wok rev 4737
knock/knockd-helper: add help
| author | Pascal Bellard <pascal.bellard@slitaz.org> |
|---|---|
| date | Thu Jan 07 12:40:20 2010 +0100 (2010-01-07) |
| parents | 23fde46c8679 |
| children | 0944ca885003 |
| files | knock/stuff/usr/sbin/knockd-helper |
line diff
1.1 --- a/knock/stuff/usr/sbin/knockd-helper Thu Jan 07 12:10:30 2010 +0100 1.2 +++ b/knock/stuff/usr/sbin/knockd-helper Thu Jan 07 12:40:20 2010 +0100 1.3 @@ -23,7 +23,7 @@ 1.4 iptables -t nat -I PREROUTING -s $IP -p $PROT --dport $PORT -j RETURN 1.5 iptables -I INPUT -s $IP -p $PROT --dport $PORT -j ACCEPT 1.6 shift 3 1.7 - logger "Ensable $PROT:$PORT for $IP $@" 1.8 + logger "Enable $PROT:$PORT for $IP $@" 1.9 ;; 1.10 off) 1.11 [ -f /var/lib/knockd/$IP ] && disable /var/lib/knockd/$IP 1.12 @@ -59,4 +59,29 @@ 1.13 /etc/init.d/crond start 1.14 } 1.15 ;; 1.16 +*) 1.17 + PROG=$(basename $0) 1.18 + cat <<EOT 1.19 +Usage: $PROG [on|off|check|purge|cron] [args...] 1.20 + 1.21 +$PROG on ip_address protocol port enable access 1.22 +$PROG off ip_address disable access 1.23 +$PROG check verify timeouts 1.24 +$PROG purge disable all accesses 1.25 +$PROG cron install auto disable access 1.26 + 1.27 +Example for /etc/knockd.conf file : 1.28 + 1.29 +[options] 1.30 + PidFile = /var/run/knockd.pid 1.31 + logfile = /var/log/knockd.log 1.32 + 1.33 +[openSSH] 1.34 + sequence = 7000,8000,9000 1.35 + seq_timeout = 5 1.36 + command = /usr/sbin/knockd-helper on %IP% tcp 22 1.37 + tcpflags = syn 1.38 +EOT 1.39 + exit 1 1.40 + ;; 1.41 esac