src: add tcp option reset support

This allows to replace a tcp option with nops, similar to the TCPOPTSTRIP feature of iptables. Signed-off-by: Florian Westphal <fw@strlen.de>
author: Florian Westphal <fw@strlen.de> 2021-12-20 12:30:18 +0100
committer: Florian Westphal <fw@strlen.de> 2022-02-28 22:44:51 +0100
commit: 5d837d270d5a8b3a4d3fdca12d0f0800b8287cdd (patch)
tree: f6142e001404eaca518ef39eec73b7d1372dd82b /src/parser_json.c
parent: 1d507ce7f1d3c12481ee24bd1dcac2fc1984ee9f (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/src/parser_json.c b/src/parser_json.c
index 49132604..fb401009 100644
--- a/src/parser_json.c
+++ b/src/parser_json.c
@@ -2652,6 +2652,14 @@ static struct stmt *json_parse_connlimit_stmt(struct json_ctx *ctx,
 	return stmt;
 }
 
+static struct stmt *json_parse_optstrip_stmt(struct json_ctx *ctx,
+					     const char *key, json_t *value)
+{
+	struct expr *expr = json_parse_expr(ctx, value);
+
+	return expr ? optstrip_stmt_alloc(int_loc, expr) : NULL;
+}
+
 static struct stmt *json_parse_stmt(struct json_ctx *ctx, json_t *root)
 {
 	struct {
@@ -2688,6 +2696,7 @@ static struct stmt *json_parse_stmt(struct json_ctx *ctx, json_t *root)
 		{ "ct count", json_parse_connlimit_stmt },
 		{ "tproxy", json_parse_tproxy_stmt },
 		{ "synproxy", json_parse_synproxy_stmt },
+		{ "reset", json_parse_optstrip_stmt },
 	};
 	const char *type;
 	unsigned int i;
author	Florian Westphal <fw@strlen.de>	2021-12-20 12:30:18 +0100
committer	Florian Westphal <fw@strlen.de>	2022-02-28 22:44:51 +0100
commit	5d837d270d5a8b3a4d3fdca12d0f0800b8287cdd (patch)
tree	f6142e001404eaca518ef39eec73b7d1372dd82b /src/parser_json.c
parent	1d507ce7f1d3c12481ee24bd1dcac2fc1984ee9f (diff)