Is there a tool that could add ip automatically to ipset like dnsmasq?

can i restrict connecting to gaming servers for example i want to connect to all servers with
* and block the others


the problem these gaming ip doesn't belong to dns, is there a way to capture those ip and save them automatically to ipset, i want to save all ip with * and block the others for example i don't want to connect to *

I am not sure I understand your requirements, but perhaps this could help:

It doesn't actually require IP sets:

# Allow
uci add_list dhcp.@dnsmasq[0].server="/"

# Deny and its subdomains
uci add_list dhcp.@dnsmasq[0].server="/"
uci commit dhcp
/etc/init.d/dnsmasq restart

However, IP sets should work as well:

uci -q delete dhcp.@dnsmasq[0].ipset
uci add_list dhcp.@dnsmasq[0].ipset="/,allow6"
uci add_list dhcp.@dnsmasq[0].ipset="/,deny6"
/etc/init.d/dnsmasq restart

Assuming that you have created the allow and deny IP sets.
Then create the firewall allow and deny rules that use the allow and deny IP sets respectively.
Also, depending on your default policy, some steps can be skipped.

1 Like