OPNsense Forum
Archive => 15.7 Legacy Series => Topic started by: jimmy shao on August 04, 2015, 03:15:29 pm
-
in the firewall rules, Source OS is a good function.
However, what "Source OS" is Android Phone? and iPhone?
-
Android is Linux. iOS is iOS (Apple, not Cisco).
-
seems like there is no specific OS for android? Just select Linux in the "OS Type" option?
Also, there no such "iOS" in the "OS Type" options.
-
The source OS setting is a passive TCP fingerprinting technique that looks at TCP Handshake packets to determine a particular pattern for an OS or rather its TCP/IP stack. It may or may not be 100% reliable (especially if the headers are scrubbed as pf can also do).
The patterns itself are not updated very often. In OpenBSD where pf originates from the patterns were last updated 3 years ago:
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc/pf.os
In FreeBSD the patterns were last updated a little under 2 years ago:
https://github.com/freebsd/freebsd/commit/1692416703a568df7fe1b9077ab6b7d674ddd9f2
If the patterns do what you want as is, then use them. If not, you'll have to look for something else to solve your issue, e.g. MAC filtering according to Manufacturers or DPI.
-
Android is Linux. iOS is iOS (Apple, not Cisco).
Android is a specific modified Linux-kernel merged with a version of the BSD standard C-Library, and is BSD-Licensed.
iOS is based on BSD Darwin and the BSD derivative OS-X ( BSD-License)
Hope that helps.