How do you discover which ipset blocklist contains particular IP?
 

Hello,

how do you discover which ipset blocklist contains particular IP?

Usually when i want to see if some IP is banned by ipset, i do:

ipset list|grep IP

But it do not tell me which ipset blocklist contain this IP.

I can list blocklists: service ipset status

But what is the most simple command that will tell me in which list this IP reside. I need to know it quickly without quering each list (ipset list listname|grep IP), i have many lists..

So far this works, but is not ideal (hard to remember):

for ipset in $(service ipset status|grep "Name:"|awk "{print $2}");do echo $ipset;done|grep -v Name >> ipsetlist
for ipset in $(cat ipsetlist);do echo $ipset && ipset list $ipset|grep IPHERE;done

This is another iptables related question, one of the many you've asked over the course of several years here. You never followed up on several of your previous threads here, and are continually reluctant to provide details or answer questions when asked. This other thread about ipset from a year ago is a good example:
https://www.linuxquestions.org/quest...8/#post5765388

Also, this post doesn't make sense; you ask a question, then post the answer to the question. If you have the commands to do what you're after, what else do you need? If you don't want to type them in, then put the command(s) in a file (make a 'script'), and run that. See any of your (many) other threads about how to write a script if needed.

Yes, that do not solve the issue, for the reason i typed in my first post.

Again, you are following the same pattern as you've done for years. You are providing no details, and answering no questions when asked.

AGAIN: Why can you not take the commands that you ***SAY ARE ALREADY WORKING***, put them in a script file, and just run it?? Where is the problem there? It would be a single command, followed by an IP address.

AGAIN: You have been asking about iptables/ipset for years now, yet appear to be unable to apply ANYTHING you've learned in that time.

Members please note this.

Replies should be informational and directly related to the original question.

Replies like you asked that before are not solutions.

Indeed; which is exactly why postcd was asked to provide more information, and specifically was asked why (when he posted the solution to the very question he asked), he couldn't use that solution? Putting both of those commands into a small script file and getting the IP address as a command-line argument leaves the OP with a single command to run to find out the answer, doesn't it?
The "Question Guidelines" indicate that showing no effort and not answering questions when asked are not good things, and the OP has displayed this pattern of behavior for numerous years at this point.

I'm sorry to disagree with you here, but asking questions that differ only SLIGHTLY from one to another, indicate the poster shows no effort on applying what they've been told previously.