On Wed, 1 Feb 2012, Rob Sterenborg (lists) wrote: > I have problems matching an ipset set using iptables. My configuration > is as follows: > > # uname -r > 2.6.39.1 > > # iptables -V > iptables v1.4.12.2 > > # ipset -V > ipset v6.11, protocol version: 6 > > The following 3 commands are executed immediately after each other: > > # ipset create TEST hash:ip > # ipset add TEST 127.0.0.5 > # iptables -A INPUT -m set --match-set TEST src > iptables: No chain/target/match by that name. > > # lsmod|grep set > ip_set_hash_net 15884 3 > ip_set_hash_ip 13584 2 > ip_set 19151 2 ip_set_hash_net,ip_set_hash_ip > nfnetlink 3191 2 nf_conntrack_netlink,ip_set You haven't got the "set" match kernel module, I guess grep CONFIG_NETFILTER_XT_SET /boot/config-2.6.39.1 returns # CONFIG_NETFILTER_XT_SET is not set Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlecsik.jozsef@xxxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences H-1525 Budapest 114, POB. 49, Hungary -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
