diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt
index 53c05ae3d..d88677726 100755
--- a/Shorewall/changelog.txt
+++ b/Shorewall/changelog.txt
@@ -15,3 +15,5 @@ Changes since 1.4.8
 7) Added MODULE_SUFFIX option to shorewall.conf.
 
 8) Add /etc/shorewall/actions and /etc/shorewall/action.template
+
+9) Fix SNAT handling in DNAT rules.
diff --git a/Shorewall/firewall b/Shorewall/firewall
index d9e161d32..f74af7606 100755
--- a/Shorewall/firewall
+++ b/Shorewall/firewall
@@ -3067,9 +3067,11 @@ process_rule() # $1 = target
     source=$clientzone
 
     if [ $source = $FW ]; then
-	source_hosts= || eval source_hosts=\"\$${source}_hosts\"
+	source_hosts=
     elif [ -n "$userset" ]; then
 	fatal_error "Invalid use of a user set: rule \"$rule\""
+    else
+	eval source_hosts=\"\$${source}_hosts\"
     fi
 
     if [ "$servers" = "${servers%:*}" ] ; then
diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt
index d04192d46..3436abc30 100755
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@@ -16,6 +16,10 @@ Problems Corrected since version 1.4.8:
    rules now simply skips those (SOURCE,DEST) pairs that have a NONE
    policy.
 
+4) DNAT rules that also specified SNAT now work reliably. Previously,
+   there were cases where the SNAT specification was effectively
+   ignored. 
+
 Migration Issues:
 
 None.
@@ -76,10 +80,3 @@ New Features:
 
 	LOG:info
 	ACCEPT
-
-
-
-	    
-
-
-