Reverse the parse direction

Parse the rule from the head to prevent the parser from finding
aliases of the intended argument in the rule's heead.

String#slice! searches from the head of a string, so if the parser is
using it to iteratively search for strings ordered progressively further
from the back of a rule, each iteration is a new opportunity to find an
aliased substring in its head and completely moot the point of
generating an ordered parse list in the first place.

Additionally:
- Untie the logical knots that were required for reverse-parsing
- Don't use Enumerable#each to do absolutely everything by side effect
  when an iterator could just return the constructed value directly
- Don't pre-define variables we don't need yet just so they can be
  reassigned
- Freshen up pointlessly terse variable names that only exist in an
  ephemeral scope anyway, this is already hard enough to follow
- Stop our value regex from capturing a second, nested group if we only
  need the outer to avoid any later need to transpose the result
- Fix any remaining variables with misleading names (e.g., valrev is no
  longer "values, reversed") or errant comments that no longer
  accurately describe the operation of the code

Author: greatflyingsteve

lib/puppet/provider/firewall/iptables.rb

@@ -511,8 +511,6 @@ def self.instances
   end
 
   def self.rule_to_hash(line, table, counter)
-    hash = {}
-    keys = []
     values = ' ' + line
 
     ####################
@@ -646,35 +644,38 @@ def self.rule_to_hash(line, table, counter)
     # MAIN PARSE
     ############
 
-    # Here we iterate across our values to generate an array of keys
-    parser_list.reverse_each do |k|
-      resource_map_key = resource_map[k]
-      [resource_map_key].flatten.each do |opt|
-        if values.slice!(%r{\s#{opt}})
-          keys << k
+    # Iterate through the sorted list of resource matchers we found, and
+    # pull them out of the rule text so only their matching values remain
+    keys = parser_list.each_with_object([]) do |resource_key, found_keys|
+      [resource_map[resource_key]].flatten.each do |matcher|
+        if values.slice!(%r{\s#{matcher}})
+          found_keys << resource_key
           break
         end
       end
     end
 
-    valrev = values.scan(%r{("([^"\\]|\\.)*"|\S+)}).transpose[0].reverse
+    # Slurp up the resource values
+    found_values = values.scan(%r{("(?:[^"\\]|\\.)*"|\S+)}).flatten
 
-    if keys.length != valrev.length
-      warning "Skipping unparsable iptables rule: keys (#{keys.length}) and values (#{valrev.length}) count mismatch on line: #{line}"
+    if keys.length != found_values.length
+      warning "Skipping unparsable iptables rule: keys (#{keys.length}) and values (#{found_values.length}) count mismatch on line: #{line}"
       return
     end
 
     # Here we generate the main hash by scanning arguments off the values
     # string, handling any quoted characters present in the value, and then
     # zipping the values with the array of keys.
-    keys.zip(valrev) do |f, v|
-      hash[f] = if %r{^".*"$}.match?(v)
-                  v.sub(%r{^"(.*)"$}, '\1').gsub(%r{\\(\\|'|")}, '\1')
-                else
-                  v.dup
-                end
+    found_values = found_values.map do |value|
+      if %r{^".*"$}.match?(value)
+        value.sub(%r{^"(.*)"$}, '\1').gsub(%r{\\(\\|'|")}, '\1')
+      else
+        value
+      end
     end
 
+    hash = keys.zip(found_values).to_h
+
     #####################
     # POST PARSE CLUDGING
     #####################