From f4fb099047e908f741ef50ccc694980e448bc313 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Mon, 21 Jun 2010 13:41:37 -0700
Subject: [PATCH] Update release docs with shorewall-init start priority

---
 Shorewall/changelog.txt      | 4 ++++
 Shorewall/known_problems.txt | 7 +++++++
 Shorewall/releasenotes.txt   | 7 ++++++-
 3 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt
index 0662bb3a5..e49ca1bed 100644
--- a/Shorewall/changelog.txt
+++ b/Shorewall/changelog.txt
@@ -1,5 +1,9 @@
 Changes in Shorewall 4.4.10.1
 
+1)  Fix start priority of shorewall-init on Debian
+
+Changes in Shorewall 4.4.10.1
+
 1)  Apply patch from Gabriel.
 
 2)  Fix IPSET match detection when a pathname is specified for IPSET.
diff --git a/Shorewall/known_problems.txt b/Shorewall/known_problems.txt
index 49ec70a20..141754949 100644
--- a/Shorewall/known_problems.txt
+++ b/Shorewall/known_problems.txt
@@ -19,3 +19,10 @@
     Fixed in Shorewall 4.4.10.1. After installing this fix, if you 
     executed the above command to work around the problem, we recommend
     that you remove /etc/shorewall/capabilities.
+
+3)  On Debian and derivatives, shorewall-init is starting too late.
+
+    To work around this issue, at a root prompt:
+
+       cd /etc/rcS.d
+       mv S38shorewall-init S08shorewall-init
diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt
index 414b51033..80ecc01bb 100644
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@@ -1,5 +1,5 @@
 ----------------------------------------------------------------------------
-                      S H O R E W A L L  4 . 4 . 1 0
+                     S H O R E W A L L  4 . 4 . 1 0 . 2
 ----------------------------------------------------------------------------
 
 I.    RELEASE 4.4 HIGHLIGHTS
@@ -220,6 +220,11 @@ I I I.  P R O B L E M S   C O R R E C T E D   I N   T H I S  R E L E A S E
 
 4.4.10.1
 
+1)  The start priority of shorewall-init on Debian and Debian-based
+    distributions was previously too low, making it start too late.
+
+4.4.10.1
+
 1)  The IPv6 allowBcast action generated an invalid rule.
 
 2)  If IPSET=<pathname> was specified in shorewall.conf, then when an