ranges like 10:5 are allowed by us, but iptables throws an error
that is only visible in the syslog and the firewall rules do not
get updated
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
my ($port1, $port2) = ($1, $2);
die "invalid port '$port1'\n" if $port1 > 65535;
die "invalid port '$port2'\n" if $port2 > 65535;
+ die "backwards range '$port1:$port2' not allowed, did you mean '$port2:$port1'?\n" if $port1 > $port2;
} elsif ($item =~ m/^([0-9]+)$/) {
$count += 1;
my $port = $1;