diff --git a/Shorewall-shell/compiler b/Shorewall-shell/compiler
index bb1e197e1..f2b699a23 100755
--- a/Shorewall-shell/compiler
+++ b/Shorewall-shell/compiler
@@ -732,7 +732,7 @@ log_rule_limit() # $1 = log level, $2 = chain, $3 = display Chain $4 = dispositi
 
     shift 7
 
-    save_command "do_log_rule_limit \"$level\" \"$chain\" \"$displayChain\" \"$disposition\" \"$limit\" \"$tag\" \"$command\" $@"
+    save_command "do_log_rule_limit \"$level\" \"$chain\" \"$displayChain\" \"$disposition\" \"$limit\" \"$tag\" \"$command\" $(fix_bang $@)"
 }
 
 log_rule() # $1 = log level, $2 = chain, $3 = disposition , $... = predicates for the rule
diff --git a/Shorewall-shell/lib.maclist b/Shorewall-shell/lib.maclist
index 985a9c684..6db201e20 100644
--- a/Shorewall-shell/lib.maclist
+++ b/Shorewall-shell/lib.maclist
@@ -192,7 +192,7 @@ setup_mac_lists() # $1 = Phase Number
 	    if [ -z "$addresses" ]; then
 		[ -n "$level" ] && \
 		    log_rule_limit $level $chain $(mac_chain $interface) $disposition "$LOGLIMIT" "" -A -t $MACLIST_TABLE $macpart $physdev_part
-		run_iptables -A $chain -t $MACLIST_TABLE $macpart $physdev_part -j $target
+		run_iptables2 -A $chain -t $MACLIST_TABLE $macpart $physdev_part -j $target
 	    else
 		for address in $(separate_list $addresses) ; do
 		    [ -n "$level" ] && \
@@ -213,12 +213,12 @@ setup_mac_lists() # $1 = Phase Number
 	    case $MACLIST_TABLE in
 		filter)
 		    for chain in $(first_chains $interface) ; do
-			run_iptables -A $chain $(match_source_hosts $hosts) -m state --state NEW \
+			run_iptables2 -A $chain $(match_source_hosts $hosts) -m state --state NEW \
 			    $policy -j $(mac_chain $interface)
 		    done
 		    ;;
 		*)
-		    run_iptables -t mangle -A PREROUTING -i $interface $(match_source_hosts $hosts) -m state --state NEW \
+		    run_iptables2 -t mangle -A PREROUTING -i $interface $(match_source_hosts $hosts) -m state --state NEW \
 			$policy -j $(mac_chain $interface)
 		    ;;
 	    esac