1This modules adds and/or deletes entries from IP sets which can be defined 2by ipset(8). 3.TP 4\fB\-\-add\-set\fP \fIsetname\fP \fIflag\fP[\fB,\fP\fIflag\fP...] 5add the address(es)/port(s) of the packet to the sets 6.TP 7\fB\-\-del\-set\fP \fIsetname\fP \fIflag\fP[\fB,\fP\fIflag\fP...] 8delete the address(es)/port(s) of the packet from the sets 9.IP 10where flags are 11.BR "src" 12and/or 13.BR "dst" 14specifications and there can be no more than six of them. 15.TP 16\fB\-\-timeout\fP \fIvalue\fP 17when adding entry, the timeout value to use instead of the default 18one from the set definition 19.TP 20\fB\-\-exist\fP 21when adding entry if it already exists, reset the timeout value 22to the specified one or to the default from the set definition 23.PP 24Use of -j SET requires that ipset kernel support is provided. As standard 25kernels do not ship this currently, the ipset or Xtables-addons package needs 26to be installed. 27