From 9e746a513d5e26f724f992f742f549f7e82f0148 Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Fri, 28 Apr 2023 14:37:47 +0200
Subject: [PATCH] arptables: Don't omit standard matches if inverted

Inverted --h-len and --h-type matches were omitted from output by
accident if they matched on their standard value.

Fixes: 84331e3ed3f8e ("arptables-nft: Don't print default h-len/h-type values")
Signed-off-by: Phil Sutter <phil@nwl.cc>
(cherry picked from commit 79f93b0943fa0e46ba29bb476362634509eb594e)
---
 iptables/nft-arp.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c
index ab1108dd69685..f1cf46476ec83 100644
--- a/iptables/nft-arp.c
+++ b/iptables/nft-arp.c
@@ -416,7 +416,8 @@ static void nft_arp_print_rule_details(const struct iptables_command_state *cs,
 
 after_devdst:
 
-	if (fw->arp.arhln_mask != 255 || fw->arp.arhln != 6) {
+	if (fw->arp.arhln_mask != 255 || fw->arp.arhln != 6 ||
+	    fw->arp.invflags & IPT_INV_ARPHLN) {
 		printf("%s%s", sep, fw->arp.invflags & IPT_INV_ARPHLN
 			? "! " : "");
 		printf("--h-length %d", fw->arp.arhln);
@@ -440,7 +441,8 @@ static void nft_arp_print_rule_details(const struct iptables_command_state *cs,
 		sep = " ";
 	}
 
-	if (fw->arp.arhrd_mask != 65535 || fw->arp.arhrd != htons(1)) {
+	if (fw->arp.arhrd_mask != 65535 || fw->arp.arhrd != htons(1) ||
+	    fw->arp.invflags & IPT_INV_ARPHRD) {
 		uint16_t tmp = ntohs(fw->arp.arhrd);
 
 		printf("%s%s", sep, fw->arp.invflags & IPT_INV_ARPHRD
-- 
2.40.0