From 1894dbf0a3097e8cef3df12c581b3287bfbb5654 Mon Sep 17 00:00:00 2001
From: "Brian M. Carlson" <sandals@crustytoothpaste.net>
Date: Mon, 17 Dec 2012 18:09:25 +0100
Subject: [PATCH] support netfilter module "osf"

---
 NEWS         | 2 ++
 doc/ferm.pod | 9 +++++++++
 src/ferm     | 1 +
 3 files changed, 12 insertions(+)

diff --git a/NEWS b/NEWS
index 5e9c313..a142b14 100644
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,8 @@
 
 
 v2.1.2 - not yet released
+  - support netfilter modules:
+    * osf
   - updated netfilter modules:
     * hashlimit: allow list after hashlimit-mode
   - fix functions containing mixed domains
diff --git a/doc/ferm.pod b/doc/ferm.pod
index 956bb9d..ff4e4ee 100644
--- a/doc/ferm.pod
+++ b/doc/ferm.pod
@@ -869,6 +869,15 @@ Match every 'n'th packet.
 
 Type "iptables -m nth -h" for details.
 
+=item B<osf>
+
+Match packets depending on the operating system of the sender.
+
+    mod osf genre Linux;
+    mod osf ! genre FreeBSD ttl 1 log 1;
+
+Type "iptables -m osf -h" for details.
+
 =item B<owner>
 
 Check information about the packet creator, namely user id, group id,
diff --git a/src/ferm b/src/ferm
index d14174d..0c21a37 100755
--- a/src/ferm
+++ b/src/ferm
@@ -266,6 +266,7 @@ add_match_def 'mark', qw(!mark);
 add_match_def 'multiport', qw(source-ports!&multiport_params),
   qw(destination-ports!&multiport_params ports!&multiport_params);
 add_match_def 'nth', qw(every counter start packet);
+add_match_def 'osf', qw(!genre ttl=s log=s);
 add_match_def 'owner', qw(!uid-owner !gid-owner pid-owner sid-owner),
   qw(cmd-owner !socket-exists=0);
 add_match_def 'physdev', qw(physdev-in! physdev-out!),
-- 
2.11.4.GIT