byterazor/qpsmtpd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

p0f: added smite_os, assign -karma by OS

Browse Source
This commit is contained in:
Matt Simerson 2013-03-23 01:56:49 -04:00
parent 1dfa55c230
commit aaa2241cb8
1 changed files with 14 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
plugins/ident/p0f
View File

@ -99,6 +99,14 @@ Example entry specifying p0f version 2
ident/p0f /tmp/.p0f_socket version 2 ident/p0f /tmp/.p0f_socket version 2
=head2 smite_os
Assign -1 karma to senders whose OS match the regex pattern supplied. I only recommend using with this p0f 3, as it's OS database is far more reliable than p0f v2.
Example entry:
ident/p0f /tmp/.p0f_socket smite_os windows
=head1 Environment requirements =head1 Environment requirements
p0f v3 requires only the remote IP. p0f v3 requires only the remote IP.
@ -119,7 +127,7 @@ Version 2 code heavily based upon the p0fq.pl included with the p0f distribution
2010 - Matt Simerson - added local_ip option 2010 - Matt Simerson - added local_ip option
2012 - Matt Simerson - refactored, v3 support 2012 - Matt Simerson - refactored, added v3 support
=cut =cut
@ -284,7 +292,7 @@ sub test_v2_response {
return; return;
} }
elsif ($type == 2) { elsif ($type == 2) {
$self->log(LOGWARN, "skip, this connection is no longer in the cache"); $self->log(LOGWARN, "skip, connection not in the cache");
return; return;
} }
return 1; return 1;
@ -358,6 +366,10 @@ sub store_v3_results {
$r{uptime} = $r{uptime_min} if $r{uptime_min}; $r{uptime} = $r{uptime_min} if $r{uptime_min};
}; };
if ( $r{genre} && $self->{_args}{smite_os} ) {
my $sos = $self->{_args}{smite_os};
$self->adjust_karma( -1 ) if $r{genre} =~ /$sos/i;
};
$self->connection->notes('p0f', \%r); $self->connection->notes('p0f', \%r);
$self->log(LOGINFO, "$r{os_name} $r{os_flavor}"); $self->log(LOGINFO, "$r{os_name} $r{os_flavor}");
$self->log(LOGDEBUG, join(' ', @values )); $self->log(LOGDEBUG, join(' ', @values ));