open your ssh door by send a UDP package `echo zhi-ma-kai-men | nc -u server-ip 54321`

ssh-door.sh

#!/usr/bin/env bash

OPEN_DOOR_UDP_PORT=54321
OPEN_DOOR_TOKEN=zhi-ma-kai-men
SSH_ALLOW_TIMEOUT=10
IP_SET_MAX=8
SSH_IP_SET=ssh-ip-set

ipset create $SSH_IP_SET hash:ip \
  timeout $SSH_ALLOW_TIMEOUT \
  maxelem $IP_SET_MAX \
  counters


iptables \
  -A INPUT \
  -p udp --dport $OPEN_DOOR_UDP_PORT \
  -m string --algo kmp --string $OPEN_DOOR_TOKEN \
  -j SET \
  --add-set $SSH_IP_SET src


iptables \
  -A INPUT \
  -p tcp --dport 22 \
  -m set --match-set $SSH_IP_SET src \
  -j ACCEPT

 iptables \
  -A INPUT \
  -p tcp --dport 22 \
  -j DROP