src: add tcp option reset support

This allows to replace a tcp option with nops, similar to the TCPOPTSTRIP feature of iptables. Signed-off-by: Florian Westphal <fw@strlen.de>
author: Florian Westphal <fw@strlen.de> 2021-12-20 12:30:18 +0100
committer: Florian Westphal <fw@strlen.de> 2022-02-28 22:44:51 +0100
commit: 5d837d270d5a8b3a4d3fdca12d0f0800b8287cdd (patch)
tree: f6142e001404eaca518ef39eec73b7d1372dd82b /doc/statements.txt
parent: 1d507ce7f1d3c12481ee24bd1dcac2fc1984ee9f (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/doc/statements.txt b/doc/statements.txt
index 8675892a..6aaf806b 100644
--- a/doc/statements.txt
+++ b/doc/statements.txt
@@ -71,7 +71,7 @@ EXTENSION HEADER STATEMENT
 
 The extension header statement alters packet content in variable-sized headers.
 This can currently be used to alter the TCP Maximum segment size of packets,
-similar to TCPMSS.
+similar to the TCPMSS target in iptables.
 
 .change tcp mss
 ---------------
@@ -80,6 +80,13 @@ tcp flags syn tcp option maxseg size set 1360
 tcp flags syn tcp option maxseg size set rt mtu
 ---------------
 
+You can also remove tcp options via reset keyword.
+
+.remove tcp option
+---------------
+tcp flags syn reset tcp option sack-perm
+---------------
+
 LOG STATEMENT
 ~~~~~~~~~~~~~
 [verse]
author	Florian Westphal <fw@strlen.de>	2021-12-20 12:30:18 +0100
committer	Florian Westphal <fw@strlen.de>	2022-02-28 22:44:51 +0100
commit	5d837d270d5a8b3a4d3fdca12d0f0800b8287cdd (patch)
tree	f6142e001404eaca518ef39eec73b7d1372dd82b /doc/statements.txt
parent	1d507ce7f1d3c12481ee24bd1dcac2fc1984ee9f (diff)