When the module parses existing rules with the nflog-prefix property, it incorrectly identifies the value as an empty string. As a result, every time the puppet agent runs, it detects a change to nflog_prefix and updates the rule with the same value.
Describe the Bug
When the module parses existing rules with the nflog-prefix property, it incorrectly identifies the value as an empty string. As a result, every time the puppet agent runs, it detects a change to nflog_prefix and updates the rule with the same value.
The issue seems to stem from an additional space between "--nflog-prefix" and the value in the output of iptables-save and ip6tables-save. The regex that parses this rule appears to be expecting a single space, but there are two spaces. https://github.com/puppetlabs/puppetlabs-firewall/blob/3ff86aab2b9a7010ab136ebac7a274631c4a3a68/lib/puppet/provider/firewall/firewall.rb#L535
Expected Behavior
The module identifies the correct value of the nflog-prefix property when it parses rules from the output of iptables-save and ip6tables-save.
Steps to Reproduce
Environment
Additional Context
I have also confirmed on Ubuntu 20.04 that the output of iptables-save has two spaces between --nflog-prefix and the value.