arptables: Don't omit standard matches if inverted

Inverted --h-len and --h-type matches were omitted from output by
accident if they matched on their standard value.

Fixes: 84331e3ed3f8e ("arptables-nft: Don't print default h-len/h-type values")
Signed-off-by: Phil Sutter <phil@nwl.cc>

diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c
index a8e49f442c6d7414a9aef07a9574550ce4bfd3c5..3236e2f54e21db3564fa8f2ad6a635a7fb2fec40 100644 (file)
--- a/iptables/nft-arp.c
+++ b/iptables/nft-arp.c
@@ -408,7 +408,8 @@ after_devsrc:
 
 after_devdst:
 
-       if (fw->arp.arhln_mask != 255 || fw->arp.arhln != 6) {
+       if (fw->arp.arhln_mask != 255 || fw->arp.arhln != 6 ||
+           fw->arp.invflags & IPT_INV_ARPHLN) {
                printf("%s%s", sep, fw->arp.invflags & IPT_INV_ARPHLN
                        ? "! " : "");
                printf("--h-length %d", fw->arp.arhln);
@@ -432,7 +433,8 @@ after_devdst:
                sep = " ";
        }
 
-       if (fw->arp.arhrd_mask != 65535 || fw->arp.arhrd != htons(1)) {
+       if (fw->arp.arhrd_mask != 65535 || fw->arp.arhrd != htons(1) ||
+           fw->arp.invflags & IPT_INV_ARPHRD) {
                uint16_t tmp = ntohs(fw->arp.arhrd);
 
                printf("%s%s", sep, fw->arp.invflags & IPT_INV_ARPHRD