[Ferm] ipset
Kiss Gabor (Bitman)
kissg at ssg.ki.iif.hu
Mon Dec 16 09:15:08 CET 2013
Dear Max,
> > IPSET hash:net trustforward $NET1;
> >
> > How is this called? Syntactic sugar? :-)
>
> I always thought ipset was for dynamic sets of addresses. For
> example, when you want to auto-block after password failures. That's
> why there's no syntax in ferm to fill an ipset, only to refer to one.
>From now regard it as a faster way of checking incoming packets against
a 2000 element address list.
Please believe me. If you offer a possibility to ferm users to
create static sets, there will be guys who make the best of it. :-)
Regards
Gabor
--
E-mail = m-mail * c-mail ^ 2
More information about the Ferm
mailing list