I'm writing application which controls Linux firewall (using iptables). I need to implement some port triggering. There is TRIGGER target which seems to be suitable for it. However, I can't find good documentation of it (actually it's really hard to find any documentation of this target). Does anybody can redirect me to any information about TRIGGER target of iptables?
+1
A:
This is the official documentation for iptables. I wasn't able to find a clear-cut answer directly, but since you didn't mention having looked there, I thought it worthwhile to include.
unwind
2009-04-02 09:31:18
Thanks for the link. Few good tutorials and descriptions of iptables can be found there, but unfortunately I haven't found anything about port triggering. Maybe this is relatively new functionality, so the good documentation is not available yet...
oo_olo_oo
2009-04-02 09:50:07
+1
A:
I think the "port knocking" or whatever, is better handled by ipt_RECENT.
You can certainly set up rules with ipt_RECENT to allow (or indeed, forbid) traffic through one port after it's seen connections recently to another.
See the iptables man page for more info.
MarkR
2009-04-02 14:25:54
A:
I think following two urls may give some ideas for port triggering:
arsane
2009-04-02 16:27:39
Thanks. However, I know the concept of port triggering quite well. I'm looking for some detailed description of TRIGGER target of iptables. One of your link also mentions that there is very little documentation on the web about this topic.
oo_olo_oo
2009-04-02 16:41:33