summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/Vyatta/Conntrack/RuleIgnore.pm11
1 files changed, 9 insertions, 2 deletions
diff --git a/lib/Vyatta/Conntrack/RuleIgnore.pm b/lib/Vyatta/Conntrack/RuleIgnore.pm
index 30cd33d..55a2315 100644
--- a/lib/Vyatta/Conntrack/RuleIgnore.pm
+++ b/lib/Vyatta/Conntrack/RuleIgnore.pm
@@ -49,8 +49,15 @@ sub rule {
$rule .= " -p $self->{_protocol}";
}
}
-
- $rule .= " $srcrule $dstrule ";
+
+ # make sure multiport is always behind single port option
+ if ((grep /multiport/, $srcrule)) {
+ $rule .= " $dstrule $srcrule ";
+ } elsif ((grep /multiport/, $dstrule)) {
+ $rule .= " $srcrule $dstrule ";
+ } else {
+ $rule .= " $srcrule $dstrule ";
+ }
return $rule;
}