Feature changed by: Petr Uzel (puzel) Feature #308441, revision 5 Title: Include the xtables-addons package Package Wishlist: Unconfirmed Priority Requester: Desirable + Info Provider: Jan Engelhardt (jengelh) Requested by: Don Hughes (dehughes) Description: The distribution currently contains the -j SET target and the -m set extension module for iptables, but not the ipset module needed to create and populate the referenced tables. The ipset module is provided with the xtables-addons package (plus some additional filtering tools). The ipset module ( http://ipset.netfilter.org ) can be very useful in building firewalls for large networks. Creating a firewall black list with just iptables could entail a filter table with a very large number of entries which can have a significant performance impact. ipset can be used to build much more eficient lookup tables, improving performance. - (Description modified based on comment #1) Discussion: #1: Jan Engelhardt (jengelh) (2009-12-05 13:23:58) Reword this request: include "xtables-addons" (contains ipset already, and no kernel recompile is needed). SRPM is in http://jftp.medozas.de/. + #2: Petr Uzel (puzel) (2009-12-30 12:44:06) (reply to #1) + What's the advantage of xtables-addons over official ipset from + netfilter team? I don't get the point with kernel recompilation. -- openSUSE Feature: https://features.opensuse.org/308441