K
K
kiranananda2018-01-15 17:06:56
linux
kiranananda, 2018-01-15 17:06:56

iptables ipset or ...?

Hello!
I'm transferring the config from the juniper to Linux here, so I also have the
source-address rule there [ penza penza2 penza3 kuzneck ];
destination-address [ penza penza2 penza3 kuzneck ];
in fact, these names are subnets of branches and I need a connection between them to work. That is, I can stupidly do, 2 rules in forwarding for each pair of branches. A little smarter, you can try using ipset, but it’s not clear how for iptables the rule is to specify that it would be possible to specify different lists for src and dst or the same one. In this case, the lists of subnets are the same at both ends, but there are some where they differ ...
Tell me how to do it correctly in my case?

Answer the question

In order to leave comments, you need to log in

1 answer(s)
C
CityCat4, 2018-01-16
@kiranananda

-m set --match-set [setname1] dst --match-set [setname2] src - no channel?

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question