Fix MULTIPORT port forwarding

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@101 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall/firewall

@@ -1378,7 +1378,7 @@ delete_tc()
 #    dports         = Destination Port Specification. 'dports' may be changed  #
 #                     by this function                                         #
 #    cport          = Source Port Specification                                #
-#    multioption    = String to invoke multiport match if appropriate          #  
+#    multiport      = String to invoke multiport match if appropriate          #  
 ################################################################################
 add_nat_rule() {
     local chain
@@ -1423,7 +1423,7 @@ add_nat_rule() {
 
     if [ "$source" = "$FW" ]; then
 	run_iptables -t nat -A OUTPUT $proto $sports $addr \
-	    $dports -j $target1
+	    $multiport $dports -j $target1
     else
 	chain=$source
 	    
@@ -1436,13 +1436,13 @@ add_nat_rule() {
 		eval hosts=\$${z}_hosts
 		for host in $hosts; do
 		    addnatrule $chain $proto -s ${host#*:} \
-			$sports $addr $dports -j RETURN
+			$multiport $sports $addr $dports -j RETURN
 		done
 	    done
 	fi
 
 	addnatrule $chain $proto $cli $sports \
-	    $addr $dports -j $target1
+	    $multiport $addr $dports -j $target1
     fi
 
     # Replace destination port by the new destination port
@@ -1453,12 +1453,12 @@ add_nat_rule() {
 
     if [ -n "$snat" ]; then
 	if [ -n "$cli" ]; then
-	    run_iptables -t nat -A POSTROUTING $proto $cli \
+	    run_iptables -t nat -A POSTROUTING $proto $cli $multiport \
 		$sports -d $serv $dports -j SNAT --to-source $snat
 	else
 	    for source_host in $source_hosts; do
 		run_iptables -t nat -A POSTROUTING \
-		    -s ${source_host#*:} $proto $sports \
+		    -s ${source_host#*:} $proto $sports $multiport \
 		    -d $serv $dports -j SNAT --to-source $snat
 	    done
 	fi