Bug#380148: ITP: ipset -- administration tool and iptables modules for kernel IP sets
Package: wnpp
Severity: wishlist
Owner: "Robert S. Edmonds" <edmonds@debian.org>
* Package name : ipset
Version : 2.2.9
Upstream Author : Jozsef Kadlecsik <kadlec@netfilter.org>
* URL : http://ipset.netfilter.org/
* License : GPL
Programming Lang: C
Description : administration tool and iptables modules for kernel IP sets
IP sets are a framework inside the Linux 2.4.x and 2.6.x kernel which can be
administered by the ipset(8) utility. Depending on the type, an IP set may
store IP addresses, TCP/UDP port numbers, or IP addresses with MAC addresses in
a way which ensures lightning speed when matching an entry against a set.
.
If you want to
.
* store multiple IP addresses or port numbers and match against the entire
collection using a single iptables rule;
.
* dynamically update iptables rules against IP addresses or ports without
performance penalty;
.
* express complex IP address and ports based rulesets with a single iptables
rule and benefit from the speed of IP sets;
.
then IP sets may be the proper tool for you.
.
Note: the ipset(8) utility is the userspace counterpart to kernel functionality
which requires patches from the patch-o-matic-ng project applied to the kernel.
Reply to: