diff --git a/Shorewall/Perl/Shorewall/Compiler.pm b/Shorewall/Perl/Shorewall/Compiler.pm
index c91906f89..9e6b01f98 100644
--- a/Shorewall/Perl/Shorewall/Compiler.pm
+++ b/Shorewall/Perl/Shorewall/Compiler.pm
@@ -710,6 +710,16 @@ sub compiler {
     #
     setup_proxy_arp;
 
+    my $setting = supplied $config{HELPERS} ? 0 : 1;
+
+    emit( "#\n# Set automatic helper association on kernel 3.5.0 and later\n#" ,
+	  'if [ -f /proc/sys/net/netfilter/nf_conntrack_helper ]; then' ,
+	  '    progress_message "Setting up Automatic Helper Association"',
+	  "    echo $setting > /proc/sys/net/netfilter/nf_conntrack_helper",
+	  'fi',
+	  ''
+	);
+
     if ( $scriptfilename || $debug ) {
 	emit 'return 0';
 	pop_indent;
diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm
index 94232a0b6..97fa9e212 100644
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@@ -62,6 +62,7 @@ our @EXPORT = qw(
 
 		 have_capability
 		 require_capability
+		 kernel_version
                 );
 
 our @EXPORT_OK = qw( $shorewall_dir initialize shorewall);
@@ -3643,6 +3644,13 @@ sub require_capability( $$$ ) {
     fatal_error "$description require${singular} $capdesc{$capability} in your kernel and iptables" unless have_capability $capability;
 }
 
+#
+# Return Kernel Version
+#
+sub kernel_version() {
+    $capabilities{KERNELVERSION}
+}
+
 #
 # Set default config path
 #
diff --git a/Shorewall/manpages/shorewall.conf.xml b/Shorewall/manpages/shorewall.conf.xml
index 209eff551..4cd86e8f6 100644
--- a/Shorewall/manpages/shorewall.conf.xml
+++ b/Shorewall/manpages/shorewall.conf.xml
@@ -737,6 +737,10 @@ net     all  DROP   info</programlisting>then the chain name is 'net2all'
               <para>tftp</para>
             </listitem>
           </itemizedlist>
+
+          <para>When HELPERS is specified on a system running Kernel 3.5.0 or
+          later, automatic association of helpers to connections is disabled.
+          </para>
         </listitem>
       </varlistentry>
 
diff --git a/Shorewall6/manpages/shorewall6.conf.xml b/Shorewall6/manpages/shorewall6.conf.xml
index 5ef8a559f..1eda02d4f 100644
--- a/Shorewall6/manpages/shorewall6.conf.xml
+++ b/Shorewall6/manpages/shorewall6.conf.xml
@@ -646,6 +646,10 @@ net     all  DROP   info</programlisting>then the chain name is 'net2all'
               <para>tftp</para>
             </listitem>
           </itemizedlist>
+
+          <para>When HELPERS is specified on a system running Kernel 3.5.0 or
+          later, automatic association of helpers to connections is disabled.
+          </para>
         </listitem>
       </varlistentry>