diff -ru iptables-orig/extensions/libipt_DNAT.c iptables-new/extensions/libipt_DNAT.c
--- iptables-orig/extensions/libipt_DNAT.c	2004-12-28 08:11:59.000000000 -0500
+++ iptables-new/extensions/libipt_DNAT.c	2005-01-16 19:26:29.059808992 -0500
@@ -65,7 +65,7 @@
 parse_to(char *arg, int portok, struct ipt_natinfo *info)
 {
 	struct ip_nat_range range;
-	char *colon, *dash;
+	char *colon, *dash, *error;
 	struct in_addr *ip;
 
 	memset(&range, 0, sizeof(range));
@@ -85,6 +85,11 @@
 			exit_error(PARAMETER_PROBLEM,
 				   "Port `%s' not valid\n", colon+1);
 
+		error = strchr(colon+1, ':');
+		if (error)
+			exit_error(PARAMETER_PROBLEM,
+				   "Invalid port:port syntax - use dash\n");
+
 		dash = strchr(colon, '-');
 		if (!dash) {
 			range.min.tcp.port
diff -ru iptables-orig/extensions/libipt_SNAT.c iptables-new/extensions/libipt_SNAT.c
--- iptables-orig/extensions/libipt_SNAT.c	2004-12-28 08:11:59.000000000 -0500
+++ iptables-new/extensions/libipt_SNAT.c	2005-01-16 19:13:42.446351952 -0500
@@ -65,7 +65,7 @@
 parse_to(char *arg, int portok, struct ipt_natinfo *info)
 {
 	struct ip_nat_range range;
-	char *colon, *dash;
+	char *colon, *dash, *error;
 	struct in_addr *ip;
 
 	memset(&range, 0, sizeof(range));
@@ -85,6 +85,11 @@
 			exit_error(PARAMETER_PROBLEM,
 				   "Port `%s' not valid\n", colon+1);
 
+		error = strchr(colon+1, ':');
+		if (error)
+			exit_error(PARAMETER_PROBLEM,
+				   "Invalid port:port syntax - use dash\n");
+
 		dash = strchr(colon, '-');
 		if (!dash) {
 			range.min.tcp.port