I decided to play with ipset (2.0), but I seem to be running into an issue with creating rules. I wonder if I'm missing something silly or not. When I issue the command: ipset -N foo iphash --resize 0 (straight from the Tips page) I get the error: ipset v2.0: Error from kernel: Protocol not available I get this on a box running a 2.6.10-rc3 kernel and the kernel has most definitely been patched with the POM with the set stuff in it, as well as the iptables 1.3.0 (POM and iptables source were downloaded from the ipset page, http://people.netfilter.org/kadlec/ipset/install.html). The kernel was compiled with gcc 3.2.2 (RH9 rpm). Here's a snippet from the end of strace. Let me know if more strace'ing would be helpful. This is the last chunk, running strace with -f and -s: socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 setsockopt(3, SOL_IP, 0x53 /* IP_??? */, "\1\0\0\0\2\0\0\0foo\0T\277\4@Xn\4@8\344\3@\350u\1@\4\0\0\0\264x\1@\224\207\4\10iphash\0\10\270i\1@\264m\1@\0\0\0\0\200\364\377\277\\~\0@<\364\377\277\0\4\0\0\10\0\0\0\377\377\377\377", 84) = -1 ENOPROTOOPT (Protocol not available) write(2, "ipset v2.0: ", 12ipset v2.0: ) = 12 write(2, "Error from kernel: Protocol not available", 41Error from kernel: Protocol not available) = 41 write(2, "\n", 1) = 1 exit_group(1) I imagine I'm missing something when I configure the kernel but I'm not sure what. Anybody know what botched? Thanks!
