| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2003-08-27 | fix inconsistency how we handle tcpopt EOL versus how p0f v2 handles it | Mike Frantzen | |
| 2003-08-27 | it is supprisingly common (>4%) for some NAT and DSL routers to tweak MSS | Mike Frantzen | |
| by setting it to whatever is suitable for the link type. so we try a guessed 1460 MTU and 1500 MSS if the primary check fails. algorithm tweak from Michal Zalewski name a few constants too while I'm in there | |||
| 2003-08-21 | Add Michal Zalewski's p0f v2 style passive OS fingerprinting to PF. | Mike Frantzen | |
| Exposes the source IP's operating system to the filter language. Interesting policy decisions are now enforceable: . block proto tcp from any os SCO . block proto tcp from any os Windows to any port smtp . rdr ... from any os "Windows 98" to port WWW -> 127.0.0.1 port 8001 | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |