From 946cf581b97905361339066c83aada28a699f645 Mon Sep 17 00:00:00 2001
From: Gustavo Lopes <glopes@nebm.ist.utl.pt>
Date: Fri, 26 Sep 2014 15:41:09 +0200
Subject: [PATCH] Support --sport/--dport on ip6tables

---
 lib/puppet/provider/firewall/ip6tables.rb  |  4 ++--
 spec/fixtures/ip6tables/conversion_hash.rb | 10 ++++++++++
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/lib/puppet/provider/firewall/ip6tables.rb b/lib/puppet/provider/firewall/ip6tables.rb
index e517519d4..d58b86d94 100644
--- a/lib/puppet/provider/firewall/ip6tables.rb
+++ b/lib/puppet/provider/firewall/ip6tables.rb
@@ -54,7 +54,7 @@ def self.iptables_save(*args)
     :connmark         => "-m connmark --mark",
     :ctstate          => "-m conntrack --ctstate",
     :destination      => "-d",
-    :dport            => "-m multiport --dports",
+    :dport            => ["-m multiport --dports", "--dport"],
     :gid              => "-m owner --gid-owner",
     :hop_limit        => "-m hl --hl-eq",
     :icmp             => "-m icmp6 --icmpv6-type",
@@ -81,7 +81,7 @@ def self.iptables_save(*args)
     :rsource          => "--rsource",
     :rttl             => "--rttl",
     :source           => "-s",
-    :sport            => "-m multiport --sports",
+    :sport            => ["-m multiport --sports", "--sport"],
     :stat_every       => '--every',
     :stat_mode        => "-m statistic --mode",
     :stat_packet      => '--packet',
diff --git a/spec/fixtures/ip6tables/conversion_hash.rb b/spec/fixtures/ip6tables/conversion_hash.rb
index 7c507d78b..d7523787f 100644
--- a/spec/fixtures/ip6tables/conversion_hash.rb
+++ b/spec/fixtures/ip6tables/conversion_hash.rb
@@ -24,6 +24,16 @@
       :destination => '2001:db8:4321::/48',
     },
   },
+  'udp_source_port_and_destination_port' => {
+    :line => '-A ufw6-before-input -s fe80::/10 -d fe80::/10 -p udp -m udp --sport 547 --dport 546 -j ACCEPT',
+    :table => 'filter',
+    :provider => 'ip6tables',
+    :params => {
+      :proto => 'udp',
+      :sport => ['547'],
+      :dport => ['546'],
+    },
+  }
 }
 
 # This hash is for testing converting a hash to an argument line.