https://github.com/adridevelopsthings/knocker
A simple port knocking server that uses iptables.
https://github.com/adridevelopsthings/knocker
Last synced: about 1 year ago
JSON representation
A simple port knocking server that uses iptables.
- Host: GitHub
- URL: https://github.com/adridevelopsthings/knocker
- Owner: AdriDevelopsThings
- License: agpl-3.0
- Created: 2022-05-08T22:36:27.000Z (about 4 years ago)
- Default Branch: main
- Last Pushed: 2023-01-22T16:59:59.000Z (over 3 years ago)
- Last Synced: 2025-02-10T21:53:11.337Z (over 1 year ago)
- Language: Go
- Size: 18.6 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# knocker
A simple port knocking server that uses iptables.
# Installation
Build the golang app with `go build -o knock`. You can run the binary with `sudo ./knock` (the server needs root privileges because he creates iptables rules)
## Iptables
You have to create the following iptables rules / chains:
```
-N knocker # this chain will be used for port releases by knocker
-A INPUT -j knocker
-A INPUT -p tcp --dport 9999 -j DROP # drop all packets to your ports that are not released by knocker.
```
Please make sure that the knock_listen_address port is opened in the firewall.
# Configuration
Replace the values with your needs.
```json
[
{
"knock_listen_address": "127.0.0.1:1234 (where the knock will be expected)",
"open_port": "9999 (the port that is released for the knocking user)",
"ttl": 60
}
]
```
After ttl seconds the port will be blocked again.
You can configure a other file path to your configuration file by setting the environment variable `KNOCKER_CONFIGURATION_FILE` to the file path.
# How to use?
Open a tcp connection to the `knock_listen_address`. The tcp connection will be closed after the establishment from the server. The open_port is now accessable by your ip address for ttl seconds.