diff --git a/docs/XenMyWay-Routed.xml b/docs/XenMyWay-Routed.xml
index 71c1137bd..1f6b5b466 100644
--- a/docs/XenMyWay-Routed.xml
+++ b/docs/XenMyWay-Routed.xml
@@ -495,11 +495,12 @@ OMAK=<IP address at our second home>
echo 1 > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal
- /etc/shorewall/interfaces:
+ /etc/shorewall/interfaces (don't specify
+ the BROADCAST addresses if you are using Shorewall-perl):
#ZONE INTERFACE BROADCAST OPTIONS
net $EXT_IF 206.124.146.255 dhcp,norfc1918,logmartians,blacklist,tcpflags,nosmurfs
-dmz $DMZ_IF 192.168.0.255 logmartians
+dmz $DMZ_IF 206.124.146.255 logmartians
loc $INT_IF 192.168.1.255 dhcp,routeback,logmartians
loc $TEST_IF -
wifi $WIFI_IF 192.168.3.255 dhcp,maclist
@@ -521,7 +522,7 @@ vpn tun+ -
rule before the SNAT rules generated by entries in
/etc/shorewall/nat above.
- #INTERFACE SUBNET ADDRESS PROTO PORT(S) IPSEC
+ #INTERFACE SOURCE ADDRESS PROTO PORT(S) IPSEC
+$EXT_IF:192.168.1.1 0.0.0.0/0 192.168.1.254
$EXT_IF 192.168.0.0/22 206.124.146.179
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
diff --git a/manpages/shorewall-tos.xml b/manpages/shorewall-tos.xml
index 764411ba0..d0b0fa5ac 100644
--- a/manpages/shorewall-tos.xml
+++ b/manpages/shorewall-tos.xml
@@ -28,13 +28,13 @@
SOURCE -
- {all[zone[:address]|all|$FW}
(Shorewall-shell)
- Name of a zone declared in Name of a zone declared in shorewall-zones(5), all or $FW.