bugzilla-daemon@bugzilla.netfilter.org
2006-Mar-06 12:56 UTC
[Bug 458] New: osf module doesn't always identify operating system
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=458 Summary: osf module doesn't always identify operating system Product: netfilter/iptables Version: patch-o-matic Platform: i386 OS/Version: Mandrake Linux Status: NEW Severity: normal Priority: P2 Component: unknown AssignedTo: laforge@netfilter.org ReportedBy: casueps@hotmail.com I have the osf module and I have loaded the fingerprint file from http://www.openbsd.org/cgi-bin/cvsweb/src/etc/pf.os into /proc/sys/net/ipv4/osf with the osf_load.sh script I also have the following rule iptables -I FORWARD -j DROP -p tcp -m osf --genre Windows --smart But when a Windows box that is behind the firewall with that rule tries to access web sites, it is sometimes allowed and sometimes not. For example, they can access www.google.com but not es.yahoo.com. Linux boxes can access every web site as always. But I think that rule should block every tcp connection from Windows clients, so I think it doesn't always recognize correctly the operating system. -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Possibly Parallel Threads
- [Bug 458] osf module doesn't always identify operating system
- [Bug 805] New: osf iptables[-save] errors
- [ANNOUNCE] Release of iptables-1.2.10
- [ADMIN] netfilter.org CVS now converted to subversion
- [Bug 448] New: IPv6 conntrack does not work on a tunnel interface