Version 0.5 of knock
Release Notes: This release adds the ability to change the knocking protocol (TCP/UDP) on a per-port basis using the knock client, a --lookup option for DNS lookups, support for one-time knock sequences, an Interface directive to select the listening interface, and support for excluding TCP flags with "!". The leftover/deprecated layer-2 MAC logic has been removed. Some memory leaks and potential security issues have been fixed. Packet filtering has been moved to kernel space with BPF filters.
Other releases
Release Notes: This release adds the ability to change the knocking protocol (TCP/UDP) on a per-port basis using the knock client, a --lookup option for DNS lookups, support for one-time knock sequences, an Interface directive to select the listening interface, and support for excluding TCP flags with "!". The leftover/deprecated layer-2 MAC logic has been removed. Some memory leaks and potential security issues have been fixed. Packet filtering has been moved to kernel space with BPF filters.
Release Notes: Support for DLT_RAW (PPPoE) interfaces was added. Packet inspection was changed to use the interface's IP address to determine the flow direction rather than the ethernet MAC address. Hostnames were added to the logging output and the the logging date format was changed to ISO standard (yyyy-mm-dd).
Release Notes: This release fixes a segfault occurring when a hostname could not be resolved, and fixes build errors on Fedora and TCP SYN timeouts in the knock client.
Release Notes: This release adds PPP (LINUX_SLL) support and support for auto-closing doors with the new Start_Command, Stop_Command, Cmd_Timeout directives. knockd now rereads the configuration file when a HUP is received. Multiple protocols are now supported on a per-port basis.
Release Notes: The zombie process problem has been fixed. A patch for the PidFile configuration directive and support for specific TCP flags have been added.
