knockd

gong · 06-02-2005, 01:48 AM

I am trying to close my ssh port and open it when knocked with a certain sequence. I'm using knockd to achieve this. The problem is that I cannot establish a connection on this machine from a remote machine. Please, let me know what I'm doing wrong. Here are my config files:

----------/etc/hosts.allow-------
ALL: ALL: DENY

----------/etc/host.deny---------
ALL: ALL

---------rc.firewall----------
#!/bin/bash

iptables -P INPUT DROP
iptables -P FORWARD DROP

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -s 127.0.0.1 -d 127.0.0.1 -i lo -j ACCEPT

----------trying to turn allow ssh access--------
start_command = /usr/sbin/iptables -A INPUT -s %IP% -p tcp --syn -j ACCEPT

unSpawn · 07-03-2005, 06:49 AM

Just in case this still ain't working:
1. When troubleshooting applications, try to use verbose mode and log about anything. Same goes for Iptables: put some logrules in before.
2. If your version of OpenSSHd is compiled with Libwrap, it will respect the TCP Wrappers settings (/etc/hosts.*). Your current settings will not allow any tcp/22 connection.
3. Please check your iptables location. IIRC it's by default in /sbin.