From fa86b544c03b14ea12f30ad39676a6fea88cbe05 Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Sun, 21 Nov 2021 23:33:11 +0100
Subject: tcpopt: add md5sig, fastopen and mptcp options

Allow to use "fastopen", "md5sig" and "mptcp" mnemonics rather than the
raw option numbers.

These new keywords are only recognized while scanner is in tcp state.

Signed-off-by: Florian Westphal <fw@strlen.de>
---
 include/tcpopt.h | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'include')

diff --git a/include/tcpopt.h b/include/tcpopt.h
index 667c8a77..22df69dc 100644
--- a/include/tcpopt.h
+++ b/include/tcpopt.h
@@ -25,6 +25,9 @@ enum tcpopt_kind {
 	TCPOPT_KIND_SACK = 5,
 	TCPOPT_KIND_TIMESTAMP = 8,
 	TCPOPT_KIND_ECHO = 8,
+	TCPOPT_KIND_MD5SIG = 19,
+	TCPOPT_KIND_MPTCP = 30,
+	TCPOPT_KIND_FASTOPEN = 34,
 	__TCPOPT_KIND_MAX,
 
 	/* extra oob info, internal to nft */
@@ -71,6 +74,11 @@ enum tcpopt_hdr_field_sack {
 	TCPOPT_SACK_RIGHT3,
 };
 
+enum tcpopt_hdr_mptcp_common {
+	TCPOPT_MPTCP_KIND,
+	TCPOPT_MPTCP_LENGTH,
+};
+
 extern const struct exthdr_desc *tcpopt_protocols[__TCPOPT_KIND_MAX];
 
 #endif /* NFTABLES_TCPOPT_H */
-- 
cgit v1.2.3