diff options
-rw-r--r-- | debian/changelog | 6 | ||||
-rw-r--r-- | lib/Vyatta/DstNatRule.pm | 4 | ||||
-rw-r--r-- | lib/Vyatta/SrcNatRule.pm | 6 |
3 files changed, 11 insertions, 5 deletions
diff --git a/debian/changelog b/debian/changelog index c1bb390..53ab0f0 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vyatta-nat (0.12.35) unstable; urgency=low + + * use negation before -p <protocol> as per new iptables upgrade + + -- Gaurav Sinha <gaurav.sinha@vyatta.com> Fri, 13 Apr 2012 16:45:58 -0700 + vyatta-nat (0.12.34) unstable; urgency=low * new branch diff --git a/lib/Vyatta/DstNatRule.pm b/lib/Vyatta/DstNatRule.pm index 222010f..b8145cc 100644 --- a/lib/Vyatta/DstNatRule.pm +++ b/lib/Vyatta/DstNatRule.pm @@ -157,12 +157,12 @@ sub rule_str { if (defined($self->{_proto})) { my $str = $self->{_proto}; - $str =~ s/^\!(.*)$/! $1/; + $str =~ s/^\!(.*)$/ $1/; if ($str eq 'tcp_udp') { $tcp_and_udp = 1; $rule_str .= " -p tcp "; # we'll add the '-p udp' to 2nd rule later } else { - $rule_str .= " -p $str "; + $rule_str .= " ! -p $str "; } } diff --git a/lib/Vyatta/SrcNatRule.pm b/lib/Vyatta/SrcNatRule.pm index 6e759d2..77bad83 100644 --- a/lib/Vyatta/SrcNatRule.pm +++ b/lib/Vyatta/SrcNatRule.pm @@ -176,12 +176,12 @@ sub rule_str { if (defined($self->{_proto})) { my $str = $self->{_proto}; - $str =~ s/^\!(.*)$/! $1/; + $str =~ s/^\!(.*)$/ $1/; if ($str eq 'tcp_udp') { $tcp_and_udp = 1; - $rule_str .= " -p tcp"; # we'll add the '-p udp' to 2nd rule later + $rule_str .= " -p tcp "; # we'll add the '-p udp' to 2nd rule later } else { - $rule_str .= " -p $str"; + $rule_str .= " ! -p $str "; } } |