struct p0f_query {
  _u32 magic;                   /* must be set toQUERY_MAGIC */
  _u8  type;                    /* QTYPE_* */
  _u32 id;                      /* Unique query ID */
  _u32 src_ad,dst_ad;           /* src address, local dst addr */
  _u16 src_port,dst_port;       /* src and dst ports */
};

#define RESP_OK         0       /* Response OK */
#define RESP_BADQUERY   1       /* Query malformed */
#define RESP_NOMATCH    2       /* No match for src-dst data */
#define RESP_STATUS     255     /* Status information */

struct p0f_response {
  _u32 magic;                   /* QUERY_MAGIC */
  _u32 id;                      /* Query ID (copied from p0f_query) */
  _u8  type;                    /* RESP_* */

  _u8  genre[20];               /* OS genre (empty if no match) */
  _u8  detail[40];              /* OS version (empty if no match) */
  _s8  dist;                    /* Distance (-1 if unknown ) */
  _u8  link[30];                /* Link type (empty if unknown) */
  _u8  tos[30];                 /* Traffic type (empty if unknown) */
  _u8  fw,nat;                  /* firewall and NAT flags flags */
  _u8  real;                    /* A real operating system? */
  _s16 score;                   /* Masquerade score (or NO_SCORE) */
  _u16 mflags;                  /* Masquerade flags (D_*) */
  _s32 uptime;                  /* Uptime in hours (-1 = unknown) */
};