-
Notifications
You must be signed in to change notification settings - Fork 6
/
server.conf
executable file
·30 lines (22 loc) · 948 Bytes
/
server.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
# the right sequence of ports, at least 5 unique ports
secret_ports=10000,7456,22022,12121,10001
# set it to 1-65535 to sniff all ports, you may skip some leading ports
# so that when someone access to http port while knocking it won't be rejected
sniff_range=1000-65535
# if this is 1 then knocking wrong ports won't reset request,
# only knocking right ports in wrong sequence will do
just_check_sequence=0
# size in bytes of random blob
# it will be a little bit bigger because it uses base64
min_random_blob_size=25
max_random_blob_size=50
# server GPG dir
#server_gpg_dir=/etc/tariq/.server-gpg
server_gpg_dir=server-gpg
# number of working threads
threads_n=3
# the name of the iptables chain to use
iptables_chain=tariq
# iptables open port commads
open_tcp_port=-A tariq -s {ip} -p tcp -m state --state NEW -m tcp --dport {dport} -j ACCEPT
open_udp_port=-A tariq -s {ip} -p udp -m state --state NEW -m udp --dport {dport} -j ACCEPT