+N.B. Since 2.3.0, leaving the permitted IP addresses column of the
+pap-secrets or chap-secrets file empty means that no addresses are
+permitted. You need to put a "*" in that column to allow the peer to
+use any IP address. (This only applies where the peer is
+authenticating itself to you, of course.)
+
+
+What's new in ppp-2.3.8.
+************************
+
+* The exit status of pppd will now indicate whether the link was
+ successfully established, or if not, what error was encountered.
+
+* Pppd has two new options: fdlog <n> will send log messages to file
+ descriptor <n> instead of standard output, and nofdlog will stop log
+ messages from being sent to any file descriptor (they will still be
+ sent to syslog). Pppd now will not send log messages to a file
+ descriptor if the serial port is open on that file descriptor.
+
+* Pppd sets an environment variable called PPPLOGNAME for scripts that
+ it runs, indicating the login name of the user who invoked pppd.
+
+* Pppd sets environment variables CONNECT_TIME, BYTES_SENT and
+ BYTES_RCVD for the ip-down and auth-down scripts indicating the
+ statistics for the connection just terminated. (CONNECT_TIME is in
+ seconds.)
+
+* If the user has the serial device open on standard input and
+ specifies a symbolic link to the serial device on the command line,
+ pppd will detect this and behave correctly (i.e. not detach from its
+ controlling terminal). Furthermore, if the serial port is open for
+ reading and writing on standard input, pppd will assume that it is
+ locked by its invoker and not lock it itself.
+
+* Chat now has a feature where if a string to be sent begins with an
+ at sign (@), the rest of the string is taken as the name of a file
+ (regular file or named pipe), and the actual string to send is taken
+ from that file.
+
+* Support for FreeBSD-2.2.8 and 3.0 has been added, thanks to Paul
+ Fulghum.
+
+* The Tru64 (aka Digital Unix aka OSF/1) port has been updated.
+
+* The system panics on Solaris SMP systems related to PPP connections
+ being established and terminated should no longer occur.
+
+* Fixed quite a few bugs.
+
+
+What was new in ppp-2.3.7.
+**************************
+
+* Pppd can now automatically allocate itself a pseudo-tty to use as
+ the serial device. This has made three new options possible:
+
+ - `pty script' will run `script' with its standard input and output
+ connected to the master side of the pty. For example:
+ pppd pty 'ssh -t server.my.net pppd'
+ is a basic command for setting up a PPP link (tunnel) over ssh.
+ (In practice you may need to specify other options such as IP
+ addresses, etc.)
+
+ - `notty' tells pppd to communicate over its standard input and
+ output, which do not have to be a terminal device.
+
+ - `record filename' tells pppd to record all of the characters sent
+ and received over the serial device to a file called `filename'.
+ The data is recorded in a tagged format with timestamps, which can
+ be printed in a readable form with the pppdump program, which is
+ included in this distribution.
+
+* Pppd now logs the connect time and number of bytes sent and received
+ (at the level of the serial device) when the connection is
+ terminated.
+
+* If you use the updetach or nodetach option, pppd will print its
+ messages to standard output as well as logging them with syslog
+ (provided of course pppd isn't using its standard input or output as
+ its serial device).
+
+* There is a new `privgroup groupname' option (a privileged option).
+ If the user running pppd is in group `groupname', s/he can use
+ privileged options without restriction.
+
+* There is a new `receive-all' option, which causes pppd to accept all
+ control characters, even the ones that the peer should be escaping
+ (i.e. the receive asyncmap is 0). This is useful with some buggy
+ peers.
+
+* The default asyncmap is now 0.
+
+* There is a new `sync' option, currently only implemented under
+ Linux, which allows pppd to run on synchronous HDLC devices.
+
+* If a value for the device name or for the connect, disconnect,
+ welcome or pty option is given in a privileged option file
+ (i.e. /etc/ppp/options or a file loaded with the `call' option), it
+ cannot be overridden by a non-privileged user.
+
+* Many bugs have been fixed, notably:
+ - signals are not blocked unnecessarily, as they were in 2.3.6.
+ - the usepeerdns option should work now.
+ - the SPEED environment variable for scripts is set correctly.
+ - the /etc/ppp/auth-down script is not run until auth-up completes.
+ - the device is opened as root if it is the device on standard
+ input.
+ - pppd doesn't die with the ioctl(PPPIOCSASYNCMAP) error under linux
+ if a hangup occurs at the wrong time.
+
+* Some error messages have been changed to be clearer (I hope :-)
+
+
+What was new in ppp-2.3.6.
+**************************
+
+* Pppd now opens the tty device as the user (rather than as root) if
+ the device name was given by the user, i.e. on the command line or
+ in the ~/.ppprc file. If the device name was given in
+ /etc/ppp/options or in a file loaded with the `call' option, the
+ device is opened as root.
+
+* The default behaviour of pppd is now to let a peer which has not
+ authenticated itself (e.g. your ISP) use any IP address to which the
+ system does not already have a route. (This is currently only
+ supported under Linux, Solaris and Digital Unix; on the other
+ systems, the peer must now authenticate itself unless the noauth
+ option is used.)
+
+* Added new option `usepeerdns', thanks to Nick Walker
+ <nickwalker@email.com>. If the peer supplies DNS addresses, these
+ will be written to /etc/ppp/resolv.conf. The ip-up script can then
+ be used to add these addresses to /etc/resolv.conf if desired (see
+ the ip-up.local.add and ip-down.local.add files in the scripts
+ directory).
+
+* The Solaris ppp driver should now work correctly on SMP systems.
+
+* Minor corrections so that the code can compile under Solaris 7,
+ and under Linux with glibc-2.1.
+
+* The Linux kernel driver has been restructured for improved
+ performance.
+
+* Pppd now won't start the ip-down script until the ip-up script has
+ finished.