Ipset does not require IPv6 kernel support unless the IPv6 features of Ipset are to be used.  The ebuild checks for CONFIG_IP6_NF_IPTABLES (which requires IPv6 networking to be enabled, triggering a large cascade of related code to be included).  However, without it, ipset builds and runs without error.

The ipset README does say "it have to be configured with ip6tables support enabled, modules compiled", but I don't think this is true (in fact, it doesn't have to be built as modules either, so this may be obsolete text).  The ipset changelog shows that release 6.6 involved "Remove outdated checking of IPv6 support from configure.ac".  I see no checking for IPv6 or Ip6tables support anywhere.

I'm not sure what the authors' intent was, but it may be been to allow ipset to be used in an IPv4-only environment.

So, the question is: should our ebuild be checking for Ip6tables support and failing in its absence, if the application itself does not?


Reproducible: Always

Steps to Reproduce:
0. Without IPv6 support in kernel.
1. In ebuild, remove "IP6_NF_IPTABLES" from CONFIG_CHECK.
2. emerge ipset
3. test manually


Actual Results:  
The tool functions normally, with IPv4 addresses.

I have not tested what happens if you feed it an IPv6 address, when CONFIG_IP6_NF_IPTABLES is not enabled.



Expected Results:  
One might expect the tool to fail, given the strict built-time requirement for Ip6tables support specified in the ebuild.

Yes, I am aware that the world is moving to IPv6.  The question is, where it is intentionally not yet being used, should we be forced to include it in kernels.