1)  On systems running Upstart, shorewall-init cannot reliably secure
    the firewall before interfaces are brought up.

2)  The 'enable', 'reenable' and 'disable' commands do not work
    correctly in configurations with USE_DEFAULT_RT=No and optional
    providers listed in the DUPLICATE column.

3)  There is a typo in the BLACKLIST_DEFAULT settings in the IPv6
    sample config files.

    The settings end with:

    	"...dropInvalid:$LOG_LEVEL:DropDNSrep:$LOG_LEVEL"

    when they should end with:

        "...dropInvalid:$LOG_LEVEL,DropDNSrep:$LOG_LEVEL"

    Workaround: Edit /etc/shorewall6/shorewall6.conf and
                make the correction.

    Corrected in Shorewall 5.1.3.1.

4)  The two-interface sample snat file contains a typo; 192.16.0.0/16
    was inadvertently entered as 92.16.0.0/16.

    Corrected in Shorewall 5.1.3.1.

5)  In the policy file, all+ is incorrectly processed the same as all.

    Corrected in Shorewall 5.1.3.1.
