CONFIG_IP_NF_POOL provides a match which lets you use bitmaps with one bit per
address from some range of IP addresses; the match depends on whether a checked
source or destination address has its bit set in the pool.  It also provides a
POOL target, which can be used to add or remove the addresses of a packet
to/from a pool.

There is also a POOL netfilter target, which can be used to set or remove the
addresses of a packet from a pool.

To define and use pools, you need userlevel utilities: a patched iptables, and
the program ippool(8), which defines the pools and their bounds.  The current
release of pool matching is ippool-0.0.2, and can be found in the archives of
the netfilter mailing list at http://lists.netfilter.org/.
