From owner-freebsd-questions@FreeBSD.ORG  Tue Jun 21 11:42:43 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 39A4D16A41C
	for <freebsd-questions@freebsd.org>;
	Tue, 21 Jun 2005 11:42:43 +0000 (GMT)
	(envelope-from listmail@Bomgardner.net)
Received: from brightstar.bomgardner.net (brightstar.bomgardner.net
	[209.240.79.79])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 08E2743D48
	for <freebsd-questions@freebsd.org>;
	Tue, 21 Jun 2005 11:42:42 +0000 (GMT)
	(envelope-from listmail@Bomgardner.net)
Received: from [192.168.0.2] (morningstar [192.168.0.2])
	by brightstar.bomgardner.net (Postfix) with ESMTP id 8C8D721D8EE
	for <freebsd-questions@freebsd.org>;
	Tue, 21 Jun 2005 06:42:49 -0500 (CDT)
Message-ID: <42B7FD20.2000406@Bomgardner.net>
Date: Tue, 21 Jun 2005 06:42:24 -0500
From: Gene <listmail@Bomgardner.net>
User-Agent: Mozilla Thunderbird 0.6 (Windows/20040502)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: "freebsd-questions@FreeBSD. ORG" <freebsd-questions@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Anyone using doormand
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jun 2005 11:42:43 -0000

Has anyone implemented the doorman port knocking package?

I tried to get it going on 5.4, but when I start doormand, I can find no
evidence of it listening to it's default port (1001).
I've checked the config (see below) but all seems correct. I can find no 
mention
of doormand or port 1001 in the output of netstat or sockstat. Knocks
have no discernible effect, telnet connections are refused, and there is 
nothing
in the doorman's log file.

Any ideas?
Thanks
Gene

The doormand.cf file:

#
#  'doormand.cf'
#
#
interface           rl1
port                1001
waitfor             10
connection_delay_1  100000  # 1/10th second (delay is in microseconds)
connection_delay_2  2
logfile                       /var/log/doorman-messages
loglevel                    debug
pidfile                      /var/run/doormand.pid
guestlist                   /usr/local/etc/doormand/guestlist
firewall-add            /usr/local/etc/doormand/ipf_add
firewall-del             /usr/local/etc/doormand/ipf_delete
tag-queue-length    100000
tag-queue               /var/doorman_tag_queue
tag-db                    /var/doorman_tag_db.db