diff --git a/Shorewall-perl/Shorewall/Chains.pm b/Shorewall-perl/Shorewall/Chains.pm
index a57f3f4db..e7144c1c2 100644
--- a/Shorewall-perl/Shorewall/Chains.pm
+++ b/Shorewall-perl/Shorewall/Chains.pm
@@ -496,13 +496,22 @@ sub insert_rule($$$)
 #
 # Move the rules from one chain to another
 #
+# The rules generated by interface options are added to the interfaces's input chain and
+# forward chain. Shorewall::Rules::generate_matrix() may decide to move those rules to
+# a zone-oriented chain, hence this function.
+#
+# The source chain must not have any run-time code included in its rules. 
+#
 sub move_rules( $$ ) {
     my ($chain1, $chain2 ) = @_;
 
     if ( $chain1->{referenced} ) {
 	my @rules = @{$chain1->{rules}};
 
-	s/ $chain1->{name} / $chain2->{name} / for @rules;
+	for ( @rules ) {
+	    fatal_error "Internal Error in move_rules()" unless /^-A/;
+	    s/ $chain1->{name} / $chain2->{name} /;
+	}
 
 	splice @{$chain2->{rules}}, 0, 0, @rules;