So I found an excellent port knocking tutorial using ONLY iptables rules
that looks to be among the best I've ever seen. (warning: techno music,
tough to read screen, you don't need to type it in because I post a link
to script below)
http://www.youtube.com/watch?v=0zFQocf7C_0
It works fabulously for simply opening a port to a locally managed
service, but I can't seem to get it to work for a PREROUTING/DNAT rule.
I've posted the shell script I'm trying to get to work, it should be
self-documented.
http://chico.benjamindsmith.com/iptables.txt
I've confirmed that the logs correctly show port knocking 2, 3, and 4 in
/var/log/messages so everything seems to be working golden all the way
up to the last line. There are no errors reported when I run this
script. The result that I get is that it acts as though packets are
being dropped for 15 seconds, then I get connection refused.
What am I doing wrong?
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
