Witam chciałem sobie zbudować knock'a. Zdaje się być całkiem fajnym i prostym dodatkiem do systemu.
Więcej można poczytać na http://linuxnews.pl - archiwa. lub http://www.zeroflux.org/knock/
Generalnie: serwer słucha na portach i patrzy czy sekwencje "pukania" odpowiadają jakiejś regule - jeżeli tak to "coś" się dzieje.
BTW: Na forum linuxnews Jacek Pliszka pokazał fajne i proste zastosowanie: ***************** netfilter ma w p-o-m w extra patch condition
Dajesz:
iptables -A INPUT -p tcp -m condition --condition allow_ssh --dport 22 -j ACCEPT
I wtedy by wpuscic dajesz: echo 1 > /proc/net/ipt_condition/allow_ssh
By zablokowac:
echo 0 > /proc/net/ipt_condition/allow_ssh ******************
Niestety nie potrafię tego skompilować :-(
make wywala:
config.status: creating config.h
+ /usr/bin/make
athlon-pld-linux-gcc -O2 -march=athlon -g -Wall -pedantic -fno-exceptions -D_GNU_SOURCE -I. -o src/knockd.o -c src/knockd.c
In file included from src/knockd.c:34:
/usr/include/linux/tcp.h:106: error: enumerator value for `TCP_FLAG_CWR' not integer constant
/usr/include/linux/tcp.h:107: error: enumerator value for `TCP_FLAG_ECE' not integer constant
/usr/include/linux/tcp.h:108: error: enumerator value for `TCP_FLAG_URG' not integer constant
/usr/include/linux/tcp.h:109: error: enumerator value for `TCP_FLAG_ACK' not integer constant
/usr/include/linux/tcp.h:110: error: enumerator value for `TCP_FLAG_PSH' not integer constant
/usr/include/linux/tcp.h:111: error: enumerator value for `TCP_FLAG_RST' not integer constant
/usr/include/linux/tcp.h:112: error: enumerator value for `TCP_FLAG_SYN' not integer constant
/usr/include/linux/tcp.h:113: error: enumerator value for `TCP_FLAG_FIN' not integer constant
/usr/include/linux/tcp.h:114: error: enumerator value for `TCP_RESERVED_BITS' not integer constant
/usr/include/linux/tcp.h:116: error: enumerator value for `TCP_DATA_OFFSET' not integer constant
src/knockd.c:47:18: pcap.h: Nie ma takiego pliku ani katalogu
src/knockd.c:102: warning: `struct pcap_pkthdr' declared inside parameter list
src/knockd.c:102: warning: its scope is only this definition or declaration, which is probably not what you want
src/knockd.c:104: error: parse error before '*' token
src/knockd.c:104: warning: type defaults to `int' in declaration of `cap'
src/knockd.c:104: error: ISO C forbids data definition with no type or storage class
src/knockd.c: In function `main':
src/knockd.c:120: error: `PCAP_ERRBUF_SIZE' undeclared (first use in this function)
src/knockd.c:120: error: (Each undeclared identifier is reported only once
src/knockd.c:120: error: for each function it appears in.)
src/knockd.c:165: warning: implicit declaration of function `pcap_open_live'
src/knockd.c:165: warning: assignment makes pointer from integer without a cast
src/knockd.c:173: warning: implicit declaration of function `pcap_datalink'
src/knockd.c:175: error: `DLT_EN10MB' undeclared (first use in this function)
src/knockd.c:178: error: `DLT_LINUX_SLL' undeclared (first use in this function)
src/knockd.c:183: warning: implicit declaration of function `pcap_datalink_val_to_name'
src/knockd.c:183: warning: format argument is not a pointer (arg 3)
src/knockd.c:221: warning: implicit declaration of function `pcap_dispatch'
src/knockd.c:224: warning: implicit declaration of function `pcap_perror'
src/knockd.c:120: warning: unused variable `pcapErr'
src/knockd.c: In function `cleanup':
src/knockd.c:287: warning: implicit declaration of function `pcap_close'
src/knockd.c: At top level:
src/knockd.c:635: warning: `struct pcap_pkthdr' declared inside parameter list
src/knockd.c:636: error: conflicting types for `sniff'
src/knockd.c:102: error: previous declaration of `sniff'
src/knockd.c: In function `sniff':
src/knockd.c:649: error: dereferencing pointer to incomplete type
src/knockd.c:656: error: `DLT_EN10MB' undeclared (first use in this function)
src/knockd.c:668: error: `DLT_LINUX_SLL' undeclared (first use in this function)
src/knockd.c:713: error: dereferencing pointer to incomplete type
make: *** [src/knockd.o] Błąd 1
linux-libc-headers-2.6.5.1-4 z cvsu
Czy ktoś pomoże?
-- Andrzej Zawadzki
_______________________________________________________ złota zasada - kto się nie zna, niech się nie wypowiada
