diff --git a/Shorewall-perl/Shorewall/Policy.pm b/Shorewall-perl/Shorewall/Policy.pm
index ade0afb0a..ebcb153eb 100644
--- a/Shorewall-perl/Shorewall/Policy.pm
+++ b/Shorewall-perl/Shorewall/Policy.pm
@@ -244,14 +244,13 @@ sub validate_policy()
 #
 sub policy_rules( $$$$ ) {
     my ( $chainref , $target, $loglevel, $default ) = @_;
-
-    add_rule $chainref, "-j $default" if $default && $default ne 'none';
-
-    log_rule $loglevel , $chainref , $target , '' if $loglevel ne '';
-
-    fatal_error "Null target in policy_rules()" unless $target;
-
-    add_rule $chainref , ( '-j ' . ( $target eq 'REJECT' ? 'reject' : $target ) ) unless $target eq 'CONTINUE';
+   
+    unless ( $target eq 'NONE' ) {
+	add_rule $chainref, "-j $default" if $default && $default ne 'none';
+	log_rule $loglevel , $chainref , $target , '' if $loglevel ne '';
+	fatal_error "Null target in policy_rules()" unless $target;
+	add_rule $chainref , ( '-j ' . ( $target eq 'REJECT' ? 'reject' : $target ) ) unless $target eq 'CONTINUE';
+    }
 }
 
 sub report_syn_flood_protection() {
diff --git a/Shorewall-perl/Shorewall/Rules.pm b/Shorewall-perl/Shorewall/Rules.pm
index d72b1f13a..87c42b8ba 100644
--- a/Shorewall-perl/Shorewall/Rules.pm
+++ b/Shorewall-perl/Shorewall/Rules.pm
@@ -1726,7 +1726,7 @@ sub generate_matrix() {
 						    #
 						    add_rule(
 							     $chain3ref ,
-							     join( '', match_dest_dev($interface), match_source_net($net), match_dest_net($net1), $ipsec_out_match, "-j $chain" )
+							     join( '', match_dest_dev($interface1), match_source_net($net), match_dest_net($net1), $ipsec_out_match, "-j $chain" )
 							    );
 						}
 					    }