| Server IP : 172.67.216.182 / Your IP : 162.158.163.251 Web Server : Apache System : Linux krdc-ubuntu-s-2vcpu-4gb-amd-blr1-01.localdomain 5.15.0-142-generic #152-Ubuntu SMP Mon May 19 10:54:31 UTC 2025 x86_64 User : www ( 1000) PHP Version : 7.4.33 Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /usr/share/rspamd/plugins/ |
Upload File : |
--[[
Copyright (c) 2022, Vsevolod Stakhov <[email protected]>
Copyright (c) 2019, Denis Paavilainen <[email protected]>
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
]]--
-- Detect remote OS via passive fingerprinting
local lua_util = require "lua_util"
local lua_redis = require "lua_redis"
local rspamd_logger = require "rspamd_logger"
local p0f = require("lua_scanners").filter('p0f').p0f
local N = 'p0f'
if confighelp then
rspamd_config:add_example(nil, N,
'Detect remote OS via passive fingerprinting',
[[
p0f {
# Enable module
enabled = true
# Path to the unix socket that p0f listens on
socket = '/var/run/p0f.sock';
# Connection timeout
timeout = 5s;
# If defined, insert symbol with lookup results
symbol = 'P0F';
# Patterns to match against results returned by p0f
# Symbol will be yielded on OS string, link type or distance matches
patterns = {
WINDOWS = '^Windows.*';
#DSL = '^DSL$';
#DISTANCE10 = '^distance:10$';
}
# Cache lifetime in seconds (default - 2 hours)
expire = 7200;
# Cache key prefix
prefix = 'p0f';
}
]])
return
end
local rule
local function check_p0f(task)
local ip = task:get_from_ip()
if not (ip and ip:is_valid()) or ip:is_local() then
return
end
p0f.check(task, ip, rule)
end
local opts = rspamd_config:get_all_opt(N)
rule = p0f.configure(opts)
if rule then
rule.redis_params = lua_redis.parse_redis_server(N)
lua_redis.register_prefix(rule.prefix .. '*', N,
'P0f check cache', {
type = 'string',
})
local id = rspamd_config:register_symbol({
name = 'P0F_CHECK',
type = 'prefilter',
callback = check_p0f,
priority = lua_util.symbols_priorities.medium,
flags = 'empty,nostat',
group = N,
augmentations = { string.format("timeout=%f", rule.timeout or 0.0) },
})
if rule.symbol then
rspamd_config:register_symbol({
name = rule.symbol,
parent = id,
type = 'virtual',
flags = 'empty',
group = N
})
end
for sym in pairs(rule.patterns) do
rspamd_logger.debugm(N, rspamd_config, 'registering: %1', {
type = 'virtual',
name = sym,
parent = id,
group = N
})
rspamd_config:register_symbol({
type = 'virtual',
name = sym,
parent = id,
group = N
})
end
else
lua_util.disable_module(N, 'config')
rspamd_logger.infox('p0f module not configured');
end