File: libxt_SET.man

package info (click to toggle)
iptables 1.4.21-2
  • links: PTS
  • area: main
  • in suites: jessie, jessie-kfreebsd
  • size: 4,508 kB
  • ctags: 5,169
  • sloc: ansic: 33,734; sh: 11,790; makefile: 146
file content (25 lines) | stat: -rw-r--r-- 861 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
This module adds and/or deletes entries from IP sets which can be defined
by ipset(8).
.TP
\fB\-\-add\-set\fP \fIsetname\fP \fIflag\fP[\fB,\fP\fIflag\fP...]
add the address(es)/port(s) of the packet to the set
.TP
\fB\-\-del\-set\fP \fIsetname\fP \fIflag\fP[\fB,\fP\fIflag\fP...]
delete the address(es)/port(s) of the packet from the set
.IP
where \fIflag\fP(s) are
.BR "src"
and/or
.BR "dst"
specifications and there can be no more than six of them.
.TP
\fB\-\-timeout\fP \fIvalue\fP
when adding an entry, the timeout value to use instead of the default
one from the set definition
.TP
\fB\-\-exist\fP
when adding an entry if it already exists, reset the timeout value
to the specified one or to the default from the set definition
.PP
Use of \-j SET requires that ipset kernel support is provided, which, for
standard kernels, is the case since Linux 2.6.39.