IP sets are a framework inside the Linux 2.4.x and 2.6.x kernel which can be administered by the ipset(8) utility. Depending on the type, an IP set may store IPv4 addresses, TCP/UDP port numbers, or IPv4 addresses with MAC addresses in a way which ensures lightning speed when matching an entry against a set.
If you want to
* store multiple IPv4 addresses or port numbers and match against the entire collection using a single iptables rule;
* dynamically update iptables rules against IPv4 addresses or ports without performance penalty;
* express complex IPv4 address and ports based rulesets with a single iptables rule and benefit from the speed of IP sets;
then IP sets may be the proper tool for you. .
|
|
|
| Architecture | Package Size | Installed Size | Files |
|---|---|---|---|
| alpha | 54.9 kB | 260 kB | [list of files] |
| amd64 | 50.6 kB | 228 kB | [list of files] |
| armel | 44.6 kB | 196 kB | [list of files] |
| hppa | 51.7 kB | 224 kB | [list of files] |
| i386 | 44.8 kB | 200 kB | [list of files] |
| ia64 | 63.6 kB | 304 kB | [list of files] |
| kfreebsd-amd64 | 50.7 kB | 182 kB | [list of files] |
| kfreebsd-i386 | 44.8 kB | 152 kB | [list of files] |
| m68k (unofficial port) | 45.0 kB | 200 kB | [list of files] |
| mips | 46.1 kB | 216 kB | [list of files] |
| mipsel | 46.3 kB | 216 kB | [list of files] |
| powerpc | 64.4 kB | 280 kB | [list of files] |
| s390 | 49.7 kB | 216 kB | [list of files] |
| sparc | 46.0 kB | 204 kB | [list of files] |