bugzilla-daemon@bugzilla.netfilter.org
2006-Mar-06 12:56 UTC
[Bug 458] New: osf module doesn't always identify operating system
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=458
Summary: osf module doesn't always identify operating system
Product: netfilter/iptables
Version: patch-o-matic
Platform: i386
OS/Version: Mandrake Linux
Status: NEW
Severity: normal
Priority: P2
Component: unknown
AssignedTo: laforge@netfilter.org
ReportedBy: casueps@hotmail.com
I have the osf module and I have loaded the fingerprint file from
http://www.openbsd.org/cgi-bin/cvsweb/src/etc/pf.os
into /proc/sys/net/ipv4/osf with the osf_load.sh script
I also have the following rule
iptables -I FORWARD -j DROP -p tcp -m osf --genre Windows --smart
But when a Windows box that is behind the firewall with that rule tries to
access web sites, it is sometimes allowed and sometimes not. For example, they
can access www.google.com but not es.yahoo.com.
Linux boxes can access every web site as always. But I think that rule should
block every tcp connection from Windows clients, so I think it doesn't
always
recognize correctly the operating system.
--
Configure bugmail:
https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
Apparently Analagous Threads
- [Bug 458] osf module doesn't always identify operating system
- [Bug 805] New: osf iptables[-save] errors
- [ANNOUNCE] Release of iptables-1.2.10
- [ADMIN] netfilter.org CVS now converted to subversion
- [Bug 448] New: IPv6 conntrack does not work on a tunnel interface
Wisdom of the Ancients
