diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm
index c1a5eba0e..7da070f39 100644
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@@ -279,6 +279,7 @@ my  %capdesc = ( NAT_ENABLED     => 'NAT',
 		 HEADER_MATCH    => 'Header Match',
 		 ACCOUNT_TARGET  => 'ACCOUNT Target',
 		 AUDIT_TARGET    => 'AUDIT Target',
+		 RAWPOST_TABLE   => 'Rawpost Table',
 		 CAPVERSION      => 'Capability Version',
 		 KERNELVERSION   => 'Kernel Version',
 	       );
@@ -436,7 +437,7 @@ sub initialize( $ ) {
 		    STATEMATCH => '-m state --state',
 		    UNTRACKED  => 0,
 		    VERSION    => "4.4.22.1",
-		    CAPVERSION => 40421 ,
+		    CAPVERSION => 40423 ,
 		  );
     #
     # From shorewall.conf file
@@ -624,6 +625,7 @@ sub initialize( $ ) {
 	       CONNMARK_MATCH => undef,
 	       XCONNMARK_MATCH => undef,
 	       RAW_TABLE => undef,
+	       RAWPOST_TABLE => undef,
 	       IPP2P_MATCH => undef,
 	       OLD_IPP2P_MATCH => undef,
 	       CLASSIFY_TARGET => undef,
@@ -2525,6 +2527,10 @@ sub Raw_Table() {
     qt1( "$iptables -t raw -L -n" );
 }
 
+sub Rawpost_Table() {
+    qt1( "$iptables -t rawpost -L -n" );
+}
+
 sub Old_IPSet_Match() {
     my $ipset  = $config{IPSET} || 'ipset';
     my $result = 0;
@@ -2707,6 +2713,7 @@ our %detect_capability =
       PHYSDEV_MATCH => \&Physdev_Match,
       POLICY_MATCH => \&Policy_Match,
       RAW_TABLE => \&Raw_Table,
+      RAWPOST_TABLE => \&Rawpost_Table,
       REALM_MATCH => \&Realm_Match,
       RECENT_MATCH => \&Recent_Match,
       TCPMSS_MATCH => \&Tcpmss_Match,
@@ -2820,6 +2827,7 @@ sub determine_capabilities() {
 
 	$capabilities{MANGLE_FORWARD}  = detect_capability( 'MANGLE_FORWARD' );
 	$capabilities{RAW_TABLE}       = detect_capability( 'RAW_TABLE' );
+	$capabilities{RAWPOST_TABLE}   = detect_capability( 'RAWPOST_TABLE' );
 	$capabilities{IPSET_MATCH}     = detect_capability( 'IPSET_MATCH' );
 	$capabilities{USEPKTTYPE}      = detect_capability( 'USEPKTTYPE' );
 	$capabilities{ADDRTYPE}        = detect_capability( 'ADDRTYPE' );
diff --git a/Shorewall/lib.cli b/Shorewall/lib.cli
index c37ca7c1b..bbe2f1440 100644
--- a/Shorewall/lib.cli
+++ b/Shorewall/lib.cli
@@ -1690,6 +1690,7 @@ determine_capabilities() {
     CONNMARK_MATCH=
     XCONNMARK_MATCH=
     RAW_TABLE=
+    RAWPOST_TABLE=
     IPP2P_MATCH=
     OLD_IPP2P_MATCH=
     LENGTH_MATCH=
@@ -1826,7 +1827,8 @@ determine_capabilities() {
 	qt $IPTABLES -t mangle -L FORWARD -n && MANGLE_FORWARD=Yes
     fi
 
-    qt $IPTABLES -t raw	   -L -n && RAW_TABLE=Yes
+    qt $IPTABLES -t raw	    -L -n && RAW_TABLE=Yes
+    qt $IPTABLES -t rawpost -L -n && RAWPOST_TABLE=Yes
 
     if qt mywhich ipset; then
 	qt ipset -X $chain # Just in case something went wrong the last time
@@ -1934,6 +1936,7 @@ report_capabilities() {
 	report_capability "Connmark Match" $CONNMARK_MATCH
 	[ -n "$CONNMARK_MATCH" ] && report_capability "Extended Connmark Match" $XCONNMARK_MATCH
 	report_capability "Raw Table" $RAW_TABLE
+	report_capability "Rawpost Table" $RAWPOST_TABLE
 	report_capability "IPP2P Match" $IPP2P_MATCH
 	[ -n "$OLD_IPP2P_MATCH" ] && report_capability "Old IPP2P Match Syntax" $OLD_IPP2P_MATCH
 	report_capability "CLASSIFY Target" $CLASSIFY_TARGET
@@ -2004,6 +2007,7 @@ report_capabilities1() {
     report_capability1 CONNMARK_MATCH
     report_capability1 XCONNMARK_MATCH
     report_capability1 RAW_TABLE
+    report_capability1 RAWPOST_TABLE
     report_capability1 IPP2P_MATCH
     report_capability1 OLD_IPP2P_MATCH
     report_capability1 CLASSIFY_TARGET
diff --git a/Shorewall6/lib.cli b/Shorewall6/lib.cli
index c3634d59f..cba53a1af 100644
--- a/Shorewall6/lib.cli
+++ b/Shorewall6/lib.cli
@@ -1519,6 +1519,7 @@ determine_capabilities() {
     CONNMARK_MATCH=
     XCONNMARK_MATCH=
     RAW_TABLE=
+    RAWPOST_TABLE=
     IPP2P_MATCH=
     OLD_IPP2P_MATCH=
     LENGTH_MATCH=
@@ -1664,6 +1665,7 @@ determine_capabilities() {
     fi
 
     qt $IP6TABLES -t raw	   -L -n && RAW_TABLE=Yes
+    qt $IP6TABLES -t rawpost	   -L -n && RAWPOST_TABLE=Yes
 
     if qt mywhich ipset; then
 	qt ipset -X $chain # Just in case something went wrong the last time
@@ -1764,6 +1766,7 @@ report_capabilities() {
 	report_capability "Connmark Match" $CONNMARK_MATCH
 	[ -n "$CONNMARK_MATCH" ] && report_capability "Extended Connmark Match" $XCONNMARK_MATCH
 	report_capability "Raw Table" $RAW_TABLE
+	report_capability "Rawpost Table" $RAWPOST_TABLE
 	report_capability "IPP2P Match" $IPP2P_MATCH
 	[ -n "$OLD_IPP2P_MATCH" ] && report_capability "Old IPP2P Match Syntax" $OLD_IPP2P_MATCH
 	report_capability "CLASSIFY Target" $CLASSIFY_TARGET
@@ -1831,6 +1834,7 @@ report_capabilities1() {
     report_capability1 CONNMARK_MATCH
     report_capability1 XCONNMARK_MATCH
     report_capability1 RAW_TABLE
+    report_capability1 RAWPOST_TABLE
     report_capability1 IPP2P_MATCH
     report_capability1 OLD_IPP2P_MATCH
     report_capability1 CLASSIFY_TARGET