1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
Source: ipset
Section: net
Priority: extra
Maintainer: Robert S. Edmonds <edmonds@debian.org>
Build-Depends: debhelper (>= 4.0.0), cdbs
Standards-Version: 3.7.2
Package: ipset
Architecture: any
Depends: iptables, ${shlibs:Depends}
Description: administration tool for kernel IP sets
IP sets are a framework inside the Linux 2.4.x and 2.6.x kernel which can be
administered by the ipset(8) utility. Depending on the type, an IP set may
store IPv4 addresses, TCP/UDP port numbers, or IPv4 addresses with MAC
addresses in a way which ensures lightning speed when matching an entry
against a set.
.
If you want to
.
* store multiple IPv4 addresses or port numbers and match against the entire
collection using a single iptables rule;
.
* dynamically update iptables rules against IPv4 addresses or ports without
performance penalty;
.
* express complex IPv4 address and ports based rulesets with a single iptables
rule and benefit from the speed of IP sets;
.
then IP sets may be the proper tool for you.
.
Note: the ipset(8) utility is the userspace counterpart to kernel functionality
which requires patches from the patch-o-matic-ng project applied to the kernel.
|
