IPSETD-NG Iptables driver manual

IPSETD-NG Iptables driver is part of the package IPSET-NG and operates only in the server part IPSETD-NG.
Iptables driver used to autmaticaly configure the Linux 2.4.x and later packet filtering ruleset.
Iptables driver is the secondary driver of the IPSET-NG system, use this driver we recommend on platforms where there is no installed package libipset and you can not install it.
We recommend to use the ipset driver in connection with its fuller functionality and direct appeals to the resources of the system, which reduces the overall load in more traffic.

The functionality of driver is preserved and can achieve the same configuration with current implementation.
Current Iptables driver implementation that manages both Internet protocol version 4 and 6.
Use dictionaries for ipv4 and ipv6 and their filters support direct iptables operation compatible.

For details, see the settings in the configuration file.

  • Netfilter/Iptables is - like all of the Linux kernel - free software (sometimes referred to as Open Source), distributed under either the terms of GNU GPLv2 only or any later version.

Support and features:

Tables command:

  • create <table name>: create table name iptables chain, a rule is created in the iptable specifies the INPUT to check IP address of the created chain. Iptables target table in IPv4 or IPv6 determined by the HASH table type automatically.
  • destroy <table name>: delete table name iptables chain, a same name rule in ip table specifies the INPUT also remove.
  • flush <table name>: flush table name iptables chain.

Items command:

  • add <ip address>: insert or append ip address to table name chain. Iptables target table is IPv4 or IPv6 is determined by the type of IP addresses automatically.
  • del <ip address>: delete ip address to the table name chain.
  • test <ip address>: check availability ip address in specific chain table name.

Example configuration file

Example configuration file to set SQLite driver: ipsetd-ng.conf, ipsetcmd-ng.conf:

        # path to dynamic driver directory
        # create automaticaly from make, default: '/usr/lib/ipsetng'
        path = /usr/lib/ipsetng

        # name of use driver, explore: /usr/lib/ipsetng/drv-<name>-ng.so
        name = ipt46

        # WARNING: this iptables setting can be used in all drivers except the driver ipset
        # enable iptables add or delete direct to kernel
        iptenable = yes

        # chain of iptables
        iptchain = INPUT

        # table of iptables
        ipttable = filter

        # target of iptables
        iptrule =  DROP

        # method for adding to table: insert | append
        iptmethod = append

        # Iptables driver, no parameters

  Meta Tags: IPSETD-NG Iptables driver