On 7/22/19 2:47 PM, Matthias Maier wrote: > Hi folks, > > I have the feeling that the nftables portknocking example found on the > wiki [1] is a bit outdated and unnecessarily convoluted. > > I have cooked up a small proof of concept [2] using only 4 named sets > and one chain for an arbitrary number of knocks. (Here [3] is the > corresponding bash script to generate the ruleset.) I am not claiming > that this is a particular good solution. But maybe there is some > interest in improving the portknock example in the wiki a bit. > Thanks, just updated this page: https://wiki.nftables.org/wiki-nftables/index.php/Port_knocking_example
