[Bug 744] set:list behavior
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Tue Sep 6 12:16:52 CEST 2011
http://bugzilla.netfilter.org/show_bug.cgi?id=744
--- Comment #3 from Jozsef Kadlecsik <kadlec at netfilter.org> 2011-09-06 12:16:52 ---
Before ipset 6.x there was no IPv6 support, and other factors changed as well.
But of course the list:set type is useful, only it has got two faces: from
userspace by the ipset tool you can add, delete and *test* subsets as elements,
while in kernel space the match/target is used. In kernel the system works on
packets which are well defined, there's no parsing issue and of course for
example a matching is executed in the subsets.
You could emulate the matching you are looking for in userspace by a simple
shell script like this (untested):
#!/bin/sh
ipset list $1 | tail -n +7 | while read x y; do
ipset test $x $2
if [ $? -eq 0 ]; then
echo "$2 is in set $1"
exit 0
fi
done
echo "$2 is NOT in set $1"
exit 1
# eof
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.
More information about the netfilter-buglog
mailing list