Skip to main content

Backends

Backends are software interfaces that the Knocknoc Agent can connect and interact with. Select a backend that suits your use case.

IPset (Linux Netfilter/IPTables)

IPsets are a powerful and highly efficient way of making a dynamic firewall on a normal Linux mac...

HAProxy

HAProxy is a fantastic reverse proxy with a massive amount of features. Knocknoc has supported HA...

IPsets with UFW

This is an example that lets you use UFW (https://wiki.ubuntu.com/UncomplicatedFirewall) and IPse...

IPsets with Shorewall

This is an example that lets you use Shorewall https://shorewall.org/index.html and IPsets to dyn...

Script Any Arbitrary Backend

The "script" backend type is simply a script the agent can execute that takes a fixed set of argu...

AWS (EC2) Security Groups

Knocknoc can easily connect to AWS using common utilities and IAM credentials, and update the all...

Mikrotik RouterOS

The scripting backend can be used for MikroTik RouterOS config updates as well. Here is a sample ...

Nginx

Nginx support via script was added in knocknoc-agent version 1.0.30. This allows for flexible ACL...

Apache Webserver

Apache 2.4 and above have slightly different ACL syntax, so this page covers how you can use Knoc...

Fortigate Address Groups

Released for wider testing in version 1.0.34 of knocknoc agent, the FortiOS integration allows Kn...

Microsoft Entra

Overview This integration is designed to manage named locations in Microsoft Azure Conditional A...

Allowlist

The Allowlist backend makes a list of active IP address grants available via the Knocknoc server ...

Juniper SRX with Allowlist

Background Knocknoc's Allowlist features provides a very powerful integration with firewalls tha...
Back to top