i need a modification for the opnsense Firewall to enable Portknocking.
the client application try to connect to port 333. it gets rejected by the firewall.
the client application try to connect to port 22. we forward it to the ssh server.
we only forward one packet with state new to port 22. (after that port 22 state new is locked again for this IP)
all packets with state established related are anyway forwarded.
if a IP trys to connect to any other port than 22,333. the ip becomes ignored for 5 Minutes.
in other words.
our application must
try to connect to port 333.
connect to port 22.
all other connections are rejected.