#!/bin/bash

[[ -n $KNOCKING_STATUS ]] && 
    INTERFACE=$(ip -br a | grep -E "172.28" | awk '{print $1}') || \
    exit 0

source .env

echo -E "
[options]
Interface = ${INTERFACE%@*}

[openNGINX]
sequence    = ${OPEN_PORT_SEQ}
seq_timeout = 5
command     = /sbin/iptables -D INPUT -p tcp --dport 80 -j REJECT
tcpflags    = syn

[closeNGINX]
sequence    = ${CLOSE_PORT_SEQ}
seq_timeout = 5
command     = /sbin/iptables -A INPUT -p tcp --dport 80 -j REJECT
tcpflags    = syn
" > /etc/knockd.conf

/sbin/iptables -A INPUT -p tcp --dport 80 -j REJECT