diff --git a/Shorewall-core/lib.cli b/Shorewall-core/lib.cli
index fec65bcbe..186a57a0b 100644
--- a/Shorewall-core/lib.cli
+++ b/Shorewall-core/lib.cli
@@ -3515,6 +3515,14 @@ restart_command() {
     return $rc
 }
 
+run_command() {
+    if [ -x ${VARDIR}/firewall ] ; then
+	run_it ${VARDIR}/firewall $g_debugging $@
+    else
+	fatal_error "${VARDIR}/firewall does not exist or is not executable"
+    fi
+}
+
 #
 # Give Usage Information
 #
@@ -3820,12 +3828,9 @@ shorewall_cli() {
 	    fi
 	    ;;
 	run)
+	    [ $# -gt 1 ] || fatal_error "Missing function name"
 	    get_config Yes
-	    if [ -x ${VARDIR}/firewall ] ; then
-		run_it ${VARDIR}/firewall $g_debugging $@
-	    else
-		fatal_error "${VARDIR}/firewall does not exist or is not executable"
-	    fi
+	    run_command $@
 	    ;;
 	show|list|ls)
 	    get_config Yes No Yes
diff --git a/Shorewall-lite/manpages/shorewall-lite.xml b/Shorewall-lite/manpages/shorewall-lite.xml
index 60c2427c4..ed30bbfc5 100644
--- a/Shorewall-lite/manpages/shorewall-lite.xml
+++ b/Shorewall-lite/manpages/shorewall-lite.xml
@@ -841,12 +841,11 @@
         <term><emphasis role="bold">run</emphasis></term>
 
         <listitem>
-          <para>Added in Shorewall 4.6.3. Calls the named
-          <replaceable>function</replaceable> passing the supplied
-          <replaceable>parameter</replaceable>s. The
-          <replaceable>function</replaceable> will normally be declared in
-          <filename>lib.private</filename> and is executed in the context of
-          the generated firewall script.</para>
+          <para>Added in Shorewall 4.6.3. Executes
+          <replaceable>command</replaceable> in the context of the generated
+          script passing the supplied <replaceable>parameter</replaceable>s.
+          Normally, the <replaceable>command</replaceable> will be a function
+          declared in <filename>lib.private</filename>.</para>
         </listitem>
       </varlistentry>
 
diff --git a/Shorewall/Perl/prog.footer b/Shorewall/Perl/prog.footer
index 8f64f1879..7f14e9462 100644
--- a/Shorewall/Perl/prog.footer
+++ b/Shorewall/Perl/prog.footer
@@ -374,7 +374,9 @@ case "$COMMAND" in
 	;;
     run)
 	shift
+	detect_configuration
 	eval $@
+	status=$?
 	;;
     version)
 	[ $# -ne 1 ] && usage 2
diff --git a/Shorewall/lib.cli-std b/Shorewall/lib.cli-std
index c1adefc07..fc2698b0a 100644
--- a/Shorewall/lib.cli-std
+++ b/Shorewall/lib.cli-std
@@ -1615,6 +1615,15 @@ export_command() # $* = original arguments less the command.
     fi
 }
 
+run_command() {
+    if [ -x ${VARDIR}/firewall ] ; then
+	uptodate ${VARDIR}/firewall || echo "   WARNING: ${VARDIR}/firewall is not up to date" >&2
+	run_it ${VARDIR}/firewall $g_debugging $@
+    else
+	fatal_error "${VARDIR}/firewall does not exist or is not executable"
+    fi
+}
+
 #
 # Give Usage Information
 #
diff --git a/Shorewall/manpages/shorewall.xml b/Shorewall/manpages/shorewall.xml
index d16d726b5..ae64461a0 100644
--- a/Shorewall/manpages/shorewall.xml
+++ b/Shorewall/manpages/shorewall.xml
@@ -1428,12 +1428,20 @@
         <term><emphasis role="bold">run</emphasis></term>
 
         <listitem>
-          <para>Added in Shorewall 4.6.3. Calls the named
-          <replaceable>function</replaceable> passing the supplied
-          <replaceable>parameter</replaceable>s. The
-          <replaceable>function</replaceable> will normally be declared in
-          <filename>lib.private</filename> and is executed in the context of
-          the generated firewall script.</para>
+          <para>Added in Shorewall 4.6.3. Executes
+          <replaceable>command</replaceable> in the context of the generated
+          script passing the supplied <replaceable>parameter</replaceable>s.
+          Normally, the <replaceable>command</replaceable> will be a function
+          declared in <filename>lib.private</filename>.</para>
+
+          <para>If there are files in the CONFIG_PATH that were modified after
+          the current firewall script was generated, the following warning
+          message is issued:</para>
+
+          <simplelist>
+            <member>WARNING: /var/lib/shorewall/firewall is not up to
+            date</member>
+          </simplelist>
         </listitem>
       </varlistentry>
 
diff --git a/Shorewall6-lite/manpages/shorewall6-lite.xml b/Shorewall6-lite/manpages/shorewall6-lite.xml
index 3d89df775..20dcfeba8 100644
--- a/Shorewall6-lite/manpages/shorewall6-lite.xml
+++ b/Shorewall6-lite/manpages/shorewall6-lite.xml
@@ -327,7 +327,7 @@
 
       <arg choice="plain"><option>run</option></arg>
 
-      <arg choice="plain">function</arg>
+      <arg choice="plain">command</arg>
 
       <arg><replaceable>parameter ...</replaceable></arg>
     </cmdsynopsis>
@@ -839,12 +839,11 @@
         <term><emphasis role="bold">run</emphasis></term>
 
         <listitem>
-          <para>Added in Shorewall 4.6.3. Calls the named
-          <replaceable>function</replaceable> passing the supplied
-          <replaceable>parameter</replaceable>s. The
-          <replaceable>function</replaceable> will normally be declared in
-          <filename>lib.private</filename> and is executed in the context of
-          the generated firewall script.</para>
+          <para>Added in Shorewall 4.6.3. Executes
+          <replaceable>command</replaceable> in the context of the generated
+          script passing the supplied <replaceable>parameter</replaceable>s.
+          Normally, the <replaceable>command</replaceable> will be a function
+          declared in <filename>lib.private</filename>.</para>
         </listitem>
       </varlistentry>
 
diff --git a/Shorewall6/manpages/shorewall6.xml b/Shorewall6/manpages/shorewall6.xml
index f5394a2be..2645b6630 100644
--- a/Shorewall6/manpages/shorewall6.xml
+++ b/Shorewall6/manpages/shorewall6.xml
@@ -1309,12 +1309,21 @@
         <term><emphasis role="bold">run</emphasis></term>
 
         <listitem>
-          <para>Added in Shorewall 4.6.3. Calls the named
-          <replaceable>function</replaceable> passing the supplied
-          <replaceable>parameter</replaceable>s. The
-          <replaceable>function</replaceable> will normally be declared in
-          <filename>lib.private</filename> and is executed in the context of
-          the generated firewall script.</para>
+          <para>Added in Shorewall 4.6.3. Executes
+          <replaceable>command</replaceable> in the context of the generated
+          script passing the supplied <replaceable>parameter</replaceable>s.
+          Normally, the <replaceable>command</replaceable> will be a function
+          declared in <filename>lib.private</filename>.</para>
+
+          <para>If there are files in the CONFIG_PATH that were modified after
+          the current firewall script was generated, the following warning
+          message is issued before the script's run command is
+          executed:</para>
+
+          <simplelist>
+            <member>WARNING: /var/lib/shorewall6/firewall is not up to
+            date</member>
+          </simplelist>
         </listitem>
       </varlistentry>
 
