IPShutter lets you firewall off ports such as ssh, and selectively enable access with a one-time password. For example, if you want to log into the server from a friend's house, you pull out a list of one-time passwords and point the web browser at a URL that contains one password. That tells the server to allow ssh connections from your friend's IP address for five minutes. Connections made in that period will stay up indefinitely.

Diagram of IPShutter in typical operation

IPShutter must already be running on the server, and its control port must be allowed through the firewall.

Read the man page.


IPShutter is written in Perl. It requires ipchains - on 2.4 kernels, ipchains can be loaded as module. IPShutter must run as root.

You may need to modify the first line of IPShutter to point to where Perl5 is located on your system.


Version 0.2 - Sat Sep 28 14:55:03 CDT 2002 - Moved configuration options to /etc/ipshutterrc and fixed daemonization.


IPShutter is distributed as a gzipped tarball. Download the latest version.


IPShutter is free software distributed under the GNU GPL.

Help and Feedback

If you have questions, comments or suggestions about IPShutter, feel free to contact me at asher@wildsparx.com. If you include IPShutter in the subject field, it will help me sort my mail.

by asher@wildsparx.com