1)  On systems running Upstart, shorewall-init cannot reliably secure
    the firewall before interfaces are brought up.

2)  The CHECKSUM target in the tcrules and mangle files is broken and
    results in this error diagnostic:

      Running /sbin/iptables-restore...
      iptables-restore v1.4.7: CHECKSUM target: Parameter --checksum-fill is
                               required
      Error occurred at line: 41
      Try `iptables-restore -h' or 'iptables-restore --help' for more
         information.
      ERROR: iptables-restore Failed. Input is in
         /var/lib/shorewall/.iptables-restore-input

    Corrected in 4.6.0.1

3)  The 'update -A' command does not convert an existing tcrules file
    into the equivalent mangle file. A separate 'update -t' step is
    required.

    Corrected in 4.6.0.2

4)  The 'update 't' command results in a Perl segfault when run on
    RHEL5-based systems and the tcrules file contains '?FORMAT 2'

    Workaround: Replace '?FORMAT 2' by 'FORMAT 2'.

    Corrected in 4.6.0.2

5)  The 'shorewall[6] show filters' command does not display ingress
    (policing) filters.

    Corrected in 4.6.0.2

6)  The tarball installer fails on RHEL7 with

       ERROR: Unknown BUILD environment (rhel)

    Workaround:

	BUILD=redhat ./install.sh

    Corrected in 4.6.0.3.

7)  The /etc/shorewall6/nat file is ignored by the compiler, even if
    IPv6 NAT is supported by the kernel and ip6tables.

    Corrected in 4.6.0.3.

8)  The 'show filters' command shows no output when Simple TC is used
    and shows incomplete output when Complex TC is used.

    Corrected in 4.6.0.3.

9)  When the 'rpfilter' option is specified on all interfaces, no
    references to the 'dynamic' chain are created and that chain is
    optimized away.