Aboutipt_portkng is a iptables (firewall) module developed in 2008 for a class of my Computer Sciences and Engineering bachelor. The software is a C-language iptables module implementation of the port knocking firewalling. That is, this module extends the iptales firewall functionality to support the port knocking mechanism.
Port knocking works by letting certain ports being closed until they are needed, minimizing the risks of abuse. When a service behind a certain port is needed, the user in a remote computer sends a sequence of TCP SYN packets targeting several ports of the computer behind the firewall. If the port sequence matches the previously established sequence, then the previously defined port is opened for the user, allowing him to communicate with the service.
DiscontinuedThe development of this software was discontinued since I didn't have the time to maintain it. However, you are free to continue development of this iptables module. If you decide to do so please drop me an email, maybe I find the time and interest to help you with it.
Source codeDownload source-code: ipt_portkng-svn-r37-20080113.tar.bz2
iptables -A INPUT -p tcp -m portkng --knock 45,67,21 --dport 22 -j ACCEPT
will open port 22 only if ports 45,67 and 21 are conected in order. Only IPs with correct port sequences are allowed to connect.