From: Jan Vansteenkiste <jan@vstone.eu>
Date: Thu, 23 Aug 2012 07:13:26 +0000 (+0200)
Subject: Use a more generic way for parsing negated options, not only for destination and... 
X-Git-Tag: 0.5.0~18^2~2
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=706f13b3835e9b4c749c88d60ea8f526e46baf80;p=puppet-modules%2Fpuppetlabs-firewall.git

Use a more generic way for parsing negated options, not only for destination and source
---

diff --git a/lib/puppet/provider/firewall/iptables.rb b/lib/puppet/provider/firewall/iptables.rb
index 81f8b19..90e7926 100644
--- a/lib/puppet/provider/firewall/iptables.rb
+++ b/lib/puppet/provider/firewall/iptables.rb
@@ -168,11 +168,9 @@ Puppet::Type.type(:firewall).provide :iptables, :parent => Puppet::Provider::Fir
     # so it behaves like --comment
     values = values.sub(/--tcp-flags (\S*) (\S*)/, '--tcp-flags "\1 \2"')
     # we do a simular thing for negated address masks (source and destination).
-    values = values.sub(/-s (!)\s?(\S*)/, '-s "\1 \2"')
-    values = values.sub(/-d (!)\s?(\S*)/,'-d "\1 \2"')
+    values = values.sub(/(-\S+) (!)\s?(\S*)/,'\1 "\2 \3"')
     # the actual rule will have the ! mark before the option.
-    values = values.sub(/(!)\s*-s\s*(\S*)/, '-s "\1 \2"')
-    values = values.sub(/(!)\s*-d\s*(\S*)/, '-d "\1 \2"')
+    values = values.sub(/(!)\s*(-\S+)\s*(\S*)/, '\2 "\1 \3"')
 
     # Trick the system for booleans
     @known_booleans.each do |bool|