diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-07-01 19:54:00 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-07-01 20:31:11 +0200 |
commit | 43ae7a48ae3deacf73a7a50e60f6809eed9b3f59 (patch) | |
tree | 884a05beb961a40ebb62234be9e2fe0c2de26bef | |
parent | d3d344ea062b7f9ca45051e895388b88342fedd3 (diff) |
rule: do not print semicolon in ct timeout
table ip filter {
ct timeout agressive-tcp {
protocol tcp;
^--- remove this semicolon
Not needed, remove it.
Fixes: c7c94802679c ("src: add ct timeout support")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r-- | src/rule.c | 2 | ||||
-rwxr-xr-x | tests/shell/testcases/listing/0013objects_0 | 2 | ||||
-rwxr-xr-x | tests/shell/testcases/nft-f/0017ct_timeout_obj_0 | 2 | ||||
-rw-r--r-- | tests/shell/testcases/nft-f/dumps/0017ct_timeout_obj_0.nft | 2 |
4 files changed, 4 insertions, 4 deletions
@@ -1834,7 +1834,7 @@ static void obj_print_data(const struct obj *obj, nft_print(octx, "%s", opts->nl); nft_print(octx, "%s%sprotocol ", opts->tab, opts->tab); print_proto_name_proto(obj->ct_timeout.l4proto, octx); - nft_print(octx, ";%s", opts->nl); + nft_print(octx, "%s", opts->nl); nft_print(octx, "%s%sl3proto %s%s", opts->tab, opts->tab, family2str(obj->ct_timeout.l3proto), diff --git a/tests/shell/testcases/listing/0013objects_0 b/tests/shell/testcases/listing/0013objects_0 index 713c783e..a73642c7 100755 --- a/tests/shell/testcases/listing/0013objects_0 +++ b/tests/shell/testcases/listing/0013objects_0 @@ -13,7 +13,7 @@ EXPECTED="table ip test { } ct timeout cttime { - protocol udp; + protocol udp l3proto ip policy = { unreplied: 15, replied: 12 } } diff --git a/tests/shell/testcases/nft-f/0017ct_timeout_obj_0 b/tests/shell/testcases/nft-f/0017ct_timeout_obj_0 index 448a8207..3e0a7684 100755 --- a/tests/shell/testcases/nft-f/0017ct_timeout_obj_0 +++ b/tests/shell/testcases/nft-f/0017ct_timeout_obj_0 @@ -2,7 +2,7 @@ EXPECTED='table ip filter { ct timeout cttime{ - protocol tcp; + protocol tcp l3proto ip policy = { established: 123, close: 12 } } diff --git a/tests/shell/testcases/nft-f/dumps/0017ct_timeout_obj_0.nft b/tests/shell/testcases/nft-f/dumps/0017ct_timeout_obj_0.nft index bca36580..1638b97d 100644 --- a/tests/shell/testcases/nft-f/dumps/0017ct_timeout_obj_0.nft +++ b/tests/shell/testcases/nft-f/dumps/0017ct_timeout_obj_0.nft @@ -1,6 +1,6 @@ table ip filter { ct timeout cttime { - protocol tcp; + protocol tcp l3proto ip policy = { established: 123, close: 12 } } |