iptables and port knocking

by gma last modified 2011-09-27 14:31

How to open a port by knocking another ?

With iptables, you can open port 22 during 5 secondes by sending TCP packets on port 12345.

iptables -A INPUT -i eth0 -p tcp --dport 12345 -m recent --set --name port_knocked_for_ssh
iptables -A INPUT -i eth0 -p tcp --dport 22 -m recent --rcheck --seconds 5 --name port_knocked_for_ssh -j ACCEPT

