Skip to content

ppavacic/knockd

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
entrypoint
entrypoint
 
 

Repository files navigation

knockd-iptables

Opens port on ALL interfaces for IP that knocks correctly.

Usage

Standard usage

sudo docker run \                                            
  --net=host \
  --privileged \
  --name knockd \
  -d \
  -e KNOCKD_SEQUENCE=SEQUENCE_OF_PORT_KNOCKS \
  -e KNOCKD_PORTS=PORTS_THAT_WILL_OPEN \
  -e KNOCKD_INTERFACE=INTERFACE_WHERE_WE_LISTEN_FOR_KNOCKS \
  knockd

Secrets file usage

sudo docker run \                                            
  --net=host \
  --privileged \
  --name knockd \
  -d \
  -e KNOCKD_SEQUENCE_FILE=PATH_TO_FILE \
  -e KNOCKD_PORTS_FILE=PATH_TO_FILE \
  -e KNOCKD_INTERFACE_FILE=PATH_TO_FILE \
  knockd

Useful in compose files.

Example

Standard example

sudo docker run \                                            
  --net=host \
  --privileged \
  --name knockd \
  -d \
  -e KNOCKD_SEQUENCE="7000,8000,9000" \
  -e KNOCKD_PORTS="22,33,44" \
  -e KNOCKD_INTERFACE="eth0" \
  knockd

Secrets file example

sudo docker run \
  --net=host \
  --privileged \
  --name knockd \
  -d \
  -e KNOCKD_SEQUENCE_FILE=/run/secrets/knockd_sequence \
  -e KNOCKD_PORTS_FILE=/run/secrets/knockd_ports \
  -e KNOCKD_INTERFACE_FILE=/run/secrets/knockd_interface \
  knockd

Other things to keep in mind

You might want to allow established connections:

sudo iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Contribute

https://github.com/ppavacic/knockd/

About

knockd iptables docker

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Shell 84.5%
  • Dockerfile 15.5%