From 1ea92aa55869d047ea7878c046c57736da6a0385 Mon Sep 17 00:00:00 2001
From: Brielle Bruns <bruns@2mbit.com>
Date: Thu, 9 Apr 2020 09:50:52 -0600
Subject: [PATCH] Add multiport functionality test

---
 lib/iptables.inc | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/lib/iptables.inc b/lib/iptables.inc
index c27b387..eaa37b3 100644
--- a/lib/iptables.inc
+++ b/lib/iptables.inc
@@ -416,10 +416,20 @@ function enable_forwarding {
 			([[ ${syn} == "syn" ]] && [[ ${protocol} == "udp" ]]) && syn="-"
 			[[ ${syn} == "syn" ]] && syn="--syn"
 			[[ ${syn} == "notsyn" ]] && syn="! --syn"
-			[[ ${dstport} != "-" ]] && dstport="--dport ${dstport}"
-			[[ ${srcport} != "-" ]] && srcport="--sport ${srcport}"
-			([[ ${bidirectional} == "yes" ]] && [[ ${srcport} != "-" ]]) && revsrcport="--dport ${srcport}"
-			([[ ${bidirectional} == "yes" ]] && [[ ${dstport} != "-" ]]) && revdstport="--sport ${dstport}"
+			dstmultiport="no"
+			srcmultiport="no"
+			[[ ${dstport} =~ "," ]] && dstmultiport="yes"
+			[[ ${srcport} =~ "," ]] && srcmultiport="yes"
+			([[ ${dstport} != "-" ]] && [[ ${dstmultiport} != "yes" ]]) && dstport="--dport ${dstport}"
+			([[ ${srcport} != "-" ]] && [[ ${srcmultiport} != "yes" ]]) && srcport="--dport ${srcport}"
+			([[ ${dstport} != "-" ]] && [[ ${dstmultiport} == "yes" ]]) && dstport="-m multiport --dports ${dstport}"
+			([[ ${srcport} != "-" ]] && [[ ${srcmultiport} == "yes" ]]) && srcport="-m multiport --dports ${srcport}"
+			([[ ${bidirectional} == "yes" ]] && [[ ${srcport} != "-" ]]) && revsrcport=${srcport/sport/dport}
+			([[ ${bidirectional} == "yes" ]] && [[ ${dstport} != "-" ]]) && revdstport=${dstport/dport/sport}
+			#[[ ${dstport} != "-" ]] && dstport="--dport ${dstport}"
+			#[[ ${srcport} != "-" ]] && srcport="--sport ${srcport}"
+			#([[ ${bidirectional} == "yes" ]] && [[ ${srcport} != "-" ]]) && revsrcport="--dport ${srcport}"
+			#([[ ${bidirectional} == "yes" ]] && [[ ${dstport} != "-" ]]) && revdstport="--sport ${dstport}"
 			[[ ${protocol} != "-" ]] && protocol="-p ${protocol}"
 			
 			${debug} ${DebugColor} "${FUNCNAME}:${DEFAULT_COLOR}${action} ${srcinterface} ${srcaddress} ${dstinterface} ${dstaddress} ${bidirectional} ${srcport} ${dstport} ${protocol} ${syn} ${state}"