diff options
Diffstat (limited to 'doc')
-rw-r--r-- | doc/primary-expression.txt | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/doc/primary-expression.txt b/doc/primary-expression.txt index 63493049..e7a022a5 100644 --- a/doc/primary-expression.txt +++ b/doc/primary-expression.txt @@ -173,6 +173,35 @@ table inet x { } ---------------------- +OSF EXPRESSION +~~~~~~~~~~~~~~ +[verse] +osf {name} + +The osf expression does passive operating system fingerprinting. This +expression compares some data (Window Size, MSS, options and their order, DF, +and others) from packets with the SYN bit set. + +.Available osf attributes +[options="header"] +|================== +|Name |Description| Type +|name| +Name of the OS signature to match. All signatures can be found at pf.os file.| +Use "unknown" for OS signatures that the expression could not detect. +|================== + +.Using osf expression +--------------------- +# Accept packets that match the "Linux" OS signature. +table inet x { + chain y { + type filter hook input priority 0; policy accept; + osf "Linux" + } +} +----------------------- + FIB EXPRESSIONS ~~~~~~~~~~~~~~~ [verse] |