Hi,
The last line in the file specified by the one_time_sequences directive is not taken into consideration. It's marked as used (with the # character) while commands are not executed.
Below my configuration file:
[options]
logfile = /var/log/knockd.log
[OpenCloseSSH]
one_time_sequences = /etc/knockd.ssh_sequences
seq_timeout = 10
cmd_timeout = 5
tcpflags = syn,ack
start_command = /usr/sbin/iptables -A INPUT -p tcp -m state --state NEW -m tcp -s %IP% --dport ssh -j ACCEPT
stop_command = /usr/sbin/iptables -D INPUT -p tcp -m state --state NEW -m tcp -s %IP% --dport ssh -j ACCEPT
Below my one time sequences file (/etc/knockd.ssh_sequences):
111:udp,222:udp,333:udp
444:udp,555:udp,666:udp
555:udp,666:udp,777:udp
Best Regards
CG
PS: I also noticed that sequences should be used in the same order that it appear in the file specified by the one_time_sequences directive. Is this a feature or a bug? Actually it's hard to manage in which order sequences have been used...
Hi,
The last line in the file specified by the one_time_sequences directive is not taken into consideration. It's marked as used (with the # character) while commands are not executed.
Below my configuration file:
Below my one time sequences file (/etc/knockd.ssh_sequences):
Best Regards
CG
PS: I also noticed that sequences should be used in the same order that it appear in the file specified by the one_time_sequences directive. Is this a feature or a bug? Actually it's hard to manage in which order sequences have been used...