diff --git a/Shorewall2/changelog.txt b/Shorewall2/changelog.txt
index 85b6e3288..eb50123f0 100644
--- a/Shorewall2/changelog.txt
+++ b/Shorewall2/changelog.txt
@@ -117,4 +117,7 @@ Changes since 2.0.3
 
 56) Fix typo in check_config()
 
-27) Allow outgoing NTP responses in action.AllowNTP.
+57) Allow outgoing NTP responses in action.AllowNTP.
+
+58) Clarification of the 'ipsec' hosts file option.
+
diff --git a/Shorewall2/hosts b/Shorewall2/hosts
index d26d2694a..d4ee3df13 100644
--- a/Shorewall2/hosts
+++ b/Shorewall2/hosts
@@ -129,7 +129,11 @@
 #				       NEWNOTSYN=Yes.
 #
 #			ipsec        - The zone is accessed via a
-#				       kernel 2.6 ipsec SA.
+#				       kernel 2.6 ipsec SA. Note that if the
+#				       zone named in the ZONE column is 
+#				       specified as an IPSEC zone in the
+#				       /etc/shorewall/ipsec file then you do NOT
+#				       need to specify the 'ipsec' option here.
 #
 #ZONE		HOST(S)				OPTIONS
 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS LINE -- DO NOT REMOVE
diff --git a/Shorewall2/releasenotes.txt b/Shorewall2/releasenotes.txt
index 65253b33f..ec3f0162c 100755
--- a/Shorewall2/releasenotes.txt
+++ b/Shorewall2/releasenotes.txt
@@ -1,4 +1,4 @@
-Shorewall 2.2.0-Beta1
+Shorewall 2.2.0-Beta2
 
 ----------------------------------------------------------------------
 Problems Corrected since 2.0.3
@@ -103,7 +103,12 @@ Problems corrected since 2.2.0 Beta 1.
            check_dupliate_zones: command not found
 	   
 2)  The AllowNTP standard action now allows outgoing responses to 
-    broadcasts.	   
+    broadcasts.
+    
+3)  A clarification has been added to the hosts file's description of
+    the 'ipsec' option pointing out that the option is redundent if the
+    zone named in the ZONE column has been designated an IPSEC zone in
+    the /etc/shorewall/ipsec file.	   
 
 -----------------------------------------------------------------------
 Issues when migrating from Shorewall 2.0 to Shorewall 2.1: