IP sets¶
links: SPA TOC - Linux Firewall - Index
Overview¶
IP sets provides a framework inside the Linux kernel to store sets of:
- IP addresses
- networks
- TCP/UDP port numbers
- MAC addresses
- interface names
- combination of these
Use cases
- Can be administered using the
ipsetutility - store multiple IP addresses/ports/etc. and match against the collection by iptables in one swoop
- dynamically update iptables rules
- express complex rulesets with one single iptables rule
links: SPA TOC - Linux Firewall - Index