If I try to start it via boot, it fails. It looks like I don't have it waiting for the right event, namely the network to be available.
===
systemctl status knockd.service
knockd.service - Port Knocking Service
Loaded: loaded (/usr/lib/systemd/system/knockd.service; enabled)
Active: failed (Result: exit-code) since Thu, 29 Nov 2012 23:16:14 -0500
Process: 923 ExecStart=/usr/local/sbin/knockd -D -v -i p128p1 (code=exited, status=1/FAILURE)
CGroup: name=systemd:/system/knockd.service
Nov 29 23:16:14 KD1YV3 knockd[923]: config: tcp flag: SYN
Nov 29 23:16:14 KD1YV3 knockd[923]: config: new section: 'closeSSH'
Nov 29 23:16:14 KD1YV3 knockd[923]: config: closeSSH: sequence: nnnn:tcp,nnnn:tcp,nnnn:tcp
Nov 29 23:16:14 KD1YV3 knockd[923]: config: closeSSH: seq_timeout: 30
Nov 29 23:16:14 KD1YV3 knockd[923]: config: closeSSH: start_command: /usr/sbin/iptables -D INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
Nov 29 23:16:14 KD1YV3 knockd[923]: config: tcp flag: SYN
Nov 29 23:16:14 KD1YV3 knockd[923]: ethernet interface detected
Nov 29 23:16:14 KD1YV3 knockd[923]: could not get IP address for p128p1
Nov 29 23:16:14 KD1YV3 knockd[923]: waiting for child processes...
Nov 29 23:16:14 KD1YV3 knockd[923]: closing...
===
If I run it from the command line, it is very happy.
[root@KD1YV3 system]# systemctl start knockd.service
[root@KD1YV3 system]# systemctl status knockd.service
knockd.service - Port Knocking Service
Loaded: loaded (/usr/lib/systemd/system/knockd.service; enabled)
Active: active (running) since Thu, 29 Nov 2012 22:19:54 -0500; 3s ago
Main PID: 2508 (knockd)
CGroup: name=systemd:/system/knockd.service
└ 2508 /usr/local/sbin/knockd -D -v -i p128p1
Nov 29 22:19:54 KD1YV3 knockd[2508]: config: openSSH: start_command: /usr/sbin/iptables -I INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
Nov 29 22:19:54 KD1YV3 knockd[2508]: config: tcp flag: SYN
Nov 29 22:19:54 KD1YV3 knockd[2508]: config: new section: 'closeSSH'
Nov 29 22:19:54 KD1YV3 knockd[2508]: config: closeSSH: sequence: nnnn:tcp,nnnn:tcp,nnnn:tcp
Nov 29 22:19:54 KD1YV3 knockd[2508]: config: closeSSH: seq_timeout: 30
Nov 29 22:19:54 KD1YV3 knockd[2508]: config: closeSSH: start_command: /usr/sbin/iptables -D INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
Nov 29 22:19:54 KD1YV3 knockd[2508]: config: tcp flag: SYN
Nov 29 22:19:54 KD1YV3 knockd[2508]: ethernet interface detected
Nov 29 22:19:54 KD1YV3 knockd[2508]: Local IP: 192.168.1.107
Nov 29 22:19:54 KD1YV3 knockd[2508]: listening on p128p1...
===
Here is my systemd file
cat knockd.service
[Unit]
Description=Port Knocking Service
After=syslog.target network.target
[Service]
ExecStart=/usr/local/sbin/knockd -D -v -i p128p1
[Install]
WantedBy=multi-user.target
===
Any help or suggestions appreciated.
JimR
===
systemctl status knockd.service
knockd.service - Port Knocking Service
Loaded: loaded (/usr/lib/systemd/system/knockd.service; enabled)
Active: failed (Result: exit-code) since Thu, 29 Nov 2012 23:16:14 -0500
Process: 923 ExecStart=/usr/local/sbin/knockd -D -v -i p128p1 (code=exited, status=1/FAILURE)
CGroup: name=systemd:/system/knockd.service
Nov 29 23:16:14 KD1YV3 knockd[923]: config: tcp flag: SYN
Nov 29 23:16:14 KD1YV3 knockd[923]: config: new section: 'closeSSH'
Nov 29 23:16:14 KD1YV3 knockd[923]: config: closeSSH: sequence: nnnn:tcp,nnnn:tcp,nnnn:tcp
Nov 29 23:16:14 KD1YV3 knockd[923]: config: closeSSH: seq_timeout: 30
Nov 29 23:16:14 KD1YV3 knockd[923]: config: closeSSH: start_command: /usr/sbin/iptables -D INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
Nov 29 23:16:14 KD1YV3 knockd[923]: config: tcp flag: SYN
Nov 29 23:16:14 KD1YV3 knockd[923]: ethernet interface detected
Nov 29 23:16:14 KD1YV3 knockd[923]: could not get IP address for p128p1
Nov 29 23:16:14 KD1YV3 knockd[923]: waiting for child processes...
Nov 29 23:16:14 KD1YV3 knockd[923]: closing...
===
If I run it from the command line, it is very happy.
[root@KD1YV3 system]# systemctl start knockd.service
[root@KD1YV3 system]# systemctl status knockd.service
knockd.service - Port Knocking Service
Loaded: loaded (/usr/lib/systemd/system/knockd.service; enabled)
Active: active (running) since Thu, 29 Nov 2012 22:19:54 -0500; 3s ago
Main PID: 2508 (knockd)
CGroup: name=systemd:/system/knockd.service
└ 2508 /usr/local/sbin/knockd -D -v -i p128p1
Nov 29 22:19:54 KD1YV3 knockd[2508]: config: openSSH: start_command: /usr/sbin/iptables -I INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
Nov 29 22:19:54 KD1YV3 knockd[2508]: config: tcp flag: SYN
Nov 29 22:19:54 KD1YV3 knockd[2508]: config: new section: 'closeSSH'
Nov 29 22:19:54 KD1YV3 knockd[2508]: config: closeSSH: sequence: nnnn:tcp,nnnn:tcp,nnnn:tcp
Nov 29 22:19:54 KD1YV3 knockd[2508]: config: closeSSH: seq_timeout: 30
Nov 29 22:19:54 KD1YV3 knockd[2508]: config: closeSSH: start_command: /usr/sbin/iptables -D INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
Nov 29 22:19:54 KD1YV3 knockd[2508]: config: tcp flag: SYN
Nov 29 22:19:54 KD1YV3 knockd[2508]: ethernet interface detected
Nov 29 22:19:54 KD1YV3 knockd[2508]: Local IP: 192.168.1.107
Nov 29 22:19:54 KD1YV3 knockd[2508]: listening on p128p1...
===
Here is my systemd file
cat knockd.service
[Unit]
Description=Port Knocking Service
After=syslog.target network.target
[Service]
ExecStart=/usr/local/sbin/knockd -D -v -i p128p1
[Install]
WantedBy=multi-user.target
===
Any help or suggestions appreciated.
JimR