From 032a16eb435da94b6e2582a50e411e5c5b125955 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Tue, 1 Nov 2016 11:28:19 -0700
Subject: [PATCH] Detect incorrect port-range separator in SNAT(...)

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall/Perl/Shorewall/Nat.pm   | 2 +-
 Shorewall/Perl/Shorewall/Rules.pm | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Shorewall/Perl/Shorewall/Nat.pm b/Shorewall/Perl/Shorewall/Nat.pm
index 9f45695f0..9dfb77e6e 100644
--- a/Shorewall/Perl/Shorewall/Nat.pm
+++ b/Shorewall/Perl/Shorewall/Nat.pm
@@ -280,7 +280,7 @@ sub process_one_masq1( $$$$$$$$$$$$ )
 			} elsif ( $family == F_IPV4 ) {
 			    if ( $addr =~ /^.*\..*\..*\./ ) {
 				$target = 'SNAT ';
-				my ($ipaddr, $rest) = split ':', $addr;
+				my ($ipaddr, $rest) = split ':', $addr, 2;
 				if ( $ipaddr =~ /^(.+)-(.+)$/ ) {
 				    validate_range( $1, $2 );
 				} else {
diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm
index 34afae4e7..6d43be5ab 100644
--- a/Shorewall/Perl/Shorewall/Rules.pm
+++ b/Shorewall/Perl/Shorewall/Rules.pm
@@ -5553,7 +5553,7 @@ sub process_snat1( $$$$$$$$$$$$ ) {
 			}
 		    } elsif ( $family == F_IPV4 ) {
 			if ( $addr =~ /^.*\..*\..*\./ ) {
-			    my ($ipaddr, $rest) = split ':', $addr;
+			    my ($ipaddr, $rest) = split ':', $addr, 2;
 			    if ( $ipaddr =~ /^(.+)-(.+)$/ ) {
 				validate_range( $1, $2 );
 			    } else {