On Fri, 26 Oct 2012, Csordás Csaba Ifj. wrote: > I would like to ask when will it possible writing such rules as > mentioned in $SUBJECT. > > For example: > > ipset new foo hash:ip > ipset add foo 192.168.1.1 -t filter -A FORWARD -j LOG ... -t nat -A > POSTROUTING -j SNAT ... -t mangle -A PREROUTING -j MARK ... That's still on the todo list of ipset. Also, it requires some (small) changes in the netfilter core itself. After adding some locking improvements to ipset, hopefully I can start working on the subject. Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlecsik.jozsef@xxxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences H-1525 Budapest 114, POB. 49, Hungary
