Anyone using doormand

fbsd_user fbsd_user at a1poweruser.com
Wed Jun 22 18:53:01 GMT 2005 

I read your post and was interested about what doorman does so I
installed it on my 5.4 system.
Running doormand from the command line does start the daemon after
the .cf and guestlist pass syntax test. You will see it running with
ps ax command.  Remember doorman creates firewall rules on the fly
to allow the TCP packets pass through the firewall and then removes
them at the close of the session. Your firewall rules must pass
inbound udp packets on port 1001. If you have that closed in you
firewall rules doorman will never be triggered. I found running
doormand -D will display any config file syntax errors to the
console. If you change from the default /var/log/messages log file
you have to give the new log file permission of rwx just for root
user. That maybe why you see nothing in your custom log. I have not
got it working yet on allowing telnet in from public internet. I am
testing it using ipfilter firewall. You also have to create
/usr/local/etc/rc.d/doormand.sh script so doormand will be started
at boot time. Will let you know my results later.

-----Original Message-----
From: owner-freebsd-questions at freebsd.org
[mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Gene
Sent: Tuesday, June 21, 2005 7:42 AM
To: freebsd-questions at FreeBSD. ORG
Subject: Anyone using doormand


Has anyone implemented the doorman port knocking package?

I tried to get it going on 5.4, but when I start doormand, I can
find no
evidence of it listening to it's default port (1001).
I've checked the config (see below) but all seems correct. I can
find no
mention
of doormand or port 1001 in the output of netstat or sockstat.
Knocks
have no discernible effect, telnet connections are refused, and
there is
nothing
in the doorman's log file.

Any ideas?
Thanks
Gene

The doormand.cf file:

#
#  'doormand.cf'
#
#
interface           rl1
port                1001
waitfor             10
connection_delay_1  100000  # 1/10th second (delay is in
microseconds)
connection_delay_2  2
logfile                       /var/log/doorman-messages
loglevel                    debug
pidfile                      /var/run/doormand.pid
guestlist                   /usr/local/etc/doormand/guestlist
firewall-add            /usr/local/etc/doormand/ipf_add
firewall-del             /usr/local/etc/doormand/ipf_delete
tag-queue-length    100000
tag-queue               /var/doorman_tag_queue
tag-db                    /var/doorman_tag_db.db

_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"

More information about the freebsd-questions mailing list