summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2019-07-01 19:54:00 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2019-07-01 20:31:11 +0200
commit43ae7a48ae3deacf73a7a50e60f6809eed9b3f59 (patch)
tree884a05beb961a40ebb62234be9e2fe0c2de26bef
parentd3d344ea062b7f9ca45051e895388b88342fedd3 (diff)
rule: do not print semicolon in ct timeout
table ip filter { ct timeout agressive-tcp { protocol tcp; ^--- remove this semicolon Not needed, remove it. Fixes: c7c94802679c ("src: add ct timeout support") Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r--src/rule.c2
-rwxr-xr-xtests/shell/testcases/listing/0013objects_02
-rwxr-xr-xtests/shell/testcases/nft-f/0017ct_timeout_obj_02
-rw-r--r--tests/shell/testcases/nft-f/dumps/0017ct_timeout_obj_0.nft2
4 files changed, 4 insertions, 4 deletions
diff --git a/src/rule.c b/src/rule.c
index 048a7fb4..6dbc553e 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -1834,7 +1834,7 @@ static void obj_print_data(const struct obj *obj,
nft_print(octx, "%s", opts->nl);
nft_print(octx, "%s%sprotocol ", opts->tab, opts->tab);
print_proto_name_proto(obj->ct_timeout.l4proto, octx);
- nft_print(octx, ";%s", opts->nl);
+ nft_print(octx, "%s", opts->nl);
nft_print(octx, "%s%sl3proto %s%s",
opts->tab, opts->tab,
family2str(obj->ct_timeout.l3proto),
diff --git a/tests/shell/testcases/listing/0013objects_0 b/tests/shell/testcases/listing/0013objects_0
index 713c783e..a73642c7 100755
--- a/tests/shell/testcases/listing/0013objects_0
+++ b/tests/shell/testcases/listing/0013objects_0
@@ -13,7 +13,7 @@ EXPECTED="table ip test {
}
ct timeout cttime {
- protocol udp;
+ protocol udp
l3proto ip
policy = { unreplied: 15, replied: 12 }
}
diff --git a/tests/shell/testcases/nft-f/0017ct_timeout_obj_0 b/tests/shell/testcases/nft-f/0017ct_timeout_obj_0
index 448a8207..3e0a7684 100755
--- a/tests/shell/testcases/nft-f/0017ct_timeout_obj_0
+++ b/tests/shell/testcases/nft-f/0017ct_timeout_obj_0
@@ -2,7 +2,7 @@
EXPECTED='table ip filter {
ct timeout cttime{
- protocol tcp;
+ protocol tcp
l3proto ip
policy = { established: 123, close: 12 }
}
diff --git a/tests/shell/testcases/nft-f/dumps/0017ct_timeout_obj_0.nft b/tests/shell/testcases/nft-f/dumps/0017ct_timeout_obj_0.nft
index bca36580..1638b97d 100644
--- a/tests/shell/testcases/nft-f/dumps/0017ct_timeout_obj_0.nft
+++ b/tests/shell/testcases/nft-f/dumps/0017ct_timeout_obj_0.nft
@@ -1,6 +1,6 @@
table ip filter {
ct timeout cttime {
- protocol tcp;
+ protocol tcp
l3proto ip
policy = { established: 123, close: 12 }
}