diff -urN ../p0f-3.09b.orig/p0f.fp ./p0f.fp --- ../p0f-3.09b.orig/p0f.fp 2016-04-16 03:51:13.000000000 +0300 +++ ./p0f.fp 2023-08-07 20:06:33.756406000 +0300 @@ -92,10 +92,16 @@ ; Linux ; ----- -label = s:unix:Linux:3.11 and newer +label = s:unix:Linux:3.10 and newer +; Linux 3.10.0, CentOS Linux release 7.9.2009 sig = *:64:0:*:mss*20,10:mss,sok,ts,nop,ws:df,id+:0 sig = *:64:0:*:mss*20,7:mss,sok,ts,nop,ws:df,id+:0 +label = s:unix:Linux:4.4.0 and newer +; Linux 4.4.0-134-generic, Ubuntu 16.04.5 LTS, IPv6 +; Linux 4.15.0-33-generic, Ubuntu 18.04.1 LTS, IPv6 +sig = 6:64:0:*:mss*20,7:mss,sok,ts,nop,ws:flow:0 + label = s:unix:Linux:3.1-3.10 sig = *:64:0:*:mss*10,4:mss,sok,ts,nop,ws:df,id+:0 sig = *:64:0:*:mss*10,5:mss,sok,ts,nop,ws:df,id+:0 @@ -154,13 +160,43 @@ ; Catch-all rules: +label = g:unix:Linux:4.9.x-5.15.x +; Linux 4.18.0, CentOS Stream release 8 +; Linux 5.15.0, Ubuntu 22.04.2 LTS, IPv4 +; Linux 5.10.0, Debian GNU/Linux 11, IPv4 +; Linux 5.4.0, Ubuntu 20.04.5 LTS, IPv4 +; Linux 4.15.0, Ubuntu 18.04.6 LTS, IPv4 +; Linux 4.19.0, Debian GNU/Linux 10, IPv4 +sig = 4:57+7:0:*:mss*44,7:mss,sok,ts,nop,ws:df,id+:0 +; Linux 5.15.0, Ubuntu 22.04.2 LTS, IPv6 +; Linux 5.10.0, Debian GNU/Linux 11, IPv6 +; Linux 5.4.0, Ubuntu 20.04.5 LTS, IPv6 +; Linux 4.15.0, Ubuntu 18.04.6 LTS, IPv6 +; Linux 4.19.0, Debian GNU/Linux 10, IPv6 +sig = 6:53+11:0:*:mss*45,7:mss,sok,ts,nop,ws:flow:0 +; Linux 5.14.0, CentOS Stream release 9 +; Linux 4.9.65-3+deb9u2, Debian GNU/Linux 9, IPv6 +; Linux 4.9.110-1, Debian GNU/Linux 9, IPv6 +; Linux 4.18.0, CentOS Stream release 8 +sig = *:64:0:*:*,*:mss,sok,ts,nop,ws:flow:0 +; Linux 5.14.0, CentOS Stream release 9, IPv4 +sig = 4:63+1:0:*:mss*44,7:mss,sok,ts,nop,ws::0 +; Linux 4.18.0, CentOS Stream release 8, IPv4 +sig = 4:64:0:*:65535,6:mss,nop,ws,sok,ts::0 + label = g:unix:Linux:3.x sig = *:64:0:*:mss*10,*:mss,sok,ts,nop,ws:df,id+:0 label = g:unix:Linux:2.4.x-2.6.x sig = *:64:0:*:mss*4,*:mss,sok,ts,nop,ws:df,id+:0 -label = g:unix:Linux:2.2.x-3.x +label = g:unix:Linux:2.2.x-5.15.x +; Linux 4.4.177, Android 10 +; Linux 4.15.0, Ubuntu 18.04.6 LTS +; Linux 4.19.249, Debian GNU/Linux 10 +; Linux 5.4.0, Ubuntu 20.04.5 LTS +; Linux 5.10.127, Debian GNU/Linux 11 +; Linux 5.15.0, Ubuntu 22.04.2 LTS sig = *:64:0:*:*,*:mss,sok,ts,nop,ws:df,id+:0 label = g:unix:Linux:2.2.x-3.x (no timestamps) @@ -205,6 +241,7 @@ sig = *:128:0:*:8192,*:mss,nop,ws,nop,nop,sok:df,id+:0 label = g:win:Windows:NT kernel +; Windows 10 19045.2965 sig = *:128:0:*:*,*:mss,nop,nop,sok:df,id+:0 sig = *:128:0:*:*,*:mss,nop,ws,nop,nop,sok:df,id+:0 @@ -231,7 +268,31 @@ ; FreeBSD ; ------- -label = s:unix:FreeBSD:9.x or newer +label = s:unix:FreeBSD:12.x-13.x +; FreeBSD 13.2 +; FreeBSD 13.1 +; FreeBSD 12.3 +sig = *:59+5:0:*:65535,6:mss,nop,ws,sok,ts:df:0 + +;label = s:unix:FreeBSD:10.x +; FreeBSD 10.3 +;dublicate of Linux 4.18.0, CentOS Stream release 8, IPv4 +;sig = *:60+4:0:*:65535,6:mss,nop,ws,sok,ts::0 + +label = s:unix:FreeBSD:12.x-13.x +; FreeBSD 12.1 +sig = *:64:0:*:65535,0:mss,sok,eol+1:df:0 +sig = *:64:0:*:65535,0:mss,sok,?34::0 +sig = *:64:0:*:65535,6:mss,nop,ws,sok,ts,?34,eol+1:df:0 + +label = s:unix:FreeBSD:10.x or newer +; FreeBSD 11.1, IPv6 +; FreeBSD 10.3, IPv6 +sig = 6:64:0:*:65535,6:mss,nop,ws,sok,ts:flow:0 + +label = s:unix:FreeBSD:9.x-13.x +; FreeBSD 12.1 +; FreeBSD 11.2 sig = *:64:0:*:65535,6:mss,nop,ws,sok,ts:df,id+:0 label = s:unix:FreeBSD:8.x @@ -358,6 +419,27 @@ ; to get a full set of up to 8 signatures. +;label = s:unix:Linux 4.x-5.x or FreeBSD 13.2 +; Linux 5.15.0, Ubuntu 22.04.2 LTS, IPv4 +; Linux 5.10.0, Debian GNU/Linux 11, IPv4 +; Linux 5.4.0, Ubuntu 20.04.5 LTS, IPv4 +; Linux 4.15.0, Ubuntu 18.04.6 LTS +; Linux 4.19.0, Debian GNU/Linux 10, IPv4 +;dublicate of FreeBSD 12.x-13.x +;sig = *:64+0:0:*:65535,6:mss,nop,ws,sok,ts:df:0 + +label = s:unix:Linux:4.15.x-5.15.x +; Linux 5.15.0, Ubuntu 22.04.2 LTS, IPv4 +; Linux 5.10.0, Debian GNU/Linux 11, IPv4 +; Linux 5.4.0, Ubuntu 20.04.5 LTS, IPv6 +; Linux 4.15.0, Ubuntu 18.04.6 LTS, IPv6 +; Linux 4.19.0, Debian GNU/Linux 10, IPv6 +sig = 6:64+0:0:*:65535,6:mss,nop,ws,sok,ts:flow:0 +; Linux 5.14.0, CentOS Stream release 9, IPv4 +; Linux 4.18.0, CentOS Stream release 8 +;dublicate of FreeBSD 12.x-13.x +;sig = 4:64+0:0:*:65535,6:mss,nop,ws,sok,ts:df:0 + label = s:unix:Linux:3.x sig = *:64:0:*:mss*10,0:mss:df:0 sig = *:64:0:*:mss*10,0:mss,sok,ts:df:0 @@ -423,9 +505,19 @@ ; FreeBSD ; ------- +label = s:unix:FreeBSD:10.x-13.x +; FreeBSD 13.2 +; FreeBSD 13.1 +; FreeBSD 12.3 +; FreeBSD 10.3 +sig = *:64+0:0:*:65535,6:mss,nop,ws,sok,ts:df:0 + +label = s:unix:FreeBSD:9.x-13.x +; FreeBSD 12.1 +sig = *:64:0:*:65535,6:mss,nop,ws,sok,ts:df,id+:0 + label = s:unix:FreeBSD:9.x sig = *:64:0:*:65535,6:mss,nop,ws:df,id+:0 -sig = *:64:0:*:65535,6:mss,nop,ws,sok,ts:df,id+:0 sig = *:64:0:*:65535,6:mss,nop,ws,sok,eol+1:df,id+:0 sig = *:64:0:*:65535,6:mss,nop,ws,nop,nop,ts:df,id+:0 @@ -435,9 +527,12 @@ sig = *:64:0:*:65535,3:mss,nop,ws,sok,eol+1:df,id+:0 sig = *:64:0:*:65535,3:mss,nop,ws,nop,nop,ts:df,id+:0 +label = s:unix:FreeBSD:8.x-12.x +; FreeBSD 12.1 +sig = *:64:0:*:65535,0:mss,sok,eol+1:df,id+:0 + label = s:unix:FreeBSD:8.x-9.x sig = *:64:0:*:65535,0:mss,sok,ts:df,id+:0 -sig = *:64:0:*:65535,0:mss,sok,eol+1:df,id+:0 sig = *:64:0:*:65535,0:mss,nop,nop,ts:df,id+:0 ; -------