18 lines
581 B
Diff
18 lines
581 B
Diff
--- knockd.conf
|
|
+++ knockd.conf
|
|
@@ -4,12 +4,12 @@
|
|
[openSSH]
|
|
sequence = 7000,8000,9000
|
|
seq_timeout = 5
|
|
- command = /usr/sbin/iptables -A INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
|
|
+ command = /usr/sbin/iptables -I input_ext 1 -p tcp -s %IP% -p tcp --dport 22 -j ACCEPT --dport 22
|
|
tcpflags = syn
|
|
|
|
[closeSSH]
|
|
sequence = 9000,8000,7000
|
|
seq_timeout = 5
|
|
- command = /usr/sbin/iptables -D INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
|
|
+ command = /usr/sbin/iptables -D input_ext -p tcp -s %IP% -p tcp --dport 22 -j ACCEPT --dport 22
|
|
tcpflags = syn
|
|
|