diff --git a/lib/iptables.inc b/lib/iptables.inc
index 9f34fb4..08b06fb 100644
--- a/lib/iptables.inc
+++ b/lib/iptables.inc
@@ -355,8 +355,8 @@ function enable_filtering {
 			
 			dstmultiport="no"
 			srcmultiport="no"
-			[[ ${dstport} =~ (-|:|,) ]] && dstmultiport="yes"
-			[[ ${srcport} =~ (-|:|,) ]] && srcmultiport="yes"
+			([[ ${dstport} != "-" ]] && [[ ${dstport} =~ (-|:|,) ]]) && dstmultiport="yes"
+			([[ ${srcport} != "-" ]] && [[ ${srcport} =~ (-|:|,) ]]) && srcmultiport="yes"
 			([[ ${dstport} != "-" ]] && [[ ${dstmultiport} != "yes" ]]) && dstport="--dport ${dstport}"
 			([[ ${srcport} != "-" ]] && [[ ${srcmultiport} != "yes" ]]) && srcport="--dport ${srcport}"
 			([[ ${dstport} != "-" ]] && [[ ${dstmultiport} == "yes" ]]) && dstport="-m multiport --dports ${dstport}"
@@ -427,8 +427,8 @@ function enable_forwarding {
 			[[ ${syn} == "notsyn" ]] && syn="! --syn"
 			dstmultiport="no"
 			srcmultiport="no"
-			[[ ${dstport} =~ (-|:|,) ]] && dstmultiport="yes"
-			[[ ${srcport} =~ (-|:|,) ]] && srcmultiport="yes"
+			([[ ${dstport} != "-" ]] && [[ ${dstport} =~ (-|:|,) ]]) && dstmultiport="yes"
+			([[ ${srcport} != "-" ]] && [[ ${srcport} =~ (-|:|,) ]]) && srcmultiport="yes"
 			([[ ${dstport} != "-" ]] && [[ ${dstmultiport} != "yes" ]]) && dstport="--dport ${dstport}"
 			([[ ${srcport} != "-" ]] && [[ ${srcmultiport} != "yes" ]]) && srcport="--sport ${srcport}"
 			([[ ${dstport} != "-" ]] && [[ ${dstmultiport} == "yes" ]]) && dstport="-m multiport --dports ${dstport}"