[Enhancement] - Add knock check/confirmation and retry

[RastaTaz]

Seen in another android app:

• Add knock confirmation by reaching a TCP port after the knock sequence
• Replay knock sequence (add a count limit) in case confirmation is not OK

[impalex]

What do you mean by "confirmation"?

[RastaTaz]

I use a knock sequence containing some UDP packets : but UDP don't always go through in due time or due sequence, especially in crowded areas. So I sometimes have to launch knock sequence several times...

As the goal of a port knock is often to temporary white list an IP on a firewall : an optional check done by the port knocking application could confirm knock was successful.
=> It could be achieved by trying to connect to a TCP port of a hosted service behind the firewall, either:

• though a NAT when using IPv4 (re-using the target IP of the knock sequence)
• on another IP of the same subnet when using IPv6 (as there's no NAT on IPv6)

Then if confirmation is not OK, a replay of the knocking sequence should be done again.

• a "retry limit" may also prevent from having infinite retries

As an example, see project https://github.com/DJAndries/portknocker-android : it contains such a feature.

I hope the above makes sense to you...

[impalex]

Thanks for the explanation.
TBH I don't really like this concept. We'll see... Low priority atm.