• Evgeniy Polyakov's avatar
    netfilter: passive OS fingerprint xtables match · 11eeef41
    Evgeniy Polyakov authored
    Passive OS fingerprinting netfilter module allows to passively detect
    remote OS and perform various netfilter actions based on that knowledge.
    This module compares some data (WS, MSS, options and it's order, ttl, df
    and others) from packets with SYN bit set with dynamically loaded OS
    fingerprints.
    
    Fingerprint matching rules can be downloaded from OpenBSD source tree
    or found in archive and loaded via netfilter netlink subsystem into
    the kernel via special util found in archive.
    
    Archive contains library file (also attached), which was shipped
    with iptables extensions some time ago (at least when ipt_osf existed
    in patch-o-matic).
    
    Following changes were made in this release:
     * added NLM_F_CREATE/NLM_F_EXCL checks
     * dropped _rcu list traversing helpers in the protected add/remove calls
     * dropped unneded structures, debug prints, obscure comment and check
    
    Fingerprints can be downloaded from
    http://www.openbsd.org/cgi-bin/cvsweb/src/etc/pf.os
    or can be found in archive
    
    Example usage:
    -d switch removes fingerprints
    
    Please consider for inclusion.
    Thank you.
    
    Passive OS fingerprint homepage (archives, examples):
    http://www.ioremap.net/projects/osfSigned-off-by: 's avatarEvgeniy Polyakov <zbr@ioremap.net>
    Signed-off-by: 's avatarPatrick McHardy <kaber@trash.net>
    11eeef41
Name
Last commit
Last update
Documentation Loading commit data...
arch Loading commit data...
block Loading commit data...
crypto Loading commit data...
drivers Loading commit data...
firmware Loading commit data...
fs Loading commit data...
include Loading commit data...
init Loading commit data...
ipc Loading commit data...
kernel Loading commit data...
lib Loading commit data...
mm Loading commit data...
net Loading commit data...
samples Loading commit data...
scripts Loading commit data...
security Loading commit data...
sound Loading commit data...
usr Loading commit data...
virt/kvm Loading commit data...
.gitignore Loading commit data...
.mailmap Loading commit data...
COPYING Loading commit data...
CREDITS Loading commit data...
Kbuild Loading commit data...
MAINTAINERS Loading commit data...
Makefile Loading commit data...
README Loading commit data...
REPORTING-BUGS Loading commit data...