diff --git a/Shorewall/Perl/Shorewall/Accounting.pm b/Shorewall/Perl/Shorewall/Accounting.pm
index 5f4f84cff..c2b7b7b4a 100644
--- a/Shorewall/Perl/Shorewall/Accounting.pm
+++ b/Shorewall/Perl/Shorewall/Accounting.pm
@@ -86,7 +86,7 @@ sub process_accounting_rule( ) {
 	$jumpchainref = ensure_accounting_chain( $jumpchain, 0 );
 	check_chain( $jumpchainref );
 	$disposition = $jumpchain;
-	"-j $jumpchain";
+	$jumpchain;
     }
 
     my $target = '';
@@ -101,7 +101,7 @@ sub process_accounting_rule( ) {
     
     unless ( $action eq 'COUNT' ) {
 	if ( $action eq 'DONE' ) {
-	    $target = '-j RETURN';
+	    $target = 'RETURN';
 	} else {
 	    ( $action, my $cmd ) = split /:/, $action;
 	    if ( $cmd ) {
diff --git a/Shorewall/Perl/Shorewall/Actions.pm b/Shorewall/Perl/Shorewall/Actions.pm
index f033577af..6958f5e83 100644
--- a/Shorewall/Perl/Shorewall/Actions.pm
+++ b/Shorewall/Perl/Shorewall/Actions.pm
@@ -58,7 +58,7 @@ our @EXPORT = qw( merge_levels
 		  $macro_commands
 		  );
 our @EXPORT_OK = qw( initialize );
-our $VERSION = '4.4_12';
+our $VERSION = '4.4_13';
 
 #
 #  Used Actions. Each action that is actually used has an entry with value 1.
@@ -636,7 +636,7 @@ sub process_action( $$$$$$$$$$$ ) {
 		  $source ,
 		  $dest ,
 		  '', #Original Dest
-		  $action ? "-j $action" : '',
+		  $action ,
 		  $level ,
 		  $action ,
 		  '' );
diff --git a/Shorewall/Perl/Shorewall/Chains.pm b/Shorewall/Perl/Shorewall/Chains.pm
index 16344a197..e0cce9e8c 100644
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@@ -3161,7 +3161,7 @@ sub expand_rule( $$$$$$$$$$;$ )
 	$source,       # SOURCE
 	$dest,         # DEST
 	$origdest,     # ORIGINAL DEST
-	$target,       # Target ('-j' part of the rule)
+	$target,       # Target ('-j' part of the rule - may be empty)
 	$loglevel ,    # Log level (and tag)
 	$disposition,  # Primtive part of the target (RETURN, ACCEPT, ...)
 	$exceptionrule,# Caller's matches used in exclusion case
@@ -3170,6 +3170,7 @@ sub expand_rule( $$$$$$$$$$;$ )
 
     my ($iiface, $diface, $inets, $dnets, $iexcl, $dexcl, $onets , $oexcl, $trivialiexcl, $trivialdexcl );
     my $chain = $chainref->{name};
+    my $jump  = $target ? '-j ' . $target : '';
 
     our @ends = ();
     #
@@ -3533,7 +3534,7 @@ sub expand_rule( $$$$$$$$$$;$ )
 	#
 	# Generate Final Rule
 	#
-	add_rule( $fromref = $echainref, $exceptionrule . $target, 1 ) unless $disposition eq 'LOG';
+	add_rule $fromref = $echainref, $exceptionrule . $jump , 1 unless $disposition eq 'LOG';
     } else {
 	#
 	# No exclusions
@@ -3552,13 +3553,13 @@ sub expand_rule( $$$$$$$$$$;$ )
 
 		    if ( $loglevel ne '' ) {
 			if ( $disposition ne 'LOG' ) {
-			    unless ( $logname || $target =~ /-j RETURN\b/ ) {
+			    unless ( $logname || $target =~ /^RETURN\b/ ) {
 				#
 				# Find/Create a chain that both logs and applies the target action
 				# and jump to the log chain if all of the rule's conditions are met
 				#
 				add_jump( $chainref,
-					  logchain( $chainref, $loglevel, $logtag, $exceptionrule , $disposition, $target ),
+					  logchain( $chainref, $loglevel, $logtag, $exceptionrule , $disposition, $jump ),
 					  $builtin_target{$disposition},
 					  $matches,
 					  1 );
@@ -3573,7 +3574,7 @@ sub expand_rule( $$$$$$$$$$;$ )
 					       'add',
 					       $matches );
 
-				add_rule( $fromref = $chainref, $matches . $target, 1 );
+				add_rule( $fromref = $chainref, $matches . $jump, 1 );
 			    }
 			} else {
 			    #
@@ -3594,7 +3595,7 @@ sub expand_rule( $$$$$$$$$$;$ )
 			#
 			# No logging -- add the target rule with matches to the rule chain
 			#
-			add_rule( $fromref = $chainref, $matches . $target , 1 );
+			add_rule( $fromref = $chainref, $matches . $jump , 1 );
 		    }
 		}
 	    }
@@ -3603,8 +3604,8 @@ sub expand_rule( $$$$$$$$$$;$ )
     #
     # Mark Target as referenced, if it's a chain
     #
-    if ( $fromref && $disposition ) {
-	my $targetref = $chain_table{$chainref->{table}}{$disposition};
+    if ( $fromref && $target ) {
+	my $targetref = $chain_table{$chainref->{table}}{$target};
 	if ( $targetref ) {
 	    $targetref->{referenced} = 1;
 	    add_reference $fromref, $targetref;
diff --git a/Shorewall/Perl/Shorewall/Nat.pm b/Shorewall/Perl/Shorewall/Nat.pm
index 801a72b97..b73dc3be7 100644
--- a/Shorewall/Perl/Shorewall/Nat.pm
+++ b/Shorewall/Perl/Shorewall/Nat.pm
@@ -125,7 +125,7 @@ sub process_one_masq( )
 
     for my $fullinterface (split_list $interfacelist, 'interface' ) {
 	my $rule = '';
-	my $target = '-j MASQUERADE ';
+	my $target = 'MASQUERADE ';
 	#
 	# Isolate and verify the interface part
 	#
@@ -171,7 +171,7 @@ sub process_one_masq( )
 		    fatal_error "The SAME target is no longer supported";
 		} elsif ( $addresses eq 'detect' ) {
 		    my $variable = get_interface_address $interface;
-		    $target = "-j SNAT --to-source $variable";
+		    $target = "SNAT --to-source $variable";
 
 		    if ( interface_is_optional $interface ) {
 			add_commands( $chainref,
@@ -181,13 +181,13 @@ sub process_one_masq( )
 			$detectaddress = 1;
 		    }
 		} elsif ( $addresses eq 'NONAT' ) {
-		    $target = '-j RETURN';
+		    $target = 'RETURN';
 		    $add_snat_aliases = 0;
 		} else {
 		    my $addrlist = '';
 		    for my $addr ( split_list $addresses , 'address' ) {
 			if ( $addr =~ /^.*\..*\..*\./ ) {
-			    $target = '-j SNAT ';
+			    $target = 'SNAT ';
 			    my ($ipaddr, $rest) = split ':', $addr;
 			    if ( $ipaddr =~ /^(.+)-(.+)$/ ) {
 				validate_range( $1, $2 );
diff --git a/Shorewall/Perl/Shorewall/Raw.pm b/Shorewall/Perl/Shorewall/Raw.pm
index 513f54ddb..7739a3551 100644
--- a/Shorewall/Perl/Shorewall/Raw.pm
+++ b/Shorewall/Perl/Shorewall/Raw.pm
@@ -64,7 +64,7 @@ sub process_notrack_rule( $$$$$$ ) {
 	$source ,
 	$dest ,
 	'' ,
-	'-j NOTRACK' ,
+	'NOTRACK' ,
 	'' ,
 	'NOTRACK' ,
 	'' ;
diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm
index 74a8055ad..26377e368 100644
--- a/Shorewall/Perl/Shorewall/Rules.pm
+++ b/Shorewall/Perl/Shorewall/Rules.pm
@@ -148,7 +148,7 @@ sub process_tos() {
 		$src ,
 		$dst ,
 		'' ,
-		"-j TOS --set-tos $tos" ,
+		"TOS --set-tos $tos" ,
 		'' ,
 		'TOS' ,
 		'';
@@ -277,7 +277,7 @@ sub setup_blacklist() {
 			    $direction eq 'from' ? $networks : '',
 			    $direction eq 'to'   ? $networks : '',
 			    '' ,
-			    "-j $target" ,
+			    $target ,
 			    '' ,
 			    $target ,
 			    '' );
@@ -1299,7 +1299,7 @@ sub process_rule1 ( $$$$$$$$$$$$$ ) {
 
 	if ( $actiontype  & REDIRECT ) {
 	    fatal_error "A server IP address may not be specified in a REDIRECT rule" if $server;
-	    $target  = '-j REDIRECT ';
+	    $target  = 'REDIRECT ';
 	    $target .= "--to-port $serverport " if $serverport;
 	    if ( $origdest eq '' || $origdest eq '-' ) {
 		$origdest = ALLIP;
@@ -1323,7 +1323,7 @@ sub process_rule1 ( $$$$$$$$$$$$$ ) {
 	    }
 
 	    if ( $action eq 'DNAT' ) {
-		$target = '-j DNAT ';
+		$target = 'DNAT ';
 		if ( $server ) {
 		    $serverport = ":$serverport" if $serverport;
 		    for my $serv ( split /,/, $server ) {
@@ -1429,7 +1429,7 @@ sub process_rule1 ( $$$$$$$$$$$$$ ) {
 			     '', # Source
 			     '', # Dest
 			     '', # Original dest
-			     '-j ACCEPT',
+			     'ACCEPT',
 			     $loglevel,
 			     $log_action,
 			     '',
@@ -1447,7 +1447,7 @@ sub process_rule1 ( $$$$$$$$$$$$$ ) {
 		     $source ,
 		     $dest ,
 		     $origdest ,
-		     "-j $tgt",
+		     $tgt,
 		     $loglevel ,
 		     $log_action ,
 		     '' ,
@@ -1493,7 +1493,7 @@ sub process_rule1 ( $$$$$$$$$$$$$ ) {
 		     $source ,
 		     $dest ,
 		     $origdest ,
-		     $action ? "-j $action " : '' ,
+		     $action ,
 		     $loglevel ,
 		     $log_action ,
 		     '' );
diff --git a/Shorewall/Perl/Shorewall/Tc.pm b/Shorewall/Perl/Shorewall/Tc.pm
index dc65b30b2..c17b265d0 100644
--- a/Shorewall/Perl/Shorewall/Tc.pm
+++ b/Shorewall/Perl/Shorewall/Tc.pm
@@ -391,9 +391,9 @@ sub process_tc_rule( ) {
 				     $source ,
 				     $dest ,
 				     '' ,
-				     "-j $target $mark" ,
+				     "$target $mark" ,
+				     '' ,
 				     '' ,
-				     $target ,
 				     '' ) )
 	  && $device ) {
 	#