diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt
index f5ca17350..057607ed3 100755
--- a/Shorewall/changelog.txt
+++ b/Shorewall/changelog.txt
@@ -19,3 +19,5 @@ Changes since 1.4.9
 8) Add multicast to 'detectnets' zones.
 
 9) Don't add broadcasts to /0 groups.
+
+10) Fix "-" in PROTO column of an action file.
diff --git a/Shorewall/firewall b/Shorewall/firewall
index 746c1026c..8a6436b69 100755
--- a/Shorewall/firewall
+++ b/Shorewall/firewall
@@ -2257,6 +2257,9 @@ add_an_action()
     [ x$cport = x- ] && cport=
 
     case $proto in
+	all|-)
+	    proto=
+	    ;;
 	tcp|TCP|6)
 	    do_ports
 	    [ "$target" = QUEUE ] && proto="$proto --syn"
diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt
index 129549e05..fe4240573 100755
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@@ -16,6 +16,9 @@ Problems Corrected since version 1.4.9:
 4. Shorewall now tries to avoid sending an ICMP response to broadcasts
    and smurfs.
 
+5. Specifying "-" or "all" in the PROTO column of an action no longer
+   causes a startup error. 
+
 Migration Issues:
 
 None.