Unable to modify packet with p0f personality

[plmsuper8]

Hi, the nmap module works fine, but p0f run into some problem. In fact, I tried some options and still not working.

my os is centos 7, and cmd as follows. Some advice?

sudo osfooler-ng -i eth0 -m 'Microsoft Windows 10' -o Windows -d "SP3"

...
 [+] Mutating to nmap:
      Fingerprint Microsoft Windows 10
      Class Microsoft | Windows | 10 | general purpose
      CPE cpe:/o:microsoft:windows_10 auto
      SEQ(SP=FC-106%GCD=1-6%ISR=108-112%TI=I%CI=I%II=I%SS=S%TS=A)
      OPS(O1=M4ECNW8ST11%O2=M4ECNW8ST11%O3=M4ECNW8NNT11%O4=M4ECNW8ST11%O5=M4ECNW8ST11%O6=M4ECST11)
      WIN(W1=2000%W2=2000%W3=2000%W4=2000%W5=2000%W6=2000)
      ECN(R=Y%DF=Y%T=7B-85%TG=80%W=2000%O=M4ECNW8NNS%CC=N%Q=)
      T1(R=Y%DF=Y%T=7B-85%TG=80%S=O%A=S+%F=AS%RD=0%Q=)
      T2(R=Y%DF=Y%T=7B-85%TG=80%W=0%S=Z%A=S%F=AR%O=%RD=0%Q=)
      T3(R=Y%DF=Y%T=7B-85%TG=80%W=0%S=Z%A=O%F=AR%O=%RD=0%Q=)
      T4(R=Y%DF=Y%T=7B-85%TG=80%W=0%S=A%A=O%F=R%O=%RD=0%Q=)
      T5(R=Y%DF=Y%T=7B-85%TG=80%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
      T6(R=Y%DF=Y%T=7B-85%TG=80%W=0%S=A%A=O%F=R%O=%RD=0%Q=)
      T7(R=Y%DF=Y%T=7B-85%TG=80%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
      U1(DF=N%T=7B-85%TG=80%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G|Z%RUCK=G%RUD=G)
      IE(DFI=N%T=7B-85%TG=80%CD=Z)
 [+] Mutating to p0f:
      WWW:S20|TTL:128|D:1|SS:48|OOO:M*,N,N,S|QQ:.|OS:Windows|DETAILS:SP3
 [+] Activating queues
      [->] Process-1: nmap packet processor
      [->] Process-2: p0f packet processor
 ...
 [+] Unable to modify packet with p0f personality...
 [+] Aborting
Exception SystemExit in 'netfilterqueue.global_callback' ignored

[plmsuper8]

it seems my problem, i = int(timestamp, 16) would be null while net.ipv4.tcp_timestamps = 0. btw, still cannot spoof witch.valdikss.org.ru

[vmspike]

As I understand this tool relies on p0f v2 syntax and DB, while witch.valdikss.org.ru based on p0f v3. Third version is more advanced, so this tool is unable to spoof p0v v3 analyzers yet.