diff --git a/Lrp2/etc/shorewall/shorewall.conf b/Lrp2/etc/shorewall/shorewall.conf
index e553f469d..e99a0e4ba 100755
--- a/Lrp2/etc/shorewall/shorewall.conf
+++ b/Lrp2/etc/shorewall/shorewall.conf
@@ -225,7 +225,7 @@ SHOREWALL_SHELL=/bin/sh
 # use lock files, set this to "".
 #
 
-SUBSYSLOCK=/var/run/shorewall
+SUBSYSLOCK=/var/lock/subsys/shorewall
 
 #
 # SHOREWALL TEMPORARY STATE DIRECTORY
@@ -234,7 +234,7 @@ SUBSYSLOCK=/var/run/shorewall
 # it is running
 #
 
-STATEDIR=/var/state/shorewall
+STATEDIR=/var/lib/shorewall
 
 #
 # KERNEL MODULE DIRECTORY
diff --git a/Lrp2/usr/share/shorewall/action.template b/Lrp2/usr/share/shorewall/action.template
index 75307117f..b20af0e09 100644
--- a/Lrp2/usr/share/shorewall/action.template
+++ b/Lrp2/usr/share/shorewall/action.template
@@ -42,6 +42,15 @@
 #			to a separate log through use of ulogd
 #			(http://www.gnumonks.org/projects/ulogd).
 #
+#			Actions specifying logging may be followed by a
+#			log tag (a string of alphanumeric characters)
+#			are appended to the string generated by the
+#			LOGPREFIX (in /etc/shorewall/shorewall.conf).
+#
+#			Example: ACCEPT:info:ftp would include 'ftp '
+#			at the end of the log prefix generated by the
+#			LOGPREFIX setting.
+#
 #	SOURCE		Source hosts to which the rule applies. 
 #			A comma-separated list of subnets
 #			and/or hosts. Hosts may be specified by IP or MAC
diff --git a/Lrp2/usr/share/shorewall/firewall b/Lrp2/usr/share/shorewall/firewall
index 469074252..1eb1dd7a8 100755
--- a/Lrp2/usr/share/shorewall/firewall
+++ b/Lrp2/usr/share/shorewall/firewall
@@ -87,6 +87,7 @@ startup_error() # $* = Error Message
     echo "   Error: $@" >&2
     my_mutex_off
     [ -n "$TMP_DIR" ] && rm -rf $TMP_DIR
+    rm -f /var/lib/shorewall/restore-$$
     kill $$
     exit 2
 }
@@ -1213,6 +1214,9 @@ stop_firewall() {
     #
     # Turn off trace unless we were tracing "stop" or "clear"
     #
+
+    rm -f /var/lib/shorewall/restore-$$
+
     case $COMMAND in
 	stop|clear)
 	    ;;
@@ -1222,8 +1226,6 @@ stop_firewall() {
 	    ;;
 	*)
 	    set +x
-	    rm -f /var/lib/shorewall/restore-$$
-
 	    if [ -f /var/lib/shorewall/restore ]; then
 		echo Restoring Shorewall...
 		. /var/lib/shorewall/restore
@@ -2325,6 +2327,7 @@ check_config() {
     process_actions2
 
     rm -rf $TMP_DIR
+    rm -f /var/lib/shorewall/restore-$$
 
     echo "Configuration Validated"
 
@@ -2722,7 +2725,7 @@ process_actions1() {
 		    case $temp in
 			ACCEPT|REJECT|DROP)
 			    eval ${temp}_common=$xaction
-			    if ! list_search $xaction $USEDACTIONS; then
+			    if [ -n "$xaction" ] && ! list_search $xaction $USEDACTIONS; then
 				USEDACTIONS="$USEDACTIONS $xaction"
 				[ $COMMAND = check ] || createactionchain $xaction
 			    fi
@@ -3842,42 +3845,6 @@ process_tos() # $1 = name of tos file
     run_iptables -t mangle -A OUTPUT	 -j outtos
 }
 
-#
-# Load a Kernel Module
-#
-loadmodule() # $1 = module name, $2 - * arguments
-{
-    local modulename=$1
-    local modulefile
-    local suffix
-    moduleloader=modprobe
-
-    if ! qt which modprobe; then 
-	moduleloader=insmod
-    fi
-
-    if [ -z "$(lsmod | grep $modulename)" ]; then
-	shift
-	
-	for suffix in $MODULE_SUFFIX ; do
-	    modulefile=$MODULESDIR/${modulename}.${suffix}
-
-	    if [ -f $modulefile ]; then
-		case $moduleloader in
-		    insmod)
-			insmod $modulefile $*
-			;;
-		    *)
-			modprobe $modulename
-			;;
-		esac
-
-		return
-	    fi
-	done
-    fi
-}
-
 #
 # Display elements of a list with leading white space
 #
@@ -4570,6 +4537,20 @@ load_kernel_modules() {
     if [ -f $modules -a -d $MODULESDIR ]; then
 	echo "Loading Modules..."
 	. $modules
+
+	if [ "$command" != check ]; then
+	    save_command "reload_kernel_modules <<EOF"
+
+	    while read command; do
+		case "$command" in
+		loadmodule*)
+		    save_command $command
+		    ;;
+		esac
+	    done < $modules
+	    
+	    save_command EOF
+	fi
     fi
 }
 
@@ -5420,6 +5401,15 @@ define_firewall() # $1 = Command (Start or Restart)
 
     verify_os_version
     verify_ip
+
+    [ -d /var/lib/shorewall ] || mkdir -p /var/lib/shorewall
+
+    echo '#bin/sh' > /var/lib/shorewall/restore-$$
+    echo ". /usr/share/shorewall/functions" >> /var/lib/shorewall/restore-$$
+
+    save_command "MODULESDIR=\"$MODULESDIR\""
+    save_command "MODULE_SUFFIX=\"$MODULE_SUFFIX\""
+
     load_kernel_modules
 
     echo "Initializing...";                    initialize_netfilter
@@ -6078,8 +6068,6 @@ do_initialize() {
 
     rm -f $TMP_DIR/physdev
 
-    echo '#bin/sh' > /var/lib/shorewall/restore-$$
-    echo ". /usr/share/shorewall/functions" >> /var/lib/shorewall/restore-$$
 }
 
 #
diff --git a/Lrp2/usr/share/shorewall/functions b/Lrp2/usr/share/shorewall/functions
index a856a3d32..57f079376 100644
--- a/Lrp2/usr/share/shorewall/functions
+++ b/Lrp2/usr/share/shorewall/functions
@@ -162,6 +162,55 @@ separate_list() {
     echo "$newlist"
 }
 
+#
+# Load a Kernel Module
+#
+loadmodule() # $1 = module name, $2 - * arguments
+{
+    local modulename=$1
+    local modulefile
+    local suffix
+    moduleloader=modprobe
+
+    if ! qt which modprobe; then 
+	moduleloader=insmod
+    fi
+
+    if [ -z "$(lsmod | grep $modulename)" ]; then
+	shift
+	
+	for suffix in $MODULE_SUFFIX ; do
+	    modulefile=$MODULESDIR/${modulename}.${suffix}
+
+	    if [ -f $modulefile ]; then
+		case $moduleloader in
+		    insmod)
+			insmod $modulefile $*
+			;;
+		    *)
+			modprobe $modulename $*
+			;;
+		esac
+
+		return
+	    fi
+	done
+    fi
+}
+
+#
+# Reload the Modules
+#
+reload_kernel_modules() {
+
+    [ -z "$MODULESDIR" ] && MODULESDIR=/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter
+
+    while read command; do 
+	eval $command
+    done
+
+}
+
 #
 # Find the zones
 #