knocker

command module
v0.0.0-...-0f4c0fd Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 8, 2022 License: AGPL-3.0 Imports: 6 Imported by: 0

README

knocker

A simple port knocking server that uses iptables.

Installation

Build the golang app with go build -o knock. You can run the binary with sudo ./knock (the server needs root privileges because he creates iptables rules)

Iptables

You have to create the following iptables rules / chains:

-N knocker # this chain will be used for port releases by knocker
-A INPUT -j knocker
-A INPUT -p tcp --dport 9999 -j DROP # drop all packets to your ports that are not released by knocker.

Please make sure that the knock_listen_address port is opened in the firewall.

Configuration

Replace the values with your needs.

[
  {
    "knock_listen_address": "127.0.0.1:1234 (where the knock will be expected)",
    "open_port": "9999 (the port that is released for the knocking user)",
    "ttl": 60
  }
]

After ttl seconds the port will be blocked again.

You can configure a other file path to your configuration file by setting the environment variable KNOCKER_CONFIGURATION_FILE to the file path.

How to use?

Open a tcp connection to the knock_listen_address. The tcp connection will be closed after the establishment from the server. The open_port is now accessable by your ip address for ttl seconds.

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.