Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 173603

Summary: mail-filter/amavisd-new - p0f-analyzer init.d script
Product: Gentoo Linux Reporter: steveb <steeeeeveee>
Component: Current packagesAssignee: Antivirus Team <antivirus>
Status: CONFIRMED ---    
Severity: enhancement CC: cyril.jaquier, gentoo, net-mail+disabled, proxy-maint, sam
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Attachments: init.d\p0f-analyzer
conf.d\p0f-analyzer

Description steveb 2007-04-06 22:10:48 UTC 
I created a small init.d script to be included into Amavisd-new. The script queries data collected from p0f. The result is a X-header line inserted by Amavisd-new. For example:
X-Amavis-OS-Fingerprint: Linux 2.4-2.6 (up: 5465 hrs), (distance 7, link:
	ethernet/modem), [xxx.xxx.xxx.xx]

This can be enabled by running the attached init.d script and changing Amavis configuration to include:
$os_fingerprint_method = 'p0f:127.0.0.1:2345';  # query p0f-analyzer.pl

Reproducible: Always
Comment 1 steveb 2007-04-06 22:11:57 UTC 
Created attachment 115610 [details]
init.d\p0f-analyzer
Comment 2 steveb 2007-04-06 22:13:16 UTC 
Created attachment 115611 [details]
conf.d\p0f-analyzer
Comment 3 Cyril Jaquier 2008-10-07 20:15:27 UTC 
Exactly what I was looking for. Thank you.
Comment 4 Thomas Raschbacher gentoo-dev 2018-10-14 11:59:42 UTC 
Hmm I haven't used this in years .. I'll see if i can set up some kind of test environment to give it a spin. but no promises how long (i know this is an old bug)