On Wed, 7 Nov 2012, Eliezer Croitoru wrote: > On 10/26/2012 3:58 PM, Csord?s Csaba Ifj. wrote: > > > > I would like to ask when will it possible writing such rules as > > mentioned in $SUBJECT. > > > > For example: > > > > ipset new foo hash:ip > > ipset add foo 192.168.1.1 -t filter -A FORWARD -j LOG ... -t nat -A > > POSTROUTING -j SNAT ... -t mangle -A PREROUTING -j MARK ... > > > > > > Sorry for my bad English. > > I wont say it will not give some benefits but it seems to me like a simple > bash script can do the same thing. No, the idea is to add targets per set entry. I.e. ipset add foo 192.168.1.1 -t filter -A FORWARD -j LOG --log-prefix foo ipset add foo 192.168.1.2 -t filter -A FORWARD -j LOG --log-prefix bar Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlecsik.jozsef@xxxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences H-1525 Budapest 114, POB. 49, Hungary -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
