diff --git a/Shorewall-perl/Shorewall/Rules.pm b/Shorewall-perl/Shorewall/Rules.pm
index 2cac3d6ba..e1ca4e5dd 100644
--- a/Shorewall-perl/Shorewall/Rules.pm
+++ b/Shorewall-perl/Shorewall/Rules.pm
@@ -1637,7 +1637,6 @@ sub generate_matrix() {
     #
     start_matrix;
 
-    my $exclusion_seq    = 1;
     my %chain_exclusions;
     my %policy_exclusions;
     my @interfaces = ( all_interfaces );
diff --git a/Shorewall-perl/Shorewall/Zones.pm b/Shorewall-perl/Shorewall/Zones.pm
index 410b58473..0e45e11c8 100644
--- a/Shorewall-perl/Shorewall/Zones.pm
+++ b/Shorewall-perl/Shorewall/Zones.pm
@@ -372,6 +372,7 @@ sub zone_report()
 	my $hostref   = $zoneref->{hosts};
 	my $type      = $zoneref->{type};
 	my $optionref = $zoneref->{options};
+	my $exclusions = $zoneref->{exclusions};
 
 	$type = $ipzone if $type eq 'ip';
 
@@ -402,6 +403,18 @@ sub zone_report()
 	    }
 	}
 
+	if ( $exclusions ) {
+	    for ( @$exclusions ) {
+		if ( $family == F_IPV4 ) {
+		    progress_message_nocompress "        !$_";
+		} else {
+		    my $host = $_;
+		    $host =~ s/\|/:</;
+		    progress_message_nocompress "        !$host>";
+		}
+	    }
+	}
+
 	unless ( $printed ) {
 	    fatal_error "No bridge has been associated with zone $zone" if $type eq 'bport' && ! $zoneref->{bridge};
 	    warning_message "*** $zone is an EMPTY ZONE ***" unless $type eq 'firewall';
@@ -462,8 +475,14 @@ sub dump_zone_contents()
 	if ( @$exclusions ) {
 	    $entry .= ' exclude';
 
-	    for my $host ( @$exclusions ) {
-		$entry .= " $host";
+	    for ( @$exclusions ) {
+		if ( $family == F_IPV4 ) {
+		    $entry .= " $_";
+		} else {
+		    my $host = $_;
+		    $host =~ s/\|/:</;
+		    $entry .= " $host>";
+		}
 	    }
 	}