32 lines
590 B
Ruby
32 lines
590 B
Ruby
#
|
|
# Cookbook:: metasploitable
|
|
# Recipe:: knockd
|
|
#
|
|
# Copyright:: 2017, Rapid7, All Rights Reserved.
|
|
|
|
package 'knockd' do
|
|
action :install
|
|
end
|
|
|
|
template '/etc/knockd.conf' do
|
|
source 'knockd/knockd.conf.erb'
|
|
mode '0600'
|
|
end
|
|
|
|
cookbook_file '/etc/default/knockd' do
|
|
source 'knockd/knockd'
|
|
mode '0600'
|
|
end
|
|
|
|
execute 'remove_carriage_returns' do
|
|
command "sed -i -e 's/\r//g' /etc/default/knockd"
|
|
end
|
|
|
|
iptables_rule '1_knockd' do
|
|
lines "-I FORWARD 1 -p tcp -m tcp --dport #{node[:flags][:five_of_diamonds][:vuln_port]} -j DROP"
|
|
end
|
|
|
|
service 'knockd' do
|
|
action [:enable, :start]
|
|
end
|