diff options
author | Florian Westphal <fw@strlen.de> | 2021-12-20 12:30:18 +0100 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2022-02-28 22:44:51 +0100 |
commit | 5d837d270d5a8b3a4d3fdca12d0f0800b8287cdd (patch) | |
tree | f6142e001404eaca518ef39eec73b7d1372dd82b /include/statement.h | |
parent | 1d507ce7f1d3c12481ee24bd1dcac2fc1984ee9f (diff) |
src: add tcp option reset support
This allows to replace a tcp option with nops, similar
to the TCPOPTSTRIP feature of iptables.
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'include/statement.h')
-rw-r--r-- | include/statement.h | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/include/statement.h b/include/statement.h index 06221040..2a2d3001 100644 --- a/include/statement.h +++ b/include/statement.h @@ -145,6 +145,12 @@ struct nat_stmt { extern struct stmt *nat_stmt_alloc(const struct location *loc, enum nft_nat_etypes type); +struct optstrip_stmt { + struct expr *expr; +}; + +extern struct stmt *optstrip_stmt_alloc(const struct location *loc, struct expr *e); + struct tproxy_stmt { struct expr *addr; struct expr *port; @@ -297,6 +303,7 @@ extern struct stmt *xt_stmt_alloc(const struct location *loc); * @STMT_MAP: map statement * @STMT_SYNPROXY: synproxy statement * @STMT_CHAIN: chain statement + * @STMT_OPTSTRIP: optstrip statement */ enum stmt_types { STMT_INVALID, @@ -326,6 +333,7 @@ enum stmt_types { STMT_MAP, STMT_SYNPROXY, STMT_CHAIN, + STMT_OPTSTRIP, }; /** @@ -380,6 +388,7 @@ struct stmt { struct reject_stmt reject; struct nat_stmt nat; struct tproxy_stmt tproxy; + struct optstrip_stmt optstrip; struct queue_stmt queue; struct quota_stmt quota; struct ct_stmt ct; |