Tom Eastep wrote: > You are welcome. > > Any additional testing of ipsets that you can do would be very much > appreciated. > > -Tom
Right now I'm using ipsets only for blacklisting purposes. I had to go with ipsets due to the sheer size of the blacklist. I have one set for dropping SMTP requests from several countries I'm not expecting any email. I have two more sets for totally blocking access to my servers. The way it is used is: ############################################################################### #ADDRESS/SUBNET PROTOCOL PORT # +maildrops tcp 25 +blacklist +blacklistnet # #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE What other kind of testing is in your mind? Andras ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users