On 11/7/2012 10:51 PM, Jozsef Kadlecsik wrote:
No, the idea is to add targets per set entry. I.e. ipset add foo 192.168.1.1 -t filter -A FORWARD -j LOG --log-prefix foo ipset add foo 192.168.1.2 -t filter -A FORWARD -j LOG --log-prefix bar Best regards, Jozsef
hoo now I understand. but ipset was meant to be a "set match", no? In iptables it's a module that match a rule if it matches a set... it's kind of confusing from iptables idea point of view for me. Regards, Eliezer -- Eliezer Croitoru https://www1.ngtech.co.il IT consulting for Nonprofit organizations eliezer <at> ngtech.co.il -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
