From 8ce47aed6c1ae9ddeda13e583601b3dd71b2b6b7 Mon Sep 17 00:00:00 2001
From: Adam Henry Lewenberg <adamhl@stanford.edu>
Date: Fri, 23 Jun 2017 18:32:04 -0700
Subject: [PATCH] fix port number conversion to string issue

---
 NEWS                        | 3 +++
 templates/iptables/rule.erb | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/NEWS b/NEWS
index c868bb2..1a0c38d 100644
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,9 @@ release/005.008 (unreleased)
 
     [ssh] Add $max_sessions options. [adamhl]
 
+    [iptables] Ensure that port numbers are converted to strings inside
+    the rules erb file to avoid Ruby errors. [adamhl]
+
 release/005.007 (2017-06-22)
 
     [kerberos] Add option to completely override /etc/krb5.conf using
diff --git a/templates/iptables/rule.erb b/templates/iptables/rule.erb
index a7d69f1..1764533 100644
--- a/templates/iptables/rule.erb
+++ b/templates/iptables/rule.erb
@@ -1,7 +1,7 @@
 <%# Generic iptables rule template used by iptables::rule. -%>
 # <%= @name %><% if @description != '' then %> -- <%= @description %><% end %>
 <% [@port].flatten.each do |pt|              -%>
-<%   p = (pt != '') ? '--dport ' + pt : ''   -%>
+<%   p = (pt.to_s() != '') ? '--dport ' + pt.to_s() : ''   -%>
 <%   [@source].flatten.each do |src|         -%>
 <%     [@protocol].flatten.each do |pr|      -%>
 <%       syn = (pr == 'tcp') ? ' --syn' : '' -%>
-- 
GitLab