diff --git a/docs/Install.xml b/docs/Install.xml
index 865ee6cb9..195f1d5d6 100644
--- a/docs/Install.xml
+++ b/docs/Install.xml
@@ -500,15 +500,56 @@
+
+ VARLIB
+
+
+ Added in Shorewall 4.5.8. Directory where subsystem state
+ data is to be stored. Default is /var/lib.
+
+
+
VARDIR
- Directory where subsystem state data is to be stored.
- Default is /var/lib.
+ Shorewall 4.5.7 and earlier: Directory where subsystem
+ state data is to be stored. Default is /var/lib.
+
+ Shorewall 4.5.8 and later: Default is /var/lib/$PRODUCT.
+
+
+ From Shorewall 4.5.2 through 4.5.7, there were two
+ interpretations of VARDIR. In the shorewallrc file, it referred to
+ the directory where all Shorewall product state would be stored
+ (default /var/lib). But in the code
+ and in shorewall-vardir(5), it referred to the directory where an
+ individual products state would be stored (e.g., /var/lib/shorewall).
+
+ In Shorewall 4.5.8, the variable VARLIB was added to
+ shorewallrc. In that release, the shorewallrc files packaged with
+ the Shorewall products were changed to include these two
+ lines:
+
+
+ VARLIB=/var/lib
+
+
+ VARDIR defaults to '${VARLIB}/${PRODUCT}' if VARLIB is
+ specified and VARDIR isn't.
+
+ The consumers of shorewallrc were changed so that if there is
+ no VARLIB setting, then VARLIB is set to $VARDIR and $VARDIR is set
+ to ${VARLIB}/${PRODUCT}. This allows existing
+ shorewallrc files to be used unchanged.
+
@@ -552,7 +593,11 @@
sharedstatedir
- Alias for vardir.
+ Shorewall 4.5.2 - 4.5.7 Alias for vardir.
+
+ Shorewall 4.5.8 and later. Alias for varlib.
diff --git a/docs/configuration_file_basics.xml b/docs/configuration_file_basics.xml
index 1b46934b0..dc5ae4ba6 100644
--- a/docs/configuration_file_basics.xml
+++ b/docs/configuration_file_basics.xml
@@ -1168,6 +1168,8 @@ SHELL cat /etc/shorewall/rules.d/*.rules 2> /dev/null || trueVARDIR
+ VARLIB
+
VERBOSE
VERBOSE_OFFSET