Hide Forgot
Description of problem: nomatch flag are not supported on ipset v6.11 # rpm -q ipset ipset-6.11-4.el6.x86_64 # ipset create test hash:net # ipset add test 1.1.1.1 nomatch ipset v6.11: Unknown argument: `nomatch' Try `ipset help' for more information. # ipset create test hash:net family inet6 # ipset add test 2001::1 nomatch ipset v6.11: Unknown argument: `nomatch' Try `ipset help' for more information. But ipset man page is as follows: ... hash:net The hash:net set type uses a hash to store different sized IP network addresses. Network address with zero prefix size cannot be stored in this type of sets. ... ADD-OPTIONS := [ timeout value ] [ nomatch ] ... Version-Release number of selected component (if applicable): RHEL-6.9-20161201.0 ==> kernel-2.6.32-676.el6 ipset-6.11-4.el6.x86_64 How reproducible: always Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: According to ipset change log, it seems that "nomatch" in hash:*net* sets is supported from v6.14, http://ipset.netfilter.org/changelog.html
Red Hat Enterprise Linux 6 is in the Production 3 Phase. During the Production 3 Phase, Critical impact Security Advisories (RHSAs) and selected Urgent Priority Bug Fix Advisories (RHBAs) may be released as they become available. The official life cycle policy can be reviewed here: http://redhat.com/rhel/lifecycle This issue does not meet the inclusion criteria for the Production 3 Phase and will be marked as CLOSED/WONTFIX. If this remains a critical requirement, please contact Red Hat Customer Support to request a re-evaluation of the issue, citing a clear business justification. Note that a strong business justification will be required for re-evaluation.