Evgeniy Polyakov wrote: > Hi. > > Passive OS fingerprinting netfilter module allows to passively detect > remote OS and perform various netfilter actions based on that knowledge. > This module compares some data (WS, MSS, options and it's order, ttl, df > and others) from packets with SYN bit set with dynamically loaded OS > fingerprints. > > Fingerprint matching rules can be downloaded from OpenBSD source tree > and loaded via netlink connector into the kernel via special util found > in archive. It will also listen for events about matching packets. I like this feature. We have nfnetlink so I don't see why we should use the netlink connector instead. BTW, is there any difference with regards to userspace p0f apart from having this integrated into iptables? -- "Los honestos son inadaptados sociales" -- Les Luthiers -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html