xt: Print comment match data as well

In order to translate comment matches into the single nftables rule
comment, libxtables does not immediately (maybe mid-rule) print a
comment match's string but instead stores it into struct
xt_xlate::comment array for later.

Since xt_stmt_xlate() is called by a statement's .print callback which
can't communicate data back to caller, nftables has to print it right
away.

Since parser_bison accepts rule comments only at end of line though, the
output from above can't be restored anymore. Which is a bad idea to
begin with so accept this quirk and avoid refactoring the statement
printing API.

Signed-off-by: Phil Sutter <phil@nwl.cc>

diff --git a/src/xt.c b/src/xt.c
index f7bee21618030d30f662a6735c65db5fbc0cfa65..c3a8c47621cbb7061b74944b554b6011b7eb72bc 100644 (file)
--- a/src/xt.c
+++ b/src/xt.c
@@ -112,8 +112,12 @@ void xt_stmt_xlate(const struct stmt *stmt, struct output_ctx *octx)
                break;
        }
 
-       if (rc == 1)
+       if (rc == 1) {
                nft_print(octx, "%s", xt_xlate_get(xl));
+               if (xt_xlate_get_comment(xl))
+                       nft_print(octx, "comment %s",
+                                 xt_xlate_get_comment(xl));
+       }
        xt_xlate_free(xl);
        free(entry);
 #endif