IP sets are a framework inside the Linux 2.4.x and 2.6.x kernel,
which can be administered by the ipset utility. Depending on the type,
currently an IP set may store IP addresses, (TCP/UDP) port numbers
or IP addresses with MAC addresses in a way, which ensures lightning
speed when matching an entry against a set.
If you want to:
* store multiple IP addresses or port numbers and match against
the collection by iptables at one swoop;
* dynamically update iptables rules against IP addresses or ports
without performance penalty;
* express complex IP address and ports based rulesets with one
single iptables rule and benefit from the speed of IP sets
then ipset may be the proper tool for you.
IP sets was written by Jozsef Kadlecsik and it is based on ippool
by Joakim Axelsson, Patrick Schaaf and Martin Josefsson.
IMPORTANT: This package creates some kernel modules, and in
particular net/netfilter/xt_set.ko that's already included in the
Slackware stock kernel: if you remove this, reinstall your kernel
This requires: libmnl
Maintained by: Michal Bialozor
(the SlackBuild does not include the source)