I'm sending the following patch for feedback - it's something I created out of a need to restrict access to various subnets pairs in a form more convenient than a huge ugly iptables chain. There's a wee bit of code duplication for the CIDR add/del but I felt that copying the functions to handle a second CIDR was less invasive than reworking it and having to change code for the existing sets, but I'm open to ideas if anyone feels it's not suitable. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
