linux-sg2042/include
Evgeniy Polyakov 11eeef41d5 netfilter: passive OS fingerprint xtables match
Passive OS fingerprinting netfilter module allows to passively detect
remote OS and perform various netfilter actions based on that knowledge.
This module compares some data (WS, MSS, options and it's order, ttl, df
and others) from packets with SYN bit set with dynamically loaded OS
fingerprints.

Fingerprint matching rules can be downloaded from OpenBSD source tree
or found in archive and loaded via netfilter netlink subsystem into
the kernel via special util found in archive.

Archive contains library file (also attached), which was shipped
with iptables extensions some time ago (at least when ipt_osf existed
in patch-o-matic).

Following changes were made in this release:
 * added NLM_F_CREATE/NLM_F_EXCL checks
 * dropped _rcu list traversing helpers in the protected add/remove calls
 * dropped unneded structures, debug prints, obscure comment and check

Fingerprints can be downloaded from
http://www.openbsd.org/cgi-bin/cvsweb/src/etc/pf.os
or can be found in archive

Example usage:
-d switch removes fingerprints

Please consider for inclusion.
Thank you.

Passive OS fingerprint homepage (archives, examples):
http://www.ioremap.net/projects/osf

Signed-off-by: Evgeniy Polyakov <zbr@ioremap.net>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2009-06-08 17:01:51 +02:00
..
acpi Merge branch 'drm-intel-next' of git://git.kernel.org/pub/scm/linux/kernel/git/anholt/drm-intel 2009-04-28 17:21:20 -07:00
asm-generic Eliminate thousands of warnings with gcc 3.2 build 2009-05-06 16:36:09 -07:00
crypto crypto: zlib - New zlib crypto module, using pcomp 2009-03-04 15:16:19 +08:00
drm drm/i915: Add new GET_PIPE_FROM_CRTC_ID ioctl. 2009-05-14 16:00:32 -07:00
keys
linux netfilter: passive OS fingerprint xtables match 2009-06-08 17:01:51 +02:00
math-emu
media V4L/DVB (11381): ivtv/cx18: remove VIDIOC_INT_S_AUDIO_ROUTING debug support. 2009-04-06 21:44:28 -03:00
mtd make MTD headers use strict integer types 2009-03-26 18:14:17 +01:00
net netfilter: nf_ct_icmp: keep the ICMP ct entries longer 2009-06-08 15:53:43 +02:00
pcmcia
rdma Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-03-26 15:54:36 -07:00
rxrpc
scsi Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-05-18 21:08:20 -07:00
sound ALSA: Release v1.0.20 2009-05-06 12:32:26 +02:00
trace dropmon: add ability to detect when hardware dropsrxpackets 2009-05-21 16:50:21 -07:00
video include/video/cyblafb.h: remove it, it's unused 2009-04-13 15:04:30 -07:00
xen
Kbuild