Public bug reported:
Binary package hint: ipset
Installing ipset allows you to interact with ipsets in a kernel that
supports ipsets. There are no kernels or modules installable via apt
that support ipsets.
If you download patch-o-matic-ng from the netfilter website, you can
patch iptables, kernel and ipset.
I have managed to build a kernel that supports ipsets. With this kernel
it is possible use the 'ipset' binary provided with the 'ipset' package
to add/remove/alter ipsets.
A patched iptables does not build the 'set' module, and I can't figure
out how to make it do that. It requires rebuilding iptables with sets
support. I get this error:
$ iptables -m set
iptables v1.3.6: Couldn't load match `set':/lib/iptables/libipt_set.so: cannot
open shared object file: No such file or directory
Without iptables supporting matching on sets, it is actually not
possible to use an ipset. As a result, it is basically impossible to
make this 'ipset' package useful in ubuntu.
I recommend adding a package that provides the kernel modules (ip_set_*)
to universe, and altering iptables to support sets.
** Affects: ipset (Ubuntu)
Importance: Undecided
Status: Unconfirmed
--
ipset is not useful in ubuntu, because kernel and iptables do not support it.
https://launchpad.net/bugs/79182
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
