Schedule dns policies from the UI

src/content/changelog/gateway/2025-09-11-dns-filtering-for-private-network-onramps.mdx

@@ -0,0 +1,16 @@
+---
+title: DNS filtering for private network onramps
+description: Magic WAN and WARP Connector traffic can now privately route DNS queries to the Gateway resolver without public Internet exposure.
+products:
+  - gateway
+  - magic-wan
+  - cloudflare-tunnel
+date: "2025-09-11"
+---
+
+[Magic WAN](/magic-wan/zero-trust/cloudflare-gateway/#dns-filtering) and [WARP Connector](/cloudflare-one/connections/connect-networks/private-net/warp-connector/site-to-internet/#configure-dns-resolver-on-devices) users can now securely route their DNS traffic to the Gateway resolver without exposing traffic to the public Internet.
+
+Routing DNS traffic to the Gateway resolver allows DNS resolution and filtering for traffic coming from private networks while preserving source internal IP visibility. This ensures Magic WAN users have full integration with our Cloudflare One features, including [Internal DNS](/cloudflare-one/policies/gateway/resolver-policies/#internal-dns) and [hostname-based policies](/cloudflare-one/policies/gateway/egress-policies/#selector-prerequisites).
+
+To configure DNS filtering, change your Magic WAN or WARP Connector DNS settings to use Cloudflare's shared resolver IPs, `172.64.36.1` and `172.64.36.2`. Once you configure DNS resolution and filtering, you can use _Source Internal IP_ as a traffic selector in your [resolver policies](/cloudflare-one/policies/gateway/resolver-policies/) for routing private DNS traffic to your [Internal DNS](/dns/internal-dns/).
+

src/content/changelog/gateway/2025-10-20-schedule-dns-policies-from-the-ui.mdx

@@ -0,0 +1,20 @@
+---
+title: "Schedule DNS policies from the UI"
+description: "All users can now create and manage scheduled DNS policies directly from the Cloudflare One dashboard."
+products:
+  - gateway
+date: "2025-10-20"
+---
+
+Admins can now create [scheduled DNS policies](/cloudflare-one/policies/gateway/dns-policies/timed-policies/) directly from the Zero Trust dashboard, without using the API. You can configure policies to be active during specific, recurring times, such as blocking social media during business hours or gaming sites on school nights.
+
+- **Preset Schedules**: Use built-in templates for common scenarios like Business Hours, School Days, Weekends, and more.
+- **Custom Schedules**: Define your own schedule with specific days and up to three non-overlapping time ranges per day.
+- **Timezone Control**: Choose to enforce a schedule in a specific timezone (for example, US Eastern) or based on the local time of each user.
+- **Combined with Duration**: Policies can have both a schedule and a duration. If both are set, the duration's expiration takes precedence.
+
+You can see the flow in the demo GIF:
+
+![Schedule DNS policies demo](src/assets/images/gateway/gateway-dns-scheduled-policies-ui.gif)
+
+This update makes time-based DNS policies accessible to all Gateway customers, removing the technical barrier of the API.