[CentOS] This firewall rule will self-destruct

Benjamin Smith lists at benjamindsmith.com
Sat Mar 17 03:12:38 UTC 2007

On Friday 16 March 2007, MrKiwi wrote:
> mitigate a situation 
> where you have no control over an intermediate firewall that 
> only passes port 80

Yes, that's EXACTLY what I'm trying to do... but I dont' see how this exactly 
relates to port knocking. 

Port knocking seems to be that you log connection attempts to various ports 
that are otherwise closed, EG: 

iptables -I input -p tcp -j DENY -l 

and then watch the log file for a specific, exact sequence of connections from 
a common source IP. How would that help me here? Are you suggesting that I 
log the inbound port 80, and then watch the logfile with a background 
script/daemon  to clear out the rules? 

More information about the CentOS mailing list