From d8fe6562ae2be040b156fdfd49163c3d8f94f4d6 Mon Sep 17 00:00:00 2001
From: Bachir Soussi Chiadmi <bachir@figureslibres.io>
Date: Wed, 23 Jan 2019 13:12:25 +0100
Subject: [PATCH] konckd allowing ssh without ip restriction as it would not
 work with 4g connection

---
 assets/knockd.conf | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/assets/knockd.conf b/assets/knockd.conf
index 2f11a12..b37d6b1 100644
--- a/assets/knockd.conf
+++ b/assets/knockd.conf
@@ -19,7 +19,9 @@
       sequence    = 7000,8000,9000
       seq_timeout = 5
       # TODO do not limit port 22 to the ip as it don't work with 4G connection
-      start_command = ufw insert 1 allow from %IP% to any port 22
+      # start_command = ufw insert 1 allow from %IP% to any port 22
+      start_command = ufw allow ssh
       tcpflags    = syn
       cmd_timeout   = 600
-      stop_command  = ufw delete allow from %IP% to any port 22
+      # stop_command  = ufw delete allow from %IP% to any port 22
+      stop_command  = ufw delete allow ssh