#
##############################################################################
#
# File: access.conf
#
# Purpose: This file defines how fwknop will modify firewall access controls
#          for specific IPs/networks.  It gets installed by default at
#          /etc/fwknop/access.conf and is consulted by fwknop when run in
#          "access control mode", which is the default (i.e. when fwknop is
#          run from the command line without any command line arguments).
#          Normally fwknop is used in Single Packet Authorization (SPA) mode
#          but the legacy port knocking mode is also supported.  Multiple
#          access controls can be specified for the same source machine, and
#          access for arbitrary addresses is also defined in this file.
#
# See the fwknop man page for a comprehensive treatment of the various
# access control variables.  See the README.ACCESS file for additional
# examples on how to configure access for various services.
#
##############################################################################
#
# $Id: access.conf 1145 2008-06-28 15:41:17Z mbr $
#

### default Single Packet Authorization (SPA) via libpcap:
SOURCE: ANY;
OPEN_PORTS: tcp/22;   ### for ssh (change for access to other services)
KEY: __CHANGEME__;
FW_ACCESS_TIMEOUT: 30;
### if you want to use GnuPG keys (recommended) then define the following
### variables
#GPG_HOME_DIR: /root/.gnupg;
#GPG_DECRYPT_ID: ABCD1234;
#GPG_DECRYPT_PW: myGpgPassword;
#GPG_REMOTE_ID: 1234ABCD;