aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/xen/balloon.c
diff options
context:
space:
mode:
authorEvgeniy Polyakov <zbr@ioremap.net>2009-06-08 11:01:51 -0400
committerPatrick McHardy <kaber@trash.net>2009-06-08 11:01:51 -0400
commit11eeef41d5f63c7d2f7fdfcc733eb7fb137cc384 (patch)
tree6fe29550776dc668b73b81bb2407064049ccd0ef /drivers/xen/balloon.c
parentf87fb666bb00a7afcbd7992d236e42ac544996f9 (diff)
netfilter: passive OS fingerprint xtables match
Passive OS fingerprinting netfilter module allows to passively detect remote OS and perform various netfilter actions based on that knowledge. This module compares some data (WS, MSS, options and it's order, ttl, df and others) from packets with SYN bit set with dynamically loaded OS fingerprints. Fingerprint matching rules can be downloaded from OpenBSD source tree or found in archive and loaded via netfilter netlink subsystem into the kernel via special util found in archive. Archive contains library file (also attached), which was shipped with iptables extensions some time ago (at least when ipt_osf existed in patch-o-matic). Following changes were made in this release: * added NLM_F_CREATE/NLM_F_EXCL checks * dropped _rcu list traversing helpers in the protected add/remove calls * dropped unneded structures, debug prints, obscure comment and check Fingerprints can be downloaded from http://www.openbsd.org/cgi-bin/cvsweb/src/etc/pf.os or can be found in archive Example usage: -d switch removes fingerprints Please consider for inclusion. Thank you. Passive OS fingerprint homepage (archives, examples): http://www.ioremap.net/projects/osf Signed-off-by: Evgeniy Polyakov <zbr@ioremap.net> Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'drivers/xen/balloon.c')
0 files changed, 0 insertions, 0 deletions