netfilter: exthdr: add support for tcp option removal - kernel

diff options

author	Florian Westphal <[email protected]>	2022-01-28 12:00:36 +0000
committer	Pablo Neira Ayuso <[email protected]>	2022-02-04 05:30:28 +0000
commit	7890cbea66e78a3a6037b2a12827118d7243270b (patch)
tree	87d76005c04107777a3561ad0bafe13168530dde /net/switchdev/switchdev.c
parent	netfilter: conntrack: pptp: use single option structure (diff)
download	kernel-7890cbea66e78a3a6037b2a12827118d7243270b.tar.gz kernel-7890cbea66e78a3a6037b2a12827118d7243270b.zip

netfilter: exthdr: add support for tcp option removal

This allows to replace a tcp option with nop padding to selectively disable a particular tcp option. Optstrip mode is chosen when userspace passes the exthdr expression with neither a source nor a destination register attribute. This is identical to xtables TCPOPTSTRIP extension. The only difference is that TCPOPTSTRIP allows to pass in a bitmap of options to remove rather than a single number. Unlike TCPOPTSTRIP this expression can be used multiple times in the same rule to get the same effect. We could add a new nested attribute later on in case there is a use case for single-expression-multi-remove. Signed-off-by: Florian Westphal <[email protected]> Signed-off-by: Pablo Neira Ayuso <[email protected]>

Diffstat (limited to 'net/switchdev/switchdev.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: