summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/ipset.813
1 files changed, 9 insertions, 4 deletions
diff --git a/src/ipset.8 b/src/ipset.8
index 4353b9f..d7fa964 100644
--- a/src/ipset.8
+++ b/src/ipset.8
@@ -391,22 +391,25 @@ and such a set can store up to 65536 ports.
.PP
\fICREATE\-OPTIONS\fR := \fBrange\fP \fIfromport\fP\-\fItoport [ \fBtimeout\fR \fIvalue\fR ] [ \fBcounters\fP ]
.PP
-\fIADD\-ENTRY\fR := { \fIport\fR | \fIfromport\fR\-\fItoport\fR }
+\fIADD\-ENTRY\fR := { \fI[proto:]port\fR | \fI[proto:]fromport\fR\-\fItoport\fR }
.PP
\fIADD\-OPTIONS\fR := [ \fBtimeout\fR \fIvalue\fR ] [ \fBpackets\fR \fIvalue\fR ] [ \fBbytes\fR \fIvalue\fR ]
.PP
-\fIDEL\-ENTRY\fR := { \fIport\fR | \fIfromport\fR\-\fItoport\fR }
+\fIDEL\-ENTRY\fR := { \fI[proto:]port\fR | \fI[proto:]fromport\fR\-\fItoport\fR }
.PP
-\fITEST\-ENTRY\fR := \fIport\fR
+\fITEST\-ENTRY\fR := \fI[proto:]port\fR
.PP
Mandatory options to use when creating a \fBbitmap:port\fR type of set:
.TP
-\fBrange\fP \fIfromport\fP\-\fItoport\fR
+\fBrange\fP \fI[proto:]fromport\fP\-\fItoport\fR
Create the set from the specified inclusive port range.
.PP
The \fBset\fR match and \fBSET\fR target netfilter kernel modules interpret
the stored numbers as TCP or UDP port numbers.
.PP
+\fBproto\fR only needs to be specified if a service name is used,
+and that name does not exist as a TCP service.
+.PP
Examples:
.IP
ipset create foo bitmap:port range 0\-1024
@@ -414,6 +417,8 @@ ipset create foo bitmap:port range 0\-1024
ipset add foo 80
.IP
ipset test foo 80
+.IP
+ipset del foo udp:[macon-udp]-[tn-tl-w2]
.SS hash:ip
The \fBhash:ip\fR set type uses a hash to store IP host addresses (default) or
network addresses. Zero valued IP address cannot be stored in a \fBhash:ip\fR