diff options
Diffstat (limited to 'utils')
-rw-r--r-- | utils/.gitignore | 1 | ||||
-rw-r--r-- | utils/Makefile.am | 4 | ||||
-rw-r--r-- | utils/nfnl_osf.8.in | 67 |
3 files changed, 72 insertions, 0 deletions
diff --git a/utils/.gitignore b/utils/.gitignore index 216d1e4a..7c6afbf4 100644 --- a/utils/.gitignore +++ b/utils/.gitignore @@ -1,2 +1,3 @@ /nfnl_osf +/nfnl_osf.8 /nfbpf_compile diff --git a/utils/Makefile.am b/utils/Makefile.am index c4192a9e..80029e30 100644 --- a/utils/Makefile.am +++ b/utils/Makefile.am @@ -6,8 +6,10 @@ AM_CPPFLAGS = ${regular_CPPFLAGS} -I${top_builddir}/include \ sbin_PROGRAMS = pkgdata_DATA = +man_MANS = if HAVE_LIBNFNETLINK +man_MANS += nfnl_osf.8 sbin_PROGRAMS += nfnl_osf pkgdata_DATA += pf.os @@ -23,3 +25,5 @@ if ENABLE_SYNCONF sbin_PROGRAMS += nfsynproxy nfsynproxy_LDADD = -lpcap endif + +CLEANFILES = nfnl_osf.8 diff --git a/utils/nfnl_osf.8.in b/utils/nfnl_osf.8.in new file mode 100644 index 00000000..140b5c3f --- /dev/null +++ b/utils/nfnl_osf.8.in @@ -0,0 +1,67 @@ +.TH NFNL_OSF 8 "" "@PACKAGE_STRING@" "@PACKAGE_STRING@" + +.SH NAME +nfnl_osf \- OS fingerprint loader utility +.SH SYNOPSIS + +.ad l +.in +8 +.ti -8 +.B nfnl_osf +.BI -f " fingerprints" +[ +.B -d +] + +.SH DESCRIPTION +The +.B nfnl_osf +utility allows to load a set of operating system signatures into the kernel for +later matching against using iptables' +.B osf +match. + +.SH OPTIONS + +.TP +.BI -f " fingerprints" +Read signatures from file +.IR fingerprints . + +.TP +.B -d +Instead of adding the signatures from +.I fingerprints +into the kernel, remove them. + +.SH EXIT STATUS +Exit status is 0 if command succeeded, otherwise a negative return code +indicates the type of error which happened: + +.TP +.B -1 +Illegal arguments passed, fingerprints file not readable or failure in netlink +communication. + +.TP +.B -ENOENT +Fingerprints file not specified. + +.TP +.B -EINVAL +Netlink handle initialization failed or fingerprints file format invalid. + +.SH FILES + +An up to date set of operating system signatures can be downloaded from +http://www.openbsd.org/cgi-bin/cvsweb/src/etc/pf.os . + +.SH SEE ALSO + +The description of +.B osf +match in +.BR iptables-extensions (8) +contains further information about the topic as well as example +.B nfnl_osf +invocations. |