Hi Pablo. On Wed, Mar 11, 2009 at 10:54:21AM +0100, Pablo Neira Ayuso (pablo@xxxxxxxxxxxxx) wrote: > > Fingerprint matching rules can be downloaded from OpenBSD source tree > > and loaded via netlink connector into the kernel via special util found > > in archive. It will also listen for events about matching packets. > > I like this feature. We have nfnetlink so I don't see why we should use > the netlink connector instead. OSF exists about 6 years already, netlink configuration was added in 2005, I do not remember if nfnetlink existed those days (IIRC it did not, since I reused ULOG netlink first), right now I just cleanup what was written before. > BTW, is there any difference with regards to userspace p0f apart from > having this integrated into iptables? There should be no major differences, there are some tweaks for the MTU comparison, maybe something else. -- Evgeniy Polyakov -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
