1[options] 2 logfile = /var/log/knockd.log 3 interface = fxp0 4 5[openSSH] 6 sequence = 7000,8000,9000 7 seq_timeout = 5 8 command = /sbin/ipfw -q add pass proto tcp src-ip %IP% dst-port 22 9 tcpflags = syn 10 11[closeSSH] 12 sequence = 9000,8000,7000 13 seq_timeout = 5 14 command = /sbin/ipfw -q delete pass proto tcp src-ip %IP% dst-port 22 15 tcpflags = syn 16 17