Re: New knockd behaviour under Wheezy
Hello,
Christophe GARAULT a écrit :
>
> I recently upgraded my server to Wheezy. Previously everything was
> working
> great.
Please fix your line wrapping.
> Now knockd acts like if it only gets the first sequence of my knocks
> and
> doesn't receive the remaining ones.
>
> On the other hand if I throw the sequence with multiple calls to knock
> on the
> client then the daemon receives all of them and run the associated
> command
> as expected. I also tried to increase the value of seq_timeout from 5
> to 15
> without any success.
>
> Ex:
>
> on client: $ knock myserver 123:tcp 321:udp 456:tcp 654:udp
>
> on server: # cat /var/log/knockd.log
> [...]
> [2013-05-31 08:45] 93.xxx.xxx.xxx: openSSH: Stage 1
>
> and then
> on client: $ knock myserver 123:tcp && knock myserver 321:udp && knock
> myserver 456:tcp && knock myserver 654:udp
>
> on server: # cat /var/log/knockd.log
> [...]
> [2013-05-31 08:50] 93.xx.xx.xx: openSSH: Stage 1
> [2013-05-31 08:50] 93.xx.xx.xx: openSSH: Stage 2
> [2013-05-31 08:50] 93.xx.xx.xx: openSSH: Stage 3
> [2013-05-31 08:50] 93.xx.xx.xx: openSSH: Stage 4
> [2013-05-31 08:50] 93.xx.xx.xx: openSSH: OPEN SESAME
>
> Any idea of what causes this behaviour ?
No, but the knockd package version has not evolved between Squeeze and
Wheezy, so this change must come from something else.
Did you check with a packet capture tool that the knock client host
actually sends all the expected packets, and the knockd server host also
actually receives them all ?
Reply to: