Signed-off-by: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
---
doc/primary-expression.txt | 29 +++++++++++++++++++++++++++++
1 file changed, 29 insertions(+)
diff --git a/doc/primary-expression.txt b/doc/primary-expression.txt
index 50093b4..86f3e52 100644
--- a/doc/primary-expression.txt
+++ b/doc/primary-expression.txt
@@ -156,6 +156,35 @@ table inet x {
}
----------------------
+OSF EXPRESSION
+~~~~~~~~~~~~~~
+[verse]
+osf {name}
+
+The osf expression does passive operating system fingerprinting. This
+expression compares some data (Window Size, MSS, options and their order, DF,
+and others) from packets with the SYN bit set.
+
+.Available osf attributes
+[options="header"]
+|==================
+|Name |Description| Type
+|name|
+Name of the OS signature to match. All signatures can be found at pf.os file.|
+Use "unknown" for OS signatures that the expression could not detect.
+|==================
+
+.Using osf expression
+---------------------
+# Accept packets that match the "Linux" OS signature.
+table inet x {
+ chain y {
+ type filter hook input priority 0; policy accept;
+ osf "Linux"
+ }
+}
+-----------------------
+
FIB EXPRESSIONS
~~~~~~~~~~~~~~~
[verse]
--
2.18.0
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
