Merge pull request #9 from mtudosoiu/current

Task T35 change to solve port-group issue

2 files changed, 4 insertions, 2 deletions

diff --git a/lib/Vyatta/IpTables/IpSet.pm b/lib/Vyatta/IpTables/IpSet.pm
index cee7935..ba5e68d 100755
--- a/lib/Vyatta/IpTables/IpSet.pm
+++ b/lib/Vyatta/IpTables/IpSet.pm
@@ -190,11 +190,13 @@ sub create {
     my $ipset_param = $grouptype_hash{$self->{_type}};
     return "Error: invalid group type\n" if !defined $ipset_param;
 
+    my $cmd = "ipset -N $self->{_name} $ipset_param family $self->{_family}";
+
     if ($self->{_type} eq 'port') {
         $ipset_param .= ' --from 1 --to 65535';
+        $cmd = "ipset -N $self->{_name} $ipset_param";
     }
 
-    my $cmd = "ipset -N $self->{_name} $ipset_param family $self->{_family}";
     my $rc = $self->run_cmd($cmd);
     return "Error: call to ipset failed [$rc]" if $rc;
     return; # undef
diff --git a/templates/firewall/group/port-group/node.def b/templates/firewall/group/port-group/node.def
index 1484be2..729165f 100644
--- a/templates/firewall/group/port-group/node.def
+++ b/templates/firewall/group/port-group/node.def
@@ -16,6 +16,6 @@ syntax:expression: pattern $VAR(@) "^[^|;&$<>]*$" ; \
        "Firewall group name cannot contain shell punctuation"
 
 end: if sudo /opt/vyatta/sbin/vyatta-ipset.pl --action=update-set \
-        --set-name="$VAR(@)" --set-type=port; then
+        --set-name="$VAR(@)" --set-type=port --set-family=inet; then
         ${vyatta_sbindir}/vyatta-firewall-trap.pl --level="firewall group port-group $VAR(@)"
      fi