From b9e03ef71bd2bbdbf2eee22b230f397a4c3767fd Mon Sep 17 00:00:00 2001
From: bol-van <none@none.none>
Date: Fri, 5 Dec 2025 10:22:48 +0300
Subject: [PATCH] nfqws2: --template <name>  , --cookie

---
 nfq2/conntrack.h      |  1 -
 nfq2/conntrack_base.h |  2 ++
 nfq2/desync.c         |  5 ++++-
 nfq2/nfqws.c          | 40 ++++++++++++++++++++++++++++++----------
 nfq2/params.c         | 10 +++++++---
 nfq2/params.h         |  3 +++
 6 files changed, 46 insertions(+), 15 deletions(-)

diff --git a/nfq2/conntrack.h b/nfq2/conntrack.h
index c306be5..af993b4 100644
--- a/nfq2/conntrack.h
+++ b/nfq2/conntrack.h
@@ -8,7 +8,6 @@
 #include <stdint.h>
 #include <ctype.h>
 #include <sys/types.h>
-#include <time.h>
 #include <netinet/in.h>
 
 #define __FAVOR_BSD
diff --git a/nfq2/conntrack_base.h b/nfq2/conntrack_base.h
index b18df44..408dfc8 100644
--- a/nfq2/conntrack_base.h
+++ b/nfq2/conntrack_base.h
@@ -1,5 +1,7 @@
 #pragma once
 
+#include <time.h>
+
 #define CTRACK_T_SYN	60
 #define CTRACK_T_FIN	60
 #define CTRACK_T_EST	300
diff --git a/nfq2/desync.c b/nfq2/desync.c
index 4f3689f..a703272 100644
--- a/nfq2/desync.c
+++ b/nfq2/desync.c
@@ -721,11 +721,14 @@ static uint8_t desync(
 		else
 		{
 			// create arg table that persists across multiple desync function calls
-			lua_createtable(params.L, 0, 12 + !!dp->name + !!ctrack + !!dis->tcp + 3*!!replay_piece_count);
+			lua_newtable(params.L);
 			lua_pushf_dissect(dis);
 			lua_pushf_ctrack(ctrack, pos);
 			lua_pushf_int("profile_n", dp->n);
 			if (dp->name) lua_pushf_str("profile_name", dp->name);
+			if (dp->n_tpl) lua_pushf_int("template_n", dp->n_tpl);
+			if (dp->name_tpl) lua_pushf_str("template_name", dp->name_tpl);
+			if (dp->cookie) lua_pushf_str("cookie", dp->cookie);
 			lua_pushf_bool("outgoing", !bIncoming);
 			lua_pushf_str("ifin", (ifin && *ifin) ? ifin : NULL);
 			lua_pushf_str("ifout", (ifout && *ifout) ? ifout : NULL);
diff --git a/nfq2/nfqws.c b/nfq2/nfqws.c
index 5b2b7dd..e329418 100644
--- a/nfq2/nfqws.c
+++ b/nfq2/nfqws.c
@@ -1021,8 +1021,9 @@ bool lua_call_param_add(char *opt, struct str2_list_head *args)
 	{
 		arg->str2 = strdup(p+1);
 		*p = c;
+		if (!arg->str2) return false;
 	}
-	return !!arg->str2;
+	return !!arg->str1;
 }
 
 struct func_list *parse_lua_call(char *opt, struct func_list_head *flist)
@@ -1048,7 +1049,6 @@ struct func_list *parse_lua_call(char *opt, struct func_list_head *flist)
 		last = !*e;
 		c = *e;
 		*e = 0;
-
 		b = lua_call_param_add(p, &f->args);
 		if (!last) *e++ = c;
 		if (!b) goto err;
@@ -1409,8 +1409,9 @@ static void exithelp(void)
 		"\nMULTI-STRATEGY:\n"
 		" --new\t\t\t\t\t\t\t; begin new profile\n"
 		" --skip\t\t\t\t\t\t\t; do not use this profile\n"
-		" --name\t\t\t\t\t\t\t; set profile name\n"
-		" --template\t\t\t\t\t\t; use this profile as template (must be named or will be useless)\n"
+		" --name=<name>\t\t\t\t\t\t; set profile name\n"
+		" --template[=<name>]\t\t\t\t\t; use this profile as template (must be named or will be useless)\n"
+		" --cookie[=<string>]\t\t\t\t\t; pass this profile-bound string to LUA\n"
 		" --import=<name>\t\t\t\t\t; populate current profile with template data\n"
 		" --filter-l3=ipv4|ipv6\t\t\t\t\t; L3 protocol filter. multiple comma separated values allowed.\n"
 		" --filter-tcp=[~]port1[-port2]|*\t\t\t; TCP port filter. ~ means negation. setting tcp and not setting udp filter denies udp. comma separated list allowed.\n"
@@ -1564,6 +1565,7 @@ enum opt_indices {
 	IDX_NAME,
 	IDX_TEMPLATE,
 	IDX_IMPORT,
+	IDX_COOKIE,
 	IDX_FILTER_L3,
 	IDX_FILTER_TCP,
 	IDX_FILTER_UDP,
@@ -1645,8 +1647,9 @@ static const struct option long_options[] = {
 	[IDX_NEW] = {"new", no_argument, 0, 0},
 	[IDX_SKIP] = {"skip", no_argument, 0, 0},
 	[IDX_NAME] = {"name", required_argument, 0, 0},
-	[IDX_TEMPLATE] = {"template", no_argument, 0, 0},
+	[IDX_TEMPLATE] = {"template", optional_argument, 0, 0},
 	[IDX_IMPORT] = {"import", required_argument, 0, 0},
+	[IDX_COOKIE] = {"cookie", required_argument, 0, 0},
 	[IDX_FILTER_L3] = {"filter-l3", required_argument, 0, 0},
 	[IDX_FILTER_TCP] = {"filter-tcp", required_argument, 0, 0},
 	[IDX_FILTER_UDP] = {"filter-udp", required_argument, 0, 0},
@@ -2127,17 +2130,27 @@ int main(int argc, char **argv)
 		case IDX_SKIP:
 			bSkip = true;
 			break;
+		case IDX_TEMPLATE:
+			bTemplate = true;
 		case IDX_NAME:
-			free(dp->name);
-			if (!(dp->name = strdup(optarg)))
+			if (optarg)
+			{
+				free(dp->name);
+				if (!(dp->name = strdup(optarg)))
+				{
+					DLOG_ERR("out of memory\n");
+					exit_clean(1);
+				}
+			}
+			break;
+		case IDX_COOKIE:
+			free(dp->cookie);
+			if (!(dp->cookie = strdup(optarg)))
 			{
 				DLOG_ERR("out of memory\n");
 				exit_clean(1);
 			}
 			break;
-		case IDX_TEMPLATE:
-			bTemplate = true;
-			break;
 		case IDX_IMPORT:
 			{
 				struct desync_profile_list *tpl = dp_list_search_name(&params.desync_templates, optarg);
@@ -2152,6 +2165,13 @@ int main(int argc, char **argv)
 					exit_clean(1);
 				}
 				dp->n = desync_profile_count;
+				free(dp->name_tpl);
+				if (tpl->dp.name && !(dp->name_tpl = strdup(tpl->dp.name)))
+				{
+					DLOG_ERR("out of memory\n");
+					exit_clean(1);
+				}
+				dp->n_tpl = tpl->dp.n;
 			}
 			break;
 
diff --git a/nfq2/params.c b/nfq2/params.c
index 31ea608..a20569b 100644
--- a/nfq2/params.c
+++ b/nfq2/params.c
@@ -346,6 +346,10 @@ void dp_init(struct desync_profile *dp)
 }
 static void dp_clear_dynamic(struct desync_profile *dp)
 {
+	free(dp->name);
+	free(dp->name_tpl);
+	free(dp->cookie);
+
 	hostlist_collection_destroy(&dp->hl_collection);
 	hostlist_collection_destroy(&dp->hl_collection_exclude);
 	ipset_collection_destroy(&dp->ips_collection);
@@ -357,7 +361,6 @@ static void dp_clear_dynamic(struct desync_profile *dp)
 	strlist_destroy(&dp->filter_ssid);
 #endif
 	HostFailPoolDestroy(&dp->hostlist_auto_fail_counters);
-	free(dp->name);
 }
 void dp_clear(struct desync_profile *dp)
 {
@@ -405,9 +408,10 @@ bool dp_list_copy(struct desync_profile *to, const struct desync_profile *from)
 	// prepare empty dynamic structures
 	dp_init_dynamic(to);
 	// copy dynamic structures
-	to->name = strdup(from->name);
+	if (from->name && !(to->name = strdup(from->name))) return false;
+	if (from->name_tpl && !(to->name_tpl = strdup(from->name_tpl))) return false;
+	if (from->cookie && !(to->cookie = strdup(from->cookie))) return false;
 	if (
-		!to->name ||
 #ifdef HAS_FILTER_SSID
 		!strlist_copy(&to->filter_ssid, &from->filter_ssid) ||
 #endif
diff --git a/nfq2/params.h b/nfq2/params.h
index c29e17d..25664ad 100644
--- a/nfq2/params.h
+++ b/nfq2/params.h
@@ -55,6 +55,9 @@ struct desync_profile
 {
 	unsigned int n;	// number of the profile
 	char *name; // optional malloced name string
+	unsigned int n_tpl; // number of imported template
+	char *name_tpl; // imported template name
+	char *cookie; // optional malloced string
 
 	bool filter_ipv4,filter_ipv6;
 	struct port_filters_head pf_tcp,pf_udp;