ipt_pkd is an iptables extension implementing port knock detection with SPA (single packet authorization). This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
|Tags||Utilities Operating System Kernels Linux Networking Firewalls Security Cryptography Internet|
|Operating Systems||POSIX Linux|
Release Notes: This release fixes a bug in knock.py when sending a knock to a site not in the configuration file or when the configuration file doesn't exist.
Release Notes: Updated to work with iptables 1.4.21 and Linux kernels up to 3.10. The procfs entry was turned off in kernels >= 3.7; for older kernels, it is now /proc/ipt_pkd/stats. knock.py was switched to be a loadable module that can be imported into other Python scripts.
Release Notes: This release has been updated for Linux 3.x, and tested with Linux 3.2 and iptables 220.127.116.11
Release Notes: Support for iptables 1.4.10, 1.4.11, and 18.104.22.168. Support for kernels through 2.6.39.
Release Notes: This release adds support for iptables 1.4.9 and Linux kernel 2.6.35.