IPSETD-NG MySQL driver manual

IPSETD-NG MySQL driver is part of the package IPSET-NG and operates only in the server part IPSETD-NG.
MySQL database driver is the secondary driver of the IPSET-NG system, use this driver we recommend on platforms where there is no installed package libipset and you can not install it.
We recommend to use the ipset driver in connection with its fuller functionality and direct appeals to the resources of the system, which reduces the overall load in more traffic.
Support direct Internet protocol version 4 and 6 for iptables operation compatible.
For details, see the settings in the configuration file.

  • MySQL open source software is provided under the GPL License.

Support and features:

Tables command:

  • create <table name>: create table name in specific MySQL database and create same name iptables chain, a rule is created in the iptable specifies the INPUT to check IP address of the created chain. Iptables target table in IPv4 or IPv6 determined by the HASH table type automatically.
  • destroy <table name>: delete table name in specific MySQL database and delete same name iptables chain, a same name rule in ip table specifies the INPUT also remove.
  • flush <table name>: erase body data in MySQL table table name and flush same name iptables chain.

Items command:

  • add <ip address>: add ip address to specific table in MySQL database and insert or append ip address to same name chain. Iptables target table is IPv4 or IPv6 is determined by the type of IP addresses automatically.
  • del <ip address>: delete ip address to specific table in MySQL database and delete ip address to the same name chain.
  • test <ip address>: check availability ip address in specific table from MySQL database.

Example configuration file

Example configuration file to set SQLite driver: ipsetd-ng.conf, ipsetcmd-ng.conf:

        # path to dynamic driver directory
        # create automaticaly from make, default: '/usr/lib/ipsetng'
        path = /usr/lib/ipsetng

        # name of use driver, explore: /usr/lib/ipsetng/drv-<name>-ng.so
        name = mysql

        # WARNING: this iptables setting can be used in all drivers except the driver ipset
        # enable iptables add or delete direct to kernel
        iptenable = yes

        # chain of iptables
        iptchain = INPUT

        # table of iptables
        ipttable = filter

        # target of iptables
        iptrule =  DROP

        # method for adding to table: insert | append
        iptmethod = append

        # MySQL diver

        # mysql port
        port = 33306

        # mysql host
        host = localhost

        # mysql login
        login = root

        # mysql password
        pass = 12345

        # data base name, if not specific, create 'test'
        dbase = myipdb

        # mysql socket
        socket = ./mysql.sock

        # path & file to exec on add or delete ip address
        exec = /path/to/file.sh

  Meta Tags: IPSETD-NG MySQL driver