re-order src/dest rules if multiport used

author: Gaurav Sinha <gaurav.sinha@vyatta.com> 2012-09-10 15:26:25 -0700
committer: Gaurav Sinha <gaurav.sinha@vyatta.com> 2012-09-10 15:26:25 -0700
commit: 38e688a62f8a0e9c15e3af3d46b06ae31602b5e2 (patch)
tree: 1b007f8351a1af57d2210aeb262ecbf74a38ab0d
parent: 9ef3bacf8139c09bd0684f448e2dc1ec9216d897 (diff)
download: vyatta-conntrack-38e688a62f8a0e9c15e3af3d46b06ae31602b5e2.tar.gz
vyatta-conntrack-38e688a62f8a0e9c15e3af3d46b06ae31602b5e2.zip
1 files changed, 9 insertions, 2 deletions
diff --git a/lib/Vyatta/Conntrack/RuleIgnore.pm b/lib/Vyatta/Conntrack/RuleIgnore.pm
index 30cd33d..55a2315 100644
--- a/lib/Vyatta/Conntrack/RuleIgnore.pm
+++ b/lib/Vyatta/Conntrack/RuleIgnore.pm
@@ -49,8 +49,15 @@ sub rule {
       $rule .= " -p $self->{_protocol}";
     }
   }
-
-  $rule .= " $srcrule $dstrule ";
+ 
+  # make sure multiport is always behind single port option 
+  if ((grep /multiport/, $srcrule)) {
+    $rule .= " $dstrule $srcrule ";
+  } elsif ((grep /multiport/, $dstrule)) {
+    $rule .= " $srcrule $dstrule ";
+  } else {
+    $rule .= " $srcrule $dstrule ";
+   }
   return $rule;
 }
author	Gaurav Sinha <gaurav.sinha@vyatta.com>	2012-09-10 15:26:25 -0700
committer	Gaurav Sinha <gaurav.sinha@vyatta.com>	2012-09-10 15:26:25 -0700
commit	38e688a62f8a0e9c15e3af3d46b06ae31602b5e2 (patch)
tree	1b007f8351a1af57d2210aeb262ecbf74a38ab0d
parent	9ef3bacf8139c09bd0684f448e2dc1ec9216d897 (diff)
download	vyatta-conntrack-38e688a62f8a0e9c15e3af3d46b06ae31602b5e2.tar.gz vyatta-conntrack-38e688a62f8a0e9c15e3af3d46b06ae31602b5e2.zip