Merge pull request #24 from valibud/master

Add support for inet6 ipsets.

firewalld/files/ipset.xml

@@ -27,6 +27,11 @@
   <option name="hashsize" value="{{ v }}"/>
 {%- endfor %}
 {%- endif %}
+{%- if 'family' in ipset.options %}
+{%- for v in ipset.options.family %}
+  <option name="family" value="{{ v }}"/>
+{%- endfor %}
+{%- endif %}
 {%- endif %}
 {%- if 'entries' in ipset %}
 {%- for v in ipset.entries %}

pillar.example

@@ -63,6 +63,21 @@ firewalld:
           - 1024
       entries:
         - 10.0.0.1
+    fail2ban-ssh-ipv6:
+      short: fail2ban-ssh-ipv6
+      description: fail2ban-ssh-ipv6 ipset
+      type: 'hash:ip'
+      options:
+        family:
+          - inet6
+        maxelem:
+          - 65536
+        timeout:
+          - 300
+        hashsize:
+          - 1024
+      entries:
+        - 2a01::1
 
   zones:
     public:
@@ -119,4 +134,3 @@ firewalld:
       MYPASSTHROUGH:
         ipv: ipv4
         args: "-t raw -A MYCHAIN -j DROP"
-