diff --git a/Shorewall-common/modules b/Shorewall-common/modules
index b9c1da719..2c4be4204 100644
--- a/Shorewall-common/modules
+++ b/Shorewall-common/modules
@@ -123,6 +123,7 @@ loadmodule sch_ingress
loadmodule sch_htb
loadmodule cls_u32
loadmodule cls_fw
+loadmodule cls_flow
loadmodule act_police
#
# Extensions
diff --git a/docs/IPv6Support.xml b/docs/IPv6Support.xml
index 47d1f6a90..ce50820d0 100644
--- a/docs/IPv6Support.xml
+++ b/docs/IPv6Support.xml
@@ -173,6 +173,17 @@
These setting allow Shorewall to control the contents of
/etc/iproute2/rt_tables.
+
+
+ 6TO4
+
+ If you are using a 6to4 tunnel for your IPv6 connectivity, you
+ need an entry in
+ /etc/shorewall/tunnels.#TYPE ZONE GATEWAY GATEWAY
+# ZONE
+6to4 net
+#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
+
diff --git a/manpages/shorewall-notrack.xml b/manpages/shorewall-notrack.xml
new file mode 100644
index 000000000..476473ada
--- /dev/null
+++ b/manpages/shorewall-notrack.xml
@@ -0,0 +1,64 @@
+
+
+
+
+ shorewall-
+
+ 5
+
+
+
+ file
+
+ Shorewall file
+
+
+
+
+ /etc/shorewall/
+
+
+
+
+ Description
+
+ The columns in the file are as follows.
+
+
+
+ COLUMN 1
+
+
+
+
+
+
+
+
+
+ Example
+
+
+
+
+
+ FILES
+
+ /etc/shorewall/
+
+
+
+ See ALSO
+
+ shorewall(8), shorewall-accounting(5), shorewall-actions(5),
+ shorewall-blacklist(5), shorewall-hosts(5), shorewall-interfaces(5),
+ shorewall-ipsec(5), shorewall-maclist(5), shorewall-masq(5),
+ shorewall-nat(5), shorewall-netmap(5), shorewall-params(5),
+ shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5),
+ shorewall-route_rules(5), shorewall-routestopped(5), shorewall-rules(5),
+ shorewall.conf(5), shorewall-tcclasses(5), shorewall-tcdevices(5),
+ shorewall-tcrules(5), shorewall-tos(5), shorewall-tunnels(5),
+ shorewall-zones(5)
+
+
diff --git a/manpages/shorewall-template.xml b/manpages/shorewall-template.xml
index 3970dc423..476473ada 100644
--- a/manpages/shorewall-template.xml
+++ b/manpages/shorewall-template.xml
@@ -1,4 +1,6 @@
+
shorewall-
@@ -59,4 +61,4 @@
shorewall-tcrules(5), shorewall-tos(5), shorewall-tunnels(5),
shorewall-zones(5)
-
\ No newline at end of file
+
diff --git a/manpages6/shorewall6-notrack.xml b/manpages6/shorewall6-notrack.xml
new file mode 100644
index 000000000..91e6a2f2f
--- /dev/null
+++ b/manpages6/shorewall6-notrack.xml
@@ -0,0 +1,126 @@
+
+
+
+
+ shorewall6-notrack
+
+ 5
+
+
+
+ notrack
+
+ shorewall6 notrack file
+
+
+
+
+ /etc/shorewall6/notrack
+
+
+
+
+ Description
+
+ The notrack file is used to exempt certain traffic from Netfilter
+ connection tracking. Traffic matching entries in this fill will not be
+ tracked.
+
+ The file was added in shorewall6-perl 4.2.7 and is not supported by
+ shorewall6-shell or by earlier versions of shorewall6-perl.
+
+ The columns in the file are as follows.
+
+
+
+ SOURCE ‒
+ zone[:interface][:address-list]
+
+
+ where zone is the name of a zone,
+ interface is an interface to that zone,
+ and address-list is a comma-separated
+ list of addresses (may contain exclusion - see shorewall6-exclusion
+ (5)).
+
+
+
+
+ DEST ‒ [address-list]
+
+
+ where address-list is a
+ comma-separated list of addresses (may contain exclusion - see
+ shorewall6-exclusion
+ (5)).
+
+
+
+
+ PROTO ‒
+ protocol-name-or-number
+
+
+ A protocol name from /etc/protocols or a
+ protocol number.
+
+
+
+
+ DEST PORT(S) - port-number/service-name-list
+
+
+ A comma-separated list of port numbers and/or service names
+ from /etc/services. May also include port
+ ranges of the form
+ low-port:high-port
+ if your kernel and iptables include port range support.
+
+
+
+
+ SOURCE PORT(S) - port-number/service-name-list
+
+
+ A comma-separated list of port numbers and/or service names
+ from /etc/services. May also include port
+ ranges of the form
+ low-port:high-port
+ if your kernel and iptables include port range support.
+
+
+
+
+ USER/GROUP ‒
+ [user][:group]
+
+
+ May only be specified if the SOURCE
+ zone is $FW. Specifies the effective user
+ id and or group id of the process sending the traffic.
+
+
+
+
+
+
+ FILES
+
+ /etc/shorewall6/notrack
+
+
+
+ See ALSO
+
+ shorewall6(8), shorewall6-accounting(5), shorewall6-actions(5),
+ shorewall6-blacklist(5), shorewall6-hosts(5), shorewall6-interfaces(5),
+ shorewall6-ipsec(5), shorewall6-params(5), shorewall6-policy(5),
+ shorewall6-providers(5), shorewall6-proxyarp(5),
+ shorewall6-route_rules(5), shorewall6-routestopped(5),
+ shorewall6-rules(5), shorewall6.conf(5), shorewall6-tcclasses(5),
+ shorewall6-tcdevices(5), shorewall6-tcrules(5), shorewall6-tos(5),
+ shorewall6-tunnels(5), shorewall-zones(5)
+
+