Not sure, but wouldn't a "specific pattern" basically be a password? if so, I'd rather pass that password over a secure ssh connection than a raw tcp socket. You could easily write a simple xinetd daemon to listen on a port and use netcat to pipe whatever recieved data you get into a simple script, but the point of port knocking is that no data is ever allowed IN to the system, which wouldn't be that case in your model.
If you do want to persist with this, you can do most of it within iptables, no need for a daemon in itself.
Based on this you could introduce a "-m match" check to watch the contents of a stream. As to how to get that stream set up in the first place though, again i'd suggest netcat just sending everything to /dev/null