src: add tcp option reset support

This allows to replace a tcp option with nops, similar to the TCPOPTSTRIP feature of iptables. Signed-off-by: Florian Westphal <fw@strlen.de>
author: Florian Westphal <fw@strlen.de> 2021-12-20 12:30:18 +0100
committer: Florian Westphal <fw@strlen.de> 2022-02-28 22:44:51 +0100
commit: 5d837d270d5a8b3a4d3fdca12d0f0800b8287cdd (patch)
tree: f6142e001404eaca518ef39eec73b7d1372dd82b /include/statement.h
parent: 1d507ce7f1d3c12481ee24bd1dcac2fc1984ee9f (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/include/statement.h b/include/statement.h
index 06221040..2a2d3001 100644
--- a/include/statement.h
+++ b/include/statement.h
@@ -145,6 +145,12 @@ struct nat_stmt {
 extern struct stmt *nat_stmt_alloc(const struct location *loc,
 				   enum nft_nat_etypes type);
 
+struct optstrip_stmt {
+	struct expr	*expr;
+};
+
+extern struct stmt *optstrip_stmt_alloc(const struct location *loc, struct expr *e);
+
 struct tproxy_stmt {
 	struct expr	*addr;
 	struct expr	*port;
@@ -297,6 +303,7 @@ extern struct stmt *xt_stmt_alloc(const struct location *loc);
  * @STMT_MAP:		map statement
  * @STMT_SYNPROXY:	synproxy statement
  * @STMT_CHAIN:		chain statement
+ * @STMT_OPTSTRIP:	optstrip statement
  */
 enum stmt_types {
 	STMT_INVALID,
@@ -326,6 +333,7 @@ enum stmt_types {
 	STMT_MAP,
 	STMT_SYNPROXY,
 	STMT_CHAIN,
+	STMT_OPTSTRIP,
 };
 
 /**
@@ -380,6 +388,7 @@ struct stmt {
 		struct reject_stmt	reject;
 		struct nat_stmt		nat;
 		struct tproxy_stmt	tproxy;
+		struct optstrip_stmt	optstrip;
 		struct queue_stmt	queue;
 		struct quota_stmt	quota;
 		struct ct_stmt		ct;
author	Florian Westphal <fw@strlen.de>	2021-12-20 12:30:18 +0100
committer	Florian Westphal <fw@strlen.de>	2022-02-28 22:44:51 +0100
commit	5d837d270d5a8b3a4d3fdca12d0f0800b8287cdd (patch)
tree	f6142e001404eaca518ef39eec73b7d1372dd82b /include/statement.h
parent	1d507ce7f1d3c12481ee24bd1dcac2fc1984ee9f (diff)