Bugfix 8113: make negations work properly

2 files changed, 6 insertions, 2 deletions

diff --git a/lib/Vyatta/DstNatRule.pm b/lib/Vyatta/DstNatRule.pm
index b8145cc..627fc16 100644
--- a/lib/Vyatta/DstNatRule.pm
+++ b/lib/Vyatta/DstNatRule.pm
@@ -157,12 +157,14 @@ sub rule_str {
   
   if (defined($self->{_proto})) {
     my $str = $self->{_proto};
+    my $negate ="";
+    $negate = "!" if (m/^\!(.*)$/);
     $str =~ s/^\!(.*)$/ $1/;
     if ($str eq 'tcp_udp') {
       $tcp_and_udp = 1;
       $rule_str .= " -p tcp "; # we'll add the '-p udp' to 2nd rule later
     } else {
-      $rule_str .= " ! -p $str ";
+      $rule_str .= " $negate -p $str ";
     }
   }
 
diff --git a/lib/Vyatta/SrcNatRule.pm b/lib/Vyatta/SrcNatRule.pm
index 77bad83..1fdc383 100644
--- a/lib/Vyatta/SrcNatRule.pm
+++ b/lib/Vyatta/SrcNatRule.pm
@@ -176,12 +176,14 @@ sub rule_str {
 
     if (defined($self->{_proto})) {
       my $str = $self->{_proto};
+      my $negate ="";
+      $negate = "!" if (m/^\!(.*)$/);
       $str =~ s/^\!(.*)$/ $1/;
       if ($str eq 'tcp_udp') {
         $tcp_and_udp = 1;
         $rule_str .= " -p tcp "; # we'll add the '-p udp' to 2nd rule later
       } else {
-        $rule_str .= " ! -p $str ";
+        $rule_str .= " $negate -p $str ";
       }
     }