1)  On systems running Upstart, shorewall-init cannot reliably secure
    the firewall before interfaces are brought up.

2)  When INLINE_MATCHES=Yes and AUTOHELPERS=No, start or restart can
    fail during script execution with this diagnostic:

      Running /sbin/iptables-restore...
      Bad argument `helper=netbios-ns'
      Error occurred at line: 228
      Try `iptables-restore -h' or 'iptables-restore --help' for more
          information.
        ERROR: iptables-restore Failed. Input is in
               /var/lib/shorewall/.iptables-restore-input

    Corrected in Shorewall 4.6.1.2

3)  Use of the 'IfEvent' action results in a compilation failure:

      ERROR: -j is only allowed when the ACTION is INLINE with no
        parameter /usr/share/shorewall/action.IfEvent (line 139)
         from /etc/shorewall/action.SSHKnock (line 8)
         from /etc/shorewall/rules (line 31)

    Corrected in Shorewall 4.6.1.3.

4)  The DSCP match in the mangle and tcrles files doesn't work with
    service class names such as EF, BE, CS1, ...

    Corrected in Shorewall 4.6.1.4.

5)  The SAVE and RESTORE actions are disallowed in the OUTPUT chain in
    tcrules and mangle; this is a regression from 4.6.21.

    Corrected in Shorewall 4.6.1.4.

6)  There are issues installing under Cygwin64. 

    Workaround:

    - In the shorewall-core installation directory, copy
      shorewallrc.cygwin to shorewallrc and run install.sh.
    - Before installing Shorewall, 'mkdir /etc/shorewall'.
    - When running the Shorewall install.sh script, use this command:

      BUILD=cygwin ./install.sh