How do you discover which ipset blocklist contains particular IP?
Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
How do you discover which ipset blocklist contains particular IP?
Hello,
how do you discover which ipset blocklist contains particular IP?
Usually when i want to see if some IP is banned by ipset, i do:
ipset list|grep IP
But it do not tell me which ipset blocklist contain this IP.
I can list blocklists: service ipset status
But what is the most simple command that will tell me in which list this IP reside. I need to know it quickly without quering each list (ipset list listname|grep IP), i have many lists..
So far this works, but is not ideal (hard to remember):
for ipset in $(service ipset status|grep "Name:"|awk "{print $2}");do echo $ipset;done|grep -v Name >> ipsetlist
for ipset in $(cat ipsetlist);do echo $ipset && ipset list $ipset|grep IPHERE;done
Hello,
how do you discover which ipset blocklist contains particular IP? Usually when i want to see if some IP is banned by ipset, i do:
ipset list|grep IP
But it do not tell me which ipset blocklist contain this IP. I can list blocklists: service ipset status
But what is the most simple command that will tell me in which list this IP reside. I need to know it quickly without quering each list (ipset list listname|grep IP), i have many lists.. So far this works, but is not ideal (hard to remember):
Code:
for ipset in $(service ipset status|grep "Name:"|awk "{print $2}");do echo $ipset;done|grep -v Name >> ipsetlist
for ipset in $(cat ipsetlist);do echo $ipset && ipset list $ipset|grep IPHERE;done
This is another iptables related question, one of the many you've asked over the course of several years here. You never followed up on several of your previous threads here, and are continually reluctant to provide details or answer questions when asked. This other thread about ipset from a year ago is a good example: https://www.linuxquestions.org/quest...8/#post5765388
Also, this post doesn't make sense; you ask a question, then post the answer to the question. If you have the commands to do what you're after, what else do you need? If you don't want to type them in, then put the command(s) in a file (make a 'script'), and run that. See any of your (many) other threads about how to write a script if needed.
Yes, that do not solve the issue, for the reason i typed in my first post.
Again, you are following the same pattern as you've done for years. You are providing no details, and answering no questions when asked.
AGAIN: Why can you not take the commands that you ***SAY ARE ALREADY WORKING***, put them in a script file, and just run it?? Where is the problem there? It would be a single command, followed by an IP address.
AGAIN: You have been asking about iptables/ipset for years now, yet appear to be unable to apply ANYTHING you've learned in that time.
Members please note this.
Replies should be informational and directly related to the original question.
Indeed; which is exactly why postcd was asked to provide more information, and specifically was asked why (when he posted the solution to the very question he asked), he couldn't use that solution? Putting both of those commands into a small script file and getting the IP address as a command-line argument leaves the OP with a single command to run to find out the answer, doesn't it?
Quote:
Replies like you asked that before are not solutions.
The "Question Guidelines" indicate that showing no effort and not answering questions when asked are not good things, and the OP has displayed this pattern of behavior for numerous years at this point.
I'm sorry to disagree with you here, but asking questions that differ only SLIGHTLY from one to another, indicate the poster shows no effort on applying what they've been told previously.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.