ipset (with examples)

ipset (with examples)

1: Creating an empty IP set

Code:

ipset create set_name hash:ip

Motivation:

Creating an empty IP set allows us to later add IP addresses to this set. This is useful for organizing and managing firewall rules.

Explanation:

  • create: Specifies that we want to create a new IP set.
  • set_name: The name we want to give to the IP set. It can be any desired identifier.
  • hash:ip: Specifies that the IP set will use a hash function to store IP addresses efficiently.

Example Output:

No output is displayed when creating an IP set. It simply creates an empty set with the specified name and hash function.

2: Destroying a specific IP set

Code:

ipset destroy set_name

Motivation:

Destroying an IP set allows us to remove it completely, freeing up any resources associated with it. This is useful when we no longer need a particular set or want to clean up our firewall rules.

Explanation:

  • destroy: Indicates that we want to destroy an existing IP set.
  • set_name: The name of the IP set we want to destroy.

Example Output:

No output is displayed when destroying an IP set. The set is simply removed from the system.

3: Adding an IP address to a specific set

Code:

ipset add set_name 192.168.1.25

Motivation:

Adding an IP address to a specific set allows us to include that IP address in our firewall rules. This is useful when we want to allow or block traffic from a specific IP.

Explanation:

  • add: Specifies that we want to add an IP address to an IP set.
  • set_name: The name of the IP set to which we want to add the IP address.
  • 192.168.1.25: The IP address we want to add to the set.

Example Output:

No output is displayed when adding an IP address to a set. The IP address is simply added to the specified set.

4: Deleting a specific IP address from a set

Code:

ipset del set_name 192.168.1.25

Motivation:

Deleting a specific IP address from a set allows us to remove that IP address from our firewall rules. This is useful when we no longer want to allow or block traffic from that IP address.

Explanation:

  • del: Indicates that we want to delete an IP address from an IP set.
  • set_name: The name of the IP set from which we want to delete the IP address.
  • 192.168.1.25: The IP address we want to delete from the set.

Example Output:

No output is displayed when deleting an IP address from a set. The IP address is simply removed from the specified set.

5: Saving an IP set

Code:

ipset save set_name > path/to/ip_set

Motivation:

Saving an IP set allows us to persistently store the set’s contents to a file. This is useful for backup purposes or for transferring IP sets to other systems.

Explanation:

  • save: Specifies that we want to save an IP set.
  • set_name: The name of the IP set we want to save.
  • > path/to/ip_set: Redirects the output of the command to a file at the specified path. The file will contain the contents of the IP set.

Example Output:

No output is displayed when saving an IP set. The contents of the set are written to the specified file.

Tags :

Related Posts

How to use the command "coproc" (with examples)

How to use the command "coproc" (with examples)

The “coproc” command is a built-in command in Bash that allows you to create interactive asynchronous subshells.

Read More
Clear Command (with examples)

Clear Command (with examples)

The “clear” command is used to clear the screen of the terminal.

Read More
How to use the command 'wait' (with examples)

How to use the command 'wait' (with examples)

The ‘wait’ command allows you to pause the execution of a shell script or command until a process or set of processes finish executing.

Read More