OK, I tested it properly this time and it works well. It would be nice to have it, it is very useful on firewalls.
Here is a snippet of my tests: $ ipset --version ipset v6.11, protocol version: 6 $ ping 192.168.2.2 PING 192.168.2.2 (192.168.2.2) 56(84) bytes of data. ^C --- 192.168.2.2 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 5.876/5.876/5.876/0.000 ms $ sudo ipset list $ sudo ipset -N test nethash $ sudo ipset list Name: test Type: hash:net Header: family inet hashsize 1024 maxelem 65536 Size in memory: 8532 References: 0 Members: $ sudo ipset -A test 192.168.2.2 $ sudo ipset list Name: test Type: hash:net Header: family inet hashsize 1024 maxelem 65536 Size in memory: 8564 References: 0 Members: 192.168.2.2 $ sudo iptables -A INPUT -m set --match-set test src -j DROP $ ping 192.168.2.2 PING 192.168.2.2 (192.168.2.2) 56(84) bytes of data. ^C --- 192.168.2.2 ping statistics --- 3 packets transmitted, 0 received, 100% packet loss, time 2015ms $ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/979682 Title: FFe: Sync ipset 6.11-2 (universe) from Debian sid (main) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/979682/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
