doorman
doorman: Settings
pkg_edit.php?xml=doorman.xml&id=0
doorman
doorman.sh
doormand
Settings
/pkg_edit.php?xml=doorman.xml&id=0
Users
/pkg.php?xml=doormanusers.xml
- http://www.pfsense.com/packages/config/doormanusers.xml
installedpackages->package->$packagename->configuration->settings
Initial connection timeout
initdelay
Enter the desired number of *microseconds* to wait for a complete 3-way handshake between the client and requested service. (default one half second)
input
500000
Connection check interval
checkdelay
Enter the desired number of *seconds* between checking for broken connections. (default 5 seconds)
input
5
Connection initiation timeout
inittimeout
Enter the desired number of *seconds* to wait for a connection to be established after a successful knock.i (default 10 seconds)
input
10
Listening port
port
Enter the port that doormand should listen on. (default 1001)
1001
input
global $config;
$start = "/usr/local/sbin/doormand -D &";
write_rcfile(array(
"file" => "doorman.sh",
"start" => $start,
"stop" => "/usr/bin/killall doormand"
)
);
function sync_package_doorman() {
conf_mount_rw();
config_lock();
global $config;
$fout = fopen("/usr/local/etc/doormand/doormand.cf","w");
fwrite($fout, "# This file was automatically generated by the pfSense\n# package management system.\n\n");
/*
* $int = convert_friendly_interface_to_real_interface_name($_POST['interface']);
* fwrite($fout, "interface " . $int . "\n");
*/
fwrite($fout, "interface " . $config['interfaces']['wan']['if'] . "\n");
if($_POST['port'] != "") fwrite($fout, "port " . $_POST['port'] . "\n");
if($_POST['inittimeout'] != "") fwrite($fout, "waitfor " . $_POST['inittimeout'] . "\n");
if($_POST['initdelay'] != "") fwrite($fout, "connection_delay_1 " . $_POST['initdelay'] . "\n");
if($_POST['checkdelay'] != "") fwrite($fout, "connection_delay_2 " . $_POST['checkdelay'] . "\n");
fwrite($fout, "pidfile /var/run/doormand.pid\nlogfile /var/log/messages\nloglevel NOTICE\nguestlist /usr/local/etc/doormand/guestlist\nfirewall-add /usr/local/etc/doormand/pfctl_add\nfirewall-del /usr/local/etc/doormand/pfctl_del\ntag-queue-length 100000\ntag-queue /var/doorman_tag_queue\ntag-db /var/doorman_tag_db.db\n");
fwrite($fout, "hash-archive-size 50000\n");
fwrite($fout, "hash-archive /tmp/doormand.hash-archive\n");
fclose($fout);
restart_service("doorman");
conf_mount_ro();
config_unlock();
}
sync_package_doorman();