Your message dated Mon, 24 Oct 2016 12:38:30 +0200
with message-id <[email protected]>
and subject line Re: ferm: please support -m osf
has caused the Debian Bug report #607401,
regarding ferm: please support -m osf
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
607401: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607401
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: ferm
Version: 2.0.8-1
Severity: wishlist
Tags: patch
Now that the default Debian kernel has support for the osf module, it
would be nice if ferm would support it. I've attached a patch to make
it do so; it is against the current master branch in git, but it applies
to the Debian package as well.
Do note that for some reason the xt_osf module (and its dependency, the
nfnetlink module) are not automatically loaded, so you'll have to
manually load it or iptables will complain.
-- System Information:
Debian Release: 6.0
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.37-rc5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages ferm depends on:
ii debconf 1.5.37 Debian configuration management sy
ii iptables 1.4.10-1 administration tools for packet fi
ii lsb-base 3.2-26 Linux Standard Base 3.2 init scrip
ii perl 5.10.1-16 Larry Wall's Practical Extraction
Versions of packages ferm recommends:
ii libnet-dns-perl 0.66-2 Perform DNS queries from a Perl sc
ferm suggests no packages.
-- Configuration Files:
/etc/default/ferm changed [not included]
/etc/ferm/ferm.conf [Errno 13] Permission denied: u'/etc/ferm/ferm.conf'
-- debconf information excluded
--
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
diff --git a/doc/ferm.pod b/doc/ferm.pod
index 9660a96..4f5e6bc 100644
--- a/doc/ferm.pod
+++ b/doc/ferm.pod
@@ -863,6 +863,15 @@ Match every 'n'th packet.
Type "iptables -m nth -h" for details.
+=item B<osf>
+
+Match packets depending on the operating system of the sender.
+
+ mod osf genre Linux;
+ mod osf ! genre FreeBSD ttl 1 log 1;
+
+Type "iptables -m osf -h" for details.
+
=item B<owner>
Check information about the packet creator, namely user id, group id,
diff --git a/src/ferm b/src/ferm
index 4a2736b..ce3ff0d 100755
--- a/src/ferm
+++ b/src/ferm
@@ -255,6 +255,7 @@ add_match_def 'mark', qw(!mark);
add_match_def 'multiport', qw(source-ports!&multiport_params),
qw(destination-ports!&multiport_params ports!&multiport_params);
add_match_def 'nth', qw(every counter start packet);
+add_match_def 'osf', qw(!genre ttl=s log=s);
add_match_def 'owner', qw(!uid-owner !gid-owner pid-owner sid-owner),
qw(cmd-owner !socket-exists=0);
add_match_def 'physdev', qw(physdev-in! physdev-out!),
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Version: 2.1.2-1
According to upstream's changelog, support for -m osf went into Version
2.1.2, therefore I'm marking this as "done".
--- End Message ---
