diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt
index eea69339a..f3c9bcab9 100644
--- a/Shorewall/changelog.txt
+++ b/Shorewall/changelog.txt
@@ -6,6 +6,8 @@ Changes in 3.4.0 Final
 
 3)  Fix obscure bug in rule activation logic.
 
+4)  Don't clear proxy arp unconditionally.
+
 Changes in 3.4.0 RC 3
 
 1)  Add warning about 'loose' and 'balance'
diff --git a/Shorewall/compiler b/Shorewall/compiler
index b7ba7d6cc..6f53340ff 100755
--- a/Shorewall/compiler
+++ b/Shorewall/compiler
@@ -787,18 +787,18 @@ setup_syn_flood_chains()
 #
 delete_proxy_arp() {
     indent >&3 << __EOF__
-if [ -f \${VARDIR}/proxyarp ]; then
+if [ -s \${VARDIR}/proxyarp ]; then
     while read address interface external haveroute; do
         qt arp -i \$external -d \$address pub
         [ -z "\$haveroute" -a -z "\$NOROUTE" ] && qt ip route del \$address dev \$interface
     done < \${VARDIR}/proxyarp
 
-    rm -f \${VARDIR}/proxyarp
+    for f in /proc/sys/net/ipv4/conf/*; do
+        [ -f \$f/proxy_arp ] && echo 0 > \$f/proxy_arp
+    done
 fi
 
-for f in /proc/sys/net/ipv4/conf/*; do
-    [ -f \$f/proxy_arp ] && echo 0 > \$f/proxy_arp
-done
+rm -f \${VARDIR}/proxyarp
 
 __EOF__
 
diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt
index 5133cbc79..5e49850db 100644
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@@ -42,6 +42,13 @@ Problems Corrected in 3.4.0 Final.
 3)  An obscure bug in rule activation having to do with the new
     exclusion feature in /etc/shorewall/hosts has been corrected.
 
+4) The "shorewall-[lite] [re]start and stop" commands reset the
+   proxy_arp flag on all interfaces on the system making it impossible
+   to control proxy arp manually with Shorewall installed. With this
+   change, shorewall will only clear proxy arp if there were entries in
+   /etc/shorewall/proxyarp the last time that Shorewall was
+   [re]started.
+
 Migration Considerations:
 
 If you are migrating from a Shorewall version earlier than 3.2.0 then