Bug 13959

Summary: iptables error on boot with multiport
Product: IPFire Reporter: Dieter Schütze <dieter.schuetze>
Component: ---Assignee: Michael Tremer <michael.tremer>
Status: MODIFIED --- QA Contact:
Severity: - Unknown -    
Priority: - Unknown - CC: adolf.belka
Version: 2   
Hardware: x86_64   
OS: Unspecified   

Description Dieter Schütze 2026-04-15 11:28:29 UTC 
IPFire 2.29 (x86_64) - Core-Update 200

if you set a rule in the gui with comma-separated ports in the target, you got iptables errors on boot.

This show  ..... -m mutliport --dport 568,3389 ..... for example.

As I see it, it should be  .... -m multiport --dports 568,3389 ....
I miss the s at dport.

I temporarily created a rule for each port and the errors are gone.

The port areas are not affected. For example 1024:65500 i got no errors on boot.
Comment 1 Michael Tremer 2026-04-20 11:46:58 UTC 
Hello,

thanks for the report. I cannot quite reproduce it, but I agree that there is an s missing in the code. So I made the function slightly clearer:

> https://git.ipfire.org/?p=people/ms/ipfire-2.x.git;a=commitdiff;h=60f540bfe8aa68f0367f57e41831410d288120a7

Could you please test and confirm if this is fixing your problem?
Comment 2 Dieter Schütze 2026-04-20 13:34:18 UTC 
Hello Michael,

I've now tested it.
This fixed the errors.
No more boot errors, and the comma-seperated ports have been added to the table.

I haven't noticed any other negative effects from this change.

Thank you
Comment 3 Michael Tremer 2026-04-24 13:09:37 UTC 
Thank you for the feedback. I have merged this into next:

> https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=60f540bfe8aa68f0367f57e41831410d288120a7