With regards to ipset type hash:ip,mark, it is mentioned that """ The hash:ip,mark type of sets require two src/dst parameters of the set match and SET target kernel modules. """ However as it invoves storing mark, which has nothing to do with src/dst parametes, so it should be mentioned something like """ The hash:ip,mark type of sets require one src/dst IP/network and fwmark of the set match and SET target kernel modules. """ Besides, as this is the only set which hashes mark also, so exactly which IPTABLES module to use should also be mentioned. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
