diff --git a/Shorewall/firewall b/Shorewall/firewall
index 4ab6c522e..f9d786401 100755
--- a/Shorewall/firewall
+++ b/Shorewall/firewall
@@ -2787,7 +2787,8 @@ add_common_rules() {
 	    logoptions="$LOGPARAMS --log-prefix Shorewall:badpkt:DROP:"
 	    logoptions="$logoptions --log-level $LOGUNCLEAN --log-ip-options"
 	    run_iptables -A badpkt -p tcp -j LOG $logoptions --log-tcp-options
-	    run_iptables -A badpkt -p !tcp -j LOG $logoptions
+	    run_iptables -A logpkt -p tcp -j DROP # Workaround for iptables 1.2.7
+	    run_iptables -A badpkt -j LOG $logoptions
 	fi
 
 	run_iptables -A badpkt -j DROP
@@ -2812,7 +2813,8 @@ add_common_rules() {
 	logoptions="$LOGPARAMS --log-prefix Shorewall:logpkt:LOG:"
 	logoptions="$logoptions --log-level $LOGUNCLEAN --log-ip-options"
 	run_iptables -A logpkt -p tcp -j LOG $logoptions --log-tcp-options
-	run_iptables -A logpkt -p !tcp -j LOG $logoptions
+	run_iptables -A logpkt -p tcp -j RETURN # Workaround for iptables 1.2.7
+	run_iptables -A logpkt -j LOG $logoptions
 
 	echo "Mangled/Invalid Packet Logging enabled on:"