lib/puppet/provider/firewall/iptables.rb - comments cleanup for parsing

Per <https://tickets.puppetlabs.com/browse/MODULES-6876>, there are
problems with parsing some iptables rules with space and quotes
(specifically ones created by podman).  This re-clears the comments
field if it made it through earlier parsing.

Author: tskirvin

CHANGELOG.md

@@ -2,6 +2,15 @@
 
 All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org).
 
+## Unversioned
+
+### iptables.rb
+
+There are cases where spaces and quotes in iptables comments generated by
+mainstream sources (e.g. podman) were causing rules to not parse properly.
+We didn't fix the whole problem, but we removed those comments for parsing
+purposes.1
+
 ## [v3.0.0](https://github.com/puppetlabs/puppetlabs-firewall/tree/v3.0.0) (2021-03-01)
 
 [Full Changelog](https://github.com/puppetlabs/puppetlabs-firewall/compare/v2.8.1...v3.0.0)

lib/puppet/provider/firewall/iptables.rb

@@ -575,6 +575,11 @@ def self.rule_to_hash(line, table, counter)
       keys << :table
     end
 
+    # manually remove comments if they made it this far
+    if values =~ %r{-m comment --comment}
+      values = values.sub(%r{-m comment --comment "((?:\\"|[^"])*)"}, {})
+    end
+
     valrev = values.scan(%r{("([^"\\]|\\.)*"|\S+)}).transpose[0].reverse
 
     if keys.length != valrev.length