ports/security/knock/files/patch-knockd.conf

--- knockd.conf.orig	2023-07-23 19:53:02 UTC
+++ knockd.conf
@@ -1,16 +1,17 @@
 [options]
 	logfile = /var/log/knockd.log
+	interface = fxp0
 
 [openSSH]
 	sequence    = 7000,8000,9000
 	seq_timeout = 5
-	command     = /usr/sbin/iptables -A INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
+	command     = /sbin/ipfw -q add pass proto tcp src-ip %IP% dst-port 22
 	tcpflags    = syn
 
 [closeSSH]
 	sequence    = 9000,8000,7000
 	seq_timeout = 5
-	command     = /usr/sbin/iptables -D INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
+	command     = /sbin/ipfw -q delete pass proto tcp src-ip %IP% dst-port 22
 	tcpflags    = syn
 
 [openHTTPS]