diff --git a/Shorewall2/changelog.txt b/Shorewall2/changelog.txt
index 839cfbd87..ab793b198 100644
--- a/Shorewall2/changelog.txt
+++ b/Shorewall2/changelog.txt
@@ -29,3 +29,6 @@ Changes since 2.0.2
 13) Allow multiple saved configurations.
 
 14) Add %attr spec to /etc/init.d/shorewall in the .spec file.
+
+15) Fix rules that have bridge ports in both SOURCE and DEST. Update
+    comments in the rules file WRT "all" in SOURCE or DEST.
diff --git a/Shorewall2/firewall b/Shorewall2/firewall
index 9d8b573e9..976f34038 100755
--- a/Shorewall2/firewall
+++ b/Shorewall2/firewall
@@ -3357,7 +3357,7 @@ add_a_rule()
 	if [ $COMMAND != check ]; then
 	    if [ -n "$loglevel" ]; then
 		log_rule_limit $loglevel $chain $logtarget "$ratelimit" "$logtag" $userandgroup \
-		    $(fix_bang $proto $multiport $dest_interface $cli $sports $dports)
+		    $(fix_bang $proto $multiport $cli $dest_interface $sports $dports)
 	    fi
 
 	    if [ "$logtarget" != LOG ]; then
@@ -3366,8 +3366,8 @@ add_a_rule()
 		       $cli $sports $dports $ratelimit $userandgroup -j RETURN
 
 		[ "$logtarget" != NONAT ] && \
-		    run_iptables2 -A $chain $proto $multiport $dest_interface \
-			$cli $sports $dports $ratelimit $userandgroup -j $target
+		    run_iptables2 -A $chain $proto $multiport $cli $dest_interface \
+			$sports $dports $ratelimit $userandgroup -j $target
 	    fi
 	fi
     fi
diff --git a/Shorewall2/releasenotes.txt b/Shorewall2/releasenotes.txt
index 1f801e12f..922e11ca8 100755
--- a/Shorewall2/releasenotes.txt
+++ b/Shorewall2/releasenotes.txt
@@ -32,6 +32,13 @@ Problems Corrected since 2.0.2
 9) The file /etc/init.d/shorewall now gets proper ownership when the
    RPM is built by a non-root user.
 
+10) Rules that specify bridge ports in both the SOURCE and DEST
+    columns no longer cause "shorewall start" to fail.
+
+11) Comments in the rules file have been added to advise users that
+    "all" in the SOURCE or DEST column does not affect intra-zone
+    traffic.
+
 -----------------------------------------------------------------------
 Issues when migrating from Shorewall 2.0.2 to Shorewall 2.0.3:
 
diff --git a/Shorewall2/rules b/Shorewall2/rules
index 4df78481b..89459f0c8 100755
--- a/Shorewall2/rules
+++ b/Shorewall2/rules
@@ -93,6 +93,10 @@
 #			excluded from the rule by following the zone name with
 #			"!' and a comma-separated list of sub-zone names.
 #
+#			When "all" is used either in the SOURCE or DEST column
+#			intra-zone traffic is not affected. You must add 
+#			separate rules to handle that traffic.
+#
 #			Except when "all" is specified, clients may be further
 #			restricted to a list of subnets and/or hosts by
 #			appending ":" and a comma-separated list of subnets
@@ -123,6 +127,10 @@
 #			/etc/shorewall/zones, $FW to indicate the firewall
 #			itself or "all"
 #
+#			When "all" is used either in the SOURCE or DEST column
+#			intra-zone traffic is not affected. You must add 
+#			separate rules to handle that traffic.
+#
 #			Except when "all" is specified, the server may be
 #			further restricted to a particular subnet, host or
 #			interface by appending ":" and the subnet, host or