diff -ru ipt-orig/extensions/libip6t_multiport.c ipt-new/extensions/libip6t_multiport.c
--- ipt-orig/extensions/libip6t_multiport.c	2003-07-14 13:01:29.000000000 -0700
+++ ipt-new/extensions/libip6t_multiport.c	2004-09-17 14:55:12.742905519 -0700
@@ -115,6 +115,7 @@
 		proto = check_proto(entry);
 		multiinfo->count = parse_multi_ports(argv[optind-1],
 						     multiinfo->ports, proto);
+		check_inverse(optarg, &invert, &optind, 0);
 		multiinfo->flags = IP6T_MULTIPORT_SOURCE;
 		*nfcache |= NFC_IP6_SRC_PT;
 		break;
@@ -123,6 +124,7 @@
 		proto = check_proto(entry);
 		multiinfo->count = parse_multi_ports(argv[optind-1],
 						     multiinfo->ports, proto);
+		check_inverse(optarg, &invert, &optind, 0);
 		multiinfo->flags = IP6T_MULTIPORT_DESTINATION;
 		*nfcache |= NFC_IP6_DST_PT;
 		break;
@@ -131,6 +133,7 @@
 		proto = check_proto(entry);
 		multiinfo->count = parse_multi_ports(argv[optind-1],
 						     multiinfo->ports, proto);
+		check_inverse(optarg, &invert, &optind, 0);
 		multiinfo->flags = IP6T_MULTIPORT_EITHER;
 		*nfcache |= NFC_IP6_SRC_PT | NFC_IP6_DST_PT;
 		break;
@@ -139,6 +142,10 @@
 		return 0;
 	}
 
+	if (invert)
+		exit_error(PARAMETER_PROBLEM,
+			   "multiport does not support invert");
+
 	if (*flags)
 		exit_error(PARAMETER_PROBLEM,
 			   "multiport can only have one option");
diff -ru ipt-orig/extensions/libipt_mport.c ipt-new/extensions/libipt_mport.c
--- ipt-orig/extensions/libipt_mport.c	2003-07-14 13:01:29.000000000 -0700
+++ ipt-new/extensions/libipt_mport.c	2004-09-17 14:56:23.797364198 -0700
@@ -139,6 +139,7 @@
 		proto = check_proto(entry);
 		parse_multi_ports(argv[optind-1], minfo, proto);
 		minfo->flags = IPT_MPORT_SOURCE;
+		check_inverse(optarg, &invert, &optind, 0);
 		*nfcache |= NFC_IP_SRC_PT;
 		break;
 
@@ -146,6 +147,7 @@
 		proto = check_proto(entry);
 		parse_multi_ports(argv[optind-1], minfo, proto);
 		minfo->flags = IPT_MPORT_DESTINATION;
+		check_inverse(optarg, &invert, &optind, 0);
 		*nfcache |= NFC_IP_DST_PT;
 		break;
 
@@ -153,6 +155,7 @@
 		proto = check_proto(entry);
 		parse_multi_ports(argv[optind-1], minfo, proto);
 		minfo->flags = IPT_MPORT_EITHER;
+		check_inverse(optarg, &invert, &optind, 0);
 		*nfcache |= NFC_IP_SRC_PT | NFC_IP_DST_PT;
 		break;
 
@@ -160,6 +163,10 @@
 		return 0;
 	}
 
+	if (invert)
+		exit_error(PARAMETER_PROBLEM,
+			   "multiport does not support invert");
+
 	if (*flags)
 		exit_error(PARAMETER_PROBLEM,
 			   "multiport can only have one option");
diff -ru ipt-orig/extensions/libipt_multiport.c ipt-new/extensions/libipt_multiport.c
--- ipt-orig/extensions/libipt_multiport.c	2003-07-14 13:01:29.000000000 -0700
+++ ipt-new/extensions/libipt_multiport.c	2004-09-17 14:51:55.374634873 -0700
@@ -115,6 +115,7 @@
 		proto = check_proto(entry);
 		multiinfo->count = parse_multi_ports(argv[optind-1],
 						     multiinfo->ports, proto);
+		check_inverse(optarg, &invert, &optind, 0);
 		multiinfo->flags = IPT_MULTIPORT_SOURCE;
 		*nfcache |= NFC_IP_SRC_PT;
 		break;
@@ -123,6 +124,7 @@
 		proto = check_proto(entry);
 		multiinfo->count = parse_multi_ports(argv[optind-1],
 						     multiinfo->ports, proto);
+		check_inverse(optarg, &invert, &optind, 0);
 		multiinfo->flags = IPT_MULTIPORT_DESTINATION;
 		*nfcache |= NFC_IP_DST_PT;
 		break;
@@ -131,6 +133,7 @@
 		proto = check_proto(entry);
 		multiinfo->count = parse_multi_ports(argv[optind-1],
 						     multiinfo->ports, proto);
+		check_inverse(optarg, &invert, &optind, 0);
 		multiinfo->flags = IPT_MULTIPORT_EITHER;
 		*nfcache |= NFC_IP_SRC_PT | NFC_IP_DST_PT;
 		break;
@@ -139,6 +142,10 @@
 		return 0;
 	}
 
+	if (invert)
+		exit_error(PARAMETER_PROBLEM,
+			   "multiport does not support invert");
+
 	if (*flags)
 		exit_error(PARAMETER_PROBLEM,
 			   "multiport can only have one option");