summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorFlorian Westphal <fw@strlen.de>2016-12-11 18:02:34 +0100
committerFlorian Westphal <fw@strlen.de>2017-08-22 23:51:02 +0200
commit0c0b2452bc3c96cf3db09eb8cbf62778a2fd8f6c (patch)
tree8ab752666dda2f50c396501f1fb95ff43b90eac1 /include
parentd74eed8c9649e9278b69f2cd0fd92f71e3e19cfb (diff)
src: add tcp options set support
This adds support for tcp mss mangling: nft add rule filter input tcp option maxseg size 1200 Its also possible to change other tcp option fields, but maxseg is one of the more useful ones to change. Signed-off-by: Florian Westphal <fw@strlen.de> Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
-rw-r--r--include/statement.h11
-rw-r--r--include/tcpopt.h1
2 files changed, 12 insertions, 0 deletions
diff --git a/include/statement.h b/include/statement.h
index 61b5027b..6d8aaa8b 100644
--- a/include/statement.h
+++ b/include/statement.h
@@ -24,6 +24,14 @@ struct counter_stmt {
extern struct stmt *counter_stmt_alloc(const struct location *loc);
+struct exthdr_stmt {
+ struct expr *expr;
+ struct expr *val;
+};
+
+extern struct stmt *exthdr_stmt_alloc(const struct location *loc,
+ struct expr *payload, struct expr *expr);
+
struct payload_stmt {
struct expr *expr;
struct expr *val;
@@ -220,6 +228,7 @@ struct xt_stmt {
* @STMT_QUOTA: quota statement
* @STMT_NOTRACK: notrack statement
* @STMT_OBJREF: stateful object reference statement
+ * @STMT_EXTHDR: extension header statement
*/
enum stmt_types {
STMT_INVALID,
@@ -244,6 +253,7 @@ enum stmt_types {
STMT_QUOTA,
STMT_NOTRACK,
STMT_OBJREF,
+ STMT_EXTHDR,
};
/**
@@ -285,6 +295,7 @@ struct stmt {
union {
struct expr *expr;
+ struct exthdr_stmt exthdr;
struct flow_stmt flow;
struct counter_stmt counter;
struct payload_stmt payload;
diff --git a/include/tcpopt.h b/include/tcpopt.h
index f96c04c6..9be84817 100644
--- a/include/tcpopt.h
+++ b/include/tcpopt.h
@@ -3,6 +3,7 @@
#include <proto.h>
#include <exthdr.h>
+#include <statement.h>
extern struct expr *tcpopt_expr_alloc(const struct location *loc,
uint8_t type, uint8_t field);