Greetings I'm putting together a new firewall, using ipsets to simplify the overall rules. I would like to know if I can use multiple sets in a single rule. For example would the following be possible: ipset create incoming_ports bitmap:port ipset add incoming_ports 53 ipset add incoming_ports 25 ipset add incoming_ports 80 ipset add incoming_ports 143 ipset create local_addresses bitmap:ip ipset add local_addresses 192.168.0.1 ipset add local_addresses 150.250.150.253 iptables -A -p tcp -m set --set local_addresses src\ --set incoming_ports dst -j ACCEPT Or should I match on one thing first and push the result into a chain to match with the second set? -- Nikolai Lusan <nikolai@xxxxxxxxxxx>
Attachment:
signature.asc
Description: This is a digitally signed message part
