Code, robots and stuff

I just set up a honeypot on my home router, but I still want to be able to ssh in to it from a few selected outside addresses. So how do you accomplish such a task? It's quite easy! Below is an example of what a rule might look like that directs all traffic not coming from approved addresses to something else(here my kippo-server running on port 2222)

# which addresses that are allowed to do normal ssh

table <whitelist> {, }


# redirecting for the honeypot

rdr pass inet proto tcp from <whitelist> to $ext_if port 22 -> port 22

rdr pass inet proto tcp from !<whitelist> to $ext_if port 22 -> port 2222

Note the ! in front of on the second row. This rules basically means that anything that is not coming from the whitelist and wants to do some sshing to my external interface will get redirected to localhost:2222 where I have my honeypot running. I'm awaiting eagerly for someone to break the simple password and try to wreak havoc!