Fix COMMENT rule generation

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6303 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall-common/releasenotes.txt

@@ -50,6 +50,10 @@ Problems corrected in 3.9.7.
 8)  The LOGBURST and LOGLIMIT options in shorewall.conf now work
     correctly
 
+9)  Previously, COMMENT lines could result in invalid iptables-restore
+    input being generated. The quote marks around the comment string 
+    were being removed during iptables-restore input generation.
+
 Other changes in Shorewall 3.9.7.
 
 1)  Shorewall-perl now validates all IP addresses and addresses ranges

Shorewall-perl/Shorewall/Chains.pm

@@ -331,6 +331,12 @@ sub add_rule($$)
     $rule .= " -m comment --comment \"$comment\"" if $comment;
 
     if ( $chainref->{loopcount} || $chainref->{cmdcount} ) {
+	#
+	# The shell has this wonderful habit of removing quote marks. Certain rule constructs such
+	# as --comment and --log-prefix quote the associated value. The following statement
+	# will add an escape to each double quote in the rule so that when the rule is finally
+	# written to the iptables-input file, it will still have quote marks.
+	#
 	$rule =~ s/"/\\"/g;
 	add_command $chainref , qq(echo "-A $chainref->{name} $rule" >&3);
     } else {