unspecified

ipset - Manage Linux IP sets

Website: http://ipset.netfilter.org/
License: GPLv2
Vendor: CentOS
Description:
IP sets are a framework inside the Linux kernel since version 2.4.x, which can
be administered by the ipset utility. Depending on the type, currently an IP
set may store IP addresses, (TCP/UDP) port numbers or IP addresses with MAC
addresses in a way, which ensures lightning speed when matching an entry
against a set.

If you want to:
 - store multiple IP addresses or port numbers and match against the collection
   by iptables at one swoop;
 - dynamically update iptables rules against IP addresses or ports without
   performance penalty;
 - express complex IP address and ports based rulesets with one single iptables
   rule and benefit from the speed of IP sets
then ipset may be the proper tool for you.

Packages

ipset-7.1-1.el7.x86_64 [38 KiB] Changelog by Stefano Brivio (2019-02-24):
- Rebase to 7.1 (RHBZ#1649080):
  - Add compatibility support for strscpy()
  - Correct the manpage about the sort option
  - Add missing functions to libipset.map
  - configure.ac: Fix build regression on RHEL/CentOS/SL (Serhey Popovych)
  - Implement sorting for hash types in the ipset tool
  - Fix to list/save into file specified by option (reported by Isaac Good)
  - Introduction of new commands and protocol version 7, updated kernel include files
  - Add compatibility support for async in pernet_operations
  - Use more robust awk patterns to check for backward compatibility
  - Prepare the ipset tool to handle multiple protocol version
  - Fix warning message handlin
  - Correct to test null valued entry in hash:net6,port,net6 test
  - Library reworked to support embedding ipset completely
  - Add compatibility to support kvcalloc()
  - Validate string type attributes in attr2data() (Stefano Brivio)
  - manpage: Add comment about matching on destination MAC address (Stefano Brivio)
    (RHBZ#1649079)
  - Add compatibility to support is_zero_ether_addr()
  - Fix use-after-free in ipset_parse_name_compat() (Stefano Brivio) (RHBZ#1649073)
  - Fix leak in build_argv() on line parsing error (Stefano Brivio) (RHBZ#1649073)
  - Simplify return statement in ipset_mnl_query() (Stefano Brivio) (RHBZ#1649073)
  - tests/check_klog.sh: Try dmesg too, don't let shell terminate script (Stefano Brivio) 
- Fixes:
  - Fix all shellcheck warnings in init script (RHBZ#1649073)
  - Make error reporting consistent, introduce different severities (RHBZ#1649877)
  - While restoring, on invalid entries, remove them and retry (RHBZ#1650297)
  - Fix covscan SC2166 warning in init script (RHBZ#1649073)
  - Hardcode triggerin, triggerun versions for ipset-service (RHBZ#1646666)

Listing created by Repoview-0.6.6-4.el7