From 43ae7a48ae3deacf73a7a50e60f6809eed9b3f59 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Mon, 1 Jul 2019 19:54:00 +0200
Subject: rule: do not print semicolon in ct timeout

table ip filter {
        ct timeout agressive-tcp {
                protocol tcp;
                            ^--- remove this semicolon

Not needed, remove it.

Fixes: c7c94802679c ("src: add ct timeout support")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/rule.c                                                 | 2 +-
 tests/shell/testcases/listing/0013objects_0                | 2 +-
 tests/shell/testcases/nft-f/0017ct_timeout_obj_0           | 2 +-
 tests/shell/testcases/nft-f/dumps/0017ct_timeout_obj_0.nft | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/rule.c b/src/rule.c
index 048a7fb4..6dbc553e 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -1834,7 +1834,7 @@ static void obj_print_data(const struct obj *obj,
 		nft_print(octx, "%s", opts->nl);
 		nft_print(octx, "%s%sprotocol ", opts->tab, opts->tab);
 		print_proto_name_proto(obj->ct_timeout.l4proto, octx);
-		nft_print(octx, ";%s", opts->nl);
+		nft_print(octx, "%s", opts->nl);
 		nft_print(octx, "%s%sl3proto %s%s",
 			  opts->tab, opts->tab,
 			  family2str(obj->ct_timeout.l3proto),
diff --git a/tests/shell/testcases/listing/0013objects_0 b/tests/shell/testcases/listing/0013objects_0
index 713c783e..a73642c7 100755
--- a/tests/shell/testcases/listing/0013objects_0
+++ b/tests/shell/testcases/listing/0013objects_0
@@ -13,7 +13,7 @@ EXPECTED="table ip test {
 	}
 
 	ct timeout cttime {
-		protocol udp;
+		protocol udp
 		l3proto ip
 		policy = { unreplied: 15, replied: 12 }
 	}
diff --git a/tests/shell/testcases/nft-f/0017ct_timeout_obj_0 b/tests/shell/testcases/nft-f/0017ct_timeout_obj_0
index 448a8207..3e0a7684 100755
--- a/tests/shell/testcases/nft-f/0017ct_timeout_obj_0
+++ b/tests/shell/testcases/nft-f/0017ct_timeout_obj_0
@@ -2,7 +2,7 @@
 
 EXPECTED='table ip filter {
 	ct timeout cttime{
-		protocol tcp;
+		protocol tcp
 		l3proto ip
 		policy = { established: 123, close: 12 }
 	}
diff --git a/tests/shell/testcases/nft-f/dumps/0017ct_timeout_obj_0.nft b/tests/shell/testcases/nft-f/dumps/0017ct_timeout_obj_0.nft
index bca36580..1638b97d 100644
--- a/tests/shell/testcases/nft-f/dumps/0017ct_timeout_obj_0.nft
+++ b/tests/shell/testcases/nft-f/dumps/0017ct_timeout_obj_0.nft
@@ -1,6 +1,6 @@
 table ip filter {
 	ct timeout cttime {
-		protocol tcp;
+		protocol tcp
 		l3proto ip
 		policy = { established: 123, close: 12 }
 	}
-- 
cgit v1.2.3