#!/bin/sh /etc/rc.common
# Initialize default-used ipset

START=19

boot() {
	insmod ip_set
	insmod ip_set_iptreemap
	insmod ip_set_iphash
	insmod ip_set_setlist
##### network
	ipset -N lan_nat_subnet iptreemap			#the set defines which src subnets needs to do NAT
	ipset -N lan_routing_subnet iptreemap		#the set defines which src subnets do not do NAT
	ipset -N lan_net_set setlist --size 200		#the set contains above two sets
		ipset -A lan_net_set lan_nat_subnet
		ipset -A lan_net_set lan_routing_subnet
	ipset -N all_interface setlist --size 200		#the set contains all WANs' IP and Alias
	ipset -N all_wan_pip setlist --size 200		#the set contains all WANs' IP (not include alias)
	ipset -N all_interface_lan setlist --size 200	#the set contains all LANs' IP (not include extra subnet IP)
##### user management
	ipset -N user_based_whitelist setlist --size 255
	ipset -N logined_user_ip iphash
	#ipset -N all_users setlist --size 255
	ipset -N radius_user_ip iphash
##### port redirection(uci_firewall.sh)
	ipset -N nat_ptre iphash
##### for wan4 dmz (NAT subnet/routing mode IP), used in Firewall Filter Policy
	ipset -N wan4_dmz_host iptreemap
##### for dmz
	ipset -N nat_dmz iphash
}