Port knock from rotating IP addresses

rtaft

11/26/23, 9:58 PM

I have knockd setup on a public device running Ubuntu 20. It works as expected.

I have a situation where a network I am trying to port knock from is rotating the outgoing IP address. Only Stage 1 appears in the logs, but every attempt has 1 of 4 IP addresses within X.Y.0.0/16. Is there a way around this, maybe configure knockd to use more than one IP in specific situations?

0 + 3

server

security

networking

matigo

11/26/23, 10:22 PM

This would be wholly dependent on whatever service you’re using for the Internet, would it not? IP address space is generally pretty limited for anyone who isn’t Google or Amazon and, even if you were using their network, IP hopping across larger ranges would probably require additional fees to pre-allocate addresses or move instances across geographic regions

rtaft

11/26/23, 11:51 PM

I'm not sure I understand your point. I don't have any control over the route. I'm trying to rsync over ssh to a server with knockd configured. There are no issues with this server with knockd. The issue is the server pushing the data, the outgoing IP for the private network changes for each knock. Even if I do `nmap -p 1234,1235,1236,1237 knockedserver`, each knock is shows a different IP as the origin. Yes it's an organization that has a lot of IPs.

user535733

11/27/23, 4:46 AM

The knockd documentation is mute on the subject of whether all knocks must come from the same IP address, though your experience suggests that they must. You will need to edit the knockd config file so you knock only once, and open to X.Y.*.* range instead of the knock-client's specific IP address.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Port knock from rotating IP addresses

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.