diff --git a/Shorewall-lite/shorecap b/Shorewall-lite/shorecap
index 8df81e630..9df3330e9 100755
--- a/Shorewall-lite/shorecap
+++ b/Shorewall-lite/shorecap
@@ -46,7 +46,7 @@
 
 PRODUCT="Shorewall Lite"
 
-. /usr/share/shorewall-lite/functions
+. /usr/share/shorewall-lite/lib.base
 . /usr/share/shorewall-lite/configpath
 
 [ -n "$PATH" ] || PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
diff --git a/Shorewall/Makefile-lite b/Shorewall/Makefile-lite
index a25157ad3..711e87a6a 100644
--- a/Shorewall/Makefile-lite
+++ b/Shorewall/Makefile-lite
@@ -42,6 +42,10 @@ HOST = gateway
 #
 LITEDIR = /var/lib/shorewall-lite
 #
+# Set this if the remote system has a non-standard modules directory
+#
+MODULESDIR=
+#
 # Default target is the firewall script
 #
 ################################################################################
@@ -52,7 +56,7 @@ all: firewall
 # Only generate the capabilities file if it doesn't already exist
 #
 capabilities: 
-	ssh root@$(HOST) "/sbin/shorewall-lite show -f capabilities > $(LITEDIR)/capabilities"
+	ssh root@$(HOST) "MODULESDIR=$(MODULESDIR) /usr/share/shorewall-lite/shorecap > $(LITEDIR)/capabilities"
 	scp root@$(HOST):$(LITEDIR)/capabilities .
 #
 # Compile the firewall script. Using the 'wildcard' function causes "*" to be expanded so that
diff --git a/Shorewall/shorewall b/Shorewall/shorewall
index 2c0dea8d9..77d2a523c 100755
--- a/Shorewall/shorewall
+++ b/Shorewall/shorewall
@@ -941,6 +941,11 @@ reload_command() # $* = original arguments less the command.
 	    ;;
     esac
 
+    if [ -f $directory/shorewall.conf ]; then
+	litedir=$(grep '^\s*LITEDIR=' $directory/shorewall.conf | tail -n 1)
+	[ -n "$litedir" ] && LITEDIR=${litedir#*=}
+    fi
+
     if [ -z "$getcaps" ]; then
 	SHOREWALL_DIR=$(resolve_file $directory)
 	capabilities=$(find_file capabilities)
@@ -948,8 +953,15 @@ reload_command() # $* = original arguments less the command.
     fi
 
     if [ -n "$getcaps" ]; then
+	if [ -f $directory/shorewall.conf ]; then
+	    MODULESDIR=$(grep '^\s*MODULESDIR=' $directory/shorewall.conf | tail -n 1)
+	    MODULESDIR=${MODULESDIR#*=}
+	    IPTABLES=$(grep '^\s*IPTABLES=' $directory/shorewall.conf | tail -n 1)
+	    IPTABLES=${IPTABLES#*=}
+	fi
+
 	progress_message "Getting Capabilities on system $system..."
-	if ! ssh ${root}@${system} "/sbin/shorewall-lite show -f capabilities > ${LITEDIR}/capabilities" || \
+	if ! ssh ${root}@${system} "MODULESDIR=$MODULESDIR IPTABLES=$IPTABLES /usr/share/shorewall-lite/shorecap > ${LITEDIR}/capabilities" || \
 	   ! scp ${root}@$system:${LITEDIR}/capabilities $directory; then
 	    fatal_error "ERROR: Capturing capabilities on system $system failed"
 	fi
diff --git a/Shorewall/shorewall.conf b/Shorewall/shorewall.conf
index 7d4644596..99e19de6c 100644
--- a/Shorewall/shorewall.conf
+++ b/Shorewall/shorewall.conf
@@ -72,6 +72,8 @@ RESTOREFILE=
 
 IPSECFILE=zones
 
+#LITEDIR=/var/lib/shorewall-lite
+
 ###############################################################################
 #		D E F A U L T   A C T I O N S / M A C R O S
 ###############################################################################
diff --git a/docs/CompiledPrograms.xml b/docs/CompiledPrograms.xml
index 896699c88..8138a4090 100644
--- a/docs/CompiledPrograms.xml
+++ b/docs/CompiledPrograms.xml
@@ -382,6 +382,10 @@ HOST = gateway
 #
 LITEDIR = /var/lib/shorewall-lite
 #
+# Set this if the remote system has a non-standard modules directory
+#
+MODULESDIR=
+#
 # Default target is the firewall script
 #
 ################################################################################
@@ -392,7 +396,7 @@ all: firewall
 # Only generate the capabilities file if it doesn't already exist
 #
 capabilities: 
-        ssh root@$(HOST) "/sbin/shorewall-lite show -f capabilities &gt; $(LITEDIR)/capabilities"
+        ssh root@$(HOST) "MODULESDIR=$(MODULESDIR) /usr/share/shorewall-lite/shorecap &gt; $(LITEDIR)/capabilities"
         scp root@$(HOST):$(LITEDIR)/capabilities .
 #
 # Compile the firewall script. Using the 'wildcard' function causes "*" to be expanded so that
@@ -644,7 +648,7 @@ clean:
           changes and you need to create a new capabilities file, do the
           following:</para>
 
-          <programlisting><command>/sbin/shorewall-lite show -f capabilities &gt; capabilities</command>
+          <programlisting><command>/usr/share/shorewall-lite/shorecap &gt; capabilities</command>
 <command>scp capabilities &lt;admin system&gt;:&lt;this system's config dir&gt;</command></programlisting>
 
           <para>Or, if you are running Shorewall 3.2.6 or later, simply use
@@ -721,6 +725,10 @@ MANGLE_FORWARD                  # Mangle table has FORWARD chain</programlisting
         <para><command>shorewall-lite show -f capabilities &gt;
         capabilities</command></para>
       </blockquote></para>
+
+    <para>Note that unlike the shorecap program, the <command>show
+    capabilities</command> command shows the kernel's current capabilities; it
+    does not attempt to load additional kernel modules.</para>
   </section>
 
   <section>