On Tue, Feb 16, 2010 at 10:22:04AM +0100, Per-Olov Sjvholm wrote: > Hi "misc" > > I am looking for a tool to use as a trigger for dynamically open PF ports from > certain IP:s. > > I will access non critical info but want at least a port knocker as security. > > If I access an IP on my DMZ that is not in use on a port that is fake I want > to dynamically add a PF rule for a totally different purpose. Let's say I > access http://1.2.3.4:45321 which is blocked and logged in PF, what is the > easiest way to create a trigger from the PF log or the PF log device? > > A cron job with grep in the PF log and then run pfctl to add the rule is from > many points of view a bad choice... I don't want to dig through the PF log as > it can be huge, and I don't want to use a cron job as it takes to long.. >
There is a way to do port knocking in pf without any external help. Maybe you can figure it out. I will not give more hints since port knocking is a dumb idea better spend your time reading on authpf(8). -- :wq Claudio
