knock/knockd.conf

[options]
	UseSyslog

[opencloseSSH]
	sequence      = 2222:udp,3333:tcp,4444:udp
	seq_timeout   = 15
	tcpflags      = syn,ack
	start_command = iptables -I INPUT 1 -s %IP% -p tcp --dport ssh -j ACCEPT
	cmd_timeout   = 10
	stop_command  = iptables -D INPUT -s %IP% -p tcp --dport ssh -j ACCEPT