wok diff ipset/description.txt @ rev 25705
fusecloop/extract_compressed_fs: can convert to v0.68 or v1.0
| author | Pascal Bellard <pascal.bellard@slitaz.org> |
|---|---|
| date | Sat Jun 22 12:48:49 2024 +0000 (4 months ago) |
| parents | |
| children |
line diff
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/ipset/description.txt Sat Jun 22 12:48:49 2024 +0000 1.3 @@ -0,0 +1,16 @@ 1.4 +IP sets are a framework inside the Linux kernel, which can be administered 1.5 +by the ipset utility. Depending on the type, an IP set may store IP addresses, 1.6 +networks, (TCP/UDP) port numbers, MAC addresses, interface names or 1.7 +combinations of them in a way, which ensures lightning speed when matching 1.8 +an entry against a set. 1.9 + 1.10 +If you want to 1.11 + 1.12 +* store multiple IP addresses or port numbers and match against the 1.13 + collection by iptables at one swoop; 1.14 +* dynamically update iptables rules against IP addresses or ports without 1.15 + performance penalty; 1.16 +* express complex IP address and ports based rulesets with one single 1.17 + iptables rule and benefit from the speed of IP sets 1.18 + 1.19 +then ipset may be the proper tool for you.