spamassassinexception Thank you so much for your input! If I change the knock ports every time I log in, I should be fine, right? Please comment on my ruleset, brain fart again?
knock1 = "11111" knock2 = "22222" open = "22" block drop in all block drop quick on $extif inet proto tcp \ from any to $extaddr port $knock1 \ tag knock1 block drop quick on $extif inet proto tcp \ from any to $extaddr port != $knock2 \ tagged knock1 tag knock block drop quick log on $extif inet proto tcp \ from any to $extaddr port $knock2 \ tagged knock1 tag knock2 block drop quick log on $extif inet proto tcp \ from any to $extaddr port != $open \ tagged knock2 tag knock pass in quick log on $extif inet proto tcp \ from any to $extaddr port $open \ modulate state (max 1) \ tagged knock2
