Add Cliff Armstrong's workaround to the Docker document

Signed-off-by: Tom Eastep <teastep@shorewall.net>

docs/Docker.xml

@@ -13,6 +13,10 @@
 
         <surname>Eastep</surname>
       </author>
+
+      <author>
+        <surname>J Cliff Armstrong</surname>
+      </author>
     </authorgroup>
 
     <pubdate><?dbtimestamp format="Y/m/d"?></pubdate>
@@ -20,6 +24,8 @@
     <copyright>
       <year>2016</year>
 
+      <year>2020</year>
+
       <holder>Thomas M. Eastep</holder>
     </copyright>
 
@@ -57,6 +63,35 @@
     <command>restart</command> or <command>reload</command> operation and
     restores those rules along with the Shorewall-generated ruleset.</para>
 
+    <important>
+      <para>Shorewall currently doesn't support Docker Swarm mode.</para>
+    </important>
+
+    <warning>
+      <para>On Debian and Debian-derived systems, <command>systemctl restart
+      shorewall</command> will lose Docker rules. You can work around this
+      issue using a method provided by J Cliff Armstrong:</para>
+
+      <para>Type as root:</para>
+
+      <programlisting><command>systemctl edit shorewall.service</command></programlisting>
+
+      <para>This will open the default terminal editor to a blank file in
+      which you can paste the following:</para>
+
+      <programlisting>[Service]
+# reset ExecStop
+ExecStop=
+# set ExecStop to "stop" instead of "clear"
+ExecStop=/sbin/shorewall $OPTIONS stop
+</programlisting>
+
+      <para> Then type <command>systemctl daemon-reload </command>to activate
+      the changes. This change will survive future updates of the shorewall
+      package from apt repositories. The override file itself will be saved to
+      `/etc/systemd/system/shorewall.service.d/`. </para>
+    </warning>
+
     <para>This support assumes that the default Docker bridge (docker0) is
     being used. It is recommended that this bridge be defined to Shorewall in
     <ulink