Date: Thu, 11 Jul 2019 10:25:27 -0400 From: David Mehler <dave.mehler@gmail.com> To: Ernie Luzar <luzar722@gmail.com> Cc: freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: p0f, bpf, and jail Message-ID: <CAPORhP5KY0Ry_bt-5%2BLLEnRhwxN%2Br6DfTY4jC74-n%2B41pFzrpA@mail.gmail.com> In-Reply-To: <5D260D95.4040606@gmail.com> References: <CAPORhP4zh--Qk1VBaAm%2B-NHG_-7JWUS4sbq9%2B0qTucMgv9eYAA@mail.gmail.com> <5D260D95.4040606@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, I'm using FreeBSD 12 on amd64 hardware. p0f is passive os fingerprinting, what I'm wanting to do is determine by passively analyzing a connecting machines tcp stack what kind of machine it is, and based on that result add in an email header to the message. So, for example if someone connects to my system by means of an xp laptop and tries to send email, I'll know by that email header the type of connecting machine. Later down the antispam chain the antispam software can take an action most likely a silent drop, based on that header. Thanks. Dave. On 7/10/19, Ernie Luzar <luzar722@gmail.com> wrote: > David Mehler wrote: >> Hello, >> >> Is anyone using p0f in a jail on FreeBSD 12? I'm getting two errors >> one about bpf not being available, the other about how the jail is >> trying to sniff the host's network interface. The tcpdump-type >> expression is 'tcp dst 1515' >> >> Thanks. >> Dave. >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to >> "freebsd-questions-unsubscribe@freebsd.org" >> > > I see you have gotten no replies. This maybe to the lack of any details > provided by you. You will get better results if you provide details > about what your trying to do, what hardware you are using and what > version of FreeBSD you are running. BY default bpf is disabled for > jails. Have no idea what pof is. >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPORhP5KY0Ry_bt-5%2BLLEnRhwxN%2Br6DfTY4jC74-n%2B41pFzrpA>