Hi there! I've been doing some test, and I'm unable to get all A or AAAA registers of a FQDN inside a set (i.e. hash:ip). Try it yourself: $ host dl.dropbox.com [6 ips] # ipset create hash:ip test # ipset add test dl.dropbox.com # ipset list test [just 1 ip] I took a look at the source of ipset (on git repo), but I was unable to determine where in the code the desition of drop (or ignore) additional DNS resolutions is being taken. (Yes, i'm a noob programmer) Any idea? Best regards. -- Arturo Borrero González Departamento de Seguridad Informática, @NIS_CICA (twitter) Centro Informatico Cientifico de Andalucia (CICA) Avda. Reina Mercedes s/n - 41012 - Sevilla (Spain) Tfno.: +34 955 056 600 / FAX: +34 955 056 650 Consejería de Economía, Innovación, Ciencia y Empleo Junta de Andalucía -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
