diff -Naur -X /usr/local/bin/exclude.txt shorewall-shell-4.0.10/compiler shorewall-shell-4.0.11/compiler
--- shorewall-shell-4.0.10/compiler	2007-12-15 10:45:50.000000000 -0800
+++ shorewall-shell-4.0.11/compiler	2008-04-19 10:31:03.000000000 -0700
@@ -683,10 +683,12 @@
 	On|on|ON|Yes|yes|YES)
 	    save_progress_message "IP Forwarding Enabled"
 	    save_command "echo 1 > /proc/sys/net/ipv4/ip_forward"
+	    save_command ""
 	    ;;
 	Off|off|OFF|No|no|NO)
 	    save_progress_message "IP Forwarding Disabled!"
 	    save_command "echo 0 > /proc/sys/net/ipv4/ip_forward"
+	    save_command ""
 	    ;;
     esac
 }
@@ -3521,6 +3523,11 @@
 	run_iptables -A reject -s $address -j DROP
     done
 
+    #
+    # Don't respond to IGMP with an ICMP
+    #
+    run_iptables -A reject -p 2 -j DROP
+
     run_iptables -A reject -p tcp  -j REJECT --reject-with tcp-reset
     run_iptables -A reject -p udp  -j REJECT
     #
@@ -3937,8 +3944,6 @@
 	    run_iptables -t nat -A PREROUTING -i $interface -j UPnP
 	done
     fi
-
-    setup_forwarding
 }
 
 #
@@ -5632,6 +5637,7 @@
     fi
 
 __EOF__
+    setup_forwarding
     save_command "date > \${VARDIR}/restarted"
 
     append_file start
diff -Naur -X /usr/local/bin/exclude.txt shorewall-shell-4.0.10/install.sh shorewall-shell-4.0.11/install.sh
--- shorewall-shell-4.0.10/install.sh	2008-03-29 07:38:59.000000000 -0700
+++ shorewall-shell-4.0.11/install.sh	2008-05-19 14:38:20.000000000 -0700
@@ -22,7 +22,7 @@
 #       Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 #
 
-VERSION=4.0.10
+VERSION=4.0.11
 
 usage() # $1 = exit status
 {
diff -Naur -X /usr/local/bin/exclude.txt shorewall-shell-4.0.10/shorewall-shell.spec shorewall-shell-4.0.11/shorewall-shell.spec
--- shorewall-shell-4.0.10/shorewall-shell.spec	2008-03-29 07:38:59.000000000 -0700
+++ shorewall-shell-4.0.11/shorewall-shell.spec	2008-05-19 14:38:20.000000000 -0700
@@ -1,5 +1,5 @@
 %define name shorewall-shell
-%define version 4.0.10
+%define version 4.0.11
 %define release 0base
 
 Summary: Shoreline Firewall is an iptables-based firewall for Linux systems.
@@ -81,6 +81,8 @@
 %doc COPYING INSTALL 
 
 %changelog
+* Mon May 19 2008 Tom Eastep tom@shorewall.net
+- Updated to 4.0.11-0base
 * Sat Mar 29 2008 Tom Eastep tom@shorewall.net
 - Updated to 4.0.10-0base
 * Fri Feb 15 2008 Tom Eastep tom@shorewall.net