Bug 706624 - ipset
Summary: ipset
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: distribution
Version: rawhide
Hardware: All
OS: Linux
unspecified
low
Target Milestone: ---
Assignee: Bill Nottingham
QA Contact: Bill Nottingham
URL: http://ipset.netfilter.org/
Whiteboard:
: 196234 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-05-21 16:51 UTC by Account closed by user
Modified: 2011-09-20 12:41 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-09-20 12:41:06 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Account closed by user 2011-05-21 16:51:44 UTC 
IP sets are a framework inside the Linux kernel netfilter subsystem,
which can be administered by the ipset utility. Depending on the
type, currently an IP set may store IP addresses, (TCP/UDP) port
numbers or IP addresses with MAC addresses in a way, which ensures
lightning speed when matching an entry against a set.

Features:

 * store multiple IP addresses or port numbers and match
   against the collection by iptables at one swoop;
 * dynamically update iptables rules against IP addresses or
   ports without performance penalty;
 * express complex IP address and ports based rulesets with one
   single iptables rule and benefit from the speed of IP sets
Comment 1 Bill Nottingham 2011-05-23 14:54:50 UTC 
CC'ing some people who may have a passing interest.
Comment 2 Chen Lei 2011-05-23 16:02:25 UTC 
*** Bug 196234 has been marked as a duplicate of this bug. ***
Comment 3 Thomas Woerner 2011-07-07 16:59:50 UTC 
The Fedora 16 kernel (linux-3.0) will have support for ipset.

Here are libmnl and ipset test packages for Fedora 16:
http://twoerner.fedorapeople.org/ipset/
http://twoerner.fedorapeople.org/libmnl/
Note You need to log in before you can comment on or make changes to this bug.