Index: BOOK/postlfs/security/iptables.xml
===================================================================
--- BOOK/postlfs/security/iptables.xml	(revision 9594)
+++ BOOK/postlfs/security/iptables.xml	(working copy)
@@ -6,8 +6,8 @@
 
   <!ENTITY iptables-download-http "http://www.netfilter.org/projects/iptables/files/iptables-&iptables-version;.tar.bz2">
   <!ENTITY iptables-download-ftp  "ftp://ftp.netfilter.org/pub/iptables/iptables-&iptables-version;.tar.bz2">
-  <!ENTITY iptables-md5sum        "d3f145c2c91daecbb4251bc79390b46c">
-  <!ENTITY iptables-size          "480 KB">
+  <!ENTITY iptables-md5sum        "212112389c7f10c72efb31a4ed193a4c">
+  <!ENTITY iptables-size          "482 KB">
   <!ENTITY iptables-buildsize     "15 MB">
   <!ENTITY iptables-time          "0.2 SBU">
 ]>
@@ -105,10 +105,9 @@
 <screen><userinput>sed -i '/if_packet/i#define __aligned_u64 __u64 __attribute__((aligned(8)))' \
    extensions/libxt_pkttype.c &amp;&amp;
 ./configure --prefix=/usr     \
+            --exec-prefix=    \
             --bindir=/sbin    \
-            --sbindir=/sbin   \
-            --libdir=/lib     \
-            --libexecdir=/lib \
+            --with-xtlibdir=/lib/xtables \
             --with-pkgconfigdir=/usr/lib/pkgconfig &amp;&amp;
 make</userinput></screen>
 
@@ -129,13 +128,16 @@
     headers installed. It's not needed if you built LFS with an older
     kernel&apos;s headers, but in that case it does no harm.</para>
 
-    <para><parameter>--bindir=/sbin</parameter>,
-    <parameter>--sbindir=/sbin</parameter>:  Ensure all the executables go
+    <para><parameter>--exec-prefix=</parameter>: Ensure all binaries and
+    libraries end up in <filename class="directory">/</filename> directory
+    tree.</para>
+
+    <para><parameter>--bindir=/sbin</parameter>: Ensure all the executables go
     in <filename class="directory">/sbin</filename>.</para>
 
-    <para><parameter>--libdir=/lib</parameter>,
-    <parameter>--libexecdir=/lib</parameter>:  Ensure all the libraries are
-    in the <filename class="directory">/lib</filename> directory tree.</para>
+    <para><parameter>--with-xtlibdir=/lib/xtables</parameter>: Ensure all 
+    iptables modules are installed in the 
+    <filename class="directory">/lib/xtables</filename> directory.</para>
 
     <para><parameter>--with-pkgconfigdir=/usr/lib/pkgconfig</parameter>:
     Ensure all the pkgconfig files are in the standard location.</para>
@@ -177,12 +179,12 @@
       <segtitle>Installed Directories</segtitle>
 
       <seglistitem>
-        <seg>iptables, iptables-restore, iptables-save, iptables-xml,
-        iptables-multi, ip6tables, ip6tables-restore, ip6tables-save,
-        and ip6tables-multii</seg>
+        <seg>iptables, iptables-restore, iptables-save, iptables-xml, 
+        ip6tables, ip6tables-restore, ip6tables-save,
+        and xtables-multi</seg>
         <seg>libip4tc.so, libip6tc.so, libiptc.so, libxtables.so,
-        and numerous modules in /lib/xtables/</seg>
-        <seg>/lib/xtables/xtables and /usr/include/libiptc</seg>
+        and numerous modules in /lib/xtables</seg>
+        <seg>/lib/xtables, /usr/include/libiptc and /usr/share/xtables</seg>
       </seglistitem>
     </segmentedlist>
 
@@ -196,7 +198,7 @@
         <listitem>
           <para>is used to set up, maintain, and inspect the tables of
           IP packet filter rules in the Linux kernel.  It is a
-          symbolic link to iptables-multi.</para>
+          symbolic link to xtables-multi.</para>
           <indexterm zone="iptables iptables-prog">
             <primary sortas="b-iptables">iptables</primary>
           </indexterm>
@@ -209,7 +211,7 @@
           <para>is used to restore IP Tables from data
           specified on STDIN. Use I/O redirection provided by your
           shell to read from a file. It is a symbolic link to
-          iptables-multi.</para>
+          xtables-multi.</para>
           <indexterm zone="iptables iptables-restore">
             <primary sortas="b-iptables-restore">iptables-restore</primary>
           </indexterm>
@@ -222,7 +224,7 @@
           <para>is used to dump the contents of an IP Table
           in easily parseable format to STDOUT. Use I/O-redirection
           provided by your shell to write to a file. It is a symbolic link to
-          iptables-multi.</para>
+          xtables-multi.</para>
           <indexterm zone="iptables iptables-save">
             <primary sortas="b-iptables-save">iptables-save</primary>
           </indexterm>
@@ -236,7 +238,7 @@
           <command>iptables-save</command> to an XML format. Using the
           <filename>iptables.xslt</filename> stylesheet converts the XML
           back to the format of <command>iptables-restore</command>.
-          It is a symbolic link to iptables-multi.</para>
+          It is a symbolic link to xtables-multi.</para>
           <indexterm zone="iptables iptables-xml">
             <primary sortas="b-iptables-xml">iptables-xml</primary>
           </indexterm>
@@ -248,7 +250,7 @@
         <listitem>
           <para>are a set of commands for IPV6 that parallel the iptables
           commands above.  All of these commands are symbolic
-          links to ip6tables-multi.</para>
+          links to xtables-multi.</para>
           <indexterm zone="iptables ip6tables">
             <primary sortas="b-ip6tables">ip6tables</primary>
           </indexterm>
Index: BOOK/general.ent
===================================================================
--- BOOK/general.ent	(revision 9594)
+++ BOOK/general.ent	(working copy)
@@ -112,7 +112,7 @@
 <!ENTITY consolekit-version           "0.4.5">
 <!ENTITY cracklib-version             "2.8.18">
 <!ENTITY cyrus-sasl-version           "2.1.23">
-<!ENTITY iptables-version             "1.4.12">
+<!ENTITY iptables-version             "1.4.12.2">
 <!ENTITY gnupg-version                "1.4.11">
 <!ENTITY gnupg2-version               "2.0.18">
 <!ENTITY gpgme-version                "1.3.1">