2 files changed, 12 insertions, 7 deletions

diff --git a/src/conf_mode/container.py b/src/conf_mode/container.py
index 754742c37..79b605ffb 100755
--- a/src/conf_mode/container.py
+++ b/src/conf_mode/container.py
@@ -283,13 +283,13 @@ def generate_run_arguments(name, container_config):
             dport = container_config['port'][portmap]['destination']
             listen_addresses = container_config['port'][portmap].get('listen_address', [])
 
-        # If listen_addresses is not empty, include them in the publish command
-        if listen_addresses:
-            for listen_address in listen_addresses:
-                port += f' --publish {bracketize_ipv6(listen_address)}:{sport}:{dport}/{protocol}'
-        else:
-            # If listen_addresses is empty, just include the standard publish command
-            port += f' --publish {sport}:{dport}/{protocol}'
+            # If listen_addresses is not empty, include them in the publish command
+            if listen_addresses:
+                for listen_address in listen_addresses:
+                    port += f' --publish {bracketize_ipv6(listen_address)}:{sport}:{dport}/{protocol}'
+            else:
+                # If listen_addresses is empty, just include the standard publish command
+                port += f' --publish {sport}:{dport}/{protocol}'
 
     # Bind volume
     volume = ''
diff --git a/src/conf_mode/firewall.py b/src/conf_mode/firewall.py
index 62116358e..c86d1b555 100755
--- a/src/conf_mode/firewall.py
+++ b/src/conf_mode/firewall.py
@@ -258,6 +258,11 @@ def verify_rule(firewall, rule_conf, ipv6):
         if 'queue_threshold' in rule_conf['log_options'] and 'group' not in rule_conf['log_options']:
             raise ConfigError('log-options queue-threshold defined, but log group is not define')
 
+    for direction in ['inbound_interface','outbound_interface']:
+        if direction in rule_conf:
+            if 'interface_name' in rule_conf[direction] and 'interface_group' in rule_conf[direction]:
+                raise ConfigError(f'Cannot specify both interface-group and interface-name for {direction}')
+
 def verify_nested_group(group_name, group, groups, seen):
     if 'include' not in group:
         return