diff --git a/docs/FAQ.xml b/docs/FAQ.xml
index cdbcbb8af..d91bd663f 100644
--- a/docs/FAQ.xml
+++ b/docs/FAQ.xml
@@ -247,7 +247,7 @@ DNAT net:address loc:local-IP-address
You are trying to test from inside your firewall (no, that
- won't work -- see ).
+ won't work -- see ).
@@ -2204,6 +2204,35 @@ gateway:~#
tool when you installed Shorewall. Look for a service called 'iptables'
that is being started after Shorewall and disable it.
+
+
+ (FAQ 101) How can I speed up 'shorewall start' and 'shorewall
+ restart' on my slow hardware?
+
+ Answer: There are several steps
+ that you can take:
+
+
+
+ If your kernel supports module autoloading (and distribution
+ default kernels almost always do), then set LOAD_HELPERS_ONLY=Yes in
+ shorewall.conf.
+
+
+
+ Set AUTOMAKE=Yes in shorewall.conf. This will avoid the
+ compilation phase in cases where the configuration has not changed
+ since the last time that the configuration was compiled.
+
+
+
+ Don't set optimization option 8. For example, if you currently
+ set OPTIMIZE=31, then change that to OPTIMIZE=23. Optimization
+ option 8 combines identical chains which can result in a smaller
+ ruleset, but it slows down the compilation of large rulesets.
+
+
+
@@ -2922,7 +2951,7 @@ Shorewall has detected the following iptables/netfilter capabilities:
Persistent SNAT: Available
gateway:~#
-
+