Handle port numbers being passed to one of the tcp-specific actions

Signed-off-by: Tom Eastep <teastep@shorewall.net>

Shorewall/Perl/Shorewall/Chains.pm

@@ -748,6 +748,15 @@ sub set_rule_option( $$$ ) {
 	} elsif ( $opttype == EXCLUSIVE ) {
 	    $ruleref->{$option} .= ",$value";
 	} elsif ( $opttype == UNIQUE ) {
+	    #
+	    # Shorewall::Rules::perl_action_tcp_helper() can produce rules that have two -p specifications.
+	    # The first will have a modifier like '! --syn' while the second will not.  We want to retain
+	    # the first while 
+	    if ( $option eq 'p' ) {
+		my ( $proto ) = split( ' ', $ruleref->{p} );
+		return if $proto eq $value;
+	    }
+
 	    fatal_error "Multiple $option settings in one rule is prohibited";
 	} else {
 	    assert(0, $opttype );

Shorewall/Perl/Shorewall/Rules.pm

@@ -2786,7 +2786,7 @@ sub perl_action_tcp_helper($$) {
 				     merge_target( $ref, $target ),
 				     '',
 				     @columns[0,1],
-				     '-',
+				     6,
 				     @columns[3..LAST_COLUMN]
 				   );
 	} else {