diff --git a/Shorewall-docs2/Shorewall_and_Routing.xml b/Shorewall-docs2/Shorewall_and_Routing.xml
index 2a84ee654..3073382c7 100644
--- a/Shorewall-docs2/Shorewall_and_Routing.xml
+++ b/Shorewall-docs2/Shorewall_and_Routing.xml
@@ -15,7 +15,7 @@
       </author>
     </authorgroup>
 
-    <pubdate>2005-05-20</pubdate>
+    <pubdate>2005-05-21</pubdate>
 
     <copyright>
       <year>2005</year>
@@ -184,12 +184,13 @@
   <section>
     <title>Routing and Proxy ARP</title>
 
-    <para>There is one instance where Shorewall creates routing table entries.
-    When an entry in <filename>/etc/shorewall/proxyarp</filename> contains
-    "No" in the HAVEROUTE column then Shorewall will create a host route to
-    the IP address listed in the ADDRESS column through the interface named in
-    the INTERFACE column. <emphasis role="bold">This is the only case where
-    Shorewall directly manipulates the routing table</emphasis>.</para>
+    <para>There is one instance where Shorewall creates main routing table
+    entries. When an entry in <filename>/etc/shorewall/proxyarp</filename>
+    contains "No" in the HAVEROUTE column then Shorewall will create a host
+    route to the IP address listed in the ADDRESS column through the interface
+    named in the INTERFACE column. <emphasis role="bold">This is the only case
+    where Shorewall directly manipulates the main routing
+    table</emphasis>.</para>
 
     <para>Example:</para>
 
@@ -270,7 +271,7 @@
           </listitem>
 
           <listitem>
-            <para>You man not use connection marking.</para>
+            <para>You may not use connection marking.</para>
           </listitem>
         </itemizedlist>
       </caution>
@@ -282,8 +283,9 @@
       <warning>
         <para>The current version of iptables (1.3.1) is broken with respect
         to CONNMARK and iptables-save/iptables-restore. This means that if you
-        configure multiple ISPs, <command>shorewall restore</command> will
-        fail. You must patch your iptables using the patch at <ulink
+        configure multiple ISPs, <command>shorewall restore</command> may
+        fail. If it does, you may patch your iptables using the patch at
+        <ulink
         url="http://shorewall.net/pub/shorewall/contrib/iptables/CONNMARK.diff">http://shorewall.net/pub/shorewall/contrib/iptables/CONNMARK.diff</ulink>.</para>
       </warning>
 
@@ -358,6 +360,13 @@
 
             <glossdef>
               <para>The IP address of the provider's Gateway router.</para>
+
+              <para>Users with point-to-point dynamic connections such as
+              PPPoE, PPPoA or PPTP can enter <emphasis
+              role="bold">detect</emphasis> here and Shorewall will
+              automatically determine the gateway IP address. You must of
+              course configure your ppp service to restart Shorewall when you
+              connect or when the gateway IP address changes.</para>
             </glossdef>
           </glossentry>
 
@@ -399,6 +408,73 @@
       </glossary>
     </section>
 
+    <section>
+      <title>What an entry in the Providers File Does</title>
+
+      <para>Adding another entry in the providers file simply creates an
+      alternate routing table for you. In addition:</para>
+
+      <orderedlist>
+        <listitem>
+          <para>An ip rule is generated for each IP address on the INTERFACE
+          that routes traffic from that address through the associated routing
+          table.</para>
+        </listitem>
+
+        <listitem>
+          <para>If you specify <emphasis role="bold">track</emphasis>, then
+          connections which have had at least one packet arrive on the
+          interface listed in the INTERFACE column have their connection mark
+          set to the value in the MARK column. In the PREROUTING chain,
+          packets with that connmark have their packet mark set to that value;
+          packets so marked then bypass any prerouting rules that you create
+          in <filename>/etc/shorewall/tcrules</filename>. This ensures that
+          packets associated with connections from outside are always routed
+          out of the correct interface.</para>
+        </listitem>
+
+        <listitem>
+          <para>If you specify <emphasis role="bold">balance</emphasis>, then
+          Shorewall will replace the 'default' route in the 'main' routing
+          table with a load-balancing route among those gateways where
+          <emphasis role="bold">balance</emphasis> was specified.</para>
+        </listitem>
+      </orderedlist>
+
+      <para>That's <emphasis role="bold">all</emphasis> that these entries do.
+      You still have to follow the principle stated at the top of this
+      article:</para>
+
+      <orderedlist>
+        <listitem>
+          <para>Routing determines where packets are to be sent.</para>
+        </listitem>
+
+        <listitem>
+          <para>Once routing determines where the packet is to go, the
+          firewall (Shorewall) determines if the packet is allowed to go
+          there.</para>
+        </listitem>
+      </orderedlist>
+
+      <para>The bottom line is that if you want traffic to go out through a
+      particular provider then you <emphasis>must </emphasis>mark that traffic
+      with the provider's MARK value in
+      <filename>/etc/shorewall/tcrules</filename> and you must do that marking
+      in the PREROUTING chain.</para>
+
+      <warning>
+        <para>Entries in <filename>/etc/shorewall/providers</filename>
+        permanently alter your firewall/gateway's routing; that is, the effect
+        of these changes is not reversed by <command>shorewall stop</command>
+        or <command>shorewall clear</command>. To restore routing to its
+        original state, you will have to restart your network. This can
+        usually be done by <command>/etc/init.d/network restart</command> or
+        <command>/etc/init.d/networking restart</command>. Check your
+        distribution's networking documentation.</para>
+      </warning>
+    </section>
+
     <section>
       <title>Example</title>
 
@@ -432,15 +508,15 @@ net        net            DROP</programlisting>
 eth0             eth2              206.124.146.176
 eth1             eth2              130.252.99.27</programlisting>
 
-      <para>Now suppose that you want to route all outgoing SMTP traffic
-      through ISP 2. You would make this entry in <ulink
+      <para>Now suppose that you want to route all outgoing SMTP traffic from
+      your local network through ISP 2. You would make this entry in <ulink
       url="traffic_shaping.htm">/etc/shorewall/tcrules</ulink> (and you would
       set TC_ENABLED=Yes in <ulink
       url="???">/etc/shorewall/shorewall.conf</ulink>).</para>
 
       <programlisting>#MARK           SOURCE          DEST            PROTO   PORT(S) CLIENT  USER    TEST
 #                                                               PORT(S)
-2               &lt;local network&gt; 0.0.0.0/0       tcp     25</programlisting>
+2:P             &lt;local network&gt; 0.0.0.0/0       tcp     25</programlisting>
     </section>
   </section>