From 0133c163fcd5b8772a013372d7ea1d0d7f0f9026 Mon Sep 17 00:00:00 2001
From: Gaurav Sinha <gaurav.sinha@vyatta.com>
Date: Fri, 13 Apr 2012 16:42:23 -0700
Subject: use negation before -p <protocol> as per new iptables upgrade

---
 lib/Vyatta/DstNatRule.pm | 6 +++---
 lib/Vyatta/SrcNatRule.pm | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/lib/Vyatta/DstNatRule.pm b/lib/Vyatta/DstNatRule.pm
index e95cc7b..7b80432 100644
--- a/lib/Vyatta/DstNatRule.pm
+++ b/lib/Vyatta/DstNatRule.pm
@@ -157,12 +157,12 @@ sub rule_str {
   
   if (defined($self->{_proto})) {
     my $str = $self->{_proto};
-    $str =~ s/^\!(.*)$/! $1/;
+    $str =~ s/^\!(.*)$/ $1/;
     if ($str eq 'tcp_udp') {
       $tcp_and_udp = 1;
-      $rule_str .= " -p tcp"; # we'll add the '-p udp' to 2nd rule later
+      $rule_str .= " -p tcp "; # we'll add the '-p udp' to 2nd rule later
     } else {
-      $rule_str .= " -p $str";
+      $rule_str .= " ! -p $str ";
     }
   }
 
diff --git a/lib/Vyatta/SrcNatRule.pm b/lib/Vyatta/SrcNatRule.pm
index 6e759d2..77bad83 100644
--- a/lib/Vyatta/SrcNatRule.pm
+++ b/lib/Vyatta/SrcNatRule.pm
@@ -176,12 +176,12 @@ sub rule_str {
 
     if (defined($self->{_proto})) {
       my $str = $self->{_proto};
-      $str =~ s/^\!(.*)$/! $1/;
+      $str =~ s/^\!(.*)$/ $1/;
       if ($str eq 'tcp_udp') {
         $tcp_and_udp = 1;
-        $rule_str .= " -p tcp"; # we'll add the '-p udp' to 2nd rule later
+        $rule_str .= " -p tcp "; # we'll add the '-p udp' to 2nd rule later
       } else {
-        $rule_str .= " -p $str";
+        $rule_str .= " ! -p $str ";
       }
     }
 
-- 
cgit v1.2.3