Passive OS fingerprint module release
Passive OS fingerprinting netfilter module allows to passively detect remote OS and perform various netfilter actions based on that knowledge. This module compares some data (WS, MSS, options and it’s order, ttl, df and others) from packets with SYN bit set with dynamically loaded OS fingerprints.
This release brings us following features:
- move from kernel netlink connector to netfilter netlink (nfnetlink)
- use helper functions from the 1.4.3 iptables release
- code cleanups
So far those were the last changes requested by the netfilter team for inclusion. Let’s the results.