Re: ipset 6.16 kernel panic on bitmap:hash,ip

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 27 Nov 2012, Ricardo Klein wrote:

> When I creta an ipset like this:
> ipset -N SET_MACS bitmap:ip,mac range 0.0.0.0/0
> 
> I got kernel panic when run:
> ipset list

That can't be ipset 6.16, neither in the kernel, nor the ipset binary.
The bug is fixed in ipset 6.15. You are running kernel modules and 
ipset binary from earlier releases.
 
> Anyway, we need some rules here based on mac address (no matter what
> ip address the machine have, because some of them are in DHCP).
> I know that a mac address can be easy cloned, but, still, we need that
> for some rules...
> 
> Can we have a set type "mac address" ? Only mac, with no ip?
> 
> O tried "ipset -N SET_MACS_ADM bitmap:ip,mac range 10.0.0.0/8" too but got:
> ipset v6.16: The range you specified exceeds the size limit of the set type
> 
> "ipset -N SET_MACS_ADM bitmap:ip,mac range 10.0.0.0/16" woked...
> 
> But again, this does not do the job because I need to set a rule based
> on mac address and dinamic ip addresses.

Holger Eitzenberger is working on a hash:mac type.

Best regards,
Jozsef
-
E-mail  : kadlec@xxxxxxxxxxxxxxxxx, kadlecsik.jozsef@xxxxxxxxxxxxx
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences
          H-1525 Budapest 114, POB. 49, Hungary
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux