OPNsense Forum

Archive => 15.7 Legacy Series => Topic started by: jimmy shao on August 04, 2015, 03:15:29 pm

Title: What "Source OS" is Android Phone?
Post by: jimmy shao on August 04, 2015, 03:15:29 pm

in the firewall rules, Source OS is a good function.
However, what "Source OS" is Android Phone? and iPhone?

Title: Re: What "Source OS" is Android Phone?
Post by: weust on August 04, 2015, 04:29:03 pm

Android is Linux. iOS is iOS (Apple, not Cisco).

Title: Re: What "Source OS" is Android Phone?
Post by: jimmy shao on August 04, 2015, 05:58:15 pm

seems like there is no specific OS for android? Just select Linux in the "OS Type" option?
Also, there no such "iOS" in the "OS Type" options.

Title: Re: What "Source OS" is Android Phone?
Post by: franco on August 04, 2015, 08:07:07 pm

The source OS setting is a passive TCP fingerprinting technique that looks at TCP Handshake packets to determine a particular pattern for an OS or rather its TCP/IP stack. It may or may not be 100% reliable (especially if the headers are scrubbed as pf can also do).

The patterns itself are not updated very often. In OpenBSD where pf originates from the patterns were last updated 3 years ago:

http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc/pf.os

In FreeBSD the patterns were last updated a little under 2 years ago:

https://github.com/freebsd/freebsd/commit/1692416703a568df7fe1b9077ab6b7d674ddd9f2

If the patterns do what you want as is, then use them. If not, you'll have to look for something else to solve your issue, e.g. MAC filtering according to Manufacturers or DPI.

Title: Re: What "Source OS" is Android Phone?
Post by: chol on August 05, 2015, 12:55:21 pm

Quote from: weust on August 04, 2015, 04:29:03 pm

Android is Linux. iOS is iOS (Apple, not Cisco).

Android is a specific modified Linux-kernel merged with a version of the BSD standard C-Library, and is BSD-Licensed.

iOS is based on BSD Darwin and the BSD derivative OS-X ( BSD-License)

Hope that helps.