NAME
rwsetmember - Determine whether IP address(es) are members of an IPset
SYNOPSIS
rwsetmember [--count] [--quiet] PATTERN INPUT_SET...
DESCRIPTION
rwsetmember finds an IP address or pattern in one or more IPset files, printing the name of the IPsets that contain the IP, and optionally counting the number of matches in each file. PATTERN can be a single IP address, a CIDR block, or any IP range expressed in the same form as accepted by rwsetbuild(1).
If an INPUT_SET is not given on the command line, rwsetmember will attempt to read an IPset from the standard input.
OPTIONS
Option names may be abbreviated if the abbreviation is unique or is an exact match for an option. A parameter to an option may be specified as --arg=param or --arg param, though the first form is required for options that take optional parameters.
- --count
- Follow each set filename by a colon character and the number of pattern matches in the IPset. Files that do not match will still be printed, but with a zero match count.
- --quiet
- Produce no standard output. The exit status of the program (see below) should be checked to determine whether any files matched.
EXAMPLES
To quickly check whether a single set file contains an address (check the exit status):
$ rwsetmember -q 192.168.1.1 file.set
To display which of several set files (if any) match a given IP address:
$ rwsetmember 192.168.1.1 *.set
To display the same, but with counts from each file:
$ rwsetmember -c 192.168.1.1 *.set
To find all sets that contain addresses in the 10.0.0.0/8 subnet:
$ rwsetmember 10.0.0.0/8 *.set
To find files containing any IP address that ends with a number between 1 and 10 (this will use a lot of memory):
$ rwsetmember x.x.x.1-10 *.set
EXIT STATUS
rwsetmember exits with status code 0 if any file matched the pattern, or 1 if there were no matches or if there was an error with the input.