wok diff knock/stuff/usr/sbin/knockd-helper @ rev 17686
Up knock (0.7)
| author | Pascal Bellard <pascal.bellard@slitaz.org> |
|---|---|
| date | Sat Feb 21 19:04:57 2015 +0100 (2015-02-21) |
| parents | 8e4da8903b1c |
| children |
line diff
1.1 --- a/knock/stuff/usr/sbin/knockd-helper Thu Jan 07 12:40:20 2010 +0100 1.2 +++ b/knock/stuff/usr/sbin/knockd-helper Sat Feb 21 19:04:57 2015 +0100 1.3 @@ -1,5 +1,7 @@ 1.4 #!/bin/sh 1.5 1.6 +PERIOD=5 # minutes 1.7 + 1.8 IP=$2 1.9 PROT=$3 1.10 PORT=$4 1.11 @@ -29,11 +31,11 @@ 1.12 [ -f /var/lib/knockd/$IP ] && disable /var/lib/knockd/$IP 1.13 ;; 1.14 check) 1.15 - TIMEOUT=$(( 6 * 60 )) 1.16 + TIMEOUT=$(( $PERIOD * 120 )) 1.17 for i in /var/lib/knockd/*.*.*.*; do 1.18 [ -f "$i" ] || continue 1.19 while read ip prot port msg; do 1.20 - if grep -qe "^$prot.* src=$ip .* dport=$port" /proc/net/ip_conntrack ; then 1.21 + if netstat -nut | grep -qe "^$prot .*:$port *$ip:[0-9]* " ; then 1.22 touch $i 1.23 break 1.24 fi 1.25 @@ -53,7 +55,7 @@ 1.26 $(crontab -l) 1.27 1.28 # Close old connections opened by knockd 1.29 -*/5 * * * * $0 check > /dev/null 2>&1 1.30 +*/$PERIOD * * * * $0 check > /dev/null 2>&1 1.31 EOT 1.32 /etc/init.d/crond stop 1.33 /etc/init.d/crond start