Open cramhead opened 9 years ago
Okay, sounds like two separate things.
1) The log messages you're seeing suggest that these are random one-off port hits to your server, possibly from port scans. The scanning machine hits the first port of your sequence (probably b/c it's scanning the entire 65536 port range), sees no reaction from your machine, and moves on. This is normal, and doesn't indicate any foul play... unless you consider a port scan to be foul play.
2) I can't verify a bug where knockd fails to close a door. Can you post a log excerpt (with debug/verbose enabled) showing a case where it doesn't correctly close the door?
had same issue change time-out to 15 sec, and its working
Thanks for making such a great package.
Since installing knockd I have some messages odd messages showing up in my logs and I was hoping you might have some insight.
When I'm not connected via the network and list my iptables I have;
When I knock the port opens correctly. When I unknock the port usually closes, but sometimes not. If I manually call run the iptables delete command it always works. I have noticed that calling knock multiple times keeps inserting the same input rule even though it exists, but that the unknock doesn't always remove it.
My knock.conf