diff --git a/qubes/firewall.py b/qubes/firewall.py
index 2890e8cd..bb79ab29 100644
--- a/qubes/firewall.py
+++ b/qubes/firewall.py
@@ -193,6 +193,29 @@ class DstPorts(RuleOption):
         return 'dstports=' + '{!s}-{!s}'.format(*self.range)
 
 
+class SrcPorts(RuleOption):
+    def __init__(self, untrusted_value):
+        if isinstance(untrusted_value, int):
+            untrusted_value = str(untrusted_value)
+        if untrusted_value.count('-') == 1:
+            self.range = [int(x) for x in untrusted_value.split('-', 1)]
+        elif not untrusted_value.count('-'):
+            self.range = [int(untrusted_value), int(untrusted_value)]
+        else:
+            raise ValueError(untrusted_value)
+        if any(port < 0 or port > 65536 for port in self.range):
+            raise ValueError('Ports out of range')
+        if self.range[0] > self.range[1]:
+            raise ValueError('Invalid port range')
+        super().__init__(
+            str(self.range[0]) if self.range[0] == self.range[1]
+            else '-'.join(map(str, self.range)))
+
+    @property
+    def rule(self):
+        return 'srcports=' + '{!s}-{!s}'.format(*self.range)
+
+
 class IcmpType(RuleOption):
     def __init__(self, untrusted_value):
         untrusted_value = int(untrusted_value)