Debian: Why can't I get knockd to work?
 

I did apt-get install knockd.

I use these 2 scripts to open and close ports. The default on startup is to have the ports closed.

open-ports:
close-ports:

/etc/knockd.conf:
can't remember what the other file is. I know when I sit in front of the computer I see "starting knockd" in the startup dialog so I know something is happening. But it doesn't matter I can't knock. I don't know what I'm doing wrong.

The point of a firewall and port knocking is to only open a desired ports so the open-ports script is not necessary. There are several knockd howtos but look at the following. You can also start knockd in debug mode (-D) to help you find problems and also check the logs.

http://go2linux.garron.me/how-to-con...ewall-iptables

I know. The reason I posted it was to show what scripts I use to open and close the firewall. I figured the problem was that knockd was not even seeing the packet. Perhaps the firewall rules meant any and all packets were being dropped at the NIC, so no programs, not even knockd could see the packets, which is what I was really asking. When I use block-ports, the policy for input becomes DROP. A debugger I guess would let me know whether or not that was happening, but that doesn't tell me why. I don't really understand how iptables works, I just assume that's the problem.