It lets you group a bunch of ips/ports/mac addresses together into a single set.
For example, lets say you wanted to blacklist a big group of IPs or MAC addresses, you can create an IPSET that contains them called “blacklist” and then just refer to “blacklist” in your firewall rule.
Things like IP addresses, MAC addresses, ports, etc. The full list of what you can place there can be found by running firewall-cmd --get-ipset-types.
I am still confused.
I hoped to glean more information about IP sets from this manual but it does not say anything about entry format. So it is not clear how any kind of entry can be added or what will end up being written to the IP set XML file.
It says: --add-entry=entry but what can an entry be?