Go Ipset

🔥 Go bindings for the IPtables ipset http://ipset.netfilter.org userspace utility
Alternatives To Go Ipset
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
5 days ago217gpl-2.0Shell
A firewall for humans...
a day ago1unlicense
Daily feed of bad IPs (with blacklist hit scores)
Luci App V2ray820
2 years ago86mitTypeScript
LuCI support for V2Ray
13 days ago178gpl-2.0Python
Stateful zoning firewall daemon with D-Bus interface
Anti Portscan659
5 months ago1Shell
使用 iptables 防止端口扫描
Ipset Blacklist570
a year ago37Shell
A bash script to ban large numbers of IP addresses published in blacklists.
Asuswrt Merlin Transparent Proxy374
a year agomitShell
transparent proxy base on ss, v2ray, ipset, iptables, chinadns on asuswrt merlin.
11 days ago8Shell
Skynet - Advanced IP Blocking For ASUS Routers Using IPSet.
Luci App Koolproxy193
4 years ago3Shell
Unofficical luci for koolproxy
Trojan Rs163
7 days agomitRust
Trojan server and proxy programs written in Rust
Alternatives To Go Ipset
Select To Compare

Alternative Project Comparisons


This library is a simple GoLang wrapper to the IPtables ipset userspace utility. It provides an interface to allow Go programs to easily manipulate ipsets. It is currently limited to sets of type hash.

For ipset command documentation: http://ipset.netfilter.org/ipset.man.html

go-ipset requires ipset kernel module and userspace utility version 6.0 or greater.


Install go-ipset using the "go get" command:

go get github.com/janeczku/go-ipset/ipset

Install dependencies:

go get github.com/Sirupsen/logrus
go get github.com/coreos/go-semver/semver

API Reference



import "github.com/janeczku/go-ipset/ipset

Create a new set

Construct a new IPset instance (creating the set on the fly), then use the various methods to manipulate the IPset. For example, to create a new ipset "customers" of type hash:ip for storing plain IPv4 addresses:

customers := ipset.New("customers", "hash:ip", &ipset.Params{})

To create a new ipset to store different sized IPv4 network addresses (with /mask).

trustedNetworks := ipset.New("trusted-networks", "hash:net", &ipset.Params{})

Add a single entry to the set


Populate the set with IPv4 addresses (overwriting the previous content)

ips := []string{"", ""}

Remove a single entry from that set:


Configure advanced set options

You can configure advanced options when creating a new set by supplying the parameters in the ipset.Params struct.

type Params struct {
  HashFamily string
  HashSize   int
  MaxElem    int
  Timeout    int

See http://ipset.netfilter.org/ipset.man.html for their meaning.

For example, to create a set whose entries will expire after 60 seconds, lets say for temporarily limiting abusive clients:

abusers := ipset.New("ratelimited", "hash:ip", &ipset.Params{Timeout: 60})

List entries of a set

// list is []string
list ipset.List("customers")
Popular Ipset Projects
Popular Iptables Projects
Popular Security Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.