Hello, I have an ipset named "PORTSCAN". I allow traffic to legitimate ports, but if any IP tries to access (scan) any other port, I add it to PORTSCAN. The purpose is to protect my hidden services, here in this example listening on 22222: -A INPUT -m set --match-set PORTSCAN src -j DROP ... -A INPUT -p tcp -m tcp --dport 22222 -j ACCEPT ... -A INPUT -j SET --add-set PORTSCAN src --timeout 3600 So, now when IP is alredy in PORTSCAN, in addition to DROP, I need to update the timeout (reset to 3600 again), so that if IP continuously tries to scan me, the timeout gets constantly extended/reset. This was possible when I was using the "-m recent" module: -A INPUT -m recent --rsource --name GREYLIST --seconds 3600 --update -j DROP how can I update the timeout of IP in ipset?
