> After recompiling the kernel (same version but applied the netfilter > "netlink.patch"): > > # shorewall show -f capabilities | grep -i ipset > IPSET_MATCH= > OLD_IPSET_MATCH= > IPSET_V5= > > I think I'm better off upgrading my kernel. > Yep, one other alternative to this is to compile/install a recent version of xtables-addons, which includes ipset. There is another - 3rd - alternative and is what I do - compile ipset (the executable in userspace) separately, but incorporate the ipset modules as a patch to your chosen kernel version - that way you don't rely on xtables-addons or the version of the kernel you are using.
That's how I have been using ipset for more than 2 years now. Good luck! ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
