Re: new ipset set type - hash:ip,mac

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

W dniu 25.04.2016 11:18, Jozsef Kadlecsik napisał(a):

On Sun, 24 Apr 2016, Tomasz Chiliński wrote:


First - thanks a lot for excellent ipset toolkit!
Second - Sorry for posting directly to you, but didn't get reply from
netfilter-devel
mailing list after trying to subscribe there.

I've created lately my own very missed set type hash:ip,mac
which stored any ipv4/ipv6 - mac pairs using hashing structures.
It allows to create only single set with all addresses and macs
used in quite large lans without bothering with separated sets
for different ip segments.

I've attached patches for kernel 4.1 and ipset 6.29.
I could also prepare for newer kernel versions if one would be
interested in it ;-)

Any feedback or small review would be very appreciated!


Thanks your patch, I'll review and report back.


Missed man entry in attachment.


Best regards,
Jozsef
-
E-mail  : kadlec@xxxxxxxxxxxxxxxxx, kadlecsik.jozsef@xxxxxxxxxxxxx
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences 
          H-1525 Budapest 114, POB. 49, Hungary


--
Pozdrawiam
Tomasz Chiliński, Chilan

--- a/src/ipset.8	2016-03-16 09:07:18.000000000 +0100
+++ b/src/ipset.8	2016-04-25 16:01:55.090994631 +0200
@@ -551,6 +551,28 @@
 .IP
 ipset test foo 01:02:03:04:05:06
 
+.SS hash:ip,mac
+The \fBhash:ip,mac\fR set type uses a hash to store IPv4 and a MAC address pairs. Zero valued MAC addresses cannot be stored in a \fBhash:ip,mac\fR
+type of set.
+.PP
+\fICREATE\-OPTIONS\fR := [ \fBhashsize\fR \fIvalue\fR ] [ \fBmaxelem\fR \fIvalue\fR ] [ \fBtimeout\fR \fIvalue\fR ] [ \fBcounters\fP ] [ \fBcomment\fP ] [ \fBskbinfo\fP ]
+.PP
+\fIADD\-ENTRY\fR := \fIip\fR,\fImacaddr\fR
+.PP
+\fIADD\-OPTIONS\fR := [ \fBtimeout\fR \fIvalue\fR ] [ \fBpackets\fR \fIvalue\fR ] [ \fBbytes\fR \fIvalue\fR ] [ \fBcomment\fR \fIstring\fR ] [ \fBskbmark\fR \fIvalue\fR ] [ \fBskbprio\fR \fIvalue\fR ] [ \fBskbqueue\fR \fIvalue\fR ]
+.PP
+\fIDEL\-ENTRY\fR := \fIip\fR,\fImacaddr\fR
+.PP
+\fITEST\-ENTRY\fR := \fIip\fR,\fImacaddr\fR
+.PP
+Examples:
+.IP
+ipset create foo hash:ip,mac
+.IP
+ipset add foo 1.1.1.1,01:02:03:04:05:06
+.IP
+ipset test foo 1.1.1.1,01:02:03:04:05:06
+
 .SS hash:net
 The \fBhash:net\fR set type uses a hash to store different sized IP network addresses.
 Network address with zero prefix size cannot be stored in this type of sets.
[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux