This is an old revision of the document!
FWKNOP
Single Packet Authorization (SPA) Port Knocking.
Port knocking is used to alter packet filter rules on a host dependant upon a secret packet delivered to that host.
It can be used to open a normally closed port to an SSH server from a single host for a limited time duration.
Server
IPtables
iptables -t filter -A INPUT -i eth0 -p tcp --syn --destination-port 22 -j REJECT --reject-with icmp-port-unreachable
FWKNOP
Run
/usr/sbin/fwknopd
access.conf
SOURCE: ANY OPEN_PORTS: tcp/22 KEY: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX FW_ACCESS_TIMEOUT: 60
fwknop.conf
PCAP_INTF eth0;
Client
.fwknoprc
[default] [xen] SPA_SERVER x.x.x.x ACCESS tcp/22 ALLOW_IP resolve KEY XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX