diff --git a/Shorewall2/changelog.txt b/Shorewall2/changelog.txt
index ab1036c6d..6af0ced32 100644
--- a/Shorewall2/changelog.txt
+++ b/Shorewall2/changelog.txt
@@ -150,3 +150,5 @@ Changes since 2.0.3
 72) Apply Tuomas Jormola's IPTABLES patch.
 
 73) Fixed some bugs in Tuomas's patch.
+
+74) Correct bug in "shorewall add"
diff --git a/Shorewall2/firewall b/Shorewall2/firewall
index ca1a03946..6aadddbdc 100755
--- a/Shorewall2/firewall
+++ b/Shorewall2/firewall
@@ -1756,7 +1756,7 @@ setup_ipsec() {
     set_mss1() # $1 = chain, $2 = MSS
     {
 	eval local policy=\$${1}_policy
-	if [ "$policy" != NONE ]; then
+	if [ "$policy" != NONE -a "$COMMAND" != add ]; then
 	    ensurechain $1
 	    run_iptables -I $1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss $2
 	fi
diff --git a/Shorewall2/releasenotes.txt b/Shorewall2/releasenotes.txt
index dc9f8fec5..4f4413cbb 100755
--- a/Shorewall2/releasenotes.txt
+++ b/Shorewall2/releasenotes.txt
@@ -138,6 +138,9 @@ Problems corrected since 2.2.0 Beta 5:
 1) Many problems associated with an empty IPTABLES variable have been
    corrected.
 
+2) A 'chain already exists' error occurs on "shorewall add" if you are
+   using the 'mss' option in the ipsec file.
+
 -----------------------------------------------------------------------
 Issues when migrating from Shorewall 2.0 to Shorewall 2.1: