aboutsummaryrefslogtreecommitdiff
path: root/security/knock/files/patch-knockd.conf
blob: 13a8dbef2676cc3a6075f82fdc86b529d20d6fdd (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

--- knockd.conf.orig	2023-07-23 19:53:02 UTC
+++ knockd.conf
@@ -1,16 +1,17 @@
 [options]
 	logfile = /var/log/knockd.log
+	interface = fxp0
 
 [openSSH]
 	sequence    = 7000,8000,9000
 	seq_timeout = 5
-	command     = /usr/sbin/iptables -A INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
+	command     = /sbin/ipfw -q add pass proto tcp src-ip %IP% dst-port 22
 	tcpflags    = syn
 
 [closeSSH]
 	sequence    = 9000,8000,7000
 	seq_timeout = 5
-	command     = /usr/sbin/iptables -D INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
+	command     = /sbin/ipfw -q delete pass proto tcp src-ip %IP% dst-port 22
 	tcpflags    = syn
 
 [openHTTPS]
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-05 09:09:03 +0000