From c57c42856b14bb2e5b77555219e7c5dd5de917d3 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Sun, 26 Sep 2010 12:36:39 -0700
Subject: [PATCH] Add workaround to known problems

---
 Shorewall/known_problems.txt | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/Shorewall/known_problems.txt b/Shorewall/known_problems.txt
index 47e4753d2..3a475762a 100644
--- a/Shorewall/known_problems.txt
+++ b/Shorewall/known_problems.txt
@@ -9,3 +9,17 @@
     configurations with the effect that blacklisting was not enabled.
 
     Fixed in 4.4.13.1
+
+    The issue may also be worked around is follows.
+
+    If you currently have an entry similar to this in
+    /etc/shorewall/interfaces:
+
+       #ZONE         INTERFACE BROADCAST        OPTIONS
+       net 	     eth0      detect		blacklist,...
+
+    then remove the 'blacklist' option from that entry and change the
+    'net' entry in /etc/shorewall/zones as follows:
+
+       #ZONE       TYPE       OPTIONS       IN_OPTIONS
+       net         ipv4       -             blacklist