diff --git a/Shorewall/Perl/Shorewall/Providers.pm b/Shorewall/Perl/Shorewall/Providers.pm
index 3fc04f090..e6d625553 100644
--- a/Shorewall/Perl/Shorewall/Providers.pm
+++ b/Shorewall/Perl/Shorewall/Providers.pm
@@ -404,6 +404,11 @@ sub process_a_provider( $ ) {
     my $physical    = get_physical $interface;
     my $gatewaycase = '';
 
+    if ( $physical =~ /\+$/ ) {
+	return 0 if $pseudo;
+	fatal_error "Wildcard interfaces ($physical) may not be used as provider interfaces";
+    }
+
     if ( $gateway eq 'detect' ) {
 	fatal_error "Configuring multiple providers through one interface requires an explicit gateway" if $shared;
 	$gateway = get_interface_gateway $interface;
@@ -600,6 +605,8 @@ sub process_a_provider( $ ) {
     push @providers, $table;
 
     progress_message "   Provider \"$currentline\" $done" unless $pseudo;
+
+    return 1;
 }
 
 #
@@ -1255,7 +1262,7 @@ sub process_providers( $ ) {
 
     if ( my $fn = open_file 'providers' ) {
 	first_entry "$doing $fn...";
-	process_a_provider(0), $providers++ while read_a_line( NORMAL_READ );
+	$providers += process_a_provider(0) while read_a_line( NORMAL_READ );
     }
     #
     # Treat optional interfaces as pseudo-providers
@@ -1265,7 +1272,7 @@ sub process_providers( $ ) {
 	#               TABLE NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS COPY
 	$currentline = "$_    0      -    -         $_        -       -       -";
 	#
-	process_a_provider(1), $pseudoproviders++;
+	$pseudoproviders += process_a_provider(1);
     }
 
     if ( $providers ) {