X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=extensions%2Flibipt_osf.man;fp=extensions%2Flibipt_osf.man;h=0000000000000000000000000000000000000000;hb=a7620a02aaaddfaf83581aade872df16b8724c62;hp=38d25a035ba8a9588511c5068de3e654af611073;hpb=34d283f916eeef73728a99668e40754f3961f580;p=iptables.git

diff --git a/extensions/libipt_osf.man b/extensions/libipt_osf.man
deleted file mode 100644
index 38d25a0..0000000
--- a/extensions/libipt_osf.man
+++ /dev/null
@@ -1,47 +0,0 @@
-The idea of passive OS fingerprint matching exists for quite a long time,
-but was created as extension fo OpenBSD pf only some weeks ago.
-Original idea was lurked in some OpenBSD mailing list (thanks
-grange@open...) and than adopted for Linux netfilter in form of this code.
-
-Original fingerprint table was created by Michal Zalewski <lcamtuf@coredump.cx>.
-
-This module compares some data(WS, MSS, options and it's order, ttl,
-df and others) from first SYN packet (actually from packets with SYN
-bit set) with dynamically loaded OS fingerprints.
-.TP
-.B "--log 1/0" 
-If present, OSF will log determined genres even if they don't match
-desired one.	
-0 - log all determined entries, 
-1 - only first one.
-
-In syslog you find something like this:
-.IP
-ipt_osf: Windows [2000:SP3:Windows XP Pro SP1, 2000 SP3]: 11.22.33.55:4024 -> 11.22.33.44:139
-.IP
-ipt_osf: Unknown: 16384:106:1:48:020405B401010402 44.33.22.11:1239 -> 11.22.33.44:80
-.TP
-.B "--smart"
-if present, OSF will use some smartness to determine remote OS.
-OSF will use initial TTL only if source of connection is in our local network.
-.TP
-.B "--netlink"
-If present, OSF will log all events also through netlink NETLINK_NFLOG groupt 1.
-.TP
-.BI "--genre " "[!] string"
-Match a OS genre by passive fingerprinting
-.P
-Example:
-
-#iptables -I INPUT -j ACCEPT -p tcp -m osf --genre Linux --log 1 --smart
-
-NOTE: -p tcp is obviously required as it is a TCP match.
-
-Fingerprints can be loaded and read through /proc/sys/net/ipv4/osf file.
-One can flush all fingerprints with following command:
-.IP
-echo -en FLUSH > /proc/sys/net/ipv4/osf
-.P
-Only one fingerprint per open/write/close.
-
-Fingerprints can be downloaded from http://www.openbsd.org/cgi-bin/cvsweb/src/etc/pf.os