Document fix for mis-configured ipsec host group on a bridge

Shorewall/changelog.txt

@@ -1,3 +1,7 @@
+Changes in Shorewall 4.4.18.2
+
+1)  Handle mis-configured ipsec host group on a bridge.
+
 Changes in Shorewall 4.4.18.1
 
 1)  Fix params processing bug.

Shorewall/known_problems.txt

@@ -24,3 +24,15 @@
     run-time error occurs.
 
     Corrected in Shorewall 4.4.18.1
+
+5)  If a bridge interface has subordinate ports defined in
+    /etc/shorewall/interface, then an ipsec entry (either ipsec zone or
+    the 'ipsec' option specified) in /etc/shorewall/hosts results in
+    the compiler generating an incorrect Netfilter configuration.
+
+    Workaround: Change the hosts entry to specify one of the bridge
+    ports. If the specified network spans more than one port, then
+    replicate for each port.
+
+    Will be corrected in Shorewall 4.4.18.2 or 4.4.19, whichever occurs
+    first.

Shorewall/releasenotes.txt

@@ -1,5 +1,5 @@
 ----------------------------------------------------------------------------
-                     S H O R E W A L L  4 . 4 . 1 8 . 1
+                     S H O R E W A L L  4 . 4 . 1 8 . 2
 ----------------------------------------------------------------------------
 
 I.    PROBLEMS CORRECTED IN THIS RELEASE
@@ -13,6 +13,13 @@ VI.   PROBLEMS CORRECTED AND NEW FEATURES IN PRIOR RELEASES
   I.  P R O B L E M S   C O R R E C T E D   I N   T H I S  R E L E A S E
 ----------------------------------------------------------------------------
 
+4.4.18.2
+
+1)  If a bridge interface had subordinate ports defined in
+    /etc/shorewall/interface, then an ipsec entry (either ipsec zone or
+    the 'ipsec' option specified) in /etc/shorewall/hosts resulted in
+    the compiler generating an incorrect Netfilter configuration.
+
 4.4.18.1
 
 1)  An issue with params processing on RHEL6 has been corrected. The