It lets you group a bunch of ips/ports/mac addresses together into a single set.
For example, lets say you wanted to blacklist a big group of IPs or MAC addresses, you can create an IPSET that contains them called “blacklist” and then just refer to “blacklist” in your firewall rule.
Things like IP addresses, MAC addresses, ports, etc. The full list of what you can place there can be found by running firewall-cmd --get-ipset-types.
So it sounds like there is some validation between IP set type selected and the entry contents? Like, if I choose hash:ip, then I can only put an IP address into an entry?
I am still confused.
I hoped to glean more information about IP sets from this manual but it does not say anything about entry format. So it is not clear how any kind of entry can be added or what will end up being written to the IP set XML file.
It says: --add-entry=entry but what can an entry be?
So, we covered some IP set types. It is somewhat clear what hash:ip or hash:mac do or how to enter them as part of commands. But what do other types do and what is their format?