Manage Linux IP sets
IP sets are a framework inside the Linux kernel since version 2.4.x, which can
be administered by the ipset utility. Depending on the type, currently an IP
set may store IP addresses, (TCP/UDP) port numbers or IP addresses with MAC
addresses in a way, which ensures lightning speed when matching an entry
against a set.
If you want to:
- store multiple IP addresses or port numbers and match against the collection
by iptables at one swoop;
- dynamically update iptables rules against IP addresses or ports without
- express complex IP address and ports based rulesets with one single iptables
rule and benefit from the speed of IP sets
then ipset may be the proper tool for you.
ipset ipset is used to set up, maintain and inspect so called IP sets in the Linux kernel. Depending on the type of the set, an IP set may store IP(v4/v6) addresses...