diff --git a/normalization.rulebase b/normalization.rulebase
index 8baca55..3786c1b 100644
--- a/normalization.rulebase
+++ b/normalization.rulebase
@@ -152,7 +152,7 @@ rule=: FTP connection from %-:char-to:\x3a%:%src-ip:@ipaddr%/%src-port:number% t
 
 # TCP access denied by ACL from 10.10.10.10/28490 to inside:192.168.1.1/80
 
-rule =: TCP access denied by ACL from %src-ip:@ipaddr%/%src-port:number% to %-:char-to:\x3a%:%dst-ip:@ipaddr%/%dst-port:number%
+rule=: TCP access denied by ACL from %src-ip:@ipaddr%/%src-port:number% to %-:char-to:\x3a%:%dst-ip:@ipaddr%/%dst-port:number%
 
 # Teardown TCP connection 361112504 for outside:10.10.1.100/61160(LOCAL\Bob) to inside:12.159.2.124/443 duration 0:00:13 bytes 3216 TCP FINs (Bob)