lunar (1) ipsetbuild.1.gz

Provided by: libcorkipset-utils_1.1.1+git20171111.6842a63-2_amd64 bug

NAME

       ipsetbuild - utility of libcorkipset library

SYNOPSIS

       ipsetbuild [options] <input file>...

DESCRIPTION

       Constructs a binary IP set file from a list of IP addresses and networks.

OPTIONS

              <input file>...

              A  list of text files that contain the IP addresses and networks to add to the set.
              To read from stdin, use "-" as the filename.

       --output=<filename>, -o <filename>

       Writes the binary IP set file to <filename>.
              If this option isn't

              given, then the binary set will be written to standard output.

       --loose-cidr, -l

              Be more lenient about the address portion of any CIDR network blocks found  in  the
              input file.

       --verbose, -v

              Show  summary  information  about  the  IP  set  that's  built, as well as progress
              information about the files being read and written.  If this option is  not  given,
              the only output will be any error, alert, or warning messages that occur.

       --quiet, -q

              Show  only  error  message  for  malformed input. All warnings, alerts, and summary
              information about the IP set is suppressed.

       --help

              Display this help and exit.

   Input format:
       Each input file must contain one IP address or network per line.
              Lines

       beginning with a "#" are considered comments and are ignored.
              Each

              IP address must have one of the following formats:

              x.x.x.x            x.x.x.x/cidr             xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
              xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/cidr

              The  first  two  are  for  IPv4  addresses  and  networks;  the second two for IPv6
              addresses and networks.  For  IPv6  addresses,  you  can  use  the  "::"  shorthand
              notation to collapse consecutive "0" portions.

              If  an address contains a "/cidr" suffix, then the entire CIDR network of addresses
              will be added to the set.  You must ensure that the loworder bits  of  the  address
              are  set  to  0;  if not, we'll raise an error.  (If you pass in the "--loose-cidr"
              option, we won't perform this sanity check.)

              You can also prefix any input line with an exclamation point  ("!").   This  causes
              the  given address or network to be REMOVED from the output set.  This notation can
              be useful to define a set that contains most of  the  addresses  in  a  large  CIDR
              block, except for addresses at certain "holes".

              The  order of the addresses and networks given to ipsetbuild does not matter.  If a
              particular address is added to the set more than once, or removed from the set more
              than  once,  whether  on its own or via a CIDR network, then you will get a warning
              message.  (You can silence these warnings with the --quiet option.)  If an  address
              is  both  added  to  and  removed  from the set, then the removal takes precedence,
              regardless of where the relevant lines appear in the input file.