diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm
index d90758e13..aa445ff5d 100644
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@@ -2101,7 +2101,7 @@ sub set_action_param( $$ ) {
 #
 # Expand Shell Variables in the passed buffer using %params and @actparms
 #
-sub expand_variables( \$;$ ) {
+sub expand_variables( \$ ) {
     my ( $lineref, $count ) = ( $_[0], 0 );
     #                    $1      $2   $3      -     $4
     while ( $$lineref =~ m( ^(.*?) \$({)? (\w+) (?(2)}) (.*)$ )x ) {
@@ -2115,7 +2115,7 @@ sub expand_variables( \$;$ ) {
 	    $val = $actparms[$var];
 	} elsif ( exists $params{$var} ) {
 	    $val = $params{$var};
-	} elsif ( $_[1] && exists $shorewallrc{$var} ) {
+	} elsif ( exists $shorewallrc{$var} ) {
 	    $val = $shorewallrc{$var}
 	} else {
 	    fatal_error "Undefined shell variable (\$$var)" unless exists $config{$var};
@@ -2288,7 +2288,7 @@ sub process_shorewallrc( $ ) {
 	    if ( $currentline =~ /^([a-zA-Z]\w*)=(.*)$/ ) {
 		my ($var, $val) = ($1, $2);
 		$val = $1 if $val =~ /^\"([^\"]*)\"$/;
-		expand_variables($val, 1 ) if supplied $val;
+		expand_variables($val) if supplied $val;
 		$shorewallrc{$var} = $val;
 	    } else {
 		fatal_error "Unrecognized shorewallrc entry";
@@ -3473,7 +3473,7 @@ sub process_shorewall_conf( $$ ) {
     #
     for ( values  %config ) {
 	if ( supplied $_ ) {
-	    expand_variables( $_, 1) unless /^'(.+)'$/;
+	    expand_variables( $_ ) unless /^'(.+)'$/;
 	}
     }
 }
diff --git a/docs/Install.xml b/docs/Install.xml
index 81831765c..2012e5b75 100644
--- a/docs/Install.xml
+++ b/docs/Install.xml
@@ -247,7 +247,7 @@
         <member><command>./install.sh</command></member>
       </simplelist>
 
-      <section>
+      <section id="shorewallrc">
         <title>Settings in a shorewallrc file</title>
 
         <para>A shorewallrc file contains a number of lines of the form
@@ -342,7 +342,7 @@
             <listitem>
               <para>Top-level directory under which most Shorewall components
               are installed. All standard shorewallrc files define this as
-              <emphasis role="bold">\usr</emphasis>. </para>
+              <emphasis role="bold">\usr</emphasis>.</para>
             </listitem>
           </varlistentry>
 
diff --git a/docs/configuration_file_basics.xml b/docs/configuration_file_basics.xml
index 502c8f625..7209d040c 100644
--- a/docs/configuration_file_basics.xml
+++ b/docs/configuration_file_basics.xml
@@ -1252,11 +1252,15 @@ SHELL cat /etc/shorewall/rules.d/*.rules 2&gt; /dev/null || true</programlisting
       </listitem>
     </orderedlist>
 
-    <para id="Rvariables">Given that shell variables are expanded at compile
-    time, there is no way to cause such variables to be expended at run time.
-    Prior to Shorewall 4.4.17, this made it difficult (to impossible) to
-    include dynamic IP addresses in a <ulink
-    url="Shorewall-Lite.html">Shorewall-lite</ulink> configuration.</para>
+    <para id="Rvariables">Beginning with Shorewall 4.5.2, configuration files
+    can access variables defined in the <ulink
+    url="Install.htm#shorewallrc">shorewallrc file</ulink>.</para>
+
+    <para>Given that shell variables are expanded at compile time, there is no
+    way to cause such variables to be expended at run time. Prior to Shorewall
+    4.4.17, this made it difficult (to impossible) to include dynamic IP
+    addresses in a <ulink url="Shorewall-Lite.html">Shorewall-lite</ulink>
+    configuration.</para>
 
     <para>Version 4.4.17 implemented <firstterm>Run-time address
     variables</firstterm>. In configuration files, these variables are