diff options
author | Fernando Fernandez Mancera <ffmancera@riseup.net> | 2018-08-04 00:17:50 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-08-04 00:38:54 +0200 |
commit | 404180e2a68a09bde4490ed073471e6ee28f9621 (patch) | |
tree | ac85301c8cf82c16db6443aaac0467a04e017d06 /doc | |
parent | 13426f7cad870a2bb2501791cc429d9dc0d16526 (diff) |
doc: add osf expression to man page
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'doc')
-rw-r--r-- | doc/primary-expression.txt | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/doc/primary-expression.txt b/doc/primary-expression.txt index 63493049..e7a022a5 100644 --- a/doc/primary-expression.txt +++ b/doc/primary-expression.txt @@ -173,6 +173,35 @@ table inet x { } ---------------------- +OSF EXPRESSION +~~~~~~~~~~~~~~ +[verse] +osf {name} + +The osf expression does passive operating system fingerprinting. This +expression compares some data (Window Size, MSS, options and their order, DF, +and others) from packets with the SYN bit set. + +.Available osf attributes +[options="header"] +|================== +|Name |Description| Type +|name| +Name of the OS signature to match. All signatures can be found at pf.os file.| +Use "unknown" for OS signatures that the expression could not detect. +|================== + +.Using osf expression +--------------------- +# Accept packets that match the "Linux" OS signature. +table inet x { + chain y { + type filter hook input priority 0; policy accept; + osf "Linux" + } +} +----------------------- + FIB EXPRESSIONS ~~~~~~~~~~~~~~~ [verse] |