1

I am new to iptables and trying to learn the same. What does --set in this iptable rule mean?

-A INPUT -m state --state NEW -M recent --name ssh -p tcp --dport 22 --set

Can someone explain this iptable rule to me? I am trying to learn iptables and how to configure it using ansible? So, I am not sure how to translate the above iptable rule to ansible.

Improve this question
2
  • Did you already check the manual and need an explanation, or didn't you check the manual? Additionally, the phrase "translate the above iptable rule to ansible" suggests that you don't know what iptable or ansible is, or you should explain better what you want to do.
    – RalfFriedl
    Commented Aug 28, 2018 at 17:25
  • Yes i did check the man page of iptables. But I couldn't understand --set option. Ansilbe has the iptables module and I was looking to know what would --set translate to in ansible. Or, know what --set does in this case.
    – skr
    Commented Aug 28, 2018 at 17:31

1 Answer 1

Reset to default
0

The match extension recent, selected with -M recent, has the options

--name name
Specify the list to use for the commands.

and

--set
This will add the source address of the packet to the list.

This in itself will do nothing. It is used in together with another rule that references the same list specified by --name. Thiscan be --rcheck or --update.

--rcheck
Check if the source address of the packet is currently in the list.

So there must be another rule somewhere that references --name ssh.

Ansible is a tool to automatically distribute settings, usually to many targets. It will happily distribute them without caring for the meaning.

You on the other hand should not distribute settings if you don't know what they do.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .