diff --git a/Shorewall-core/lib.cli b/Shorewall-core/lib.cli
index 7bb3792ea..c8e9eab1f 100644
--- a/Shorewall-core/lib.cli
+++ b/Shorewall-core/lib.cli
@@ -3834,6 +3834,7 @@ usage() # $1 = exit status
     echo "   logwatch [<refresh interval>]"
     echo "   open <source> <dest> [ <protocol> [ <port> ] ]" 
     echo "   reject <address> ..."
+    echo "   reenable <interface>"
     echo "   reset [ <chain> ... ]"
     echo "   restart [ -n ] [ -p ] [ -f ] [ -C ] [ <directory> ]"
     echo "   restore [ -n ] [ -p ] [ -C ] [ <file name> ]"
@@ -4102,7 +4103,7 @@ shorewall_cli() {
 	    shift
 	    restart_command $@
 	    ;;
-	disable|enable)
+	disable|enable|reenable)
 	    get_config Yes
 	    if product_is_started; then
 		run_it ${VARDIR}/firewall $g_debugging $@
diff --git a/Shorewall-lite/manpages/shorewall-lite.xml b/Shorewall-lite/manpages/shorewall-lite.xml
index 6caa003ae..17ee1dedb 100644
--- a/Shorewall-lite/manpages/shorewall-lite.xml
+++ b/Shorewall-lite/manpages/shorewall-lite.xml
@@ -289,6 +289,20 @@
       </arg> </arg></arg>
     </cmdsynopsis>
 
+    <cmdsynopsis>
+      <command>shorewall-lite</command>
+
+      <arg
+      choice="opt"><option>trace</option>|<option>debug</option><arg><option>nolock</option></arg></arg>
+
+      <arg>-<replaceable>options</replaceable></arg>
+
+      <arg choice="plain"><option>reenable</option></arg>
+
+      <arg choice="plain">{ <replaceable>interface</replaceable> |
+      <replaceable>provider</replaceable> }</arg>
+    </cmdsynopsis>
+
     <cmdsynopsis>
       <command>shorewall-lite</command>
 
@@ -792,8 +806,8 @@
       </varlistentry>
 
       <varlistentry>
-        <term><emphasis role="bold">hits </emphasis> [-<option>t</option>]
-        </term>
+        <term><emphasis role="bold">hits </emphasis>
+        [-<option>t</option>]</term>
 
         <listitem>
           <para>Generates several reports from Shorewall-lite log messages in
@@ -958,6 +972,20 @@
         </listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term><emphasis role="bold">reenable</emphasis>{
+        <replaceable>interface</replaceable> |
+        <replaceable>provider</replaceable> }</term>
+
+        <listitem>
+          <para>Added in Shorewall 4.6.9. This is equivalent to a
+          <command>disable</command> command followed by an
+          <command>enable</command> command on the specified
+          <replaceable>interface</replaceable> or
+          <replaceable>provider</replaceable>.</para>
+        </listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><emphasis role="bold">reject</emphasis><replaceable>
         address</replaceable></term>
@@ -970,7 +998,7 @@
 
       <varlistentry>
         <term><emphasis role="bold">reset [<replaceable>chain</replaceable>,
-        ...]</emphasis><acronym></acronym></term>
+        ...]</emphasis><acronym/></term>
 
         <listitem>
           <para>Resets the packet and byte counters in the specified
diff --git a/Shorewall/Perl/Shorewall/Providers.pm b/Shorewall/Perl/Shorewall/Providers.pm
index 9ea616a8f..f4a8749d0 100644
--- a/Shorewall/Perl/Shorewall/Providers.pm
+++ b/Shorewall/Perl/Shorewall/Providers.pm
@@ -1516,7 +1516,7 @@ EOF
 		       "        start_provider_$provider" );
 	    }
 
-	    emit ( '    else',
+	    emit ( '    elif [ -z $2 ]; then',
 		   "        startup_error \"Interface $providerref->{physical} is already enabled\"",
 		   '    fi',
 		   '    ;;'
@@ -1564,7 +1564,7 @@ EOF
 	    }
 
 	    emit( "        stop_$providerref->{what}_$provider",
-		  '    else',
+		  '    elif [ -z "$2" ]; then',
 		  "        startup_error \"Interface $providerref->{physical} is already disabled\"",
 		  '    fi',
 		  '    ;;'
diff --git a/Shorewall/Perl/prog.footer b/Shorewall/Perl/prog.footer
index c3689e2fa..b468fb4b1 100644
--- a/Shorewall/Perl/prog.footer
+++ b/Shorewall/Perl/prog.footer
@@ -15,6 +15,7 @@ usage() {
     echo "   down <interface>"
     echo "   enable <interface>"
     echo "   reset"
+    echo "   reenable <interface>"
     echo "   refresh"
     echo "   restart"
     echo "   run <command> [ <parameter> ... ]"
@@ -393,6 +394,19 @@ case "$COMMAND" in
 	mutex_off
 	status=0
 	;;
+    reenable)
+	[ $# -eq 1 ] && exit 0
+	shift
+	[ $# -ne 1 ] && usage 2
+	mutex_on
+	if product_is_started; then
+	    detect_configuration $1
+	    COMMAND=enable  disable_provider $1 Yes
+	    COMMAND=disable enable_provider  $1 Yes
+	fi
+	mutex_off
+	status=0
+	;;
     run)
 	if [ $# -gt 1 ]; then
 	    shift
diff --git a/Shorewall/manpages/shorewall.xml b/Shorewall/manpages/shorewall.xml
index bbdb78f78..4f8d35809 100644
--- a/Shorewall/manpages/shorewall.xml
+++ b/Shorewall/manpages/shorewall.xml
@@ -385,6 +385,20 @@
       </arg> </arg></arg>
     </cmdsynopsis>
 
+    <cmdsynopsis>
+      <command>shorewall</command>
+
+      <arg
+      choice="opt"><option>trace</option>|<option>debug</option><arg><option>nolock</option></arg></arg>
+
+      <arg>-<replaceable>options</replaceable></arg>
+
+      <arg choice="plain"><option>reenable</option></arg>
+
+      <arg choice="plain">{ <replaceable>interface</replaceable> |
+      <replaceable>provider</replaceable> }</arg>
+    </cmdsynopsis>
+
     <cmdsynopsis>
       <command>shorewall</command>
 
@@ -1199,8 +1213,8 @@
       </varlistentry>
 
       <varlistentry>
-        <term><emphasis role="bold">hits</emphasis> [-<option>t</option>]
-        </term>
+        <term><emphasis role="bold">hits</emphasis>
+        [-<option>t</option>]</term>
 
         <listitem>
           <para>Generates several reports from Shorewall log messages in the
@@ -1424,6 +1438,20 @@
         </listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term><emphasis role="bold">reenable</emphasis>{
+        <replaceable>interface</replaceable> |
+        <replaceable>provider</replaceable> }</term>
+
+        <listitem>
+          <para>Added in Shorewall 4.6.9. This is equivalent to a
+          <command>disable</command> command followed by an
+          <command>enable</command> command on the specified
+          <replaceable>interface</replaceable> or
+          <replaceable>provider</replaceable>.</para>
+        </listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><emphasis role="bold">refresh </emphasis> [-<option>n</option>]
         [-<option>d</option>] [-<option>T</option>] [-i] [-<option>D
@@ -1550,7 +1578,7 @@
 
       <varlistentry>
         <term><emphasis role="bold">reset [<replaceable>chain</replaceable>,
-        ...]</emphasis><acronym></acronym></term>
+        ...]</emphasis><acronym/></term>
 
         <listitem>
           <para>Resets the packet and byte counters in the specified
diff --git a/Shorewall6-lite/manpages/shorewall6-lite.xml b/Shorewall6-lite/manpages/shorewall6-lite.xml
index fc91764a9..4e704c4d5 100644
--- a/Shorewall6-lite/manpages/shorewall6-lite.xml
+++ b/Shorewall6-lite/manpages/shorewall6-lite.xml
@@ -277,6 +277,20 @@
       </arg> </arg></arg>
     </cmdsynopsis>
 
+    <cmdsynopsis>
+      <command>shorewall6-lite</command>
+
+      <arg
+      choice="opt"><option>trace</option>|<option>debug</option><arg><option>nolock</option></arg></arg>
+
+      <arg>-<replaceable>options</replaceable></arg>
+
+      <arg choice="plain"><option>reenable</option></arg>
+
+      <arg choice="plain">{ <replaceable>interface</replaceable> |
+      <replaceable>provider</replaceable> }</arg>
+    </cmdsynopsis>
+
     <cmdsynopsis>
       <command>shorewall6-lite</command>
 
@@ -933,6 +947,20 @@
         </listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term><emphasis role="bold">reenable</emphasis>{
+        <replaceable>interface</replaceable> |
+        <replaceable>provider</replaceable> }</term>
+
+        <listitem>
+          <para>Added in Shorewall 4.6.9. This is equivalent to a
+          <command>disable</command> command followed by an
+          <command>enable</command> command on the specified
+          <replaceable>interface</replaceable> or
+          <replaceable>provider</replaceable>.</para>
+        </listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><emphasis role="bold">reject</emphasis><replaceable>
         address</replaceable></term>
@@ -945,7 +973,7 @@
 
       <varlistentry>
         <term><emphasis role="bold">reset [<replaceable>chain</replaceable>,
-        ...]</emphasis><acronym></acronym></term>
+        ...]</emphasis><acronym/></term>
 
         <listitem>
           <para>Resets the packet and byte counters in the specified
diff --git a/Shorewall6/manpages/shorewall6.xml b/Shorewall6/manpages/shorewall6.xml
index 5a24938ef..4dc92dd62 100644
--- a/Shorewall6/manpages/shorewall6.xml
+++ b/Shorewall6/manpages/shorewall6.xml
@@ -347,8 +347,10 @@
 
       <arg>-<replaceable>options</replaceable></arg>
 
-      <arg
-      choice="plain"><option>recover</option><arg><option>-n</option></arg><arg><option>-p</option></arg></arg>
+      <arg choice="plain"><option>reenable</option></arg>
+
+      <arg choice="plain">{ <replaceable>interface</replaceable> |
+      <replaceable>provider</replaceable> }</arg>
     </cmdsynopsis>
 
     <cmdsynopsis>
@@ -1333,6 +1335,20 @@
         </listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term><emphasis role="bold">reenable</emphasis>{
+        <replaceable>interface</replaceable> |
+        <replaceable>provider</replaceable> }</term>
+
+        <listitem>
+          <para>Added in Shorewall 4.6.9. This is equivalent to a
+          <command>disable</command> command followed by an
+          <command>enable</command> command on the specified
+          <replaceable>interface</replaceable> or
+          <replaceable>provider</replaceable>.</para>
+        </listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><emphasis role="bold">refresh </emphasis>[-<option>n</option>]
         [-<option>d</option>] [-<option>T</option>] [-i]
@@ -1459,7 +1475,7 @@
 
       <varlistentry>
         <term><emphasis role="bold">reset [<replaceable>chain</replaceable>,
-        ...]</emphasis><acronym></acronym></term>
+        ...]</emphasis><acronym/></term>
 
         <listitem>
           <para>Resets the packet and byte counters in the specified