informatique:nix:linux:linux_traffic_per_ip:trafic_par_ip 

ipset create idrive hash:net counters
ipset add idrive 185.20.71.0/24
ipset add idrive 207.199.149.0/24
ipset list idrive
ipset save > /etc/ipset.conf
cat << EOF > /etc/systemd/system/ipset-persistent.service
[Unit]
Description=ipset persistent configuration
Before=network.target

# ipset sets should be loaded before iptables
# Because creating iptables rules with names of non-existent sets is not possible
Before=netfilter-persistent.service
Before=ufw.service

ConditionFileNotEmpty=/etc/ipset.conf

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/sbin/ipset restore -exist -file /etc/ipset.conf
# Uncomment to save changed sets on reboot
# ExecStop=/sbin/ipset save -file /etc/ipset.conf
ExecStop=/sbin/ipset flush
ExecStopPost=/sbin/ipset destroy

[Install]
WantedBy=multi-user.target

RequiredBy=netfilter-persistent.service
EOF

systemctl enable ipset-persistent.service
/usr/lib/systemd/system/telegraf.service

[Service]
CapabilityBoundingSet=CAP_NET_RAW CAP_NET_ADMIN
AmbientCapabilities=CAP_NET_RAW CAP_NET_ADMIN
iptables -I INPUT -m set --match-set idrive src -j ACCEPT
iptables -L -v -n -x|grep idrive
  • informatique/nix/linux/linux_traffic_per_ip/trafic_par_ip.txt
  • Dernière modification : 2025/11/06 14:06
  • de ben