AWAITING FEEDBACK Portknock required every day

Discussion in 'General' started by kengetz, Apr 8, 2019.

  1. kengetz

    kengetz New Member

    Joined:
    Nov 7, 2008
    Messages:
    22
    Likes Received:
    1
    I installed IncrediblePBX 13-12.3 on Ubuntu, on Vultr. All was working great. Then I moved my home. I ran add-fqdn to add home.mydomain.com (which is set up through a DDNS service to update to point to my local IP address regularly, and that works). I look in iptables and I see my current IP address listed. Yet, every single day, the phones don't work until I run the portknock utility on my iPhone. Once I do that, all is well. I just need to repeat the running of PortKnock to open the firewall to my IP address every single day.

    Does anyone have any suggestions? This is frustrating. I guess I could just create a new instance and copy over all my settings, but I'd prefer not to do that. Thanks!
     
  2. wardmundy

    wardmundy Nerd Uno

    Joined:
    Oct 12, 2007
    Messages:
    14,701
    Likes Received:
    2,512
    Is there an ipchecker file in /root/ Is it being run in /etc/crontab?
     
  3. kengetz

    kengetz New Member

    Joined:
    Nov 7, 2008
    Messages:
    22
    Likes Received:
    1
    ipchecker is there, and crontab contains the following. I don't know how crontab works: Does this look appropriate?

    ======

    SHELL=/bin/sh

    PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

    # m h dom mon dow user command
    17 * * * * root cd / && run-parts --report /etc/cron.hourly
    25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
    47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly
    52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )

    */10 5-22 * * * root /root/ipchecker > /dev/null 2>&1
    2 0 * * * root rm /tmp/*.sln >/dev/null 2>&1
     
  4. dallas

    dallas Member

    Joined:
    Oct 21, 2007
    Messages:
    191
    Likes Received:
    23
    If I'm reading it correctly, this translates to every 6 seconds between 0500 and 2200
    you should be seeing entries in the log each time the job runs.
     
    wardmundy likes this.
  5. Aaron Outhier

    Aaron Outhier New Member

    Joined:
    Dec 11, 2016
    Messages:
    28
    Likes Received:
    3
    Look at the comment on line 3:
    # m h dom mon dow user command

    First column is minutes, not seconds.
     
  6. dallas

    dallas Member

    Joined:
    Oct 21, 2007
    Messages:
    191
    Likes Received:
    23
    The first column is "*/10" which is 6 seconds.
     
  7. Aaron Outhier

    Aaron Outhier New Member

    Joined:
    Dec 11, 2016
    Messages:
    28
    Likes Received:
    3
    From the Linux Manpage:
    Step values can be used in conjunction with ranges. Following a
    range with "/<number>" specifies skips of the number's value through
    the range. For example, "0-23/2" can be used in the 'hours' field to
    specify command execution for every other hour (the alternative in
    the V7 standard is "0,2,4,6,8,10,12,14,16,18,20,22"). Step values
    are also permitted after an asterisk, so if specifying a job to be
    run every two hours, you can use "*/2".
     
  8. Aaron Outhier

    Aaron Outhier New Member

    Joined:
    Dec 11, 2016
    Messages:
    28
    Likes Received:
    3
    Thus, we have “if the current hour is divisible by 2, run this entry” for the Manpage.
    Likewise, */10 in the Minutes column, means:
    if the current number of minutes is divisible by 10, run crontab entry.
     
    wardmundy likes this.
  9. dallas

    dallas Member

    Joined:
    Oct 21, 2007
    Messages:
    191
    Likes Received:
    23
    I stand corrected.. So it's every 10 minutes between 0500 and 2200.