This program is used for taking actions on special ICMP echo requests.
If one of the two reasons is true for you, then this program has its use for you.
It can be used to change firewall rules etc. Or it can run specific commands on specific ICMP echo requests. In the file test_pingknock.py an example of this usage is given.
#! /usb/bin/env python import pingknock from pingknock import cvar #set the global variables #set up an own iptables chain and jump into it cvar.com_init="""iptables -N ICMPKNOCK iptables -I INPUT -j ICMPKNOCK""" #When the program ends, clear the jump into the ICMPKNOCK chain #then flush the chain and remove it afterwards cvar.com_fini="""iptables -D INPUT -j ICMPKNOCK iptables -F ICMPKNOCK iptables -X ICMPKNOCK""" #If a valid IP address is found open the ssh tcp-port for it cvar.com_insert="""iptables -I ICMPKNOCK -s $SRC -p tcp --dport ssh -j ACCEPT""" #On removal close this port again cvar.com_delete="""iptables -D ICMPKNOCK -s $SRC -p tcp --dport ssh -j ACCEPT""" #The keyentries is a STL list type mapped onto python (via SWIG). #Therefore we have to append the keys manually from the python list. keyentries=pingknock.keylist() k=pingknock.key_entry(pingknock.KT_KeyStatic,"\x61\x19\x1f\xf5\x2c\x27\xfc\xd6\x58\xe3\x20\x26\x95\x70\xe8\x97") keyentries.push_back(k) #Now call the actual python main function pingknock.main_function(keyentries)
First of all some global variables are set (the cvar namespace is used by SWIG, see also globals.hh). On initialisation iptables is used to generate a new table and a jump command to this newly generated table is inserted in the input chain. To this chain new entries will be added. The default command adds a rule into the ICMPKNOCK chain which accepts ssh connection from $SRC which is the IP address which send the correct code.
Please remember that in the current setup somebody could highjack your static key and send it from his IP address.
There is also a program which can react on udp/tcp and icmp portknocking: fwknop(?).