parser_bison: fix ct scope underflow if ct helper section is duplicated

parser_bison: fix ct scope underflow if ct helper section is duplicated

table inet filter {
	ct helper sip-5060u {
		type "sip" protocol udp
		l3proto ip
	}5060t {
		type "sip" protocol tcp
		l3pownerip
	}

Will close the 'ct' scope twice, it has to be closed AFTER the separator
has been parsed.

While not strictly needed, also error out if the protocol is already
given, this provides a better error description.

Also make sure we release the string in all error branches.

Signed-off-by: Florian Westphal <fw@strlen.de>