Daniel Corbett daniel-corbett

## haproxy-portknock.cfg
# Listens on 6000-9000 for a sequence of port knocks.
# Requires an explicit order of port access before opening
# Current defined order is 6001,7001,8001,9000
# If another port is accessed during the sequence it must be started from the beginning
listen portknock
  mode tcp
  bind *:6000-9000
  stick-table type ip size 1m expire 24h store conn_cnt,gpt0
  tcp-request connection track-sc0 src
  tcp-request connection sc-set-gpt0(0) 1 if { dst_port 6001 } { sc_get_gpt0(0) -m int lt 4 }
	# Listens on 6000-9000 for a sequence of port knocks.
	# Requires an explicit order of port access before opening
	# Current defined order is 6001,7001,8001,9000
	# If another port is accessed during the sequence it must be started from the beginning
	listen portknock
	mode tcp
	bind *:6000-9000
	stick-table type ip size 1m expire 24h store conn_cnt,gpt0
	tcp-request connection track-sc0 src
	tcp-request connection sc-set-gpt0(0) 1 if { dst_port 6001 } { sc_get_gpt0(0) -m int lt 4 }