diff --git a/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml b/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml
index 088ce6deb7..59bbec4b28 100644
--- a/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml
@@ -1697,6 +1697,14 @@ block drop out quick on $ext_if from any to $martians</programlisting>
 
       <screen>&prompt.root; <userinput>sysrc firewall_logging="YES"</userinput></screen>
 
+      <warning>
+	<para>Only firewall rules with the <option>log</option> option will
+	  be logged.  The default rules do not include this option and it
+	  must be manually added.  Therefor it is advisable that the default
+	  ruleset is edited for logging.  In addition, log rotation may be
+	  desired if the logs are stored in a separate file.</para>
+      </warning>
+
       <para>There is no <filename>/etc/rc.conf</filename> variable to
 	set logging limits.  To limit the number of times a rule is
 	logged per connection attempt, specify the number using this