Support

What is Port Knocking?

Port knocking is a method of opening ports on a firewall by sending connection attempts to a specific sequence of ports. The firewall monitors for the correct sequence and, when detected, opens a port (such as SSH) for your IP address. It adds a layer of security by keeping services hidden from port scans.

Getting Started

• Add a sequence — Tap the + button to create a new knock sequence
• Configure — Enter a name, hostname, and the ports to knock in order. Set each port to TCP or UDP as needed.
• Knock — Tap a saved sequence to immediately send the knock
• Edit or delete — Long-press a sequence for options

Frequently Asked Questions

How do I know if port knocking worked?
knock(1) shows a green checkmark for each port as it's knocked. A successful knock sequence means the packets were sent — whether your firewall opened the port depends on your server's knockd configuration. After knocking, try connecting to the service you're unlocking (e.g., SSH).

What should I set the delay to?
The delay is the time in milliseconds between each port knock. The default of 5ms works for most configurations. If your server is on a slow or distant network, try increasing it to 50–200ms.

Why did a knock(1) show an error?
Errors typically mean the hostname couldn't be resolved (check the hostname) or the network is unreachable (check your connection). A red indicator means the knock packet couldn't be sent at all.

Does knock(1) work with knockd?
Yes. knock(1) is compatible with knockd and other port knocking daemons. Configure your sequence to match your server's knock configuration.