On 3/29/2017 8:30 AM, Norman Henderson wrote: > Hi, I am running 5.0.12 on Ubuntu 16.04.2 LTS with kernel 4.4.0-66 and > would like to use an ipset to control routing to a list of netblocks > (actually an entire country). I came up with the idea to set a Mark (based > on the ipset) in shorewall/mangle, and then route based on the Mark in > route_rules. What I get is: > ERROR: ipset names in Shorewall configuration files require Ipset Match in > your kernel and iptables. > > What isn't obvious after some searching, is how to enable IPset Match > support. In the kernel config file, there is a line: > CONFIG_NET_EMATCH_IPSET=m > So, I should be able to just load that should I not? > I attempted: modprobe em_ipset > which succeeded, but I still get the shorewall error. > > Help please and thank you! >
Take a look at: http://shorewall.org/ipsets.html http://ipset.netfilter.org/ -Matt -- Matt Darfeuille ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
