From 22535a98470a908b879db8fc0354c5f2bbb3984e Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Tue, 28 Feb 2017 13:31:54 +0100
Subject: src: revisit tcp options support

Rework syntax, add tokens so we can extend the grammar more easily.
This has triggered several syntax changes with regards to the original
patch, specifically:

	tcp option sack0 left 1

There is no space between sack and the block number anymore, no more
offset field, now they are a single field. Just like we do with rt, rt0
and rt2. This simplifies our grammar and that is good since it makes our
life easier when extending it later on to accomodate new features.

I have also renamed sack_permitted to sack-permitted. I couldn't find
any option using underscore so far, so let's keep it consistent with
what we have.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 doc/nft.xml | 39 ++++++++++++++++++++++++++++-----------
 1 file changed, 28 insertions(+), 11 deletions(-)

(limited to 'doc')

diff --git a/doc/nft.xml b/doc/nft.xml
index 49664c42..990b9368 100644
--- a/doc/nft.xml
+++ b/doc/nft.xml
@@ -2525,11 +2525,14 @@ inet filter meta nfproto ipv6 output rt nexthop fd00::1
 					<arg>noop</arg>
 					<arg>maxseg</arg>
 					<arg>window</arg>
-					<arg>sack_permitted</arg>
+					<arg>sack-permitted</arg>
 					<arg>sack</arg>
+					<arg>sack0</arg>
+					<arg>sack1</arg>
+					<arg>sack2</arg>
+					<arg>sack3</arg>
 					<arg>timestamp</arg>
 				</group>
-                <arg><replaceable>offset</replaceable></arg>
 				<arg choice="none"><replaceable>tcp_option_field</replaceable></arg>
 			</cmdsynopsis>
 			<para>
@@ -2604,13 +2607,33 @@ inet filter meta nfproto ipv6 output rt nexthop fd00::1
 								<entry>kind, length, count</entry>
 							</row>
 							<row>
-								<entry>sack_permitted</entry>
+								<entry>sack-permitted</entry>
 								<entry>TCP SACK permitted</entry>
 								<entry>kind, length</entry>
 							</row>
 							<row>
 								<entry>sack</entry>
-								<entry>TCP Selective Acknowledgement</entry>
+								<entry>TCP Selective Acknowledgement (alias of block 0)</entry>
+								<entry>kind, length, left, right</entry>
+							</row>
+							<row>
+								<entry>sack0</entry>
+								<entry>TCP Selective Acknowledgement (block 0)</entry>
+								<entry>kind, length, left, right</entry>
+							</row>
+							<row>
+								<entry>sack1</entry>
+								<entry>TCP Selective Acknowledgement (block 1)</entry>
+								<entry>kind, length, left, right</entry>
+							</row>
+							<row>
+								<entry>sack2</entry>
+								<entry>TCP Selective Acknowledgement (block 2)</entry>
+								<entry>kind, length, left, right</entry>
+							</row>
+							<row>
+								<entry>sack3</entry>
+								<entry>TCP Selective Acknowledgement (block 3)</entry>
 								<entry>kind, length, left, right</entry>
 							</row>
 							<row>
@@ -2623,17 +2646,11 @@ inet filter meta nfproto ipv6 output rt nexthop fd00::1
 				</table>
 			</para>
 
-			<para>
-				The <replaceable>offset</replaceable> is only used for the SACK TCP option fields <command>left</command> and <command>right</command>.
-				For all non-SACK TCP options it is always zero.
-				<replaceable>Offsets</replaceable> which equals to zero can be omitted.
-			</para>
-
 			<para>
 				<example>
 					<title>finding TCP options</title>
 					<programlisting>
-filter input tcp option sack_permitted kind 1 counter
+filter input tcp option sack-permitted kind 1 counter
 					</programlisting>
 				</example>
 				<example>
-- 
cgit v1.2.3