IPSET and subdomains

I am trying to setup a whitelist with ipset and I am able to get known domains and subdomains to work, but I need to also allow all subdomains. I can't get the right syntax to work. Can someone tell me the syntax to enter for example *.google.com?

Thank you.

Doesn't google.com do the job?

Even better...

  • everything in the ipset == x
  • x != all_domains

Unless I missed something, I'm not sure why the OP is confused. If they only block the set, they're OK...

Unless the other ones overlap, and they intend to remove those IPs from the set...in that case, I'm not sure how your remove IPs don't know... :thinking: