Thanks.. but this would be outside of iptables ruleset.
I need a way to dynamically feed the ipset as traffic cones in via the
ruleset.
Aidas Kasparas <a.kasparas@xxxxxx> ha escrito:
On 2012.06.15 01:34, José Pablo Pérez wrote:
Currently with ipset iam able to send to a table the inidivual (/32)
source IP of a connection...
I need a way to send to iptables the C Class to an ipset .
In other words I need the historical list of last 30 min of C class
ranges that have requested my server.
I need this preferably done without something outside of iptables (such
as a daemon).
just use parameter netmask 24 while creating ipset and you're done.
test:~# ipset create test hash:ip timeout 60 netmask 24
test:~# ipset add test 127.0.1.2
test:~# ipset add test 127.3.4.5
test:~# ipset list test
Name: test
Type: hash:ip
Header: family inet hashsize 1024 maxelem 65536 netmask 24 timeout 60
Size in memory: 16632
References: 0
Members:
127.0.1.0 timeout 50
127.3.4.0 timeout 55
test:~# ipset test test 127.0.1.1
127.0.1.1 is in set test.
test:~#
--
Aidas Kasparas
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
