[pf4freebsd] Version 1.62 (took a little long then 2h)
Max Laier
max at love2party.net
Wed Sep 15 20:46:20 PDT 2004
Hello,
version 1.62 (http://pf4freebsd.love2party.net/pf_freebsd_1.62.tar.gz) is
ready. It brings the (allready announced) passive OS fingerprinting as
filter criteria: http://www.benzedrine.cx/pf/msg03089.html
Additional it adds missing locks to new table-code from version 1.61 and
cleans up the general locking of pf to prepare for Giant removal!
You will need to get a copy of the OS Fingerprint database to /etc/pf.os Get
it from:
http://www.openbsd.org/cgi-bin/cvsweb/src/etc/pf.os
http://www.openbsd.org/cgi-bin/cvsweb/~checkout~/src/etc/pf.os?rev=1.1&content-type=text/plain
is the latest as of now, but you should check for new versions from time to
time.
Try "pftcpdump -o -i <yourNIC>" to get and idea what OS you want to filter
on. Note that the OS guessing only works on (complete, unmodified) SYN
packets. Once again: ***This is not a security feature***
Have fun with the release and please report any problems.
Max
P.S.:
$md5 pf_freebsd_1.62.tar.gz
7d6f5dfbacb784afc04ced7c4f48ab2a pf_freebsd_1.62.tar.gz
More information about the freebsd-pf
mailing list