diff --git a/docs/standalone.xml b/docs/standalone.xml
index 7131b5d56..3705a2281 100644
--- a/docs/standalone.xml
+++ b/docs/standalone.xml
@@ -593,7 +593,7 @@ SSH(ACCEPT) net $FW
Users of the .deb package must edit
/etc/default/shorewall and set
- STARTUP=1.
+ startup=1.
@@ -631,6 +631,13 @@ SSH(ACCEPT) net $FW
url="starting_and_stopping_shorewall.htm">shorewall
try
command.
+
+ The firewall will start after your network interface has been
+ brought up. This leaves a small window between the time that the network
+ interface is working and when the firewall is controlling connections
+ through that interface. If this is a concern, you can close that window by
+ installing the Shorewall Init
+ Package.
diff --git a/docs/three-interface.xml b/docs/three-interface.xml
index 3b44a147a..32ee8d93c 100644
--- a/docs/three-interface.xml
+++ b/docs/three-interface.xml
@@ -1145,6 +1145,13 @@ ACCEPT net $FW tcp 80 shorewall
try command.
+
+ The firewall will start after your network interfaces have been
+ brought up. This leaves a small window between the time that the network
+ interface are working and when the firewall is controlling connections
+ through those interfaces. If this is a concern, you can close that window
+ by installing the Shorewall Init
+ Package.
diff --git a/docs/two-interface.xml b/docs/two-interface.xml
index 3d5ba0477..670d5798b 100644
--- a/docs/two-interface.xml
+++ b/docs/two-interface.xml
@@ -1062,6 +1062,13 @@ ACCEPT loc $FW tcp 80 #Allow Weblet to workshorewall
try command.
+
+ The firewall will start after your network interfaces have been
+ brought up. This leaves a small window between the time that the network
+ interfaces are working and when the firewall is controlling connections
+ through those interfaces. If this is a concern, you can close that window
+ by installing the Shorewall Init
+ Package.