główna strona  BrazilFW
Firewall and Router
port knocking
 
I found Judd Vinet's knockd quite useful. It works well on full-size distros like openSUSE and Mandriva. Now I compiled server and client for Brazil Firewall v2.xx and tested them with success.
knockd for BrazilFW 2.xx
 
This package launches knockd server automatically on system startup. Use KNOCKD_IF variable to define interface to listen on. If this variable is undefined or empty, then knockd server will not start.
quick hot example
Default /etc/knockd.conf file:
[killme]
  sequence    = 4444,3333,5555
  seq_timeout = 5
  command     = killall knockd
  tcpflags    = syn
It configures knockd to terminate itself on given port-knocking sequence. Try this:
Judd's configuration example
%IP% in command will be replaced with knocker's IP number.
[options]
  logfile     = /var/log/knockd.log

[openSSH]
  sequence    = 7000,8000,9000
  seq_timeout = 5
  command     = /usr/sbin/iptables -A INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
  tcpflags    = syn

[closeSSH]
  sequence    = 9000,8000,7000
  seq_timeout = 5
  command     = /usr/sbin/iptables -D INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
  tcpflags    = syn
Remember: never use knocking sequences from examples!
knock for BrazilFW 2.xx
knock [options] <host> <port[:proto]> [port[:proto]] ...
options:
  -u, --udp            make all ports hits use UDP (default is TCP)
  -v, --verbose        be verbose
  -V, --version        display version
  -h, --help           this help

example:  knock myserver.example.com 123:tcp 456:udp 789:tcp
wtf is port knocking?
If you do not know what it is, you don't need it.
further reading
 
caretaker: Janusz Wiśniewski :: traffic recording 3638 visitors
desk