wok view ipset/description.txt @ rev 24873
updated lynis (3.0.6 -> 3.0.7)
author | Hans-G?nter Theisgen |
---|---|
date | Thu Mar 31 07:46:22 2022 +0100 (2022-03-31) |
parents | |
children |
line source
1 IP sets are a framework inside the Linux kernel, which can be administered
2 by the ipset utility. Depending on the type, an IP set may store IP addresses,
3 networks, (TCP/UDP) port numbers, MAC addresses, interface names or
4 combinations of them in a way, which ensures lightning speed when matching
5 an entry against a set.
7 If you want to
9 * store multiple IP addresses or port numbers and match against the
10 collection by iptables at one swoop;
11 * dynamically update iptables rules against IP addresses or ports without
12 performance penalty;
13 * express complex IP address and ports based rulesets with one single
14 iptables rule and benefit from the speed of IP sets
16 then ipset may be the proper tool for you.