# File lib/aws/ec2/security_group.rb, line 356
      def ingress_opts protocol, ports, sources

        opts = {}
        opts[:ip_protocol] = protocol == :any ? '-1' : protocol.to_s.downcase

        unless ports.is_a?(Range)
          ports = Array(ports)
        end
        opts[:from_port] = ports.first.to_i
        opts[:to_port] = ports.last.to_i

        ips, groups = parse_sources(sources)

        opts[:ip_ranges] = ips unless ips.empty?
        opts[:user_id_group_pairs] = groups unless groups.empty?

        opts

      end