Hi! Thanks to everyone who help me.
Now it's working. :-) The final solution was to patch /etc/rc.d/init.d/p0f - daemon p0f -d -o /var/log/p0f -q $OPTIONS "$BPFFILTER" + echo "p0f -q $OPTIONS $BPFFILTER 2>&1 | /usr/local/bin/p0f-analyzer.pl 2345" | at now Thanks again Eddy ----- Original Message ----- From: "Eddy Beliveau" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Monday, July 10, 2006 11:03 AM Subject: Re: [AMaViS-user] cannot find p0f-analyser.pl for amavisd-new 2.4.2 > Hi! > > Many thanks to Gary, Daniel and Michael for their replies. > > I retrieved the missing script directly from ijs.si's source, thanks ;-) > and installed it on /usr/local/bin > > I patched /etc/sysconfig/p0f > +OPTIONS="-l 'dst port 25'" > > I patched /etc/rc.d/init.d/p0f > - daemon p0f -d -o /var/log/p0f -q $OPTIONS "$BPFFILTER" > + echo 'p0f -q $OPTIONS "$BPFFILTER" 2>&1 | > /usr/local/bin/p0f-analyzer.pl 2345' | at now > > I started it without any errors > # ps -ef said: > root 2638 2637 0 08:41 ? 00:00:00 p0f -q > root 2639 2637 0 08:41 ? 00:00:02 /usr/bin/perl -T > /usr/local/bin/p0f-analyzer.pl > 2345 > > strace show activities on pid 2639 > > /etc/amavisd.conf was patched and restarted: > -# $os_fingerprint_method = 'p0f:127.0.0.1:2345'; # to query p0f-analyzer.pl > +$os_fingerprint_method = 'p0f:127.0.0.1:2345'; # to query p0f-analyzer.pl > > > /etc/postfix/master.cf included the following and was restarted: > smtp-amavis unix - - n - 10 smtp > -o smtp_data_done_timeout=1200 > -o smtp_send_xforward_command=yes > -o disable_dns_lookups=yes > > /etc/mail/spamassassin/local.cf includes: > header L_P0F_WXP X-Amavis-OS-Fingerprint =~ /^Windows XP/ > score L_P0F_WXP 3.5 > header L_P0F_W X-Amavis-OS-Fingerprint =~ /^Windows(?! XP)/ > score L_P0F_W 1.7 > header L_P0F_UNKN X-Amavis-OS-Fingerprint =~ /^UNKNOWN/ > score L_P0F_UNKN 0.8 > header L_P0F_Unix X-Amavis-OS-Fingerprint =~ > /^((Free|Open|Net)BSD)|Solaris|HP-UX|Tru64/ > score L_P0F_Unix -1.0 > amavisd-new was restarted# egrep -i 'Fingerprint collect |OS_fingerprint > |suppressed for mail from > Windows|p0f' maillog > said: Jul 10 08:58:45 amavis[4946]: OS_Fingerprint code loadedCurrent time > is 11:02 so it's > running > since 2 hours and egrep does not tell nothing more.It look like spamassassin > is not rating > fingerprints !Can you help ?Thanks,Eddy----- Original Message ----- > From: "Eddy Beliveau" <[EMAIL PROTECTED]> > To: <[email protected]> > Sent: Friday, July 07, 2006 11:19 AM > Subject: [AMaViS-user] cannot find p0f-analyser.pl for amavisd-new 2.4.2 >> I'm using amavisd-new-2.4.2-1 and it works great, thanks :-) >> Now, I'm installing p0f-2.0.6-1.2 according to amavisd-new release notes >> Now, I'm trying to locate the p0f-analyser.pl program >> "that comes with amavisd-new package (sic)" but cannot find it. >> Did I missed something ? > > > > ------------------------------------------------------------------------- > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 > _______________________________________________ > AMaViS-user mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/amavis-user > AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 > AMaViS-HowTos:http://www.amavis.org/howto/ ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
