This is similar to #72 (only spotted this after I'd written up my solution!), but without the same brute-force concerns.
The difference is that we permit (ignore) a duplicate packet only if it matches the previous stage of the current sequence. I've added more details in the docs:
This also allows for browser based knocking, or knocking on a server who will drop packets, where (if we're using something like netcat) we'll send multiple TCP SYNs.
This is similar to #72 (only spotted this after I'd written up my solution!), but without the same brute-force concerns.
The difference is that we permit (ignore) a duplicate packet only if it matches the previous stage of the current sequence. I've added more details in the docs:
https://github.com/jvinet/knock/blob/474330a961bba0cf95060aedceb34ff87d05abb1/doc/knockd.1.in#L199-L204
This also allows for browser based knocking, or knocking on a server who will drop packets, where (if we're using something like netcat) we'll send multiple TCP SYNs.