Ooops, I realized how many blanks I am leaving in my messages. The website is only used to allow the user to enter their mac address in order to have access to our services (not HTTP). Yes, ./iptables.sh is the ruleset script. >> When you update your ipset, any rule referring to that set uses the >> new set right away. There would be no point in dumping and then >> reloading your ruleset. Hmm, this covers adding *new* mac or even ip addresses however, how would delete/modify existing entries dynamically. Kind Regards. Nick. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
