From 11827cd6d1c02f8f182d70c4246a05df8a70d805 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=B4me=20Schneider?= <jschneider@entrouvert.com>
Date: Fri, 30 Aug 2013 19:41:20 +0200
Subject: [PATCH] firewall: use multiports instead of openning port by port

---
 firewall | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/firewall b/firewall
index f24503d..444acdf 100755
--- a/firewall
+++ b/firewall
@@ -109,10 +109,8 @@ open_port()
     fi
     source=$1
     log_action_msg "Open port(s) $ports from $source to $destination for protocol $proto"
-    for port in $(echo $ports | sed 's/,/ /g'); do
-        $IPTABLES -A INPUT -i $WAN_INT -p $proto -s $source -d $destination --dport $port -m state --state NEW -j ACCEPT
-        critical_return
-    done
+    $IPTABLES -A INPUT -i $WAN_INT -p $proto -s $source -d $destination -m multiport --dports $ports -m state --state NEW -j ACCEPT
+    critical_return
 }
 
 port_redirection()