it to the mangle table.
+   - FIXED: OpenVPN client firewall "external" mode does not exist - removed
+            from the webui.
+
 
 
 378.52_2 (5-Apr-2015)

README-merlin.txt

@@ -93,7 +93,7 @@ Networking:
    - Advanced NAT loopback (as an alternative to the default one)
    - TOR support, individual client control
    - Policy routing for the OpenVPN client (based on source or
-     destination IPs), also referred to as split-tunneling.
+     destination IPs), sometimes referred to as "selective routing")
 
 
 Web interface:
@@ -167,7 +167,7 @@ to have a USB disk plugged in.  This space will survive reboots (but it
 flashing!).  It will also be available fairly early at boot (before 
 USB disks).
 
-The option is enabled by default.  You can however disable it (not
+The option is enabled by default.  You can however disable it (NOT
 recommended, as various features such as the Traffic Analyzer 
 will depend on it), or, reformat it from the 
 Administration -> System page.
@@ -648,6 +648,34 @@ config files must be enabled under Administration -> System.
 
 
 
+OpenVPN client policy routing
+-----------------------------
+When configuring your router to act as an OpenVPN client (for instance 
+to connect your whole LAN to an OpenVPN tunnel provider), you can 
+define policies that determines which clients, or which destinations 
+should be routed through the tunnel, rather than having all of your
+traffic automatically routed through it.
+
+On the OpenVPN Clients page, set "Redirect Internet traffic" to 
+"Policy RUles".  A new section will appear below, where you can 
+add routing rules.  The "Source IP" is your local client, while 
+"Destination" is the remote server on the Internet.  The field can be 
+left empty (or set to 0.0.0.0) to signify "any IP".  You can also 
+specify a whole subnet, in CIDR notation (for example, 74.125.226.112/30).
+
+For example, to have all your clients use the VPN tunnel when trying to 
+access an IP from this block that belongs to Google:
+
+	RouteGoogle	0.0.0.0		74.125.0.0/16
+
+Another setting exposed when enabling Policy routing is to prevent your 
+routed clients from accessing the Internet if the VPN tunnel goes down.  
+To do so, enable "Block routed clients if tunnel goes down".  Note that 
+this setting only works if your OpenVPN client did establish a tunnel, 
+and that this tunnel went down for some reason.
+
+
+
 Source code
 -----------
 The source code with all my modifications can be found on Github, at: