From 10c1ad245a3df5b9cf9cb29d76d0d3805578bff4 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Tue, 1 Nov 2016 12:59:44 -0700
Subject: [PATCH] Handle omitted port[-range] in SNAT correctly.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall/Perl/Shorewall/Nat.pm   | 2 +-
 Shorewall/Perl/Shorewall/Rules.pm | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Shorewall/Perl/Shorewall/Nat.pm b/Shorewall/Perl/Shorewall/Nat.pm
index 9dfb77e6e..ad1cfdf73 100644
--- a/Shorewall/Perl/Shorewall/Nat.pm
+++ b/Shorewall/Perl/Shorewall/Nat.pm
@@ -287,7 +287,7 @@ sub process_one_masq1( $$$$$$$$$$$$ )
 				    validate_address $ipaddr, 0;
 				}
 				validate_portpair1( $proto, $rest ) if supplied $rest;
-				$addrlist .= "--to-source $addr ";
+				$addrlist .= "--to-source $ipaddr ";
 				$exceptionrule = do_proto( $proto, '', '' ) if $addr =~ /:/;
 			    } else {
 				my $ports = $addr;
diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm
index 6d43be5ab..cb4079620 100644
--- a/Shorewall/Perl/Shorewall/Rules.pm
+++ b/Shorewall/Perl/Shorewall/Rules.pm
@@ -5560,7 +5560,7 @@ sub process_snat1( $$$$$$$$$$$$ ) {
 				validate_address $ipaddr, 0;
 			    }
 			    validate_portpair1( $proto, $rest ) if supplied $rest;
-			    $addrlist .= " --to-source $addr";
+			    $addrlist .= " --to-source $ipaddr";
 			    $exceptionrule = do_proto( $proto, '', '' ) if $addr =~ /:/;
 			} else {
 			    my $ports = $addr;