docs:tips_n_tricks:ipset.html
Table of Contents
ipset
ipset Cheatsheet
| Command | Meaning |
|---|---|
ipset create bad_ips hash:ip | create set for single ips |
ipset create bad_nets hash:net | create set for networks |
ipset add bad_ips 10.1.2.4 | add entry to set |
ipset add bad_nets 10.1.2.0/14 |
|
ipset create bad_nets hash:net comment | create set for networks with comments |
ipset add bad_nets 10.1.2.0/14 comment “just fyi” | add networks to set with comment |
ipset create bad_nets hash:net counters | create set for networks with counters |
ipset create bad_nets hash:net comment counters | create set for networks with comments and counters |
ipset list -n | list defined sets |
ipset list bad_ips | show details and content of set |
ipset del bad_nets 10.1.2.0/14 | remove entry from set |
ipset del bad_ips 10.1.2.4 |
|
ipset destroy bad_ips | nuke set |
iptables use of ipsets Cheatsheet
| Command | Meaning |
|---|---|
iptables -A INPUT -j DROP -m set –match-set bad_ips src | iptables matching source from ipset |
iptables -A INPUT -j DROP -m set –match-set bad_nets src |
docs/tips_n_tricks/ipset.html.txt · Last modified: 11.01.2026 21:45 CET by peter