Ipset list match item/ set member (macaddr/ip/cidr) entry

Feature Requests
1

Can we make it so we can add easily add matches to ipsets?

maybe include a drop down box to select dhcp hostnames or mac's of connected clients or active dhcp leases.

I imagine a drop down box much like how it works under dnsmasq add static IP function or firewall rules source entry.

currently you would have to either write down cut and paste or memorize entries when entering via luci a simple pulldown box would make it so much easier.

2

Add matches - matches of what?

  • How is this related to ipsets?
  • Are you asking about an ip set of MACs, IPs or both?

Or you can add the set to a text file.

I noticed this in another thread:

  • Are you saying that you've already identified the upstream software and realize it's not yet capable?
  • Have you succeeded in reaching the netfilter team?
3

I have not managed to reach the netfilter team but wild cards are not supported I did find this past patch that added support for wildcards but it is not included:
https://martin.uy/blog/wildcard-support-for-mac-addresses-in-netfilter-linux-kernel-and-iptables/

By match I mean a match item/ set member (macaddr/ip/cidr) in the firewall ipsets box:

set
set1363×1107 128 KB

a simple dropdown box would make it easy to make up sets from hosts on the local network.
something like this perhaps to add entries to the match items:

set suggestion
set suggestion1688×1040 179 KB

A txt file is not suitable for the list entry as I would have 2⁴⁴ entries in the txt file to match the below wildcards that defines the set of random mac addresses defined in rfc7042 for manufactures to use:

*:*2:*:*:*:* *:*6:*:*:*:* *:*A:*:*:*:* *:*E:*:*:*:*