Arch manual pages

NFNL_OSF(8) iptables 1.8.3 NFNL_OSF(8)

nfnl_osf - OS fingerprint loader utility


nfnl_osf -f fingerprints [ -d ]

The nfnl_osf utility allows to load a set of operating system signatures into the kernel for later matching against using iptables' osf match.

-f fingerprints
Read signatures from file fingerprints.

-d
Instead of adding the signatures from fingerprints into the kernel, remove them.

Exit status is 0 if command succeeded, otherwise a negative return code indicates the type of error which happened:

-1
Illegal arguments passed, fingerprints file not readable or failure in netlink communication.

-ENOENT
Fingerprints file not specified.

-EINVAL
Netlink handle initialization failed or fingerprints file format invalid.

An up to date set of operating system signatures can be downloaded from http://www.openbsd.org/cgi-bin/cvsweb/src/etc/pf.os .

The description of osf match in iptables-extensions(8) contains further information about the topic as well as example nfnl_osf invocations.
iptables 1.8.3