Thomas Bullinger
    - Contributed patches for the --no-jumps option
    - Wrote the makefwsnort.sh script to download the latest stable snort
      rules.
    - Bugfix for correct IP protocol number.
    - Bugfix for missed --ipt-script option.
    - Suggested the ability to specify multiple sid's with the --snort-sids
      option.

Paul O'Neil
    - Discovered missed DMZ interface code bug.

Ahmad Almulhem
    - Suggested --ipt-tos and --ipt-mark options
    - Suggested ability to manually specify interface networks instead of
      automatically parsing the output of ifconfig.  This allows fwsnort to be
      run on a system where no IP is assigned to an interface such as a linux
      box that is acting as a bridge.

Hank Leininger
    - Suggested the combination of the QUEUE target and string matching as a
      way to speed up inline Snort implementations.  This suggestion was made
      at a talk I gave about Linux Firewalls at ShmooCon 2007, and the
      --NFQUEUE and --QUEUE command line arguements were the result.

Grant Ferley
    - Submitted patch to exclude loopback interfaces from iptables allow rules
      parsing.  This behavior can be reversed with the existing
      --no-exclude-loopback command line argument.
    - Submitted patch to IPTables::Parse to take into account iptables policy
      output that contains "0" instead of "all" to represent any protocol.
    - Suggested bugfix to allow negated networks to be specified within
      iptables allow rules or within the fwsnort.conf file.

Franck Joncourt
    - Submitted patch to fix double dash format in fwsnort man page.
    - Architected the process of packaging fwsnort (and the other Cipherdyne
      projects) for the Debian Linux distribution.
    - Submitted fwsnort documentation fixes for the ChangeLog and fwsnort man
      page.
    - Suggested creating the Snort rules directory if it doesn't already exist
      when downloading the rules from Emerging Threats.
    - Submitted patch for the MAX_STRING_LEN protection around iptables string
      match arguments.
    - Submitted patch for fwsnort to use the "! <option> <arg>" syntax instead
      of the older "<option> ! <arg>" for the iptables command line.

Justin B Rye
    - Suggested wording updates for the fwsnort(8) man page in support of the
      Debian package for fwsnort.

D T
    - Asked about whether fwsnort could be updated to apply to IPv6 traffic
      on the fwsnort mailing list.

Guillermo Gomez
    - Suggested a default logging location of /var/log/fwsnort/fwsnort.log
      instead of /var/log/fwsnort.log.  The result was the addition of the
      LOG_DIR and associated variables in the fwsnort.conf file.

Andy Rowland
    - Found a bug where fwsnort would attempt to use an invalid URL when
      updating the Emerging Threats rule set via --update-rules.

Yves Pagani
    - Found a bug where fwnsort could build iptables --log-prefix strings that
      are longer than the underlying iptables firewall would allow.

Kim Hagen
    - Submitted a patch for a bug in fwsnort-1.6 where the fwsnort policy in
      iptables-save format could not be loaded whenever iptables-save put the
      nat table output after the filter table output.  In this case, fwsnort
      would fail with an error like the following (fixed in fwsnort-1.6.1):

        Couldn't load target
        `FWSNORT_FORWARD_ESTAB':/lib/xtables/libipt_FWSNORT_FORWARD_ESTAB.so:
        cannot open shared object file: No such file or directory