1

In Knockd how do I listen to a specific IP address from an interface that has multiple IP addresses?

Knockd only has the option to listen by interface but not an IP address.

For example interface eth0 has 3 IPs

  • 123.123.123.123
  • 124.124.124.124
  • 125.125.125.125

My target listen IP is 124.124.124.124 but if I start knockd with eth0 interface it will listen to the first ip 123.123.123.123.

Improve this question
2
  • My guess would be that because knockd doesn't create listeners for itself but rather listens at the link-layer level you can't bind it to a specific IP-address. But that should make it respond to all IP's bound to an interface.
    – HBruijn
    Commented Dec 1, 2023 at 8:26
  • as a workaround only allow the IP the knockd service should listen to via firewall.
    – Dennis Nolte
    Commented Dec 2, 2023 at 13:50

1 Answer 1

Reset to default
1
+50

knockd works on the interface level, so there's no need or way to bind it to a specific IP address.

It listens to all traffic on an ethernet (or PPP) interface, looking for special "knock" sequences of port-hits.

https://linux.die.net/man/1/knockd

If you need to make a difference in addresses you require multiple interfaces (possibly VLAN subinterfaces) or you need another daemon.

Improve this answer
4
  • Meaning I would need to create new interfaces like a bridge or alias type with those adresses and run mutiple knockd daemon for each interfaces?
    – Jeremy John
    Commented Dec 2, 2023 at 7:58
  • A bridge or an alias is no separate interface. If required, you need to use a dedicated physical or logical (sub)interface. Usually, the knocking sequence is the point and not the actual destination address, so I don't really see a scenario where you must make that distinction.
    – Zac67
    Commented Dec 2, 2023 at 8:29
  • My scenario is a dedicated server with multiple IPs that are attached to a single interface as alias IPs, I have no control over the attached as it's done by the hosting company. I need the knockd to run for 2 of those IPs individually on different ports using the same sequences.
    – Jeremy John
    Commented Dec 3, 2023 at 9:20
  • 1
    I found out the issue was that knockd that comes in ubuntu 20.04 is version 7.0 which only binds to the first IP of the interface and not all of it, the latest version 8.0 binds to all of the interface which solves my issue.
    – Jeremy John
    Commented Dec 3, 2023 at 17:57

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .