diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt
index a16114b8c..b7f7e2c15 100755
--- a/Shorewall/changelog.txt
+++ b/Shorewall/changelog.txt
@@ -31,3 +31,7 @@ Changes since 1.4.5
 
 13) Check for shells whose arithmetic support is broken.
 
+14) Moved IP Address manipulation functions to
+    /usr/share/shorewall/functions.
+
+15. Added ipcalc command.
diff --git a/Shorewall/functions b/Shorewall/functions
index a94fc1f03..ac81dd8af 100755
--- a/Shorewall/functions
+++ b/Shorewall/functions
@@ -341,10 +341,10 @@ in_subnet() # $1 = IP address, $2 = CIDR network
 }
 
 #
-# Address Netmask to CIDR
+# Netmask to CIDR
 #
 ip_cidr() {
-    local mask=`decodeaddr $2`
+    local mask=`decodeaddr $1`
     local cidr=0
     local x=$(( 128 $LEFTSHIFT 24 ))
 
@@ -354,9 +354,9 @@ ip_cidr() {
     done
 
     if [ $(( $mask & 2147483647)) -ne 0 ]; then
-	echo "Invalid net mask: $2" >&2
+	echo "Invalid net mask: $1" >&2
     else
-	echo $1/$cidr
+	echo $cidr
     fi
 }
 	
diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt
index e4d30a331..40d34aef9 100755
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@@ -83,3 +83,23 @@ New Features:
 7) The shell used to interpret the firewall script
    (/usr/share/shorewall/firewall) may now be specified using the
    SHOREWALL_SHELL parameter in shorewall.conf.
+
+8) An 'ipcalc' command has been added to /sbin/shorewall.
+
+      ipcalc [ <address> <netmask> | <address>/<vlsm> ]
+
+   Examples:
+
+      [root@wookie root]# shorewall ipcalc 192.168.1.0/24
+         CIDR=192.168.1.0/24
+         NETMASK=255.255.255.0
+         NETWORK=192.168.1.0
+         BROADCAST=192.168.1.255
+      [root@wookie root]#
+
+      [root@wookie root]# shorewall ipcalc 192.168.1.0 255.255.255.0
+         CIDR=192.168.1.0/24
+         NETMASK=255.255.255.0
+         NETWORK=192.168.1.0
+         BROADCAST=192.168.1.255
+      [root@wookie root]#
diff --git a/Shorewall/shorewall b/Shorewall/shorewall
index e07bb0ace..7aa74bbcc 100755
--- a/Shorewall/shorewall
+++ b/Shorewall/shorewall
@@ -82,6 +82,10 @@
 #						   be automatically reinstated the
 #						   next time that Shorewall starts.
 #
+#          shorewall ipaddr [ <address>/<cidr> | <address> <netmask> ]
+#
+#                                                  Displays information about the network
+#                                                  defined by the argument[s]
 # Display a chain if it exists
 #
 
@@ -528,6 +532,7 @@ usage() # $1 = exit status
     echo "   reject <address> ..."
     echo "   allow <address> ..."
     echo "   save"
+    echo "   ipcalc [ <address>/<vlsm> | <address> <netmask> ]"
     exit $1
 }
 
@@ -869,7 +874,30 @@ case "$1" in
 	fi
 	mutex_off
 	;;
+    ipcalc)
+	if [ $# -eq 2 ]; then
+	    address=${2%/*}
+	    cidr=${2#*/}
+	elif [ $# -eq 3 ]; then
+	    address=$2
+	    cidr=`ip_cidr $3`
+	else
+	    usage 1
+	fi
+	
+	[ -z "$cidr" ] && exit 2
+	[ "x$address" = "x$cidr" ] && usage 2
+
+	address=$address/$cidr
+
+	                                  echo "   CIDR=$address"
+	temp=`ip_netmask $address`;       echo "   NETMASK=`encodeaddr $temp`"
+	temp=`ip_network $address`;       echo "   NETWORK=$temp"
+	temp=`broadcastaddress $address`; echo "   BROADCAST=$temp"
+	;;
+
     *)
 	usage 1
 	;;
+
 esac