diff --git a/STABLE/common.def b/STABLE/common.def
index 7cf8676d7..ef0b4a554 100644
--- a/STABLE/common.def
+++ b/STABLE/common.def
@@ -16,10 +16,10 @@ run_iptables -A common -p icmp -j icmpdef
 ############################################################################
 # NETBIOS chatter
 #
-run_iptables -A common -p udp --dport 137:139     -j REJECT
-run_iptables -A common -p udp --dport 445         -j REJECT
-run_iptables -A common -p tcp --dport 139         -j REJECT
-run_iptables -A common -p tcp --dport 445         -j REJECT
+run_iptables -A common -p udp --dport 137:139     -j reject
+run_iptables -A common -p udp --dport 445         -j reject
+run_iptables -A common -p tcp --dport 139         -j reject
+run_iptables -A common -p tcp --dport 445         -j reject
 run_iptables -A common -p tcp --dport 135	  -j reject
 ############################################################################
 # UPnP
diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt
index 803e76cd6..71da9ee4e 100755
--- a/Shorewall/changelog.txt
+++ b/Shorewall/changelog.txt
@@ -5,3 +5,5 @@ Changes since 1.4.1
 
 2. Create an intermediate chain for input from zones defined in terms
    of specific hosts or networks.
+
+3. Fixed common.def to use 'reject' rather than 'REJECT'.
diff --git a/Shorewall/common.def b/Shorewall/common.def
index 7cf8676d7..ef0b4a554 100644
--- a/Shorewall/common.def
+++ b/Shorewall/common.def
@@ -16,10 +16,10 @@ run_iptables -A common -p icmp -j icmpdef
 ############################################################################
 # NETBIOS chatter
 #
-run_iptables -A common -p udp --dport 137:139     -j REJECT
-run_iptables -A common -p udp --dport 445         -j REJECT
-run_iptables -A common -p tcp --dport 139         -j REJECT
-run_iptables -A common -p tcp --dport 445         -j REJECT
+run_iptables -A common -p udp --dport 137:139     -j reject
+run_iptables -A common -p udp --dport 445         -j reject
+run_iptables -A common -p tcp --dport 139         -j reject
+run_iptables -A common -p tcp --dport 445         -j reject
 run_iptables -A common -p tcp --dport 135	  -j reject
 ############################################################################
 # UPnP
diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt
index 523dd7323..740fad139 100755
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@@ -1,8 +1,14 @@
 This is a minor release of Shorewall.
 
-Changes are:
+Problems Corrected:
 
-a) Where an entry in the/etc/shorewall/hosts file specifies a
+1) TCP connection requests rejected out of the common chain are now
+   properly rejected with TCP RST; previously, some of these requests
+   were rejeced with an ICMP port-unreachable response.
+
+New Features:
+
+1) Where an entry in the/etc/shorewall/hosts file specifies a
    particular host or network, Shorewall now creates an intermediate
    chain for handling input from the related zone. This can
    substantially reduce the number of rules traversed by connections