On Sun, Jun 8, 2014 at 6:22 PM, Michael Rash <michael.rash@gmail.com> wrote:
now when i run the knock from the Android app i can unlock the port,
but i see this error message in the log file,

(stanza #1) Error creating fko context: Args contain invalid data: FKO_ERROR_INVALID_DATA_HMAC_COMPAREFAIL


Do you now have two stanzas in access.conf?  I.e. one with base64 keys and the other without?

 That HMAC error would mean that the port should not be opened unless you are gaining access via a second stanza

​yes i see now, i created more rules/keys and test it again, fwknop will log each stanza check until it find a match,
so if i have 20 users, i can have up to 19 error messages like the above.

Maybe you should consider to write these messages at a lower error level (like debug maybe?)

Thank you again for your help,