Skip to main content

Knocs (backends)

Knocs or backends, are systems that the Knocknoc Agent can orchestrate. Select a backend that suits your use case. If you need one that isn't on the list, please let us know as we're expanding these all the time.

Allowlist (EDLs)

The Allowlist backend makes a list of active IP address grants available via the Knocknoc server ...

IPSet (Linux Netfilter/IPTables)

IPsets are a powerful and highly efficient way of making a dynamic firewall on a normal Linux mac...

Palo Alto

Passive, Active or a combination Passive - Knocknoc's Allowlist features provides a passive inte...

Fortigate Address Groups (Fortinet)

The  FortiOS integration allows Knocknoc to dynamically add and remove user's source IP from a na...

FortiManager

The FortiManager is used to manage multiple Fortinet devices, including Fortigate firewalls, APs,...

Cisco (SFMC/Firepower)

The  Cisco Secure Firewall Management Console (formerly known as Firepower) integration allows Kn...

Juniper SRX

Passive, Active or a combination Passive - Knocknoc's Allowlist features provides a passive inte...

HAProxy

HAProxy is a fantastic reverse proxy with a massive amount of features. Knocknoc has supported HA...

Microsoft Entra

Overview This integration is designed to manage named locations in Microsoft Azure Conditional A...

Microsoft Azure NSG

Overview This integration allows for IP addresses to be dynamically managed within Azure Network...

AWS (EC2) Security Groups

Knocknoc can easily connect to AWS using common utilities and IAM credentials, and update the all...

AWS WAF Ipset

Below is a concise guide for a sysadmin (or developer) to set up and configure AWS WAF with a cus...

IPsets with UFW

This is an example that lets you use UFW (https://wiki.ubuntu.com/UncomplicatedFirewall) and IPse...

IPsets with Shorewall

This is an example that lets you use Shorewall https://shorewall.org/index.html and IPsets to dyn...

Mikrotik RouterOS

The scripting backend can be used for MikroTik RouterOS config updates as well. Here is a sample ...

Nginx

Nginx support via script was added in knocknoc-agent version 1.0.30. This allows for flexible ACL...

Apache Webserver

Apache 2.4 and above have slightly different ACL syntax, so this page covers how you can use Knoc...

Custom Script

The "Custom Script" Knoc type is simply a script the agent can execute that takes a fixed set of ...