There is a Linux (Ubuntu) server; in the server, you need to filter the request by IP list (iplist.txt) more accurately pass all outgoing and incoming traffic by iplist.txt (IP list) and block the rest! Thank you in advance! On the Internet, I found something, somehow redid it, but it just wasn’t ((

iptables -P INPUT -j DROP iptables -P OUTPUT -j DROP

Further here ipset

 sudo wget -O /var/whitelist.txt http://kakoy-ta.sayt/whitelist.txt while read ip; do sudo ipset add WHITE_LIST $ip done < /var/whitelist.tx

and ipset gives an error

 ipset v6.30: The set with the given name does not exist

how to add all to iptable !?

 iptables -A INPUT --src-list WHITE_LIST -j ALLOW iptables -A OUTPUT --dst-list WHITE_LIST -j ALLOW
  • Well, you clearly have written something is missing. First add the WHITE_LIST target to the table, then add the rules to it. - 0andriy 3:42 pm
  • and how to add!? I do not really understand ... like the goal is supposedly the rules of iptables !? or something else from ipset !? - LoSToV KinG 7:06 pm
  • ipset.netfilter.org/ipset.man.html Read. - 0andriy
  • I need to start creating a list with a mask !? ipset create WHITE_LIST hash: ip netmask 30 like so!? - LoSToV KinG
  • Well, something like that, yes. INTRODUCTION just shows what and what to call. - 0andriy

1 answer 1

To you, ipset answers that the list is de mute, create an IP dictionary and configure iptables:

 sudo ipset create whitelist hash:net family inet hashsize 524288 maxelem 800000 counters comment sudo iptables -P INPUT DROP sudo iptables -I INPUT 2 -m set --match-set whitelist src -j ACCEPT

and start adding:

 sudo ipset --add whitelist 41.231.136.121

or in your opinion:

 while read -r ip; do sudo ipset --add whitelist $ip done < /var/whitelist.txt

You can also look here.